Skip to content

CI: use central d-morrison/gha check-news reusable workflow#537

Open
d-morrison wants to merge 1 commit into
mainfrom
ci/consolidate-workflows
Open

CI: use central d-morrison/gha check-news reusable workflow#537
d-morrison wants to merge 1 commit into
mainfrom
ci/consolidate-workflows

Conversation

@d-morrison

@d-morrison d-morrison commented Jun 14, 2026

Copy link
Copy Markdown
Member

Pilot migration to the new central reusable-workflows repo d-morrison/gha (@v1).

What changed

  • news.yaml is now a caller stub invoking d-morrison/gha/.github/workflows/check-news.yml@v1, which wraps UCD-SERG/changelog-check-action@v2 exactly as before. Behavior (and the no-changelog label escape hatch handled by the action) is unchanged.

Why

Consolidating duplicated GitHub Actions into a single source of truth. news.yaml is byte-identical across ~11 R-package repos, so it's an ideal first candidate. This PR (UCD-SERG owner) also proves the public reusable workflow is callable cross-owner from d-morrison/gha.

Verification

This PR's pull_request event triggers the reusable check-news workflow. Validated end-to-end alongside d-morrison/psw#29 and ucdavis/dl#5.

🤖 Generated with Claude Code

@d-morrison @claude
CI: use central d-morrison/gha check-news reusable workflow
964c8fe 
Replace the inline NEWS.md changelog check with a caller stub invoking
d-morrison/gha/.github/workflows/check-news.yml@v1 (which wraps
UCD-SERG/changelog-check-action@v2). Behavior unchanged.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@claude

claude Bot commented Jun 14, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Claude finished @d-morrison's task in 59s —— View job

Code Review

  • Gather context on changed file
  • Diff PR changes against origin/main
  • Review reusable workflow reference for correctness and security
  • Post review feedback

Summary: Clean, minimal stub. The YAML is valid and the uses: key at the job level is correct GitHub Actions syntax for calling a reusable workflow. The delegation is a net simplification (-7/+4 lines). A few points worth noting:

Supply chain / pin concern

uses: d-morrison/gha/.github/workflows/check-news.yml@v1 references a mutable tag. If v1 is ever force-pushed or the d-morrison/gha repo is unavailable, this workflow silently breaks. GitHub's hardening guidance (and OSSF Scorecard) recommend pinning to a full commit SHA:

uses: d-morrison/gha/.github/workflows/check-news.yml@<sha>  # v1

This is low-urgency for a changelog gating check (not a build or deploy step), but worth doing before rolling out the pattern to other repos.

Behavior parity

The PR asserts that check-news.yml@v1 wraps UCD-SERG/changelog-check-action@v2 with changelog: NEWS.md and preserves the no-changelog label escape hatch. That's unverifiable from this repo alone — it relies on the upstream workflow's implementation being correct and stable. Given the author controls both repos this is an acceptable trust boundary, but reviewers should be aware the escape hatch is now documented outside this repository.

Job rename

Check-Changelogcheck: purely cosmetic, no effect on required-status-check rules unless the job name is referenced by name in branch protection settings. Worth confirming that branch protection's "required status checks" list doesn't pin to the old job name.

Overall

No blocking issues. The change is correct and achieves its stated goal. The mutable-tag concern is worth tracking as a follow-up before broader rollout.

@codecov

codecov Bot commented Jun 14, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@d-morrison