I end up creating quite a few repos in Github for customer projects. And I always end up having to remember how to best set them up. In line with the whole "blog-umentation" thing, I thought it would be best to write it down for myself.
This setup lends itself to a "modular monolith" setup but can be used for any kind of setups.
Features
This setup brings you the following
✅ Conventional commits check (making sure commits adhere to guidelines)
✅ Ensure checklists in PR's (as defined in a template) are complete
✅ main
branch is protected
✅ Dependabot alerts are setup for security
✅ Dependabot is setup for github actions and npm packages
✅ Jest coverage reports get added to PR's
✅ PR's are scanned for secrets
Steps
-
Go to Settings and change the following
- Protect the main branch - require 1 or 2 approvers, prevent force push
- Change merge types to Squash and Merge only
- Enable dependabot
- Enable automatically delete head branch
-
Add the following Github actions
- Secrets Scan (https://github.com/marketplace/actions/trufflehog-oss)
- Google release please (https://github.com/google-github-actions/release-please-action)
- Require PR checklist complete (https://github.com/mheap/require-checklist-action)
- Conventional Commits (https://github.com/amannn/action-semantic-pull-request)
- Coverage report (https://github.com/ArtiomTr/jest-coverage-report-action)
-
Add the dependabot config (
.github/dependabot.yml
)-
version: 2 updates: - package-ecosystem: "github-actions" directory: "/" schedule: interval: "daily" - package-ecosystem: "npm" directory: "/" schedule: interval: "weekly" rebase-strategy: "auto" open-pull-requests-limit: 2 ignore: - dependency-name: "*" update-types: ["version-update:semver-major"]
-
Hopefully this helps you setup your Github repos faster!