A GitHub Action that automatically generates and maintains code.json files for federal open source repositories, ensuring schema consistency and automating metadata calculations.
This project provides a GitHub Action that helps federal agencies maintain their code.json files, which are required for compliance with the Federal Source Code Policy. The action automatically calculates and updates various metadata fields including labor hours, programming languages used, repository information, and timestamps. It creates pull requests with these updates, making it easier to keep code.json files accurate and up-to-date.
GITHUB_TOKEN:
description: 'GitHub token used for API access'
required: true
default: ${{ github.token }}name: Update Code.json
on:
workflow_dispatch:
permissions:
contents: write
pull-requests: write
jobs:
update-code-json:
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: '1.22'
- name: Install SCC
run: go install github.com/boyter/scc/v3@latest
- name: Update code.json
uses: DSACMS/automated-codejson-generator@main
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}To streamline federal agencies' compliance with open source requirements by automating the maintenance of code.json files, reducing manual effort and improving accuracy of repository metadata.
To provide a reliable, automated solution for generating and updating code.json files in federal repositories while ensuring compliance with schema requirements and reducing the burden on development teams.
This project supports the broader federal initiative of open source software development and transparency in government, aligning with the Federal Source Code Policy (M-16-21) which requires agencies to improve their code sharing practices.
Our team is committed to building tools that make open source compliance easier for federal development teams, focusing on automation and accuracy to reduce manual overhead.
An up-to-date list of core team members can be found in MAINTAINERS.md. At this time, the project is still building the core team and defining roles and responsibilities. We are eagerly seeking individuals who would like to join the community and help us define and fill these roles.
- CONTRIBUTING.md - Guidelines for contributing to the project
- SECURITY.md - Security and vulnerability disclosure policies
- LICENSE - CC0 1.0 Universal public domain dedication
- MAINTAINERS.md - List of project maintainers
- COMMUNITY_GUIDELINES.md - Guidelines for community participation
- GOVERNANCE.md - Project governance information
- GLOSSARY.md - Terminology and acronyms
.
├── src/
│ ├── model.ts # TypeScript interfaces for code.json schema
│ ├── main.ts # Main action logic
│ ├── helper.ts # Helper functions for GitHub API interactions
│ └── index.ts # Action entrypoint
├── .github/
│ └── workflows/ # GitHub Actions workflow definitions
└── action.yml # Action metadata file
This project follows GitHub Actions development practices. For information on contributing, see CONTRIBUTING.md.
To develop locally:
- Clone the repository
- Install dependencies with
npm install - Install Go and SCC tool:
go install github.com/boyter/scc/v3@latest - Build the project with
npm run package - Run tests with
npm test
This project uses TypeScript and follows standard TypeScript conventions. Lint and code tests are run on each commit, so linters and tests should be run locally before committing.
This project follows trunk-based development:
- Make small changes in short-lived feature branches and merge to
mainfrequently - Each change merged to
mainshould be immediately deployable - Pull requests are required for all changes
- Changes are deployed automatically via GitHub Actions
Thank you for considering contributing to an Open Source project of the US Government! For more information about our contribution guidelines, see CONTRIBUTING.md.
The Code.json Auto Generator team is taking a community-first and open source approach to the product development of this tool. We believe government software should be made in the open and be built and licensed such that anyone can download the code, run it themselves without paying money to third parties or using proprietary software, and use it as they will.
If you have ideas for improvements or encounter any issues, please open an issue on our GitHub repository.
We adhere to the CMS Open Source Policy. If you have any questions, just shoot us an email.
For more information about our Security, Vulnerability, and Responsible Disclosure Policies, see SECURITY.md.
This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication as indicated in LICENSE.
All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest.