RepoGovernance is a project I'm building to monitor my side-projects and ensure they are following best practices. I currently track a number of properties, including repo settings, branch policies, actions, dependabot, auto-versioning, technical debt identification, and DevOps metrics. It uses a number of building blocks/dependencies I've built in the past to achieve this:
- GitHubDotNet: Models to generate Actions and Dependabot files with .NET
- RepoAutomation: To automate the creation of repos with my preferred repo settings, and other GitHub related API calls
- SamsFeatureFlags: To use Feature Flags/Toggles on my projects
- DotNetCensus: To identify what version of .NET my projects are using
- DevOpsMetrics: to calculate DORA/DevOps Metrics on my projects
This is how the dependencies look in a graph:
graph LR;
GitHubDotNet-->RepoAutomation;
RepoAutomation-->RepoGovernance;
SamsFeatureFlags-->RepoGovernance;
DotNetCensus-->RepoGovernance;
DevOpsMetrics-->RepoGovernance;
Currently hosted at https://repogovernance-prod-eu-web.azurewebsites.net/. This shows current projects I have configured, with recommendations, pull requests, latest build info, code coverage, SonarCloud warnings, latest release and version information, languages detected, .NET frameworks detected, and current DORA DevOps metrics
There are options to refresh all repos, and approval all dependabot PR's, hidden behind a very simple contributor flag.
Note that an App Registration must be created with the following permissions to access the Azure App Registration and secret information:
- Remediation: allowing users to not just identify an issue, but to resolve it with a few clicks.
- A GitHubApp: so that it's easy for anyone to setup, configure, and use - as well as adding authenication!
- More configuration and settings