๐ค Ruby Gem Automation Template
The ultimate automation template for Ruby gem projects - Battle-tested workflows for seamless development, security, and releases.
โจ What This Provides
This repository serves as the perfect template for Ruby gem automation. It includes 8 comprehensive workflows that handle every aspect of your gem's lifecycle:
- ๐ Automated CI/CD across Ruby versions and platforms
- ๐ Security scanning and vulnerability detection
- ๐ Code quality enforcement and coverage reporting
- ๐ Automated releases with semantic versioning
- ๐ฅ Community management and contributor engagement
- ๐ Performance monitoring and health checks
๐ Quick Start
- Use this template to create your new repository
- Set up secrets following the Secrets Setup Guide
- Configure labels by running the label sync workflow
- Import rulesets from
.github/config/rulesets/ - Start developing - automation handles the rest!
๐ Complete Automation Tasks
| Category | Task | Workflow | Action Used | Configuration |
|---|---|---|---|---|
| ๐ CI/CD | Multi-Ruby testing | 02-ci.yml |
ruby/setup-ruby@v1 |
Ruby 3.2, 3.3, 3.4 |
| Cross-platform testing | 02-ci.yml |
actions/checkout@v4 |
Ubuntu, macOS | |
| Dependency caching | 02-ci.yml |
actions/cache@v3 |
Bundler cache | |
| Test execution | 02-ci.yml |
Custom scripts | RSpec, Minitest | |
| Coverage reporting | 04-quality.yml |
simplecov gem |
90% threshold | |
| ๐ Security | CodeQL analysis | 03-security.yml |
github/codeql-action@v3 |
.github/config/codeql.yml |
| Dependency scanning | 03-security.yml |
actions/dependency-review-action@v4 |
Vulnerability detection | |
| Secret scanning | 03-security.yml |
trufflesecurity/trufflehog@main |
Git history scan | |
| Container scanning | 03-security.yml |
aquasecurity/trivy-action@master |
Dockerfile security | |
| Bundle audit | 03-security.yml |
bundler-audit gem |
Gem vulnerabilities | |
| ๐ Quality | Code linting | 04-quality.yml |
rubocop/rubocop-github-action@v0.1.0 |
RuboCop standards |
| Documentation | 04-quality.yml |
yard gem |
API documentation | |
| Markdown linting | 04-quality.yml |
DavidAnson/markdownlint-cli2-action@v16 |
Markdown standards | |
| Super linting | 04-quality.yml |
super-linter/super-linter@v5 |
Multi-language linting | |
| ๐ท๏ธ Labels | Label sync | 01-intake.yml |
crazy-max/ghaction-github-labeler@v5 |
.github/labels.yml |
| Auto-labeling | 01-intake.yml |
actions/labeler@v5 |
.github/labeler.yml |
|
| Size labeling | 01-intake.yml |
Custom script | PR size detection | |
| ๐ฅ Community | Welcome messages | 01-intake.yml |
actions/first-interaction@v1 |
First-time contributors |
| Stale management | 05-community.yml |
actions/stale@v9 |
60-day stale policy | |
| Contributor recognition | 05-community.yml |
Custom script | Achievement badges | |
| Health monitoring | 08-monitoring.yml |
Custom script | Community metrics | |
| ๐ Release | Semantic versioning | 06-release.yml |
Custom script | Version bumping |
| Changelog generation | 06-release.yml |
Custom script | Auto-generated changelogs | |
| RubyGems publishing | 06-release.yml |
ruby/setup-ruby@v1 |
Automated gem push | |
| GitHub releases | 06-release.yml |
actions/create-release@v1 |
Release notes | |
| Release notifications | 06-release.yml |
slackapi/slack-github-action@v1.27.0 |
Slack integration | |
| ๐ฆ Dependencies | Dependency updates | Dependabot | GitHub native | .github/dependabot.yml |
| Security updates | Dependabot | GitHub native | Auto-merge safe updates | |
| Version grouping | Dependabot | GitHub native | Development/testing groups | |
| ๐ก๏ธ Protection | Branch protection | Rulesets | GitHub native | .github/config/rulesets/ |
| Tag protection | Rulesets | GitHub native | Release tag protection | |
| Push restrictions | Rulesets | GitHub native | Development branch rules | |
| ๐ข Notifications | Slack integration | Multiple | slackapi/slack-github-action@v1.27.0 |
SLACK_BOT_TOKEN |
| Email notifications | GitHub native | Repository settings | Configurable recipients | |
| ๐งช Validation | GitHub App setup | tests/validate-github-app.yml |
actions/create-github-app-token@v1 |
Token validation |
| Slack integration | tests/validate-slack-integration.yml |
slackapi/slack-github-action@v1.27.0 |
Message testing | |
| Label sync | tests/validate-labels-sync.yml |
crazy-max/ghaction-github-labeler@v5 |
Configuration validation | |
| Repository rulesets | tests/validate-repository-rulesets.yml |
Custom scripts | Ruleset validation |
๐ Required Setup
Secrets (Required)
| Secret | Purpose | Required |
|---|---|---|
APP_ID |
GitHub App ID for branded automation | โ Yes |
PRIVATE_KEY |
GitHub App private key | โ Yes |
SLACK_BOT_TOKEN |
Slack bot token for notifications | โ Optional |
SLACK_CHANNEL_ID |
Slack channel ID | โ Optional |
RUBYGEMS_API_KEY |
RubyGems publishing key | โ Optional |
Configuration Files
| File | Purpose | Required |
|---|---|---|
.github/labels.yml |
Label definitions and colors | โ Yes |
.github/labeler.yml |
Auto-labeling rules | โ Yes |
.github/dependabot.yml |
Dependency update configuration | โ Yes |
.github/CODEOWNERS |
Code ownership and review assignments | โ Yes |
.github/config/codeql.yml |
CodeQL analysis configuration | โ Yes |
.github/config/rulesets/*.json |
Repository protection rules | โ Optional |
๐ Ruby Gem Repository Lifecycle
This template provides a complete automation solution that follows the natural lifecycle of a Ruby gem repository:
๐ Phase 1: Repository Setup (One-time)
- ๐ท๏ธ Label Management: Sync professional labels with
01-intake.yml - ๐ Secret Configuration: Setup GitHub App authentication and integrations
- ๐ก๏ธ Branch Protection: Configure repository rulesets and security policies
- โ๏ธ Initial Configuration: Dependabot, CodeQL, and workflow settings
๐ป Phase 2: Development Cycle (Daily)
- ๐งช Continuous Testing: Multi-Ruby version testing with
02-ci.yml - ๐ Security Scanning: Vulnerability detection with
03-security.yml - ๐ Code Quality: RuboCop linting and documentation with
04-quality.yml - ๐ท๏ธ Auto-labeling: Smart PR/issue labeling with
01-intake.yml - ๐ Contributor Welcome: First-time contributor guidance with
01-intake.yml
๐ฆ Phase 3: Dependency Management (Automated)
- ๐ค Dependabot Updates: Weekly dependency update PRs
- ๐งช Update Testing: Automated testing of dependency changes
- โ Safe Auto-merge: Automatic merging of low-risk updates
๐ Phase 4: Release Process (On-demand)
- ๐๏ธ Gem Building: Automated gem packaging with
06-release.yml - ๐ RubyGems Publishing: Direct publishing to RubyGems registry
- ๐ Changelog Generation: Automatic changelog and release notes
- ๐ข Release Notifications: Slack and GitHub release announcements
๐ Phase 5: Ongoing Maintenance (Background)
- ๐งน Stale Management: Automated stale issue cleanup with
05-community.yml - ๐ Ecosystem Monitoring: Compatibility checks with
07-ecosystem.yml - ๐ Health Monitoring: Performance tracking with
08-monitoring.yml - ๐ฅ Community Engagement: Contributor recognition and community health
๐ Documentation
- ๐ Lifecycle Diagram - Visual repository lifecycle and workflow mapping
- ๐ Secrets Setup Guide - Complete secrets configuration
- ๐งช Manual Testing Guide - How to test and trigger workflows manually
- ๐ท๏ธ Labels Color Guide - Label design and accessibility
- โ Validation Workflows - Testing your setup
๐ฏ Key Features
๐ Multi-Ruby Testing
- Tests across Ruby 3.2, 3.3 and 3.4
- Cross-platform support (Ubuntu, macOS)
- Parallel test execution for speed
๐ Comprehensive Security
- CodeQL static analysis
- Dependency vulnerability scanning
- Secret detection in git history
- Container security scanning
- Automated security updates
๐ Quality Enforcement
- RuboCop code style enforcement
- Test coverage reporting (90% threshold)
- Documentation coverage checking
- Markdown and YAML linting
๐ Automated Releases
- Semantic version bumping
- Automated changelog generation
- RubyGems publishing
- GitHub release creation
- Slack release notifications
๐ฅ Community Management
- Welcome messages for new contributors
- Stale issue/PR management
- Contributor achievement recognition
- Community health monitoring
๐ท๏ธ Smart Labeling
- 33 professionally designed labels
- Automatic labeling based on file changes
- PR size detection and labeling
- Accessible color scheme (WCAG AA compliant)
๐ค Contributing
- Fork this repository
- Create a feature branch
- Make your changes
- Run validation workflows
- Submit a pull request
๐ License
This project is licensed under the MIT License - see the LICENSE.txt file for details.
Note: This template is designed for Ruby gem projects and may require adjustments for other languages or frameworks. It is battle-tested and ready to use, but always review and customize workflows to fit your specific needs.