Initial commit

.all-contributorsrc

@@ -0,0 +1,72 @@
+{
+  "files": [
+    "README.md"
+  ],
+  "imageSize": 100,
+  "commit": false,
+  "contributors": [
+    {
+      "login": "scottyhq",
+      "name": "Scott Henderson",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3924836?v=4",
+      "profile": "http://scottyhq.github.io",
+      "contributions": [
+        "eventOrganizing",
+        "code",
+        "ideas",
+        "content"
+      ]
+    },
+    {
+      "login": "aaarendt",
+      "name": "Anthony Arendt",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4993098?v=4",
+      "profile": "http://psc.apl.uw.edu/people/investigators/anthony-arendt/",
+      "contributions": [
+        "eventOrganizing",
+        "ideas",
+        "content"
+      ]
+    },
+    {
+      "login": "lsetiawan",
+      "name": "Landung \"Don\" Setiawan",
+      "avatar_url": "https://avatars.githubusercontent.com/u/17802172?v=4",
+      "profile": "https://www.linkedin.com/in/landungsetiawan/",
+      "contributions": [
+        "eventOrganizing",
+        "ideas",
+        "content",
+        "code"
+      ]
+    },
+    {
+      "login": "JessicaS11",
+      "name": "Jessica",
+      "avatar_url": "https://avatars.githubusercontent.com/u/11756442?v=4",
+      "profile": "https://github.com/JessicaS11",
+      "contributions": [
+        "code",
+        "ideas",
+        "content"
+      ]
+    },
+    {
+      "login": "jomey",
+      "name": "Joachim Meyer",
+      "avatar_url": "https://avatars.githubusercontent.com/u/178649?v=4",
+      "profile": "https://github.com/jomey",
+      "contributions": [
+        "code",
+        "ideas",
+        "content"
+      ]
+    }
+  ],
+  "contributorsPerLine": 7,
+  "projectName": "jupyterbook-template",
+  "projectOwner": "uwhackweek",
+  "repoType": "github",
+  "repoHost": "https://github.com",
+  "skipCi": true
+}

.editorconfig

@@ -0,0 +1,35 @@
+# https://EditorConfig.org
+
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 4
+
+[*.ipynb]
+# Content is json, but it seems to be minimally formatted
+indent_size = unset
+
+[*.js]
+indent_size = 2
+
+[*.json]
+indent_size = 2
+
+[*.md]
+indent_size = unset
+
+[*.py]
+# yapf and black will use indents other than 4 spaces
+indent_size = unset
+
+[*.rst]
+indent_size = unset
+
+[{*.yml, *.yaml}]
+indent_size = 2

.github/actions/README.md

@@ -0,0 +1,46 @@
+# eScience Hackweek Jupyterbook Template GitHub Actions
+
+This folder contains continuous integration workflows to perform a variety of tasks such as checking for spelling errors and broken links, ensuring HTML is generated without errors, and publishing the website.
+
+## Actions
+
+the `actions/` subfolder contains common [composite actions steps](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action) that any workflow can use.
+
+#### [setupconda](./setupconda/action.yaml)
+Steps to configure conda environment required to build the website.
+
+#### [buildresources](./buildresources/action.yaml)
+Steps to build the hackweek landing webpage and JupyterBook.
+
+
+## Workflows
+
+The `workflows/` subfolder contains continuous integration workflows
+
+#### [binder-badge.yaml](../workflows/binder-badge.yaml)
+Create [binder](https://mybinder.readthedocs.io/en/latest/howto/gh-actions-badges.html) badges with links to test tutorial notebooks
+
+#### [deploy.yaml](../workflows/deploy.yaml)
+Render and publish the websites (JupyterBook and landing page) to GitHub Pages
+
+#### [manual.yaml](../workflows/manual.yaml)
+Bypass usage of the cache to manually trigger a full rebuild of the JupyterBook and landing page
+
+#### [netlifypreview.yaml](../workflows/netlifypreview.yaml)
+Creates public preview, via [netlify](https://jupyterbook.org/publish/netlify.html), of changes by building from a PR
+
+#### [qaqc.yaml](../workflows/qaqc.yaml)
+Quality assessment and quality control. Standardizes formatting including spell check, hyperlink check, and clearing notebook outputs
+
+#### [repo2docker.yaml](../workflows/repo2docker.yaml)
+[Build a Docker image](https://github.com/jupyterhub/repo2docker-action) for JupyterHub/BinderHub
+
+#### [test.yaml](../workflows/test.yaml)
+Build the websites (JupyterBook and front page). Run on Pull Requests against every commit and via a 'cron' schedule to maintain caching [since otherwise the cache expires if untouched in 7 days](https://docs.github.com/en/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)
+
+#### [update_fr_template.yaml](../workflows/update_fr_template.yaml)
+Update the current repo from the original template (`uwhackweek/jupyterbook-template`). Run manually to collect any updates made to template files listed in `.templaterc.json`, commit them to a new branch, and submit a PR the repo created from the template.
+
+## Security
+
+It's desirable for hackweek websites to have contributions from anyone, so the website repository should allow for changes via pull requests from forks. By default workflows running off forked repositories do not have access to secrets, but [following security best practices](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) you can require adding a label to a pull request in order to run a workflow that requires secrets. For an example, see the [netlifypreview.yaml](./actions/workflows/netlifypreview.yaml) workflow.

.github/actions/buildresources/action.yaml

@@ -0,0 +1,59 @@
+name: 'Build Jupyterbook'
+description: 'Build the Jupyterbook with desired run features'
+
+inputs:
+  jb-cache:
+    description: “Set up the Jupyterbook Cache (boolean)”
+    required: true
+  publish-to-gh:
+    description: “Publish to GitHub Pages (boolean)”
+    required: true
+  jb-save:
+    description: "Save the Jupyterbook Build (boolean)"
+    required: true
+  token:
+    description: 'A GitHub Personal Access Token (for publishing)'
+    required: false
+    default: '0'
+
+runs:
+  using: "composite"
+  steps:
+    - name: Setup JupyterBook Cache
+      if: inputs.jb-cache == 'true'
+      uses: actions/cache@v2
+      with:
+        path: ./book/_build
+        # NOTE: change key to "jupyterbook-N+1" to force rebuilding cache
+        key: jupyterbook-0
+
+    - uses: ./.github/actions/setupconda
+
+    - name: Build JupyterBook
+      shell: bash -l {0}
+      run: |
+        ./scripts/build_resources.sh
+        
+    - name: Dump Build Logs
+      if: always()
+      shell: bash -l {0}
+      run: |
+        if (test -a book/_build/html/reports/*log); then cat book/_build/html/reports/*log ; fi
+
+    - name: Publish to GitHub Pages
+      if: inputs.publish-to-gh == 'true'
+      uses: peaceiris/actions-gh-pages@v3
+      with:
+        github_token: ${{github.token}}
+        publish_dir: book/_build/html
+        publish_branch: gh-pages
+        enable_jekyll: false
+        cname: REPLACE_ME.hackweek.io
+
+    - name: Save Build
+      if: ${{ always() && inputs.jb-save == 'true'}} 
+      uses: actions/upload-artifact@v3
+      with:
+        name: build
+        path: book/_build/
+

.github/actions/setupconda/action.yaml

@@ -0,0 +1,43 @@
+name: 'Setup Conda'
+description: 'Create conda environment for GitHub Action Job'
+
+runs:
+  using: "composite"
+  steps:
+    - name: Cache Conda Packages
+      id: cache-packages
+      uses: actions/cache@v3
+      env:
+        # Increase this value to reset cache if conda/conda-lock.yml has not changed
+        CACHE_NUMBER: 0
+      with:
+        path: ~/conda_pkgs_dir
+        key:
+          ${{ runner.os }}-conda-packages-${{ env.CACHE_NUMBER }}-${{ hashFiles('conda/conda-lock.yml') }}
+
+    - name: Setup Mambaforge
+      uses: conda-incubator/setup-miniconda@v2
+      with:
+        miniforge-version: 4.14.0-0
+        miniforge-variant: Mambaforge
+        use-mamba: true
+        auto-update-conda: false
+        activate-environment: hackweek
+        use-only-tar-bz2: true # IMPORTANT: This needs to be set for conda package cache to work properly!
+
+    - name: Cache Entire Conda Environment
+      id: cache-env
+      uses: actions/cache@v3
+      env:
+        CACHE_NUMBER: 0
+      with:
+        path: ${{ env.CONDA }}/envs
+        key:
+          ${{ runner.os }}-conda-environment-${{ env.CACHE_NUMBER }}-${{ hashFiles('conda/conda-lock.yml') }}
+
+    - name: Update Conda Environment
+      if: steps.cache-env.outputs.cache-hit != 'true'
+      env:
+        ENVFILE: conda/conda-${{ runner.os == 'Linux' && 'linux' || 'osx'  }}-64.lock.yml
+      shell: bash -l {0}
+      run: mamba env update -n hackweek -f $ENVFILE

.github/workflows/binder-badge.yaml

@@ -0,0 +1,38 @@
+name: AddBinderBadge
+# https://github.com/jupyterhub/repo2docker-action#cache-builds-on-mybinderorg-and-provide-a-link
+on:
+  pull_request:
+    types: [opened, reopened]
+    paths:
+      - 'book/tutorials/**'
+      - '.github/workflows/binder-badge.yml'
+      - 'conda/**'
+jobs:
+  add-badge:
+    runs-on: ubuntu-20.04
+    steps:
+    - name: Checkout PR
+      uses: actions/checkout@v2
+
+    - name: cache binder build on mybinder.org
+      uses: jupyterhub/repo2docker-action@master
+      with:
+        NO_PUSH: true
+        MYBINDERORG_TAG: ${{ github.event.pull_request.head.ref }}
+
+    - name: Comment on PR with Binder link
+      uses: actions/github-script@v3
+      env:
+        BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
+        CONTENT_REPO: ${{github.event.pull_request.head.repo.full_name}}
+      with:
+        github-token: ${{secrets.GITHUB_TOKEN}}
+        script: |
+          var BRANCH_NAME = process.env.BRANCH_NAME;
+          var CONTENT_REPO = process.env.CONTENT_REPO;
+          github.issues.createComment({
+            issue_number: context.issue.number,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            body: `[![Binder](https://mybinder.org/badge_logo.svg)](https://mybinder.org/v2/gh/${context.repo.owner}/${context.repo.repo}/${BRANCH_NAME}) :point_left: Launch a binder notebook on this branch`
+          })

.github/workflows/build_website.yaml

@@ -0,0 +1,51 @@
+name: Test website build across operating systems
+
+on:
+  schedule:
+    # run this once a week (sunday midnight) to preserve cache
+    # https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy
+    - cron:  '0 0 * * 0'
+  pull_request_target:
+    types: [labeled, synchronize]
+    paths:
+      - '.github/**'
+      - '{{ cookiecutter.repo_directory }}/**'
+      - 'book/**'
+      - 'conda/**'
+      - 'scripts/**'
+      - 'cookiecutter.yaml'
+    branches:
+      - main
+
+jobs:
+  build-and-test:
+    # This workflow accesses secrets (~/.netrc) so only run if labelled by repo owner
+    # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+    if: contains(github.event.pull_request.labels.*.name, 'preview')
+    name: Build and test on OS - ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ "ubuntu-latest", "macos-latest" ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}
+
+    - name: Configure NASA Earthdata Login
+      continue-on-error: true
+      env:
+        EARTHDATA_USER: ${{ secrets.EARTHDATA_USER}}
+        EARTHDATA_PASS: ${{ secrets.EARTHDATA_PASS }}
+      run: |
+        echo "machine urs.earthdata.nasa.gov login $EARTHDATA_USER password $EARTHDATA_PASS" > ~/.netrc
+        chmod 0600 ~/.netrc
+
+    - uses: ./.github/actions/buildresources
+      with:
+        jb-cache: false
+        publish-to-gh: false
+        jb-save: true

.github/workflows/deploy.yaml

@@ -0,0 +1,38 @@
+name: Deploy
+
+on:
+  push:
+    paths:
+      - 'book/**'
+      - '{{ cookiecutter.repo_directory }}/**'
+      - 'scripts/**'
+      - '.github/workflows/deploy.yaml'
+      - '.github/actions/**'
+      - 'cookiecutter.yaml'
+
+    branches:
+      - main
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-20.04
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Configure NASA Earthdata Login
+      continue-on-error: true
+      env:
+        EARTHDATA_USER: ${{ secrets.EARTHDATA_USER}}
+        EARTHDATA_PASS: ${{ secrets.EARTHDATA_PASS }}
+      run: |
+        echo "machine urs.earthdata.nasa.gov login $EARTHDATA_USER password $EARTHDATA_PASS" > ~/.netrc
+        chmod 0600 ~/.netrc
+
+    - uses: ./.github/actions/buildresources
+      with:
+        jb-cache: false
+        publish-to-gh: true
+        jb-save: true
+        token:  ${{ secrets.GH_PAT }}