Initial commit

.all-contributorsrc

@@ -0,0 +1,72 @@
+{
+  "files": [
+    "README.md"
+  ],
+  "imageSize": 100,
+  "commit": false,
+  "contributors": [
+    {
+      "login": "scottyhq",
+      "name": "Scott Henderson",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3924836?v=4",
+      "profile": "http://scottyhq.github.io",
+      "contributions": [
+        "eventOrganizing",
+        "code",
+        "ideas",
+        "content"
+      ]
+    },
+    {
+      "login": "aaarendt",
+      "name": "Anthony Arendt",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4993098?v=4",
+      "profile": "http://psc.apl.uw.edu/people/investigators/anthony-arendt/",
+      "contributions": [
+        "eventOrganizing",
+        "ideas",
+        "content"
+      ]
+    },
+    {
+      "login": "lsetiawan",
+      "name": "Landung \"Don\" Setiawan",
+      "avatar_url": "https://avatars.githubusercontent.com/u/17802172?v=4",
+      "profile": "https://www.linkedin.com/in/landungsetiawan/",
+      "contributions": [
+        "eventOrganizing",
+        "ideas",
+        "content",
+        "code"
+      ]
+    },
+    {
+      "login": "JessicaS11",
+      "name": "Jessica Scheick",
+      "avatar_url": "https://avatars.githubusercontent.com/u/11756442?v=4",
+      "profile": "https://github.com/JessicaS11",
+      "contributions": [
+        "code",
+        "ideas",
+        "content"
+      ]
+    },
+    {
+      "login": "jomey",
+      "name": "Joachim Meyer",
+      "avatar_url": "https://avatars.githubusercontent.com/u/178649?v=4",
+      "profile": "https://github.com/jomey",
+      "contributions": [
+        "code",
+        "ideas",
+        "content"
+      ]
+    }
+  ],
+  "contributorsPerLine": 7,
+  "projectName": "jupyterbook-template",
+  "projectOwner": "uwhackweek",
+  "repoType": "github",
+  "repoHost": "https://github.com",
+  "skipCi": true
+}

.codespellignore

@@ -0,0 +1,2 @@
+hsa
+slippy

.editorconfig

@@ -0,0 +1,36 @@
+# https://EditorConfig.org
+
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 4
+
+[*.ipynb]
+# Content is json, but it seems to be minimally formatted
+indent_size = unset
+
+[*.js]
+indent_size = 2
+
+[*.json]
+indent_size = 2
+
+[*.md]
+indent_size = unset
+
+[*.py]
+# yapf and black will use indents other than 4 spaces
+indent_size = unset
+
+[*.rst]
+indent_size = unset
+
+[*.{yml,yaml}]
+indent_size = 2
+max_line_length = 100

.github/actions/README.md

@@ -0,0 +1,53 @@
+# eScience Hackweek Jupyterbook Template GitHub Actions
+
+This folder contains continuous integration workflows to perform a variety of tasks such as checking for spelling errors and broken links, ensuring HTML is generated without errors, and publishing the website.
+
+## Actions
+
+the `actions/` subfolder contains common [composite actions steps](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action) that any workflow can use.
+
+#### [setupconda](./setupconda/action.yaml)
+Steps to configure conda environment required to build the website.
+
+#### [buildresources](./buildresources/action.yaml)
+Steps to build the hackweek landing webpage and JupyterBook.
+
+
+## Workflows
+
+The `workflows/` subfolder contains continuous integration workflows
+
+#### [binder-badge.yaml](../workflows/binder-badge.yaml)
+Create [binder](https://mybinder.readthedocs.io/en/latest/howto/gh-actions-badges.html) badges with links to test tutorial notebooks
+
+#### [build-website.yaml](../workflows/build-website.yaml)
+Build the websites (JupyterBook and front page). Run on Pull Requests against every commit and via a 'cron' schedule to maintain caching [since otherwise the cache expires if untouched in 7 days](https://docs.github.com/en/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)
+
+#### [deploy.yaml](../workflows/deploy.yaml)
+Render and publish the websites (JupyterBook and landing page) to GitHub Pages
+
+#### [manual.yaml](../workflows/manual.yaml)
+Bypass usage of the cache to manually trigger a full rebuild of the JupyterBook and landing page
+
+#### [netlifypreview.yaml](../workflows/netlifypreview.yaml)
+Creates public preview, via [netlify](https://jupyterbook.org/publish/netlify.html), of changes by building from a PR
+
+#### [qaqc.yaml](../workflows/qaqc.yaml)
+Quality assessment and quality control. Standardizes formatting including spell check, hyperlink check, and clearing notebook outputs
+
+#### [repo2docker.yaml](../workflows/repo2docker.yaml)
+[Build a Docker image](https://github.com/jupyterhub/repo2docker-action) for JupyterHub/BinderHub
+
+#### [template-sync.yaml](../workflows/template-sync.yaml)
+Open a PR to update the templated repo to incorporate changes made to the
+[template repo](https://github.com/uwhackweek/jupyterbook-template).
+Template users should fill out the [.templatesyncignore](../../../.templatesyncignore)
+to specify which files they do not want updated from the template.
+Note that if you want the GitHub action and workflow files to be updated,
+you will need to [create a personal access token(PAT)](https://github.com/AndreasAugustin/actions-template-sync?tab=readme-ov-file#troubleshooting).
+Alternatively, you must add ".github/**" to your `.templatesyncignore` file, and your actions will not be updated.
+
+
+## Security
+
+It's desirable for hackweek websites to have contributions from anyone, so the website repository should allow for changes via pull requests from forks. By default workflows running off forked repositories do not have access to secrets, but [following security best practices](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) you can require adding a label to a pull request in order to run a workflow that requires secrets. For an example, see the [netlifypreview.yaml](./actions/workflows/netlifypreview.yaml) workflow.

.github/actions/buildresources/action.yaml

@@ -0,0 +1,64 @@
+name: 'Build Jupyterbook'
+description: 'Build the Jupyterbook with desired run features'
+
+inputs:
+  jb-cache:
+    description: “Set up the Jupyterbook Cache (boolean)”
+    required: true
+  publish-to-gh:
+    description: “Publish to GitHub Pages (boolean)”
+    required: true
+  jb-save:
+    description: "Save the Jupyterbook Build (boolean)"
+    required: true
+  token:
+    description: 'A GitHub Personal Access Token (for publishing)'
+    required: false
+    default: '0'
+
+runs:
+  using: "composite"
+  steps:
+    - name: Setup JupyterBook Cache
+      if: inputs.jb-cache == 'true'
+      uses: actions/cache@v4
+      with:
+        path: ./book/_build
+        # NOTE: change key to "jupyterbook-N+1" to force rebuilding cache
+        key: jupyterbook-0
+
+    - uses: ./.github/actions/setupconda
+
+    - name: Build JupyterBook
+      shell: bash -l {0}
+      run: |
+        ./scripts/build_resources.sh
+
+    - name: Dump Build Logs
+      if: always()
+      shell: bash -l {0}
+      run: |
+        if (test -a book/_build/html/reports/*log); then cat book/_build/html/reports/*log ; fi
+
+    - name: Upload Pages HTML
+      if: inputs.publish-to-gh == 'true'
+      uses: actions/upload-pages-artifact@v3
+      with:
+        path: book/_build/html
+
+    - name: Setup GitHub Pages
+      if: inputs.publish-to-gh == 'true'
+      uses: actions/configure-pages@v5
+
+    - name: Deploy to GitHub Pages
+      if: inputs.publish-to-gh == 'true'
+      id: deployment
+      uses: actions/deploy-pages@v4
+
+    - name: Upload Complete Build Folder
+      if: ${{ always() && inputs.jb-save == 'true'}}
+      uses: actions/upload-artifact@v4
+      with:
+        name: build-${{ inputs.os }}
+        path: book/_build/
+

.github/actions/setupconda/action.yaml

@@ -0,0 +1,12 @@
+name: 'Setup Conda'
+description: 'Create conda environment for GitHub Action Job'
+
+runs:
+  using: "composite"
+  steps:
+    - uses: mamba-org/setup-micromamba@v1
+      with:
+        environment-file: conda/conda-lock.yml
+        environment-name: hackweek
+        cache-environment: true
+        cache-downloads: true

.github/workflows/build_website.yaml

@@ -0,0 +1,52 @@
+name: Test website build across operating systems
+
+on:
+  schedule:
+    # run this once a week (sunday midnight) to preserve cache
+    # https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy
+    - cron:  '0 0 * * 0'
+  pull_request_target:
+    types: [labeled, synchronize]
+    paths:
+      - '.github/**/*'
+      - '{{ cookiecutter.repo_directory }}/**'
+      - 'book/**/*'
+      - 'conda/**'
+      - 'scripts/**'
+      - 'cookiecutter.yaml'
+    branches:
+      - main
+
+jobs:
+  build-and-test:
+    # This workflow accesses secrets (~/.netrc) so only run if labelled by repo owner
+    # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+    if: contains(github.event.pull_request.labels.*.name, 'preview')
+    name: Build and test on OS - ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ "ubuntu-latest", "macos-latest" ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}
+
+    - name: Configure NASA Earthdata Login
+      continue-on-error: true
+      env:
+        EARTHDATA_USER: ${{ secrets.EARTHDATA_USER}}
+        EARTHDATA_PASS: ${{ secrets.EARTHDATA_PASS }}
+      run: |
+        echo "machine urs.earthdata.nasa.gov login $EARTHDATA_USER password $EARTHDATA_PASS" > ~/.netrc
+        chmod 0600 ~/.netrc
+
+    - uses: ./.github/actions/buildresources
+      with:
+        jb-cache: false
+        publish-to-gh: false
+        jb-save: true
+        os: ${{ matrix.os }}

.github/workflows/deploy.yaml

@@ -0,0 +1,46 @@
+name: Deploy
+
+# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+on:
+  workflow_dispatch:
+  push:
+    paths:
+      - 'book/**'
+      - '{{ cookiecutter.repo_directory }}/**'
+      - 'scripts/**'
+      - '.github/workflows/deploy.yaml'
+      - 'cookiecutter.yaml'
+
+    branches:
+      - main
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Configure NASA Earthdata Login
+      continue-on-error: true
+      env:
+        EARTHDATA_USER: ${{ secrets.EARTHDATA_USER}}
+        EARTHDATA_PASS: ${{ secrets.EARTHDATA_PASS }}
+      run: |
+        echo "machine urs.earthdata.nasa.gov login $EARTHDATA_USER password $EARTHDATA_PASS" > ~/.netrc
+        chmod 0600 ~/.netrc
+
+    - uses: ./.github/actions/buildresources
+      with:
+        jb-cache: false
+        publish-to-gh: true
+        jb-save: true
+        token:  ${{ secrets.GITHUB_TOKEN }}

.github/workflows/ensure_clean_notebooks.py

@@ -0,0 +1,42 @@
+import sys
+from pathlib import Path
+
+import nb_clean as nbc
+import nbformat
+import yaml
+
+with open('./book/_config.yml') as f:
+  data = yaml.safe_load(f)
+
+# Sometimes we use rendered notebooks instead of executing them
+exclude_paths = []
+for pattern in data['execute']['exclude_patterns']:
+    exclude_paths += list(Path('book/tutorials').glob(pattern))
+    exclude_notebooks = [path.as_posix() for path in exclude_paths]
+print('Excluded from execution:\n', '\n'.join(exclude_notebooks))
+
+# Scrub outputs for spellcheck and linkcheck
+for notebook in exclude_notebooks:
+    print(f'Scrubbing outputs: {notebook}...')
+    nb = nbformat.read(notebook, as_version=nbformat.NO_CONVERT)
+    cleaned = nbc.clean_notebook(nb,
+                                 remove_empty_cells=True,
+                                 preserve_cell_metadata=True)
+    nbformat.write(cleaned, notebook)
+
+
+all_ipynbs = [path.as_posix() for path in Path('book/tutorials').rglob('*.ipynb')]
+ipynbs = [p for p in all_ipynbs if not '.ipynb_checkpoints' in p]
+
+results = []
+for notebook in ipynbs:
+    #if not notebook in exclude_notebooks:
+    print(f'Checking {notebook}...')
+    nb = nbformat.read(notebook, as_version=nbformat.NO_CONVERT)
+    result = nbc.check_notebook(nb,
+                                remove_empty_cells=False,
+                                preserve_cell_metadata=True)
+    results.append(result)
+
+if False in results:
+    sys.exit(1)