From 57b4abe8fd21bfd03d1010f82ff20d33aea353c4 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Fri, 27 May 2022 18:04:15 -0400 Subject: [PATCH 01/45] Update actions/setup-go from v2 to v3 Additionally as of v3.1.0 of actions/setup-go there is a go-version output value to retrieve the version of Go installed by the Action. This allows us to remove the step to manually retrieve this information from the Go executable. --- .github/workflows/build.yml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 27b2dcf..3216eec 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,14 +26,10 @@ jobs: python-version: "3.10" # We need the Go version and Go cache location for the actions/cache step, # so the Go installation must happen before that. - - uses: actions/setup-go@v2 + - id: setup-go + uses: actions/setup-go@v3 with: go-version: "1.16" - - name: Store installed Go version - id: go-version - run: | - echo "::set-output name=version::"\ - "$(go version | sed 's/^go version go\([0-9.]\+\) .*/\1/')" - name: Lookup Go cache directory id: go-cache run: | @@ -42,7 +38,7 @@ jobs: env: BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ py${{ steps.setup-python.outputs.python-version }}-\ - go${{ steps.go-version.outputs.version }}-\ + go${{ steps.setup-go.outputs.go-version }}-\ packer${{ steps.setup-env.outputs.packer-version }}-\ tf${{ steps.setup-env.outputs.terraform-version }}-" with: From 8f6849857bc2a66254cafa94db31526692fab209 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Fri, 27 May 2022 18:07:10 -0400 Subject: [PATCH 02/45] Update the version of Go used from 1.16 to 1.18 Go 1.16 is no longer supported as of the release of 1.18 so it makes sense to update to the latest version available. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3216eec..d4c50c5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,7 +29,7 @@ jobs: - id: setup-go uses: actions/setup-go@v3 with: - go-version: "1.16" + go-version: "1.18" - name: Lookup Go cache directory id: go-cache run: | From fc55e84feba28e9652e2a21b976e3f8225b708af Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 8 Nov 2022 13:27:47 -0500 Subject: [PATCH 03/45] Update the version of Go used from 1.18 to 1.19 Go 1.19 was released while this branch was in the wings and it makes sense to bump to the latest Go release. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d4c50c5..66e0c95 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,7 +29,7 @@ jobs: - id: setup-go uses: actions/setup-go@v3 with: - go-version: "1.18" + go-version: "1.19" - name: Lookup Go cache directory id: go-cache run: | From 2775dfa470b433cb9692b5b8c604ad55aa24ea2a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Nov 2022 20:00:23 +0000 Subject: [PATCH 04/45] Bump hashicorp/setup-terraform from 1 to 2 Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 1 to 2. - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/setup-terraform/compare/v1...v2) --- updated-dependencies: - dependency-name: hashicorp/setup-terraform dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 66e0c95..37df1a3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -74,7 +74,7 @@ jobs: ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" sudo mv /usr/local/bin/packer /usr/local/bin/packer-default sudo ln -s /opt/packer/packer /usr/local/bin/packer - - uses: hashicorp/setup-terraform@v1 + - uses: hashicorp/setup-terraform@v2 with: terraform_version: ${{ steps.setup-env.outputs.terraform-version }} - name: Install shfmt From 1f7c62e5f21f1ee0a034122b1e96e2e035ae4a5b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Nov 2022 20:06:28 +0000 Subject: [PATCH 05/45] Bump actions/setup-python from 3 to 4 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 37df1a3..a624fe2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -21,7 +21,7 @@ jobs: uses: cisagov/setup-env-github-action@develop - uses: actions/checkout@v3 - id: setup-python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: python-version: "3.10" # We need the Go version and Go cache location for the actions/cache step, From 6a9c630f869dbd96001d9a00ea300e3195f2c05d Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Fri, 27 May 2022 17:30:33 -0400 Subject: [PATCH 06/45] Add an ownership comment to the Dependabot configuration Add a comment that states that the commented out ignore directives are managed by cisagov/skeleton-generic. --- .github/dependabot.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 208659c..38ffdc0 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -12,6 +12,7 @@ updates: schedule: interval: "weekly" # ignore: + # # Managed by cisagov/skeleton-generic # - dependency-name: actions/cache # - dependency-name: actions/checkout # - dependency-name: actions/setup-python From dfd54e9ad294cedce783c61071f5dab151cf79e5 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Fri, 27 May 2022 17:38:06 -0400 Subject: [PATCH 07/45] Add additional Dependabot ignore directives This adds the other versioned Actions that should be managed by cisagov/skeleton-generic to the list of commented out dependencies to ignore. --- .github/dependabot.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 38ffdc0..fef57f5 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -15,7 +15,10 @@ updates: # # Managed by cisagov/skeleton-generic # - dependency-name: actions/cache # - dependency-name: actions/checkout + # - dependency-name: actions/setup-go # - dependency-name: actions/setup-python + # - dependency-name: hashicorp/setup-terraform + # - dependency-name: mxschmitt/action-tmate - package-ecosystem: "pip" directory: "/" From 71a88a5694347f17115f90f69e8ab09108aae1ed Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 11 Oct 2022 10:57:16 -0400 Subject: [PATCH 08/45] Remove usage of set-output from our GitHub Actions workflow GitHub has deprecated the set-output command per: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ This updates the GitHub Actions workflow to use the newly preferred method to set the output for a job's step. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a624fe2..8d17421 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -33,7 +33,7 @@ jobs: - name: Lookup Go cache directory id: go-cache run: | - echo "::set-output name=dir::$(go env GOCACHE)" + echo "dir=$(go env GOCACHE)" >> $GITHUB_OUTPUT - uses: actions/cache@v3 env: BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ From 21a68f461cf04ee5009c22e6311afdfdeff6f0fe Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 7 Sep 2022 13:35:44 -0400 Subject: [PATCH 09/45] Enable the allow-non-breakable-inline-mappings rule for yamllint --- .yamllint | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.yamllint b/.yamllint index 76a1cce..b5b302f 100644 --- a/.yamllint +++ b/.yamllint @@ -8,6 +8,14 @@ rules: # this behavior. comments-indentation: disable + # yamllint does not allow inline mappings that exceed the line length by + # default. There are many scenarios where the inline mapping may be a key, + # hash, or other long value that would exceed the line length but cannot + # reasonably be broken across lines. + line-length: + # This rule implies the allow-non-breakable-words rule + allow-non-breakable-inline-mappings: true + # yamllint doesn't like when we use yes and no for true and false, # but that's pretty standard in Ansible. truthy: disable From 3547c4f28d98a0e08582f5cf02e53d102a9e5dac Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 7 Sep 2022 13:37:21 -0400 Subject: [PATCH 10/45] Increase the maximum line length in the yamllint configuration Increase the line length maximum from the default of 80 to 88. This 10% increase mirrors the line length allowed in other linter configurations such as black. --- .yamllint | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.yamllint b/.yamllint index b5b302f..8f4e6bf 100644 --- a/.yamllint +++ b/.yamllint @@ -15,7 +15,8 @@ rules: line-length: # This rule implies the allow-non-breakable-words rule allow-non-breakable-inline-mappings: true - + # Allows a 10% overage from the default limit of 80 + max: 88 # yamllint doesn't like when we use yes and no for true and false, # but that's pretty standard in Ansible. truthy: disable From b1ea3d4239179f9dc15a3509593f921c77dedc6b Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Fri, 14 Oct 2022 09:48:04 -0400 Subject: [PATCH 11/45] Fix the repo of the flake8 pre-commit hook Per PyCQA/flake8#1290 this hook moved from GitLab to GitHub. The version we use is bumped to the latest tag on GitHub as well. --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c5c2e10..804fa6c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -91,8 +91,8 @@ repos: rev: 22.3.0 hooks: - id: black - - repo: https://gitlab.com/pycqa/flake8 - rev: 3.9.2 + - repo: https://github.com/PyCQA/flake8 + rev: 5.0.4 hooks: - id: flake8 additional_dependencies: From fb8d13f5baff79b0f0e8a231cdf2c68817695d4e Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Fri, 27 May 2022 18:45:45 -0400 Subject: [PATCH 12/45] Update pre-commit hooks Update pre-commit hooks using `pre-commit autoupdate`. The `ansible-lint` hook is intentionally held back due to issues with upgrading to v6. --- .pre-commit-config.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 804fa6c..25f8d1d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -5,7 +5,7 @@ default_language_version: repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.1.0 + rev: v4.3.0 hooks: - id: check-case-conflict - id: check-executables-have-shebangs @@ -31,17 +31,17 @@ repos: # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.31.1 + rev: v0.32.2 hooks: - id: markdownlint args: - --config=.mdl_config.yaml - repo: https://github.com/pre-commit/mirrors-prettier - rev: v2.6.1 + rev: v3.0.0-alpha.4 hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.26.3 + rev: v1.28.0 hooks: - id: yamllint args: @@ -49,14 +49,14 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.14.2 + rev: 0.18.4 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v2.17.0 + rev: v2.20.0 hooks: - id: validate_manifest @@ -88,7 +88,7 @@ repos: args: - --config=.bandit.yml - repo: https://github.com/psf/black - rev: 22.3.0 + rev: 22.10.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 @@ -102,11 +102,11 @@ repos: hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v0.942 + rev: v0.990 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade - rev: v2.31.1 + rev: v3.2.0 hooks: - id: pyupgrade @@ -119,14 +119,14 @@ repos: # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.64.0 + rev: v1.76.0 hooks: - id: terraform_fmt - id: terraform_validate # Docker hooks - repo: https://github.com/IamTheFij/docker-pre-commit - rev: v2.1.0 + rev: v2.1.1 hooks: - id: docker-compose-check From e5fbd70b2035b6de74c5bcc804af929a19d9cb17 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 5 Oct 2022 04:44:13 -0400 Subject: [PATCH 13/45] Add a label configuration file This configuration file stores information about the labels expected in this repository. --- .github/labels.yml | 67 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 .github/labels.yml diff --git a/.github/labels.yml b/.github/labels.yml new file mode 100644 index 0000000..7d7f7f3 --- /dev/null +++ b/.github/labels.yml @@ -0,0 +1,67 @@ +--- +# Rather than breaking up descriptions into multiline strings we disable that +# specific rule in yamllint for this file. +# yamllint disable rule:line-length +- color: "#eb6420" + description: This issue or pull request is awaiting the outcome of another issue or pull request + name: blocked +- color: "#000000" + description: This issue or pull request involves changes to existing functionality + name: breaking change +- color: "#d73a4a" + description: This issue or pull request addresses broken functionality + name: bug +- color: "#07648d" + description: This issue will be advertised on code.gov's Open Tasks page (https://code.gov/open-tasks) + name: code.gov +- color: "#0366d6" + description: Pull requests that update a dependency file + name: dependencies +- color: "#5319e7" + description: This issue or pull request improves or adds to documentation + name: documentation +- color: "#5319e7" + description: This issue or pull request improves or adds to documentation + name: documentation +- color: "#cfd3d7" + description: This issue or pull request already exists or is covered in another issue or pull request + name: duplicate +- color: "#b005bc" + description: A high-level objective issue encompassing multiple issues instead of a specific unit of work + name: epic +- color: "#000000" + description: Pull requests that update GitHub Actions code + name: github-actions +- color: "#0e8a16" + description: This issue or pull request is well-defined and good for newcomers + name: good first issue +- color: "#ff7518" + description: Pull request that should count toward Hacktoberfest participation + name: hacktoberfest-accepted +- color: "#a2eeef" + description: This issue or pull request will add or improve functionality, maintainability, or ease of use + name: improvement +- color: "#fef2c0" + description: This issue or pull request is not applicable, incorrect, or obsolete + name: invalid +- color: "#ce099a" + description: This pull request is ready to merge during the next Lineage Kraken release + name: kraken 🐙 +- color: "#a4fc5d" + description: This issue or pull request requires further information + name: need info +- color: "#fcdb45" + description: This pull request is awaiting an action or decision to move forward + name: on hold +- color: "#ef476c" + description: This issue is a request for information or needs discussion + name: question +- color: "#1d76db" + description: This issue or pull request pulls in upstream updates + name: upstream update +- color: "#d4c5f9" + description: This issue or pull request increments the version number + name: version bump +- color: "#ffffff" + description: This issue will not be incorporated + name: wontfix From b9792a8d18d3690b8497e0cfe31ce855c85a7c2b Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 5 Oct 2022 04:57:03 -0400 Subject: [PATCH 14/45] Add a workflow to synchronize repository labels This adds a workflow to ensure that the repository labels are updated to reflect changes to the label configuration file .github/labels.yml. --- .github/workflows/sync-labels.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/workflows/sync-labels.yml diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml new file mode 100644 index 0000000..ae7c091 --- /dev/null +++ b/.github/workflows/sync-labels.yml @@ -0,0 +1,29 @@ +--- +name: sync-labels + +on: + push: + paths: + - '.github/labels.yml' + - '.github/workflows/sync-labels.yml' + +permissions: + contents: read + +jobs: + labeler: + permissions: + # actions/checkout needs this to fetch code + contents: read + # crazy-max/ghaction-github-labeler needs this to manage repository labels + issues: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Sync repository labels + if: success() + uses: crazy-max/ghaction-github-labeler@v4 + with: + # This is a hideous ternary equivalent so we only do a dry run unless + # this workflow is triggered by the develop branch. + dry-run: ${{ github.ref_name == 'develop' && 'false' || 'true' }} From 161c4aebba002d4073a634749f3ae67f649a8a2a Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Fri, 21 Oct 2022 15:56:30 -0400 Subject: [PATCH 15/45] Remove duplicate label --- .github/labels.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/labels.yml b/.github/labels.yml index 7d7f7f3..24bd511 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -20,9 +20,6 @@ - color: "#5319e7" description: This issue or pull request improves or adds to documentation name: documentation -- color: "#5319e7" - description: This issue or pull request improves or adds to documentation - name: documentation - color: "#cfd3d7" description: This issue or pull request already exists or is covered in another issue or pull request name: duplicate From 5993231c3a136c86fe2dad178ac47495771cccce Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Fri, 21 Oct 2022 15:56:49 -0400 Subject: [PATCH 16/45] Add a label for issues or PRs that involve test code --- .github/labels.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/labels.yml b/.github/labels.yml index 24bd511..b108748 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -53,6 +53,9 @@ - color: "#ef476c" description: This issue is a request for information or needs discussion name: question +- color: "#00008b" + description: This issue or pull request adds or otherwise modifies test code + name: test - color: "#1d76db" description: This issue or pull request pulls in upstream updates name: upstream update From 6cc53dc1f0bf5123465082100c57bb6a325024cf Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 9 Nov 2022 11:23:04 -0500 Subject: [PATCH 17/45] Fix GitHub label color values Update the configuration for repository labels to remove the leading `#` from color values. With a `#` leading the values they are seen as invalid by the GitHub API. --- .github/labels.yml | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/labels.yml b/.github/labels.yml index b108748..500b000 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -2,66 +2,66 @@ # Rather than breaking up descriptions into multiline strings we disable that # specific rule in yamllint for this file. # yamllint disable rule:line-length -- color: "#eb6420" +- color: "eb6420" description: This issue or pull request is awaiting the outcome of another issue or pull request name: blocked -- color: "#000000" +- color: "000000" description: This issue or pull request involves changes to existing functionality name: breaking change -- color: "#d73a4a" +- color: "d73a4a" description: This issue or pull request addresses broken functionality name: bug -- color: "#07648d" +- color: "07648d" description: This issue will be advertised on code.gov's Open Tasks page (https://code.gov/open-tasks) name: code.gov -- color: "#0366d6" +- color: "0366d6" description: Pull requests that update a dependency file name: dependencies -- color: "#5319e7" +- color: "5319e7" description: This issue or pull request improves or adds to documentation name: documentation -- color: "#cfd3d7" +- color: "cfd3d7" description: This issue or pull request already exists or is covered in another issue or pull request name: duplicate -- color: "#b005bc" +- color: "b005bc" description: A high-level objective issue encompassing multiple issues instead of a specific unit of work name: epic -- color: "#000000" +- color: "000000" description: Pull requests that update GitHub Actions code name: github-actions -- color: "#0e8a16" +- color: "0e8a16" description: This issue or pull request is well-defined and good for newcomers name: good first issue -- color: "#ff7518" +- color: "ff7518" description: Pull request that should count toward Hacktoberfest participation name: hacktoberfest-accepted -- color: "#a2eeef" +- color: "a2eeef" description: This issue or pull request will add or improve functionality, maintainability, or ease of use name: improvement -- color: "#fef2c0" +- color: "fef2c0" description: This issue or pull request is not applicable, incorrect, or obsolete name: invalid -- color: "#ce099a" +- color: "ce099a" description: This pull request is ready to merge during the next Lineage Kraken release name: kraken 🐙 -- color: "#a4fc5d" +- color: "a4fc5d" description: This issue or pull request requires further information name: need info -- color: "#fcdb45" +- color: "fcdb45" description: This pull request is awaiting an action or decision to move forward name: on hold -- color: "#ef476c" +- color: "ef476c" description: This issue is a request for information or needs discussion name: question -- color: "#00008b" +- color: "00008b" description: This issue or pull request adds or otherwise modifies test code name: test -- color: "#1d76db" +- color: "1d76db" description: This issue or pull request pulls in upstream updates name: upstream update -- color: "#d4c5f9" +- color: "d4c5f9" description: This issue or pull request increments the version number name: version bump -- color: "#ffffff" +- color: "ffffff" description: This issue will not be incorporated name: wontfix From 8f1263549992de1edd4d4e30afae3fd7c8a8c546 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 9 Nov 2022 11:24:25 -0500 Subject: [PATCH 18/45] Correct spacing in yamllint rules There was a missing empty line in the `.yamllint` file between two rule definitions. --- .yamllint | 1 + 1 file changed, 1 insertion(+) diff --git a/.yamllint b/.yamllint index 8f4e6bf..2a119a6 100644 --- a/.yamllint +++ b/.yamllint @@ -17,6 +17,7 @@ rules: allow-non-breakable-inline-mappings: true # Allows a 10% overage from the default limit of 80 max: 88 + # yamllint doesn't like when we use yes and no for true and false, # but that's pretty standard in Ansible. truthy: disable From 0bb91c5654db04ad15182dc8c0e491ae0664394f Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 31 Jan 2023 13:06:42 -0500 Subject: [PATCH 19/45] Update pre-commit hooks Update pre-commit hooks using `pre-commit autoupdate`. The `ansible-lint` hook is intentionally held back to be updated independently to v6. --- .pre-commit-config.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 25f8d1d..2764bb4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -5,7 +5,7 @@ default_language_version: repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.3.0 + rev: v4.4.0 hooks: - id: check-case-conflict - id: check-executables-have-shebangs @@ -31,7 +31,7 @@ repos: # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.32.2 + rev: v0.33.0 hooks: - id: markdownlint args: @@ -41,7 +41,7 @@ repos: hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.28.0 + rev: v1.29.0 hooks: - id: yamllint args: @@ -49,14 +49,14 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.18.4 + rev: 0.21.0 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v2.20.0 + rev: v3.0.2 hooks: - id: validate_manifest @@ -88,25 +88,25 @@ repos: args: - --config=.bandit.yml - repo: https://github.com/psf/black - rev: 22.10.0 + rev: 22.12.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 - rev: 5.0.4 + rev: 6.0.0 hooks: - id: flake8 additional_dependencies: - flake8-docstrings - repo: https://github.com/PyCQA/isort - rev: 5.10.1 + rev: 5.12.0 hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v0.990 + rev: v0.991 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade - rev: v3.2.0 + rev: v3.3.1 hooks: - id: pyupgrade @@ -119,7 +119,7 @@ repos: # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.76.0 + rev: v1.77.0 hooks: - id: terraform_fmt - id: terraform_validate From 313e79263e8b6a1fbd311e5b9543a2b9a99ab93b Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 2 Feb 2023 13:56:59 -0500 Subject: [PATCH 20/45] Add a security label --- .github/labels.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/labels.yml b/.github/labels.yml index 500b000..5b16492 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -53,6 +53,9 @@ - color: "ef476c" description: This issue is a request for information or needs discussion name: question +- color: "d73a4a" + description: This issue or pull request addresses a security issue + name: security - color: "00008b" description: This issue or pull request adds or otherwise modifies test code name: test From 744f07eb7497619ef4124bfe20ef8a6d2d071fb5 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Fri, 24 Mar 2023 11:06:27 -0400 Subject: [PATCH 21/45] Add @jasonodoom as a default codeowner --- .github/CODEOWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 371258c..8f5c8c5 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -3,8 +3,8 @@ # These owners will be the default owners for everything in the # repo. Unless a later match takes precedence, these owners will be # requested for review when someone opens a pull request. -* @dav3r @felddy @jsf9k @mcdonnnj +* @dav3r @felddy @jasonodoom @jsf9k @mcdonnnj # These folks own any files in the .github directory at the root of # the repository and any of its subdirectories. -/.github/ @dav3r @felddy @jsf9k @mcdonnnj +/.github/ @dav3r @felddy @jasonodoom @jsf9k @mcdonnnj From 8d39c8b402fc24084d57a27f33dada98832cced6 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 19 Apr 2023 11:56:30 -0400 Subject: [PATCH 22/45] Use Python 3.11 for the `lint` job in the `build` workflow This is the latest minor release of Python so it makes sense to use it as the default for this job. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8d17421..dc14a7d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,7 +23,7 @@ jobs: - id: setup-python uses: actions/setup-python@v4 with: - python-version: "3.10" + python-version: "3.11" # We need the Go version and Go cache location for the actions/cache step, # so the Go installation must happen before that. - id: setup-go From db5e7ffebaa44d240b1fb333bef5e34512115aa8 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 27 Mar 2023 08:37:24 -0400 Subject: [PATCH 23/45] Update pre-commit hook versions This is done automatically with the `pre-commit autoupdate` command. However the `ansible-lint` hook is manually kept back as we have not tested functionality to confirm that our roles will generally pass with the new version. --- .pre-commit-config.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2764bb4..0dabeb6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -37,11 +37,11 @@ repos: args: - --config=.mdl_config.yaml - repo: https://github.com/pre-commit/mirrors-prettier - rev: v3.0.0-alpha.4 + rev: v3.0.0-alpha.6 hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.29.0 + rev: v1.30.0 hooks: - id: yamllint args: @@ -49,14 +49,14 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.21.0 + rev: 0.22.0 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v3.0.2 + rev: v3.2.1 hooks: - id: validate_manifest @@ -82,13 +82,13 @@ repos: # Python hooks - repo: https://github.com/PyCQA/bandit - rev: 1.7.4 + rev: 1.7.5 hooks: - id: bandit args: - --config=.bandit.yml - repo: https://github.com/psf/black - rev: 22.12.0 + rev: 23.1.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 @@ -102,7 +102,7 @@ repos: hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v0.991 + rev: v1.1.1 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade @@ -119,7 +119,7 @@ repos: # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.77.0 + rev: v1.77.1 hooks: - id: terraform_fmt - id: terraform_validate From 4c595e68e41d663fe934124fcbeb289747cb1d54 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Mar 2023 15:54:24 +0000 Subject: [PATCH 24/45] Bump actions/setup-go from 3 to 4 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dc14a7d..269122b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -27,7 +27,7 @@ jobs: # We need the Go version and Go cache location for the actions/cache step, # so the Go installation must happen before that. - id: setup-go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version: "1.19" - name: Lookup Go cache directory From 9984792a22f733d33421b7b6cc77f0fb44ca8d7c Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Fri, 24 Feb 2023 11:17:03 -0500 Subject: [PATCH 25/45] Install/upgrade setuptools and wheel when upgrading pip When wheel gets installed alongside other packages, it may not get used when those other packages are installed. When that happens I see warnings like this: DEPRECATION: ansible-core is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559 This change should get rid of these warnings. Nota bene: This is the practice we follow in the Dockerfile in cisagov/skeleton-docker, but for some reason we never started using it in our workflows. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 269122b..bdd8c98 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -89,7 +89,7 @@ jobs: run: go install ${PACKAGE_URL}@${PACKAGE_VERSION} - name: Install dependencies run: | - python -m pip install --upgrade pip + python -m pip install --upgrade pip setuptools wheel pip install --upgrade --requirement requirements-test.txt - name: Set up pre-commit hook environments run: pre-commit install-hooks From a0bc20bb08292f0d532f52378b8af4f585c94427 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 14:00:52 -0400 Subject: [PATCH 26/45] Add Go hooks to support go code for our projects --- .pre-commit-config.yaml | 56 +++++++++++++++++++++++++++++++++-------- 1 file changed, 45 insertions(+), 11 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0dabeb6..65c676b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,17 +31,17 @@ repos: # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.33.0 + rev: v0.34.0 hooks: - id: markdownlint args: - --config=.mdl_config.yaml - repo: https://github.com/pre-commit/mirrors-prettier - rev: v3.0.0-alpha.6 + rev: v3.0.0-alpha.9-for-vscode hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.30.0 + rev: v1.31.0 hooks: - id: yamllint args: @@ -49,17 +49,51 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.22.0 + rev: 0.23.0 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v3.2.1 + rev: v3.3.1 hooks: - id: validate_manifest + # Go hooks + - repo: https://github.com/TekWizely/pre-commit-golang + rev: v1.0.0-rc.1 + hooks: + # Style Checkers + - id: go-lint + - id: go-critic + # Go Build + - id: go-build-mod + - id: go-build-pkg + - id: go-build-repo-mod + - id: go-build-repo-pkg + + # Go Mod Tidy + - id: go-mod-tidy + - id: go-mod-tidy-repo + + # Go Test + - id: go-test-mod + - id: go-test-pkg + - id: go-test-repo-mod + - id: go-test-repo-pkg + + # Go Vet + - id: go-vet + - id: go-vet-mod + - id: go-vet-pkg + - id: go-vet-repo-mod + - id: go-vet-repo-pkg + # GoSec + - id: go-sec-mod + - id: go-sec-pkg + - id: go-sec-repo-mod + - id: go-sec-repo-pkg # Shell script hooks - repo: https://github.com/cisagov/pre-commit-shfmt rev: v0.0.2 @@ -88,7 +122,7 @@ repos: args: - --config=.bandit.yml - repo: https://github.com/psf/black - rev: 23.1.0 + rev: 23.3.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 @@ -102,31 +136,31 @@ repos: hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v1.1.1 + rev: v1.2.0 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade - rev: v3.3.1 + rev: v3.3.2 hooks: - id: pyupgrade # Ansible hooks - repo: https://github.com/ansible-community/ansible-lint - rev: v5.4.0 + rev: v6.15.0 hooks: - id: ansible-lint # files: molecule/default/playbook.yml # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.77.1 + rev: v1.78.0 hooks: - id: terraform_fmt - id: terraform_validate # Docker hooks - repo: https://github.com/IamTheFij/docker-pre-commit - rev: v2.1.1 + rev: v3.0.1 hooks: - id: docker-compose-check From 3628e5fa20d334723ca4733a873110b52b07b406 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 14:08:25 -0400 Subject: [PATCH 27/45] Add Staticcheck --- .pre-commit-config.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 65c676b..b04a130 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -67,6 +67,11 @@ repos: # Style Checkers - id: go-lint - id: go-critic + # StaticCheck + - id: go-staticcheck-mod + - id: go-staticcheck-pkg + - id: go-staticcheck-repo-mod + - id: go-staticcheck-repo-pkg # Go Build - id: go-build-mod - id: go-build-pkg From 668724f0a5fc2742a5fd9ce7de16753664876d02 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:07:08 -0400 Subject: [PATCH 28/45] Fix indentation Co-authored-by: Shane Frasier --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b04a130..10d005e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -64,7 +64,7 @@ repos: - repo: https://github.com/TekWizely/pre-commit-golang rev: v1.0.0-rc.1 hooks: - # Style Checkers + # Style Checkers - id: go-lint - id: go-critic # StaticCheck From 3d422b8493f09867ce17b2254ba25678a9759d03 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:07:17 -0400 Subject: [PATCH 29/45] Fix indentation Co-authored-by: Shane Frasier --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 10d005e..20e57fa 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -67,7 +67,7 @@ repos: # Style Checkers - id: go-lint - id: go-critic - # StaticCheck + # StaticCheck - id: go-staticcheck-mod - id: go-staticcheck-pkg - id: go-staticcheck-repo-mod From 5571f4756c1499d29da617b6f53afe8bfaebcf8d Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:07:25 -0400 Subject: [PATCH 30/45] Fix indentation Co-authored-by: Shane Frasier --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 20e57fa..9d698a8 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -72,7 +72,7 @@ repos: - id: go-staticcheck-pkg - id: go-staticcheck-repo-mod - id: go-staticcheck-repo-pkg - # Go Build + # Go Build - id: go-build-mod - id: go-build-pkg - id: go-build-repo-mod From 4fd9501f753e1789261307b9e3829dd19dd3d42f Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:07:44 -0400 Subject: [PATCH 31/45] Fix formatting Co-authored-by: Shane Frasier --- .pre-commit-config.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9d698a8..4946d17 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -77,7 +77,6 @@ repos: - id: go-build-pkg - id: go-build-repo-mod - id: go-build-repo-pkg - # Go Mod Tidy - id: go-mod-tidy - id: go-mod-tidy-repo From 412101aff6363f06a9155fa21679637d5d5ca7dd Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:08:16 -0400 Subject: [PATCH 32/45] Fix formatting Co-authored-by: Shane Frasier --- .pre-commit-config.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4946d17..837d28b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -86,7 +86,6 @@ repos: - id: go-test-pkg - id: go-test-repo-mod - id: go-test-repo-pkg - # Go Vet - id: go-vet - id: go-vet-mod From a346fb5a789040104624eb0b193460463a8d811a Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:10:19 -0400 Subject: [PATCH 33/45] Fix formatting Co-authored-by: Shane Frasier --- .pre-commit-config.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 837d28b..9ac7fd1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -80,7 +80,6 @@ repos: # Go Mod Tidy - id: go-mod-tidy - id: go-mod-tidy-repo - # Go Test - id: go-test-mod - id: go-test-pkg From c47038b51d4b537b9bd64b0299c1b99ca0b6e455 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:19:50 -0400 Subject: [PATCH 34/45] Revert updated versions for existing hooks --- .pre-commit-config.yaml | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9ac7fd1..d14f75a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,17 +31,17 @@ repos: # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.34.0 + rev: v0.33.0 hooks: - id: markdownlint args: - --config=.mdl_config.yaml - repo: https://github.com/pre-commit/mirrors-prettier - rev: v3.0.0-alpha.9-for-vscode + rev: v3.0.0-alpha.6 hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.31.0 + rev: v1.30.0 hooks: - id: yamllint args: @@ -49,14 +49,14 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.23.0 + rev: 0.22.0 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v3.3.1 + rev: v3.2.1 hooks: - id: validate_manifest @@ -96,6 +96,7 @@ repos: - id: go-sec-pkg - id: go-sec-repo-mod - id: go-sec-repo-pkg + # Shell script hooks - repo: https://github.com/cisagov/pre-commit-shfmt rev: v0.0.2 @@ -124,7 +125,7 @@ repos: args: - --config=.bandit.yml - repo: https://github.com/psf/black - rev: 23.3.0 + rev: 23.1.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 @@ -138,31 +139,31 @@ repos: hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v1.2.0 + rev: v1.1.1 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade - rev: v3.3.2 + rev: v3.3.1 hooks: - id: pyupgrade # Ansible hooks - repo: https://github.com/ansible-community/ansible-lint - rev: v6.15.0 + rev: v5.4.0 hooks: - id: ansible-lint # files: molecule/default/playbook.yml # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.78.0 + rev: v1.77.1 hooks: - id: terraform_fmt - id: terraform_validate # Docker hooks - repo: https://github.com/IamTheFij/docker-pre-commit - rev: v3.0.1 + rev: v2.1.1 hooks: - id: docker-compose-check @@ -171,4 +172,4 @@ repos: rev: v0.0.2 hooks: - id: packer_validate - - id: packer_fmt + - id: packer_fmt \ No newline at end of file From eb52678f773e6f05857b6880b34b9f8afdb71dc5 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 16:30:11 -0400 Subject: [PATCH 35/45] Fix formatting --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d14f75a..6e8143b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -172,4 +172,4 @@ repos: rev: v0.0.2 hooks: - id: packer_validate - - id: packer_fmt \ No newline at end of file + - id: packer_fmt From f8179f1aa31be65b2c363fd86badd6bf7883a033 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Fri, 5 May 2023 17:16:19 -0400 Subject: [PATCH 36/45] Remove extra hook ids --- .pre-commit-config.yaml | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6e8143b..0810309 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -69,33 +69,16 @@ repos: - id: go-critic # StaticCheck - id: go-staticcheck-mod - - id: go-staticcheck-pkg - - id: go-staticcheck-repo-mod - - id: go-staticcheck-repo-pkg # Go Build - id: go-build-mod - - id: go-build-pkg - - id: go-build-repo-mod - - id: go-build-repo-pkg # Go Mod Tidy - id: go-mod-tidy - - id: go-mod-tidy-repo # Go Test - id: go-test-mod - - id: go-test-pkg - - id: go-test-repo-mod - - id: go-test-repo-pkg # Go Vet - id: go-vet - - id: go-vet-mod - - id: go-vet-pkg - - id: go-vet-repo-mod - - id: go-vet-repo-pkg # GoSec - id: go-sec-mod - - id: go-sec-pkg - - id: go-sec-repo-mod - - id: go-sec-repo-pkg # Shell script hooks - repo: https://github.com/cisagov/pre-commit-shfmt From 42820e2e7d1fb492be77faa313de934f1c472cd2 Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Mon, 8 May 2023 09:41:46 -0400 Subject: [PATCH 37/45] Replace hooks with repo based option when available --- .pre-commit-config.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0810309..3a798f0 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -68,17 +68,17 @@ repos: - id: go-lint - id: go-critic # StaticCheck - - id: go-staticcheck-mod + - id: go-staticcheck-repo-mod # Go Build - - id: go-build-mod + - id: go-build-repo-mod # Go Mod Tidy - - id: go-mod-tidy + - id: go-mod-tidy-repo # Go Test - - id: go-test-mod + - id: go-test-repo-mod # Go Vet - - id: go-vet + - id: go-vet-repo-mod # GoSec - - id: go-sec-mod + - id: go-sec-repo-mod # Shell script hooks - repo: https://github.com/cisagov/pre-commit-shfmt From 7f372e63ac7875b3fb8d25dd094f7b9183e6e42e Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 7 Jun 2023 11:11:13 -0400 Subject: [PATCH 38/45] Remove the go-lint hook from the pre-commit configuration The golang/lint tool was archived on May 9th, 2021 and based on golang/go#38968 no future work is planned. Coupled with the fact that it is not available from brew we are removing this hook as local development may be hindered by trying to satisfy running this hook. Co-authored-by: Shane Frasier Co-authored-by: dav3r --- .pre-commit-config.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 3a798f0..4f826b1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -65,7 +65,6 @@ repos: rev: v1.0.0-rc.1 hooks: # Style Checkers - - id: go-lint - id: go-critic # StaticCheck - id: go-staticcheck-repo-mod From b8231113bac671a5d9f026fc519e9d3088eda935 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 31 May 2023 12:45:10 -0400 Subject: [PATCH 39/45] Update pre-commit hook versions This is done automatically with the `pre-commit autoupdate` command. --- .pre-commit-config.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0dabeb6..724b3e6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,17 +31,17 @@ repos: # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.33.0 + rev: v0.34.0 hooks: - id: markdownlint args: - --config=.mdl_config.yaml - repo: https://github.com/pre-commit/mirrors-prettier - rev: v3.0.0-alpha.6 + rev: v3.0.0-alpha.9-for-vscode hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.30.0 + rev: v1.32.0 hooks: - id: yamllint args: @@ -49,14 +49,14 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.22.0 + rev: 0.23.1 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v3.2.1 + rev: v3.3.2 hooks: - id: validate_manifest @@ -88,7 +88,7 @@ repos: args: - --config=.bandit.yml - repo: https://github.com/psf/black - rev: 23.1.0 + rev: 23.3.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 @@ -102,31 +102,31 @@ repos: hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v1.1.1 + rev: v1.3.0 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade - rev: v3.3.1 + rev: v3.4.0 hooks: - id: pyupgrade # Ansible hooks - repo: https://github.com/ansible-community/ansible-lint - rev: v5.4.0 + rev: v6.17.0 hooks: - id: ansible-lint # files: molecule/default/playbook.yml # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.77.1 + rev: v1.80.0 hooks: - id: terraform_fmt - id: terraform_validate # Docker hooks - repo: https://github.com/IamTheFij/docker-pre-commit - rev: v2.1.1 + rev: v3.0.1 hooks: - id: docker-compose-check From b770fc687a7a954d5e0cc12ae264fcda62a3355a Mon Sep 17 00:00:00 2001 From: Jason Odoom Date: Wed, 31 May 2023 12:29:10 -0400 Subject: [PATCH 40/45] Add apostrophe to Qapla --- setup-env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup-env b/setup-env index f526cdb..436d163 100755 --- a/setup-env +++ b/setup-env @@ -186,5 +186,5 @@ else: END_OF_LINE )" -# Qapla +# Qapla' echo "Success!" From 24a0008be136a946c2d742542ddb78dceb128073 Mon Sep 17 00:00:00 2001 From: arcsector <26469747+arcsector@users.noreply.github.com> Date: Wed, 17 May 2023 16:01:54 -0700 Subject: [PATCH 41/45] detecting virtualenv installation successfully --- setup-env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup-env b/setup-env index 436d163..129102f 100755 --- a/setup-env +++ b/setup-env @@ -65,7 +65,7 @@ done eval set -- "$PARAMS" # Check to see if pyenv is installed -if [ -z "$(command -v pyenv)" ] || [ -z "$(command -v pyenv-virtualenv)" ]; then +if [ -z "$(command -v pyenv)" ] || { [ -z "$(command -v pyenv-virtualenv)" ] && [ ! -f "$(pyenv root)/plugins/pyenv-virtualenv/bin/pyenv-virtualenv" ] ; }; then echo "pyenv and pyenv-virtualenv are required." if [[ "$OSTYPE" == "darwin"* ]]; then cat << 'END_OF_LINE' From f01965a1e56c2a6743eec95e9daa724037e7699d Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Fri, 19 May 2023 11:46:28 -0400 Subject: [PATCH 42/45] Whitespace change to make shfmt linter happy --- setup-env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup-env b/setup-env index 129102f..77926bf 100755 --- a/setup-env +++ b/setup-env @@ -65,7 +65,7 @@ done eval set -- "$PARAMS" # Check to see if pyenv is installed -if [ -z "$(command -v pyenv)" ] || { [ -z "$(command -v pyenv-virtualenv)" ] && [ ! -f "$(pyenv root)/plugins/pyenv-virtualenv/bin/pyenv-virtualenv" ] ; }; then +if [ -z "$(command -v pyenv)" ] || { [ -z "$(command -v pyenv-virtualenv)" ] && [ ! -f "$(pyenv root)/plugins/pyenv-virtualenv/bin/pyenv-virtualenv" ]; }; then echo "pyenv and pyenv-virtualenv are required." if [[ "$OSTYPE" == "darwin"* ]]; then cat << 'END_OF_LINE' From 43d588fe56c9522535bc341a4664569be798c6c4 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 25 Apr 2023 09:17:14 -0400 Subject: [PATCH 43/45] Fix two broken links Resolves cisagov/skeleton-generic#131. --- .ansible-lint | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 0e80b05..4ffc0ef 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,10 +1,9 @@ --- -# See https://ansible-lint.readthedocs.io/en/latest/configuring.html -# for a list of the configuration elements that can exist in this -# file. +# See https://ansible-lint.readthedocs.io/configuring/ for a list of +# the configuration elements that can exist in this file. enable_list: # Useful checks that one must opt-into. See here for more details: - # https://ansible-lint.readthedocs.io/en/latest/rules.html + # https://ansible-lint.readthedocs.io/rules/ - fcqn-builtins - no-log-password - no-same-owner From e0982552895542bd267696744548aeba18fee2d5 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 31 May 2023 13:39:14 -0400 Subject: [PATCH 44/45] Disable caching for the setup-go Action The cache key used relies on the existence of a go.sum file. Since we have no expectation for Go source code, including that file, and since we already include the Go cache in our job caching, we can safely disable caching in the Action. --- .github/workflows/build.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bdd8c98..4351bd2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,6 +29,9 @@ jobs: - id: setup-go uses: actions/setup-go@v4 with: + # There is no expectation for actual Go code so we disable caching as + # it relies on the existence of a go.sum file. + cache: false go-version: "1.19" - name: Lookup Go cache directory id: go-cache From edf133832040ef12c407b0772c40f18f64076eb8 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 31 May 2023 13:41:03 -0400 Subject: [PATCH 45/45] Bump Go from 1.19 to 1.20 Bump the version of Go used in our GitHub Actions configuration to the latest stable Go release. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4351bd2..c992e8e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -32,7 +32,7 @@ jobs: # There is no expectation for actual Go code so we disable caching as # it relies on the existence of a go.sum file. cache: false - go-version: "1.19" + go-version: "1.20" - name: Lookup Go cache directory id: go-cache run: |