Merge pull request #31 from oscal-compass/develop

chore: fedramp plugin release

.github/ISSUE_TEMPLATE/new_collaborator.md

@@ -14,4 +14,4 @@ I would like collaborator (write) access to this repository.
   - help make & test releases
   - help promote the project
 
-[contributing]: https://github.com/IBM/compliance-trestle/blob/main/CONTRIBUTING.md
+[contributing]: https://github.com/oscal-compass/compliance-trestle-fedramp/blob/main/CONTRIBUTING.md

.github/PULL_REQUEST_TEMPLATE.md

@@ -16,4 +16,4 @@
 
 ## Key links:
 
-- [Sonar coverage](https://sonarcloud.io/dashboard?id=compliance-trestle)
+- [Sonar coverage](https://sonarcloud.io/dashboard?id=compliance-trestle-fedramp)

.github/workflows/python-push.yml

@@ -8,53 +8,7 @@ on:
       - main
 
 jobs:
-  lint:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Don't mess with line endings
-      run: |
-        git config --global core.autocrlf false
-    - name: Don't mess with line endings
-      run: |
-        git config --global core.autocrlf false
-    - uses: actions/checkout@v2
-      with:
-        submodules: true
-    - name: Set up Python
-      uses: actions/setup-python@v2
-      with:
-        python-version: 3.9
-    - uses: actions/cache@v2
-      with:
-        path: ~/.cache/pip
-        key: ubuntu-latest-3.9-pip-${{ hashFiles('setup.cfg') }}
-        restore-keys: |
-          ubuntu-latest-3.9-pip-
-    - name: Install build tools
-      run: |
-        make develop
-    - name: Setup pre-commit
-      run: |
-        make pre-commit
-    - name: Install dependencies
-      run: |
-        make install
-    - name: Run md document formatting (mdformat)
-      run: |
-        make mdformat
-    - name: Run code formatting (yapf)
-      run: |
-        make code-format
-    - name: Run code linting (flake8)
-      run: |
-        make code-lint
-    - name: Run code typing check (mypy)
-      continue-on-error: true
-      run: |
-        make code-typing
-
-  test:
-    # This test
+  build:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
@@ -74,7 +28,6 @@ jobs:
         git config --global core.autocrlf false
     - uses: actions/checkout@v2
       with:
-        fetch-depth: 0
         submodules: true
     - name: Set up Python ${{ matrix.python-version }}
       uses: actions/setup-python@v2
@@ -87,14 +40,33 @@ jobs:
         restore-keys: |
          ${{ matrix.os }}-${{ matrix.python-version }}-pip-
 
-    # Windows Dev tools
-    - name: Install microsoft dev tools
-      if: ${{ matrix.os == 'windows-latest' }}
-      uses: ilammy/msvc-dev-cmd@v1
-
     - name: Install build tools
       run: |
         make develop
+    - name: Setup pre-commit
+      if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.8') }}
+      run: |
+        make pre-commit
+    - name: Install dependencies
+      run: |
+        make install
+    - name: Run md document formatting (mdformat)
+      if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.8') }}
+      run: |
+        make mdformat
+    - name: Run code formatting (yapf)
+      if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.8') }}
+      run: |
+        make code-format
+    - name: Run code linting (flake8)
+      if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.8') }}
+      run: |
+        make code-lint
+    - name: Run code typing check (mypy)
+      if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.8') }}
+      continue-on-error: true 
+      run: |
+        make code-typing
     - name: Pytest Fast
       if: ${{ !(matrix.os == 'ubuntu-latest' && matrix.python-version == '3.8') }}
       run: |
@@ -104,69 +76,10 @@ jobs:
       run: |
         make test-cov
 
-    - name: Upload artifact
-      if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == '3.8' }}
-      uses: actions/upload-artifact@v2
-      with:
-        name: coverage
-        path: coverage.xml
-
-  sonar:
-    if: github.repository == 'IBM/compliance-trestle-fedramp'
-    runs-on: ubuntu-latest
-    needs: test
-    steps:
-    - name: Don't mess with line endings
-      run: |
-        git config --global core.autocrlf false
-    - name: Don't mess with line endings
-      run: |
-        git config --global core.autocrlf false
-    - uses: actions/checkout@v2
-      with:
-        submodules: true
-    - name: Set up Python
-      uses: actions/setup-python@v2
-      with:
-        python-version: 3.8
-    - uses: actions/cache@v2
-      with:
-        path: ~/.cache/pip
-        key: ubuntu-latest-3.9-pip-${{ hashFiles('setup.cfg') }}
-        restore-keys: |
-          ubuntu-latest-3.9-pip-
-    - name: Install build tools
-      run: |
-        make develop
-    - name: Get coverage
-      uses: actions/download-artifact@v2
-      with:
-        name: coverage
-    - name: SonarCloud Scan
-      uses: SonarSource/sonarcloud-github-action@master
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
-        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      with:
-        args: >
-          -Dsonar.python.coverage.reportPaths=coverage.xml
-          -Dsonar.tests=tests/
-          -Dsonar.sources=trestle_fedramp/ 
-          -Dsonar.python.version=3.8
-          -Dsonar.projectKey=compliance-trestle-fedramp
-          -Dsonar.organization=compliance-trestle
-    - name: SonarQube Quality Gate check
-      uses: sonarsource/sonarqube-quality-gate-action@master
-      # Force to fail step after specific time
-      timeout-minutes: 5
-      env:
-       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
   deploy:
-
     runs-on: ubuntu-latest
-    needs: sonar
-    if: github.ref == 'refs/heads/main' && github.repository == 'IBM/compliance-trestle-fedramp'
+    needs: build
+    if: github.ref == 'refs/heads/main' && github.repository == 'oscal-compass/compliance-trestle-fedramp'
     steps:
     - uses: actions/checkout@v2
       with:
@@ -192,15 +105,24 @@ jobs:
     name: Merge main -> develop
     runs-on: ubuntu-latest
     needs: deploy
-    concurrency: 
+    concurrency:
       group: ${{ github.ref }}-${{ github.workflow }}-${{ github.job }}-main
       cancel-in-progress: true
     if: github.ref == 'refs/heads/main'
     steps:
-    - uses: tukasz/direct-merge-action@master
+    - uses: actions/checkout@v2
       with:
-        GITHUB_TOKEN: ${{ secrets.ADMIN_PAT }}
-        source-branch: main
-        target-branch: develop
-        commit-message: "chore: Merge back version tags and changelog into develop."
+        submodules: true
+        ref: main
+        fetch-depth: 0
+        token: ${{ secrets.ADMIN_PAT }}
+    - name: Configure Git
+      run: |
+        git config user.name "Vikas Agarwal"
+        git config user.email "<>"
+    - name: Merge Main to Develop
+      run: |
+        git checkout develop
+        git merge --no-ff main -m "chore: Merge back version tags and changelog into develop."
+        git push origin develop
 

.github/workflows/python-test.yml

@@ -140,7 +140,7 @@ jobs:
         path: coverage.xml
 
   sonar:
-    if: github.repository == 'IBM/compliance-trestle-fedramp'
+    if: github.repository == 'oscal-compass/compliance-trestle-fedramp'
     runs-on: ubuntu-latest
     needs: test
     steps:

CODE_OF_CONDUCT.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at chris.butler@au1.ibm.com. All
+reported by contacting the project team at avikas@in.ibm.com. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.