From 62718215d45a5f07e1a07395077c27a486e924e3 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Mon, 25 Oct 2021 21:10:30 +1100 Subject: [PATCH 01/11] feat: Initial CI setup. Signed-off-by: Chris Butler --- .github/ISSUE_TEMPLATE/bug_report.md | 34 ++++ .github/ISSUE_TEMPLATE/new_collaborator.md | 17 ++ .github/ISSUE_TEMPLATE/proposed_change.md | 13 ++ .github/PULL_REQUEST_TEMPLATE.md | 19 ++ .github/workflows/codeql-analysis.yml | 71 ++++++++ .github/workflows/conventional-pr.yml | 51 ++++++ .github/workflows/python-push.yml | 129 ++++++++++++++ .github/workflows/python-test.yml | 193 +++++++++++++++++++++ .gitignore | 49 ++++++ .pre-commit-config.yaml | 78 +++++++++ .pylintrc | 10 ++ .pylintrc_tests | 9 + .travis.yml | 23 --- .yapf-config | 14 ++ CODE_OF_CONDUCT.md | 76 ++++++++ DCO1.1.txt | 36 ++++ Makefile | 102 +++++++++++ pyproject.toml | 13 ++ setup.cfg | 102 +++++++++++ setup.py | 21 +++ tests/__init__.py | 16 ++ tests/trestle_fedamp/__init__.py | 16 ++ tests/trestle_fedamp/token_test.py | 21 +++ trestle_fedramp/__init__.py | 18 ++ 24 files changed, 1108 insertions(+), 23 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/new_collaborator.md create mode 100644 .github/ISSUE_TEMPLATE/proposed_change.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 .github/workflows/codeql-analysis.yml create mode 100644 .github/workflows/conventional-pr.yml create mode 100644 .github/workflows/python-push.yml create mode 100644 .github/workflows/python-test.yml create mode 100644 .gitignore create mode 100644 .pre-commit-config.yaml create mode 100644 .pylintrc create mode 100644 .pylintrc_tests delete mode 100644 .travis.yml create mode 100644 .yapf-config create mode 100644 CODE_OF_CONDUCT.md create mode 100644 DCO1.1.txt create mode 100644 Makefile create mode 100644 pyproject.toml create mode 100644 setup.cfg create mode 100644 setup.py create mode 100644 tests/__init__.py create mode 100644 tests/trestle_fedamp/__init__.py create mode 100644 tests/trestle_fedamp/token_test.py create mode 100644 trestle_fedramp/__init__.py diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..dfbf44c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,34 @@ +--- +about: Create a report to help us improve +assignees: '' +labels: '' +name: Bug report +title: '' +--- + +## Describe the bug + +A clear and concise description of what the bug is. + +## To Reproduce + +Steps to reproduce the behavior: + +1. Go to '...' +1. Click on '....' +1. Scroll down to '....' +1. See error + +## Expected behavior + +A clear and concise description of what you expected to happen. + +## Screenshots / Logs. + +If applicable, add screenshots to help explain your problem. + +## Environment + +- OS: \[e.g. iOS\] +- Python version: +- Installed packages: diff --git a/.github/ISSUE_TEMPLATE/new_collaborator.md b/.github/ISSUE_TEMPLATE/new_collaborator.md new file mode 100644 index 0000000..2157f61 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/new_collaborator.md @@ -0,0 +1,17 @@ +--- +about: Request collaborator access +assignees: '' +labels: '' +name: New Collaborator +title: '' +--- + +I would like collaborator (write) access to this repository. + +- [ ] I have read the [contributing guidelines][contributing] +- [ ] I understand the responsibilities of a collaborator are to: + - help review contributions to the compliance-trestle tool + - help make & test releases + - help promote the project + +[contributing]: https://github.com/IBM/compliance-trestle/blob/main/CONTRIBUTING.md diff --git a/.github/ISSUE_TEMPLATE/proposed_change.md b/.github/ISSUE_TEMPLATE/proposed_change.md new file mode 100644 index 0000000..b60cdae --- /dev/null +++ b/.github/ISSUE_TEMPLATE/proposed_change.md @@ -0,0 +1,13 @@ +--- +about: Propose a change to the trestle project +assignees: '' +labels: '' +name: Proposed change +title: '' +--- + +## Issue description / feature objectives + +## Caveats / Assumptions + +## Completion Criteria diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..3104152 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,19 @@ +## Types of changes + + + +- [ ] Bug fix (non-breaking change which fixes an issue) +- [ ] New feature (non-breaking change which adds functionality) +- [ ] Breaking change (fix or feature that would cause existing functionality to change) +- [ ] My code follows the code style of this project. +- [ ] My change requires a change to the documentation. +- [ ] I have updated the documentation accordingly. +- [ ] I have added tests to cover my changes. +- [ ] All new and existing tests passed. +- [ ] All commits are signed-off. + +## Summary + +## Key links: + +- [Sonar coverage](https://sonarcloud.io/dashboard?id=compliance-trestle) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..b9cb067 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,71 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ develop, main ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ develop ] + schedule: + - cron: '44 7 * * 3' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'python' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] + # Learn more: + # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/conventional-pr.yml b/.github/workflows/conventional-pr.yml new file mode 100644 index 0000000..4120734 --- /dev/null +++ b/.github/workflows/conventional-pr.yml @@ -0,0 +1,51 @@ +name: "Lint PR" + +on: + pull_request_target: + types: + - opened + - edited + - synchronize + branch: + - 'develop' +jobs: + lint: + if: ${{ github.head_ref != 'develop' }} + concurrency: + group: ${{ github.head_ref }}-${{ github.workflow }} + cancel-in-progress: true + runs-on: ubuntu-latest + steps: + # Please look up the latest version from + # https://github.com/amannn/action-semantic-pull-request/releases + - uses: amannn/action-semantic-pull-request@v3.4.2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + # Configure which types are allowed. + # Default: https://github.com/commitizen/conventional-commit-types + # Configure which scopes are allowed. + scopes: | + core + models + transformers + docs + cicd + author + cli + # Configure that a scope must always be provided. + requireScope: false + # Configure additional validation for the subject based on a regex. + # This example ensures the subject doesn't start with an uppercase character. + # For work-in-progress PRs you can typically use draft pull requests + # from Github. However, private repositories on the free plan don't have + # this option and therefore this action allows you to opt-in to using the + # special "[WIP]" prefix to indicate this state. This will avoid the + # validation of the PR title and the pull request checks remain pending. + # Note that a second check will be reported if this is enabled. + wip: true + # When using "Squash and merge" on a PR with only one commit, GitHub + # will suggest using that commit message instead of the PR title for the + # merge commit, and it's easy to commit this by mistake. Enable this option + # to also validate the commit + validateSingleCommit: true \ No newline at end of file diff --git a/.github/workflows/python-push.yml b/.github/workflows/python-push.yml new file mode 100644 index 0000000..05b7ae0 --- /dev/null +++ b/.github/workflows/python-push.yml @@ -0,0 +1,129 @@ +# This workflow will install Python dependencies, run tests and lint with a variety of Python versions +# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions +name: Trestle Fedramp Deploy + +on: + push: + branches: + - main + +jobs: + build: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + include: + - os: ubuntu-latest + path: ~/.cache/pip + - os: macos-latest + path: ~/Library/Caches/pip + - os: windows-latest + path: ~\AppData\Local\pip\Cache + python-version: [3.7, 3.8, 3.9] + + steps: + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - uses: actions/checkout@v2 + with: + submodules: true + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: ${{ matrix.python-version }} + - uses: actions/cache@v2 + with: + path: ${{ matrix.path }} + key: ${{ matrix.os }}-${{ matrix.python-version }}-pip-${{ hashFiles('setup.cfg') }} + restore-keys: | + ${{ matrix.os }}-${{ matrix.python-version }}-pip- + + - name: Install build tools + run: | + make develop + - name: Setup pre-commit + if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + run: | + make pre-commit + - name: Install dependencies + run: | + make install + - name: Run md document formatting (mdformat) + if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + run: | + make mdformat + - name: Run code formatting (yapf) + if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + run: | + make code-format + - name: Run code linting (flake8) + if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + run: | + make code-lint + - name: Run code typing check (mypy) + if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + continue-on-error: true + run: | + make code-typing + - name: Validate website content (mkdocs) + if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + run: | + make docs-validate + - name: Pytest Fast + if: ${{ !(matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + run: | + make test + - name: Pytest Cov + if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7' }} + run: | + make test-cov + - name: Push code-cov + if: ${{ !(matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + uses: codecov/codecov-action@v1 + with: + token: ${{ secrets.CODECOV_TOKEN }} + file: ./coverage.xml + deploy: + + runs-on: ubuntu-latest + needs: build + if: github.ref == 'refs/heads/main' && github.repository == 'IBM/compliance-trestle-fedramp' + steps: + - uses: actions/checkout@v2 + with: + submodules: true + fetch-depth: 0 + token: ${{ secrets.ADMIN_PAT }} + - name: Set up Python 3.7 + uses: actions/setup-python@v2 + with: + python-version: 3.7 + - name: Install build tools + run: | + make develop + - name: Create release + shell: bash + env: + PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }} + GH_TOKEN: ${{ secrets.ADMIN_PAT }} + run: | + make release + + merge-main-to-develop: + name: Merge main -> develop + runs-on: ubuntu-latest + needs: deploy + concurrency: + group: ${{ github.ref }}-${{ github.workflow }}-${{ github.job }}-main + cancel-in-progress: true + if: github.ref == 'refs/heads/main' + steps: + - uses: tukasz/direct-merge-action@master + with: + GITHUB_TOKEN: ${{ secrets.ADMIN_PAT }} + source-branch: main + target-branch: develop + commit-message: "chore: Merge back version tags and changelog into develop." + diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml new file mode 100644 index 0000000..b5360a7 --- /dev/null +++ b/.github/workflows/python-test.yml @@ -0,0 +1,193 @@ +# This workflow will install Python dependencies, run tests and lint with a variety of Python versions +# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions +name: Trestle PR pipeline +on: + pull_request: + branches: + - develop + - main + push: + branches: + - develop +jobs: + lint: + runs-on: ubuntu-latest + steps: + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - uses: actions/checkout@v2 + with: + submodules: true + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.9 + - uses: actions/cache@v2 + with: + path: ~/.cache/pip + key: ubuntu-latest-3.9-pip-${{ hashFiles('setup.cfg') }} + restore-keys: | + ubuntu-latest-3.9-pip- + - name: Install build tools + run: | + make develop + - name: Setup pre-commit + run: | + make pre-commit + - name: Install dependencies + run: | + make install + - name: Run md document formatting (mdformat) + run: | + make mdformat + - name: Run code formatting (yapf) + run: | + make code-format + - name: Run code linting (flake8) + run: | + make code-lint + - name: Run code typing check (mypy) + continue-on-error: true + run: | + make code-typing + - name: Validate website content (mkdocs) + run: | + make docs-validate + +# This test simulates what it is like for a user to install trestle today. +# Coverage cannot be calculated as part of + bdist: + runs-on: ubuntu-latest + steps: + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - uses: actions/checkout@v2 + with: + submodules: true + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.9 + - uses: actions/cache@v2 + with: + path: ~/.cache/pip + key: ubuntu-latest-3.9-pip-${{ hashFiles('setup.cfg') }} + restore-keys: | + ubuntu-latest-3.9-pip- + - name: Install build tools + run: | + make develop + - name: Run binary tests + run: | + make test-bdist + + test: + # This test + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + include: + - os: ubuntu-latest + path: ~/.cache/pip + - os: macos-latest + path: ~/Library/Caches/pip + - os: windows-latest + path: ~\AppData\Local\pip\Cache + python-version: [3.7, 3.8, 3.9] + steps: + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + submodules: true + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: ${{ matrix.python-version }} + - uses: actions/cache@v2 + with: + path: ${{ matrix.path }} + key: ${{ matrix.os }}-${{ matrix.python-version }}-pip-${{ hashFiles('setup.cfg') }} + restore-keys: | + ${{ matrix.os }}-${{ matrix.python-version }}-pip- + - name: Install build tools + run: | + make develop + - name: Pytest Fast + if: ${{ !(matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} + run: | + make test + - name: Pytest Cov + if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7' }} + run: | + make test-cov + + - name: Upload artifact + if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7' }} + uses: actions/upload-artifact@v2 + with: + name: coverage + path: coverage.xml + + sonar: + if: github.repository == 'IBM/compliance-trestle' + runs-on: ubuntu-latest + needs: test + steps: + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - name: Don't mess with line endings + run: | + git config --global core.autocrlf false + - uses: actions/checkout@v2 + with: + submodules: true + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.7 + - uses: actions/cache@v2 + with: + path: ~/.cache/pip + key: ubuntu-latest-3.9-pip-${{ hashFiles('setup.cfg') }} + restore-keys: | + ubuntu-latest-3.9-pip- + - name: Install build tools + run: | + make develop + - name: Get coverage + uses: actions/download-artifact@v2 + with: + name: coverage + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.python.coverage.reportPaths=coverage.xml + -Dsonar.tests=tests/ + -Dsonar.sources=trestle/ + -Dsonar.python.version=3.7 + -Dsonar.projectKey=compliance-trestle + -Dsonar.organization=compliance-trestle + -Dsonar.cpd.exclusions=trestle/oscal/*.py + - name: SonarQube Quality Gate check + uses: sonarsource/sonarqube-quality-gate-action@master + # Force to fail step after specific time + timeout-minutes: 5 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4e636cf --- /dev/null +++ b/.gitignore @@ -0,0 +1,49 @@ +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib +# Messy merges +*.orig +# Test binary, built with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +.settings +.project +.pydevproject + +# Dependency directories (remove the comment below to include it) +# vendor/ +venv +*.egg-info +.vscode/settings.json +.vscode +pytest.ini + +# jupyter notebooks for local tests and prototypes +*.ipynb + +_*/ + +#OS X +.DS_Store + + +build +dist +tmp + +.coverage* +coverage.xml +cov_html + +site +/.pytest_cache/ + +tmp_bin_test +.mypy_cache + diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..817c328 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,78 @@ +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.0.1 # Use the ref you want to point at + hooks: + - id: check-merge-conflict + - id: check-yaml + - id: no-commit-to-branch + args: [--branch, develop, --branch, main] + - repo: https://github.com/pre-commit/mirrors-yapf + rev: v0.31.0 + hooks: + - id: yapf + args: [--in-place, --parallel, --recursive, --style, .yapf-config] + files: "^(trestle|tests|scripts)" + stages: [commit] + - repo: https://gitlab.com/pycqa/flake8 + rev: 3.9.2 + hooks: + - id: flake8 + args: [--extend-ignore, "P1,C812,C813,C814,C815,C816,W503,W605", "--illegal-import-packages=filecmp"] + additional_dependencies: + [ + flake8-2020, + flake8-broken-line, + flake8-bugbear, + flake8-builtins, + flake8-commas, + flake8-comprehensions, + flake8-docstrings, + flake8-eradicate, + flake8-import-order, + flake8-mutable, + flake8-pep3101, + flake8-print, + flake8-quotes, + flake8-string-format, + flake8-use-fstring, + flake8-illegal-import, + pep8-naming, + ] + files: "^(tests|scripts)" + stages: [commit] + - id: flake8 + args: [--extend-ignore, "P1,C812,C813,C814,C815,C816,W503,W605", "--illegal-import-packages=filecmp"] + additional_dependencies: + [ + flake8-2020, + flake8-broken-line, + flake8-bugbear, + flake8-builtins, + flake8-commas, + flake8-comprehensions, + flake8-docstrings, + flake8-eradicate, + flake8-import-order, + flake8-mutable, + flake8-pep3101, + flake8-print, + flake8-quotes, + flake8-string-format, + flake8-use-fstring, + flake8-illegal-import, + pep8-naming, + flake8-bandit, + dlint + ] + files: "^(trestle)" + stages: [commit] + - repo: https://github.com/executablebooks/mdformat + rev: 0.7.10 + hooks: + - id: mdformat + exclude: "CHANGELOG.md|docs/mkdocs_code_of_conduct.md|docs/api_reference|tests/data/author|docs/contributing/mkdocs_contributing.md" + additional_dependencies: + - mdformat-tables + - mdformat-config + - mdformat-frontmatter + - mdformat-gfm diff --git a/.pylintrc b/.pylintrc new file mode 100644 index 0000000..a434d60 --- /dev/null +++ b/.pylintrc @@ -0,0 +1,10 @@ +[MASTER] +ignore=oscal +extension-pkg-whitelist=pydantic + + +[MESSAGES CONTROL] +disable=W1203, W1201 + +[FORMAT] +max-line-length=120 diff --git a/.pylintrc_tests b/.pylintrc_tests new file mode 100644 index 0000000..908e85b --- /dev/null +++ b/.pylintrc_tests @@ -0,0 +1,9 @@ +[MASTER] +ignore=oscal + + +[MESSAGES CONTROL] +disable=W1203, W1201, W0212 + +[FORMAT] +max-line-length=120 diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 782216d..0000000 --- a/.travis.yml +++ /dev/null @@ -1,23 +0,0 @@ -language: ruby - -before_install: - - echo "#" - - echo "#" - - echo "TravisCI is unbelively powerful, but you need to do your research first." - - echo "#" - - echo "#" - -script: - - echo "#" - - echo "#" - - echo "Please take a look https://docs.travis-ci.com/user/tutorial/ for you options." - - echo "#" - - echo "#" - - -after_success: - - echo "#" - - echo "#" - - echo "Don't forget to enable it in the GitHub repository also.." - - echo "#" - - echo "#" diff --git a/.yapf-config b/.yapf-config new file mode 100644 index 0000000..ee65355 --- /dev/null +++ b/.yapf-config @@ -0,0 +1,14 @@ +[style] +based_on_style = facebook +align_closing_bracket_with_visual_indent = true +allow_split_before_dict_value = false +blank_line_before_nested_class_or_def = true +column_limit = 120 +indent_dictionary_value = false +split_all_top_level_comma_separated_values = true +split_arguments_when_comma_terminated = true +split_before_arithmetic_operator = true +split_before_expression_after_opening_paren = true +split_before_first_argument = true +split_before_logical_operator = true +split_complex_comprehension = true \ No newline at end of file diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..0cbf7df --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,76 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, sex characteristics, gender identity and expression, +level of experience, education, socio-economic status, nationality, personal +appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +- Using welcoming and inclusive language +- Being respectful of differing viewpoints and experiences +- Gracefully accepting constructive criticism +- Focusing on what is best for the community +- Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +- The use of sexualized language or imagery and unwelcome sexual attention or + advances +- Trolling, insulting/derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or electronic + address, without explicit permission +- Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem inappropriate, +threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at chris.butler@au1.ibm.com. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html + +For answers to common questions about this code of conduct, see +https://www.contributor-covenant.org/faq + +[homepage]: https://www.contributor-covenant.org diff --git a/DCO1.1.txt b/DCO1.1.txt new file mode 100644 index 0000000..1e41bf5 --- /dev/null +++ b/DCO1.1.txt @@ -0,0 +1,36 @@ +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +660 York Street, Suite 102, +San Francisco, CA 94110 USA + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I +have the right to submit it under the open source license +indicated in the file; or + +(b) The contribution is based upon previous work that, to the best +of my knowledge, is covered under an appropriate open source +license and I have the right under that license to submit that +work with modifications, whether created in whole or in part +by me, under the same open source license (unless I am +permitted to submit under a different license), as indicated +in the file; or + +(c) The contribution was provided directly to me by some other +person who certified (a), (b) or (c) and I have not modified +it. + +(d) I understand and agree that this project and the contribution +are public and that a record of the contribution (including all +personal information I submit with it, including my sign-off) is +maintained indefinitely and may be redistributed consistent with +this project or the open source license(s) involved. \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..cb6d8cb --- /dev/null +++ b/Makefile @@ -0,0 +1,102 @@ +# -*- mode:makefile; coding:utf-8 -*- + +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +submodules: + git submodule update --init + +develop: submodules + python -m pip install -e .[dev] --upgrade --upgrade-strategy eager -- + +pre-commit: + pre-commit install + +pre-commit-update: + pre-commit autoupdate + +install: + python -m pip install --upgrade pip setuptools + python -m pip install . --upgrade --upgrade-strategy eager + +code-format: pre-commit-update + pre-commit run yapf --all-files + +code-lint: pre-commit-update + pre-commit run flake8 --all-files + +code-typing: + mypy --pretty trestle + +test:: + python -m pytest --exitfirst -n auto + +test-cov:: + python -m pytest --cov=trestle --exitfirst -n auto -vv --cov-report=xml --cov-fail-under=96 + +test-all-random:: + python -m pytest --cov=trestle --cov-report=xml --random-order + +test-verbose: + python -m pytest -vv -n auto + +test-speed-measure: + python -m pytest -n auto --durations=30 + + +test-bdist:: clean + . tests/manual_tests/test_binary.sh + + +release:: + git config --global user.name "semantic-release (via Github actions)" + git config --global user.email "semantic-release@github-actions" + semantic-release publish + +gen-oscal:: + python ./scripts/gen_oscal.py + +docs-automation:: + python ./scripts/website_automation.py + +docs-validate:: docs-automation + mkdocs build -c -s + rm -rf site + +docs-serve: docs-automation + mkdocs serve + +mdformat: pre-commit-update + pre-commit run mdformat --all-files + +# POSIX ONLY +clean:: + rm -rf build + rm -rf dist + rm -rf .pytest_cache + rm -rf tmp_bin_test + rm -rf cov_html + rm -rf coverage.xml + rm -rf .coverage* + rm -rf .mypy_cache + find . | grep -E "__pycache__|\.pyc|\.pyo" | xargs rm -rf + +pylint: + pylint trestle + +pylint-test: + pylint tests --rcfile=.pylintrc_tests + + + diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..845eef8 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,13 @@ +# Added to aide with eventual transition away from setup.py +[build-system] +requires = [ + "setuptools >= 35.0.2", + "setuptools_scm >= 2.0.0, <3" +] +build-backend = "setuptools.build_meta" + +[tool.pytest.ini_options] +minversion = "6.2" +testpaths = [ + "tests", +] diff --git a/setup.cfg b/setup.cfg new file mode 100644 index 0000000..5fd96d8 --- /dev/null +++ b/setup.cfg @@ -0,0 +1,102 @@ +[metadata] +name = compliance-trestle-fedramp +version = attr: trestle_fedramp.__version__ +description = Tools to manage & autogenerate python objects representing the OSCAL layers/models +author = IBM +author_email = avikas@in.ibm.com +license = Apache Software License v2 +url = https://github.com/IBM/compliance-trestle-fedramp +classifiers = + Development Status :: 4 - Beta + Environment :: Console + Intended Audience :: Developers + Intended Audience :: Information Technology + License :: OSI Approved :: Apache Software License + Operating System :: POSIX + Operating System :: Microsoft + Programming Language :: Python :: 3 + Programming Language :: Python :: 3.7 + Programming Language :: Python :: 3.8 + Programming Language :: Python :: 3.9 +long_description_content_type = text/markdown +long_description = file: README.md +python_require= '>=3.7' +[options] +packages = find: +include_package_data = True + +install_requires = + compliance-trestle + +[options.packages.find] +include = trestle_fedramp* +exclude = tests + +# Needs changes +[bdist_wheel] +universal = 1 + + +[options.extras_require] +dev = + pytest>=5.4.3 + pytest-cov>=2.10.0 + pytest-xdist + pre-commit>=2.4.0 + setuptools + wheel + yapf + python-semantic-release + pep8-naming + pytest-random-order + python-dateutil + mypy + # # Docs website + mkdocs + mkdocstrings + mkdocs-material + markdown-include + pymdown-extensions + livereload + ## Constrain system + pylint + + + +[semantic_release] +version_variable=trestle_fedramp/__init__.py:__version__ +branch = main +upload_to_pypi = true +version_source = commit + +[flake8] +# WARNING: This should be kept compatible with .pre-commit-config.yaml +ignore = P1,C812,C813,C814,C815,C816 +max-line-length=120 +exclude = trestle/oscal + +[mypy] +plugins = pydantic.mypy + +follow_imports = normal +strict_optional = True +warn_redundant_casts = True +warn_unused_ignores = True +disallow_any_generics = True +check_untyped_defs = True +no_implicit_reexport = True +show_error_codes = True +show_error_context = True +# disallow-untyped-calls = True +disallow_untyped_defs = True + + + +[pydantic-mypy] +init_forbid_extra = True +init_typed = True +warn_required_dynamic_aliases = True +warn_untyped_fields = True + +[coverage:run] +relative_files = True \ No newline at end of file diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..b86d057 --- /dev/null +++ b/setup.py @@ -0,0 +1,21 @@ +# -*- mode:python; coding:utf-8 -*- + +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from setuptools import setup + + + +setup() \ No newline at end of file diff --git a/tests/__init__.py b/tests/__init__.py new file mode 100644 index 0000000..9a74a22 --- /dev/null +++ b/tests/__init__.py @@ -0,0 +1,16 @@ +# -*- mode:python; coding:utf-8 -*- + +# Copyright (c) 2021 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Test for trestle_fedramp.""" diff --git a/tests/trestle_fedamp/__init__.py b/tests/trestle_fedamp/__init__.py new file mode 100644 index 0000000..9a74a22 --- /dev/null +++ b/tests/trestle_fedamp/__init__.py @@ -0,0 +1,16 @@ +# -*- mode:python; coding:utf-8 -*- + +# Copyright (c) 2021 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Test for trestle_fedramp.""" diff --git a/tests/trestle_fedamp/token_test.py b/tests/trestle_fedamp/token_test.py new file mode 100644 index 0000000..1c5464b --- /dev/null +++ b/tests/trestle_fedamp/token_test.py @@ -0,0 +1,21 @@ +# -*- mode:python; coding:utf-8 -*- + +# Copyright (c) 2021 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Test for trestle_fedramp.""" + + +def test_always_passes() -> None: + """Sample test which always passes.""" + assert True diff --git a/trestle_fedramp/__init__.py b/trestle_fedramp/__init__.py new file mode 100644 index 0000000..ba81986 --- /dev/null +++ b/trestle_fedramp/__init__.py @@ -0,0 +1,18 @@ +# -*- mode:python; coding:utf-8 -*- + +# Copyright (c) 2021 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""trestle_fedramp an extension to compliance trestle for functionality specific to the FedRAMP program.""" + +__version__ = '0.0.0' From 56c5c5e85ffd554b121f722b693210be91c5fe41 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Mon, 25 Oct 2021 21:21:30 +1100 Subject: [PATCH 02/11] fix:Cleaned up CI pipelines Signed-off-by: Chris Butler --- .github/workflows/python-push.yml | 4 -- .github/workflows/python-test.yml | 3 -- Makefile | 14 ------ README.md | 78 ++----------------------------- 4 files changed, 3 insertions(+), 96 deletions(-) diff --git a/.github/workflows/python-push.yml b/.github/workflows/python-push.yml index 05b7ae0..fbba096 100644 --- a/.github/workflows/python-push.yml +++ b/.github/workflows/python-push.yml @@ -67,10 +67,6 @@ jobs: continue-on-error: true run: | make code-typing - - name: Validate website content (mkdocs) - if: ${{ (matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} - run: | - make docs-validate - name: Pytest Fast if: ${{ !(matrix.os == 'ubuntu-latest' && matrix.python-version == '3.7') }} run: | diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml index b5360a7..61180e5 100644 --- a/.github/workflows/python-test.yml +++ b/.github/workflows/python-test.yml @@ -54,9 +54,6 @@ jobs: continue-on-error: true run: | make code-typing - - name: Validate website content (mkdocs) - run: | - make docs-validate # This test simulates what it is like for a user to install trestle today. # Coverage cannot be calculated as part of diff --git a/Makefile b/Makefile index cb6d8cb..118baa7 100644 --- a/Makefile +++ b/Makefile @@ -14,8 +14,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -submodules: - git submodule update --init develop: submodules python -m pip install -e .[dev] --upgrade --upgrade-strategy eager -- @@ -64,18 +62,6 @@ release:: git config --global user.email "semantic-release@github-actions" semantic-release publish -gen-oscal:: - python ./scripts/gen_oscal.py - -docs-automation:: - python ./scripts/website_automation.py - -docs-validate:: docs-automation - mkdocs build -c -s - rm -rf site - -docs-serve: docs-automation - mkdocs serve mdformat: pre-commit-update pre-commit run mdformat --all-files diff --git a/README.md b/README.md index a92b400..ac20b22 100644 --- a/README.md +++ b/README.md @@ -1,77 +1,5 @@ - -# repo-template +# compliance-trestle-fedramp - - +A plugin for [compliance-trestle](https://github.com/IBM/compliance-trestle) to provide functionality specifically for FedRAMP. - -## Scope - -The purpose of this project is to provide a template for new open source repositories. - - -## Usage - -This repository contains some example best practices for open source repositories: - -* [LICENSE](LICENSE) -* [README.md](README.md) -* [CONTRIBUTING.md](CONTRIBUTING.md) -* [MAINTAINERS.md](MAINTAINERS.md) - -* [CHANGELOG.md](CHANGELOG.md) - -> These are optional - - -* [dco.yml](.github/dco.yml) - This enables DCO bot for you, please take a look https://github.com/probot/dco for more details. -* [travis.yml](.travis.yml) - This is a example `.travis.yml`, please take a look https://docs.travis-ci.com/user/tutorial/ for more details. - -These may be copied into a new or existing project to make it easier for developers not on a project team to collaborate. - - -## Notes - -**NOTE: While this boilerplate project uses the Apache 2.0 license, when -establishing a new repo using this template, please use the -license that was approved for your project.** - -**NOTE: This repository has been configured with the [DCO bot](https://github.com/probot/dco). -When you set up a new repository that uses the Apache license, you should -use the DCO to manage contributions. The DCO bot will help enforce that. -Please contact one of the IBM GH Org stewards.** - - -If you have any questions or issues you can create a new [issue here][issues]. - -Pull requests are very welcome! Make sure your patches are well tested. -Ideally create a topic branch for every separate change you make. For -example: - -1. Fork the repo -2. Create your feature branch (`git checkout -b my-new-feature`) -3. Commit your changes (`git commit -am 'Added some feature'`) -4. Push to the branch (`git push origin my-new-feature`) -5. Create new Pull Request - -## License - -All source files must include a Copyright and License header. The SPDX license header is -preferred because it can be easily scanned. - -If you would like to see the detailed LICENSE click [here](LICENSE). - -```text -# -# Copyright 2020- IBM Inc. All rights reserved -# SPDX-License-Identifier: Apache2.0 -# -``` -## Authors - -Optionally, you may include a list of authors, though this is redundant with the built-in -GitHub list of contributors. - -- Author: New OpenSource IBMer - -[issues]: https://github.com/IBM/repo-template/issues/new +Currently a work in progress please see the compliance-trestle project for more details. From 32f0b0a56bc9c5dc8012722d3a940ab8b0f72238 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Mon, 25 Oct 2021 21:22:47 +1100 Subject: [PATCH 03/11] fix:Cleaned up CI pipelines Signed-off-by: Chris Butler --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 118baa7..7e1ccbb 100644 --- a/Makefile +++ b/Makefile @@ -15,7 +15,7 @@ # limitations under the License. -develop: submodules +develop: python -m pip install -e .[dev] --upgrade --upgrade-strategy eager -- pre-commit: From 2a3131deb4bfb8de1eaba6376ea8ed1849e80282 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Mon, 25 Oct 2021 21:37:01 +1100 Subject: [PATCH 04/11] fix:Updating sonar setup Signed-off-by: Chris Butler --- .github/workflows/python-test.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml index 61180e5..0201f01 100644 --- a/.github/workflows/python-test.yml +++ b/.github/workflows/python-test.yml @@ -177,11 +177,10 @@ jobs: args: > -Dsonar.python.coverage.reportPaths=coverage.xml -Dsonar.tests=tests/ - -Dsonar.sources=trestle/ + -Dsonar.sources=trestle_fedramp/ -Dsonar.python.version=3.7 - -Dsonar.projectKey=compliance-trestle + -Dsonar.projectKey=compliance-trestle-fedramp -Dsonar.organization=compliance-trestle - -Dsonar.cpd.exclusions=trestle/oscal/*.py - name: SonarQube Quality Gate check uses: sonarsource/sonarqube-quality-gate-action@master # Force to fail step after specific time From cfb6f37213ee7723d617b7bf5e7bd7d07fdd156a Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Mon, 25 Oct 2021 21:39:26 +1100 Subject: [PATCH 05/11] fix:Updating sonar setup Signed-off-by: Chris Butler --- setup.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.cfg b/setup.cfg index 5fd96d8..f108a75 100644 --- a/setup.cfg +++ b/setup.cfg @@ -3,7 +3,7 @@ name = compliance-trestle-fedramp version = attr: trestle_fedramp.__version__ description = Tools to manage & autogenerate python objects representing the OSCAL layers/models author = IBM -author_email = avikas@in.ibm.com +author_email = chris.butler@au1.ibm.com license = Apache Software License v2 url = https://github.com/IBM/compliance-trestle-fedramp classifiers = From f3b8c18619201889137683113f0b6ff4055b09d5 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Mon, 25 Oct 2021 21:45:02 +1100 Subject: [PATCH 06/11] fix: Correcting mdformat. Signed-off-by: Chris Butler --- CONTRIBUTING.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 4af3e67..e0900a4 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,4 +1,5 @@ ## Contributing In General + Our project welcomes external contributions. If you have an itch, please feel free to scratch it. @@ -69,16 +70,20 @@ git commit -s ``` ## Communication + **FIXME** Please feel free to connect with us on our [Slack channel](link). ## Setup + **FIXME** Please add any special setup instructions for your project to help the developer become productive quickly. ## Testing + **FIXME** Please provide information that helps the developer test any changes they make before submitting. ## Coding style guidelines + **FIXME** Optional, but recommended: please share any specific style guidelines you might have for your project. From 68b7c970d4ecb06742a7100544f23cbf7f85cc73 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Thu, 11 Nov 2021 15:08:17 +1100 Subject: [PATCH 07/11] Chore: Ensuring CI is setup correctly. Signed-off-by: Chris Butler --- .pre-commit-config.yaml | 6 +++--- Makefile | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 817c328..19b6272 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,7 +11,7 @@ repos: hooks: - id: yapf args: [--in-place, --parallel, --recursive, --style, .yapf-config] - files: "^(trestle|tests|scripts)" + files: "^(trestle_fedramp|tests|scripts)" stages: [commit] - repo: https://gitlab.com/pycqa/flake8 rev: 3.9.2 @@ -64,13 +64,13 @@ repos: flake8-bandit, dlint ] - files: "^(trestle)" + files: "^(trestle_fedramp)" stages: [commit] - repo: https://github.com/executablebooks/mdformat rev: 0.7.10 hooks: - id: mdformat - exclude: "CHANGELOG.md|docs/mkdocs_code_of_conduct.md|docs/api_reference|tests/data/author|docs/contributing/mkdocs_contributing.md" + exclude: "CHANGELOG.md" additional_dependencies: - mdformat-tables - mdformat-config diff --git a/Makefile b/Makefile index 7e1ccbb..1169ee9 100644 --- a/Makefile +++ b/Makefile @@ -41,10 +41,10 @@ test:: python -m pytest --exitfirst -n auto test-cov:: - python -m pytest --cov=trestle --exitfirst -n auto -vv --cov-report=xml --cov-fail-under=96 + python -m pytest --cov=trestle_fedramp --exitfirst -n auto -vv --cov-report=xml --cov-fail-under=96 test-all-random:: - python -m pytest --cov=trestle --cov-report=xml --random-order + python -m pytest --cov=trestle_fedramp --cov-report=xml --random-order test-verbose: python -m pytest -vv -n auto @@ -79,7 +79,7 @@ clean:: find . | grep -E "__pycache__|\.pyc|\.pyo" | xargs rm -rf pylint: - pylint trestle + pylint trestle_fedramp pylint-test: pylint tests --rcfile=.pylintrc_tests From 8905afd00493124ed5f32c79966a87cdf568ae48 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Thu, 11 Nov 2021 15:10:05 +1100 Subject: [PATCH 08/11] feat: Add changelog marker for semantic release. Signed-off-by: Chris Butler --- CHANGELOG.md | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ea8cea0..837ef06 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,13 +1,3 @@ # Changelog -All notable changes to this project will be documented in this file. - -## [Unreleased] - -## [0.0.1] - 2019-02-15 - -### Added -- Added a changelog - -[unreleased]: https://github.com/ibm/repo-template/compare/v0.0.1...HEAD -[0.0.1]: https://github.com/ibm/repo-template/releases/tag/v0.0.1 + \ No newline at end of file From f84e1bf42c1051a10f403b675ccd001b74723b2e Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Thu, 11 Nov 2021 15:14:00 +1100 Subject: [PATCH 09/11] fix: Adding bdist test scripts. Signed-off-by: Chris Butler --- .github/workflows/python-test.yml | 2 +- tests/manual_tests/test_binary.sh | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100755 tests/manual_tests/test_binary.sh diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml index 0201f01..bb16b8a 100644 --- a/.github/workflows/python-test.yml +++ b/.github/workflows/python-test.yml @@ -138,7 +138,7 @@ jobs: path: coverage.xml sonar: - if: github.repository == 'IBM/compliance-trestle' + if: github.repository == 'IBM/compliance-trestle-fedramp' runs-on: ubuntu-latest needs: test steps: diff --git a/tests/manual_tests/test_binary.sh b/tests/manual_tests/test_binary.sh new file mode 100755 index 0000000..be3e09c --- /dev/null +++ b/tests/manual_tests/test_binary.sh @@ -0,0 +1,28 @@ +# Copyright (c) 2021 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script is designed to test whether the bdist is behaving correctly. +# Note that it encodes the stanndard testing protocol and should be updated. + +mkdir tmp_bin_test +python -m venv tmp_bin_test/venv +python setup.py bdist_wheel +source tmp_bin_test/venv/bin/activate +python -m pip install dist/*.whl +python -m pip install pytest-xdist +# this is required to get away from the damn base directory +cd tmp_bin_test +ln -s ../tests +python -m pytest --exitfirst -n auto + From 0600f2ac046eba518f9c0a0c9c67eeb2a6f9ab2a Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Thu, 11 Nov 2021 15:15:25 +1100 Subject: [PATCH 10/11] fix: Correcting PR linting pipeline Signed-off-by: Chris Butler --- .github/workflows/conventional-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/conventional-pr.yml b/.github/workflows/conventional-pr.yml index 4120734..6925d87 100644 --- a/.github/workflows/conventional-pr.yml +++ b/.github/workflows/conventional-pr.yml @@ -1,7 +1,7 @@ name: "Lint PR" on: - pull_request_target: + pull_request: types: - opened - edited From d32cac48f7dc47fe98ffb303ba56bdf4fb00c34a Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Thu, 11 Nov 2021 15:19:31 +1100 Subject: [PATCH 11/11] fix: Setting floor coverage to 0 Signed-off-by: Chris Butler --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 1169ee9..afd1039 100644 --- a/Makefile +++ b/Makefile @@ -41,7 +41,7 @@ test:: python -m pytest --exitfirst -n auto test-cov:: - python -m pytest --cov=trestle_fedramp --exitfirst -n auto -vv --cov-report=xml --cov-fail-under=96 + python -m pytest --cov=trestle_fedramp --exitfirst -n auto -vv --cov-report=xml --cov-fail-under=0 test-all-random:: python -m pytest --cov=trestle_fedramp --cov-report=xml --random-order