Merge branch 'main' into Issue714-LDDTool-Tests

merge main into Issue714-LDDTool-Tests
NASA-PDS · Jun 20, 2024 · 80ba449 · 80ba449
2 parents c0b170e + 7bc3609
commit 80ba449
Show file tree

Hide file tree

Showing 76 changed files with 158,971 additions and 9,055 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -88,3 +88,12 @@ body:
     id: details
     attributes:
        label: ⚙️ Engineering Details
+
+  - type: textarea
+    id: i-n-t
+    attributes:
+      label: 🎉 Integration & Test
+      description: To be filled out by Engineering Node Team
+      placeholder:  Provide testing information and/or trace to TestRail ID
+    validations:
+      required: false
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -73,3 +73,12 @@ body:
       placeholder:  Provide some design / implementation details and/or a sub-task checklist as needed. Convert issue to Epic if estimate is outside the scope of 1 sprint.
     validations:
       required: false
+
+  - type: textarea
+    id: i-n-t
+    attributes:
+      label: 🎉 Integration & Test
+      description: To be filled out by Engineering Node Team
+      placeholder:  Provide testing information and/or trace to TestRail ID
+    validations:
+      required: false
diff --git a/.github/ISSUE_TEMPLATE/i-t-bug-report.yml b/.github/ISSUE_TEMPLATE/i-t-bug-report.yml
@@ -83,3 +83,12 @@ body:
     id: details
     attributes:
        label: ⚙️ Engineering Details
+
+  - type: textarea
+    id: i-n-t
+    attributes:
+      label: 🎉 Integration & Test
+      description: To be filled out by Engineering Node Team
+      placeholder:  Provide testing information and/or trace to TestRail ID
+    validations:
+      required: false
diff --git a/.github/ISSUE_TEMPLATE/pds4-standards-change-request.yml b/.github/ISSUE_TEMPLATE/pds4-standards-change-request.yml
@@ -1,15 +1,15 @@
 name: PDS4 Standards Change Request
 description: "Tasks related to PDS4 Standards Change Request in design and implementation queue"
 title: 'CCB-xxx: Copy SCR title here'
-labels: "needs:triage, p.must-have, pending-scr, requirement"
-projects: "NASA-PDS/6"
-assignees: jordanpadams
+labels: "p.must-have, pending-scr, requirement, sprint-backlogs, B15.0"
+projects: "NASA-PDS/6, NASA-PDS/9"
+assignees: jshughes,jordanpadams
 
 body:
   - type: textarea
     id: scr
     attributes:
-      label: 🦄 Parent SCR
+      label: 🦄 Sibling SCR
       description: Link to parent SCR in PDS4 CCB repo
       value: NASA-PDS/PDS4-CCB#xxxx
     validations:
@@ -20,3 +20,17 @@ body:
     attributes:
       label: 💡 SCR Summary
       description: Copy-paste the original SCR's **Problem Statement** and **Requested Changes** to provide public overview to proposed changes.
+    validations:
+      required: true
+
+  - type: dropdown
+    id: added-to-parent-epic
+    attributes:
+      label: Added to parent epic?
+      description: Reminder once this issue is created to add it to whatever the parent SCR epic is for this build.
+      multiple: false
+      options:
+        - "Will do"
+        - "No chance"
+    validations:
+      required: true
diff --git a/.github/workflows/branch-cicd.yaml b/.github/workflows/branch-cicd.yaml
@@ -17,7 +17,7 @@ on:
         branches:
             -   '**'
             -   '!main'
-
+    workflow_dispatch:
 
 # What to Do
 # ----------
@@ -62,7 +62,11 @@ jobs:
                     java-version: ${{matrix.java-version}}
             -
                 name: 🩺 Test Software
-                run: mvn package
+                run: mvn install
+
+            -
+                name: 🩺 Test Site
+                run: mvn site
 
             -
                 name: ∫ Smoke Tests with Discipline LDDs

diff --git a/.github/workflows/secrets-detection.yaml b/.github/workflows/secrets-detection.yaml
@@ -0,0 +1,67 @@
+name: Secret Detection Workflow
+on:
+    push:
+        branches:
+            - main
+    pull_request:
+        branches:
+            - main
+
+jobs:
+    secret-detection:
+        runs-on: ubuntu-latest
+        if: github.actor != 'pdsen-ci'
+        steps:
+            -
+                name: Checkout code
+                uses: actions/checkout@v4
+            -
+                name: Install necessary packages
+                run: |
+                    pip install git+https://github.com/NASA-AMMOS/slim-detect-secrets.git@exp
+                    pip install jq
+              
+            -
+                name: Create an initial .secrets.baseline if .secrets.baseline does not exist
+                run: |
+                    if [ ! -f .secrets.baseline ]; then
+                        # This generated baseline file will only be temporarily available on the GitHub side and will not appear in the user's local files.
+                        # Scanning an empty folder to generate an initial .secrets.baseline without secrets in the results.
+                        echo "⚠️ No existing .secrets.baseline file detected. Creating a new blank baseline file."
+                        mkdir empty-dir
+                        detect-secrets scan empty-dir > .secrets.baseline
+                        echo "✅ Blank .secrets.baseline file created successfully."
+                        rm -r empty-dir
+                    else
+                        echo "✅ Existing .secrets.baseline file detected. No new baseline file will be created."
+                    fi
+
+            -
+                name: Scan repository for secrets
+                run: |
+                    # scripts to scan repository for new secrets
+
+                    # backup the list of known secrets
+                    cp .secrets.baseline .secrets.new
+
+                    # find the secrets in the repository
+                    bin/generate-detect-secrets.sh
+                       
+                    # if there is any difference between the known and newly detected secrets, break the build
+                    # Function to compare secrets without listing them
+                    compare_secrets() { diff <(jq -r '.results | keys[] as $key | "\($key),\(.[$key] | .[] | .hashed_secret)"' "$1" | sort) <(jq -r '.results | keys[] as $key | "\($key),\(.[$key] | .[] | .hashed_secret)"' "$2" | sort) >/dev/null; }
+
+                    # Check if there's any difference between the known and newly detected secrets
+                    if ! compare_secrets .secrets.baseline .secrets.new; then
+                        echo "⚠️ Attention Required! ⚠️" >&2
+                        echo "New secrets have been detected in your recent commit. Due to security concerns, we cannot display detailed information here and we cannot proceed until this issue is resolved." >&2
+                        echo "" >&2
+                        echo "Please follow the steps below on your local machine to reveal and handle the secrets:" >&2
+                        echo "" >&2
+                        echo "1️⃣ Run the 'detect-secrets' tool on your local machine. This tool will identify and clean up the secrets. You can find detailed instructions at this link: https://nasa-ammos.github.io/slim/continuous-testing/starter-kits/#detect-secrets" >&2
+                        echo "" >&2
+                        echo "2️⃣ After cleaning up the secrets, commit your changes and re-push your update to the repository." >&2
+                        echo "" >&2
+                        echo "Your efforts to maintain the security of our codebase are greatly appreciated!" >&2
+                        exit 1
+                    fi
diff --git a/.github/workflows/stable-cicd.yaml b/.github/workflows/stable-cicd.yaml
@@ -50,14 +50,14 @@ jobs:
         steps:
             -
                 name: 💳 Checkout
-                uses: actions/checkout@v3
+                uses: actions/checkout@v4
                 with:
                     lfs: true
                     token: ${{secrets.ADMIN_GITHUB_TOKEN}}
                     fetch-depth: 0
             -
                 name: 💵 Maven Cache
-                uses: actions/cache@v3
+                uses: actions/cache@v4
                 with:
                     path: ~/.m2/repository
                     # The "key" used to indicate a set of cached files is the operating system runner
@@ -72,10 +72,11 @@ jobs:
                 uses: NASA-PDS/roundup-action@stable
                 with:
                     assembly: stable
-                    maven-build-phases: package
-                    maven-doc-phases: install,site,site:stage
-                    maven-stable-artifact-phases: clean,install,site,site:stage
                     packages: openjdk11-jdk
+                    maven-build-phases: install
+                    maven-doc-phases: clean,site,site:stage
+                    maven-stable-artifact-phases: clean,site,site:stage,deploy
+                    documentation-dir: target/staging/model
                 env:
                     ossrh_username: ${{secrets.OSSRH_USERNAME}}
                     ossrh_password: ${{secrets.OSSRH_PASSWORD}}

diff --git a/.github/workflows/unstable-cicd.yaml b/.github/workflows/unstable-cicd.yaml
@@ -33,6 +33,10 @@ on:
     push:
         branches:
              - main
+        paths-ignore:
+            - 'CHANGELOG.md'
+            - 'docs/requirements/**'
+    workflow_dispatch:
 
 
 # What to Do
@@ -71,6 +75,9 @@ jobs:
                 with:
                     assembly: unstable
                     packages: openjdk11-jdk
+                    maven-build-phases: install
+                    maven-doc-phases: clean,site,site:stage
+                    maven-unstable-artifact-phases: clean,site,site:stage,deploy
                 env:
                     ossrh_username: ${{secrets.OSSRH_USERNAME}}
                     ossrh_password: ${{secrets.OSSRH_PASSWORD}}

diff --git a/.gitignore b/.gitignore
@@ -66,7 +66,6 @@ src/test/temp/
 # other stuff
 *.xpr
 *.swp
-/bin/
 .*.swp
 *.sublime-*
 *.DS_Store