Skip to content

Commit

Permalink
Merge pull request #13 from cisagov/lineage/skeleton
Browse files Browse the repository at this point in the history 
Lineage pull request for: skeleton
  • Loading branch information
@dav3r
dav3r committed May 6, 2022
2 parents 1dbf772 + 66f5822 commit 3f2fd33
Show file tree
Hide file tree
Showing 5 changed files with 57 additions and 46 deletions.
4 changes: 4 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ updates:
directory: "/"
schedule:
interval: "weekly"
ignore:
- dependency-name: actions/cache
- dependency-name: actions/checkout
- dependency-name: actions/setup-python

- package-ecosystem: "pip"
directory: "/"
Expand Down
38 changes: 19 additions & 19 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,16 +19,16 @@ jobs:
steps:
- id: setup-env
uses: cisagov/setup-env-github-action@develop
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- id: setup-python
uses: actions/setup-python@v2
uses: actions/setup-python@v3
with:
python-version: 3.9
python-version: "3.10"
# We need the Go version and Go cache location for the actions/cache step,
# so the Go installation must happen before that.
- uses: actions/setup-go@v2
with:
go-version: '1.16'
go-version: "1.16"
- name: Store installed Go version
id: go-version
run: |
Expand All @@ -38,7 +38,7 @@ jobs:
id: go-cache
run: |
echo "::set-output name=dir::$(go env GOCACHE)"
- uses: actions/cache@v2
- uses: actions/cache@v3
env:
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
py${{ steps.setup-python.outputs.python-version }}-\
Expand Down Expand Up @@ -118,12 +118,12 @@ jobs:
- "3.9"
- "3.10"
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- id: setup-python
uses: actions/setup-python@v2
uses: actions/setup-python@v3
with:
python-version: ${{ matrix.python-version }}
- uses: actions/cache@v2
- uses: actions/cache@v3
env:
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
py${{ steps.setup-python.outputs.python-version }}-"
Expand Down Expand Up @@ -161,12 +161,12 @@ jobs:
runs-on: ubuntu-latest
needs: test
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- id: setup-python
uses: actions/setup-python@v2
uses: actions/setup-python@v3
with:
python-version: 3.9
- uses: actions/cache@v2
python-version: "3.10"
- uses: actions/cache@v3
env:
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
py${{ steps.setup-python.outputs.python-version }}-"
Expand Down Expand Up @@ -205,12 +205,12 @@ jobs:
- "3.9"
- "3.10"
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- id: setup-python
uses: actions/setup-python@v2
uses: actions/setup-python@v3
with:
python-version: ${{ matrix.python-version }}
- uses: actions/cache@v2
- uses: actions/cache@v3
env:
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
py${{ steps.setup-python.outputs.python-version }}-"
Expand All @@ -224,12 +224,12 @@ jobs:
${{ hashFiles('setup.py') }}"
restore-keys: |
${{ env.BASE_CACHE_KEY }}
- name: Install dependencies
- name: Install build dependencies
run: |
python -m pip install --upgrade pip wheel
pip install --upgrade --requirement requirements.txt
python -m pip install --upgrade pip setuptools wheel
python -m pip install --upgrade build
- name: Build artifacts
run: python3 setup.py sdist bdist_wheel
run: python -m build
- name: Upload artifacts
uses: actions/upload-artifact@v2
with:
Expand Down
41 changes: 20 additions & 21 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,59 +10,58 @@ on:
push:
# Dependabot triggered push events have read-only access, but uploading code
# scanning requires write access.
branches-ignore: [dependabot/**]
branches-ignore:
- dependabot/**
pull_request:
# The branches below must be a subset of the branches above
branches: [develop]
branches:
- develop
schedule:
- cron: '0 14 * * 6'

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest

permissions:
# required for all workflows
security-events: write
strategy:
fail-fast: false
matrix:
# Override automatic language detection by changing the below list
# Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript',
# 'python']
language: ['python']
# Supported options are go, javascript, csharp, python, cpp, and java
language:
- python
# Learn more...
# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection

steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v3

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a
# config file. By default, queries listed here will override any
# specified in a config file. Prefix the list here with "+" to use
# these queries and those in the config file. queries:
# ./path/to/local/query, your-org/your-repo/queries@main

# Autobuild attempts to build any compiled languages (C/C++, C#, or
# Autobuild attempts to build any compiled languages (C/C++, C#, or
# Java). If this step fails, then you should remove it and run the build
# manually (see below)
# manually (see below).
- name: Autobuild
uses: github/codeql-action/autobuild@v1
uses: github/codeql-action/autobuild@v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl

# ✏️ If the Autobuild fails above, remove it and uncomment the following
# three lines and modify them (or add more) to build your code if your
# project uses a compiled language
# three lines and modify them (or add more) to build your code if your
# project uses a compiled language

# - run: |
# make bootstrap
# make release
# make bootstrap
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v2
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,4 @@ __pycache__
.pytest_cache
.python-version
*.egg-info
dist
19 changes: 13 additions & 6 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ repos:
args:
- --config=.mdl_config.yaml
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v2.5.1
rev: v2.6.1
hooks:
- id: prettier
- repo: https://github.com/adrienverge/yamllint
Expand All @@ -47,6 +47,13 @@ repos:
args:
- --strict

# GitHub Actions hooks
- repo: https://github.com/python-jsonschema/check-jsonschema
rev: 0.14.2
hooks:
- id: check-github-actions
- id: check-github-workflows

# pre-commit hooks
- repo: https://github.com/pre-commit/pre-commit
rev: v2.17.0
Expand Down Expand Up @@ -76,7 +83,7 @@ repos:
# Python hooks
# Run bandit on "tests" tree with a configuration
- repo: https://github.com/PyCQA/bandit
rev: 1.7.2
rev: 1.7.4
hooks:
- id: bandit
name: bandit (tests tree)
Expand All @@ -91,7 +98,7 @@ repos:
name: bandit (everything else)
exclude: tests
- repo: https://github.com/psf/black
rev: 22.1.0
rev: 22.3.0
hooks:
- id: black
- repo: https://gitlab.com/pycqa/flake8
Expand All @@ -105,11 +112,11 @@ repos:
hooks:
- id: isort
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v0.931
rev: v0.942
hooks:
- id: mypy
- repo: https://github.com/asottile/pyupgrade
rev: v2.31.0
rev: v2.31.1
hooks:
- id: pyupgrade

Expand All @@ -129,7 +136,7 @@ repos:

# Docker hooks
- repo: https://github.com/IamTheFij/docker-pre-commit
rev: v2.0.1
rev: v2.1.0
hooks:
- id: docker-compose-check

Expand Down

0 comments on commit 3f2fd33

Please sign in to comment.