Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⚠️ CONFLICT! Lineage pull request for: skeleton #142

Merged
merged 44 commits into from
Sep 14, 2023
Merged

⚠️ CONFLICT! Lineage pull request for: skeleton #142

merged 44 commits into from
Sep 14, 2023

Conversation

cisagovbot
Copy link

@cisagovbot cisagovbot commented Sep 13, 2023
edited by jsf9k
Loading

Lineage Pull Request: CONFLICT

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-generic.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

The lineage/skeleton branch has one or more unresolved merge conflicts
that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone git@github.com:cisagov/orchestrator.git orchestrator
cd orchestrator
git remote add skeleton https://github.com/cisagov/skeleton-generic.git
git remote set-url --push skeleton no_push
git switch develop
git switch --create lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and
    possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the
    branch, commit, and push your changes:

    git add .github/dependabot.yml 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message
    that git creates for you, but please do not delete the existing
    content    . It provides useful information about the merge that is
    being performed.

  5. Wait for all the automated tests to pass.

  6. Confirm each item in the "Pre-approval checklist" below.

  7. Remove any of the checklist items that do not apply.

  8. Ensure every remaining checkbox has been checked.

  9. Mark this draft pull request "Ready for review".

✅ Pre-approval checklist

Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!

  • ✌️ The conflicts in this pull request have been resolved.
  • All relevant type-of-change labels have been added.
  • All new and existing tests pass.

Note

You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

jasonodoom and others added 30 commits July 10, 2023 12:52
@jasonodoom
Add steps to setup go packages for pre-commit
4cb9a4b
@jasonodoom
Update action/checkout to use same version
53f56b0
@jasonodoom
Set specific gocritic version
f261099
@jasonodoom
Update build workflow with package installtion
097b573
@jasonodoom
Group go tools together with comment
254282a
@jasonodoom @mcdonnnj
Update staticcheck id
ecf3299 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jasonodoom @mcdonnnj
Update tool names to match author stylization
1eaedf5 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jasonodoom @mcdonnnj
Update statcicheck stylization
fd04757 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k
Temporarily use a different branch of cisagov/setup-env-github-action
ddbf6f7 
This is being done for testing purposes, and this commit can be
reverted (or removed) once cisagov/setup-env-github-action#65 is
merged.
@jasonodoom
Move go packages install to separate section
a8af336
@jasonodoom @mcdonnnj
Update go-critic name
1675b12 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jasonodoom @mcdonnnj
Update staticcheck name
c6ab22e 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k
Use the correct repo name for the ansible-lint pre-commit hook
29de034 
The repo name we were using redirects to the correct place, but we may
as well cut out the middle man.
@jasonodoom
Correct staticcheck reference to setup-env, sort alphabetically and c…
1e7cb4f 
…orrect staticcheck package URL

Co-Authored By: @mcdonnnj <mcdonnj@users.noreply.github.com>
@jasonodoom @jsf9k
Remove Go section coment
5f3bc13 
Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
@mcdonnnj
Remove unnecessary quotes in the dependabot configuration
d311825 
We generally only use quotes when they are strictly necessary to ensure
data is interpreted as a string value.
@mcdonnnj
Sort the keys in the Dependabot configuration
2294d49 
Our standard practice for YAML files is to sort keys alphabetically.
@jsf9k @dv4harr10
Delete duplicate word "are"
e678502 
Co-authored-by: David Harris <David.Harris@associates.cisa.dhs.gov>
@jasonodoom @mcdonnnj
Fix gosec stylization
948ebde 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k
Revert "Temporarily use a different branch of cisagov/setup-env-githu…
98d3d3f 
…b-action"

This reverts commit ddbf6f7.

This can be done now that cisagov/setup-env-github-action#65 has been
merged.
@jasonodoom
Add nixfmt pre-commit hook
82db36a
@dependabot
Bump actions/checkout from 3 to 4
c0b5d5b 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Bump crazy-max/ghaction-github-labeler from 4 to 5
b04654e
@mcdonnnj
Update the dependabot ignore configuration
49ac8c5 
Add crazy-max/ghaction-github-labeler as a commented out dependency to
ignore in the dependabot configuration file. This should be enabled in
downstream projects to consolidate updating this Action to the
cisagov/skeleton-generic repository.
@mcdonnnj
Merge pull request #138 from cisagov/add-go-packages
4ec50ab 
Add go packages for pre-commit
@mcdonnnj
Merge pull request #139 from cisagov/improvement/use-correct-repo-name
8145a93 
Use the correct repo name for the ansible-lint pre-commit hook
@mcdonnnj
Merge pull request #140 from cisagov/improvement/update_dependabot_co…
ce74358 
…nfiguration

Update the Dependabot configuration
@mcdonnnj
Merge pull request #141 from cisagov/documentation/grammar
338e3e1 
Delete duplicate word "are"
@mcdonnnj
Merge pull request #143 from cisagov/add-nixfmt
8432f1e 
Add nixfmt pre-commit hook
@mcdonnnj
Merge pull request #145 from cisagov/dependabot/github_actions/action…
8cdbc7b 
…s/checkout-4

Bump actions/checkout from 3 to 4
mcdonnnj and others added 11 commits September 12, 2023 21:49
@mcdonnnj
Switch to the pre-commit mirror for black
1bc2056 
This mirror was created to leverage performance optimizations from
mypyc wheels that are available if black is installed from PyPI. These
wheels are not available if black is installed from source as it would
be using the old URL. Please see psf/black#3828 and psf/black#3405 for
more information.
@jsf9k @felddy @mcdonnnj
Add the crazy-max/ghaction-github-status GitHub action
a62ebe7 
This action is added in a separate "diagnostics" job.  As configured
it will never fail, but it will print out the status of the various
GitHub components.  This information will sometimes be useful when
determining why builds fail after the fact.

Co-authored-by: Mark Feldhousen <mark.feldhousen@gwe.cisa.dhs.gov>
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Make the lint job depend on the diagnostics job
3619c45 
Even though the diagnostics job is not currently configured to fail
due to the GitHub status, it is still true that if the job is unable
to run that does not bode well for the lint job's successful
execution.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @felddy @mcdonnnj
Add a GH Action to dump the context
f437066 
This can be useful when debugging why a GH Action failed.

Co-authored-by: felddy <mark.feldhousen@gwe.cisa.dhs.gov>
@jsf9k @mcdonnnj
Give the diagnostics job a descriptive name
c5e56a2
@jsf9k @felddy @mcdonnnj
Add the step-security/harden-runner GH Action
9afb516 
This GH Action is being configured to run in audit mode.  It should
warn us if an Action is reaching out to an unexpected web address,
overwriting source code, etc.

Co-authored-by: felddy <mark.feldhousen@gwe.cisa.dhs.gov>
@jsf9k @mcdonnnj
Add a harden-runner task to the lint job as well
9dc773c 
This task can only provide coverage for the job that contains it.
@jsf9k @mcdonnnj
Add a reminder
bb81ec3 
We need a reminder add the step-security/harden-runner action at the
top of every job.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@mcdonnnj
Merge pull request #142 from cisagov/maintenance/update_pre-commit_hooks
94903ae 
Update `pre-commit` hooks
@mcdonnnj
Merge pull request #148 from cisagov/improvement/change_black_repository
8d8577c 
Change the source repository for the `black` hook
@mcdonnnj
Merge pull request #144 from cisagov/improvement/add-github-status-jazz
c0eed09 
Add a job that runs diagnostics
@jsf9k jsf9k marked this pull request as ready for review September 13, 2023 14:32
@jsf9k jsf9k added dependencies Pull requests that update a dependency file github-actions Pull requests that update GitHub Actions code security This issue or pull request addresses a security issue labels Sep 14, 2023
@jsf9k jsf9k merged commit 7ec9a07 into develop Sep 14, 2023
5 checks passed
@jsf9k jsf9k deleted the lineage/skeleton branch September 14, 2023 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@jasonodoom jasonodoom jasonodoom approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jsf9k jsf9k Awaiting requested review from jsf9k jsf9k is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@jsf9k jsf9k

Labels
dependencies Pull requests that update a dependency file github-actions Pull requests that update GitHub Actions code security This issue or pull request addresses a security issue upstream update This issue or pull request pulls in upstream updates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@cisagovbot @jasonodoom @dav3r @jsf9k @mcdonnnj