Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lineage pull request for: skeleton #3

Open
wants to merge 85 commits into
base: develop
Choose a base branch
from
Open

Lineage pull request for: skeleton #3

wants to merge 85 commits into from

Conversation

cisagovbot
Copy link

Lineage Pull Request

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-python-library.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

✅ Pre-approval checklist

Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!

  • All future TODOs are captured in issues, which are referenced
    in code comments.
  • All relevant type-of-change labels have been added.
  • All relevant repo and/or project documentation has been updated
    to reflect the changes in this PR.
  • Tests have been added and/or modified to cover the changes in this PR.
  • All new and existing tests pass.

✅ Pre-merge checklist

Remove any of the following that do not apply. These boxes should
remain unchecked until the pull request has been approved.

  • Bump major, minor, patch, or pre-release version as
    appropriate
    via the bump_version.sh script if this repository is
    versioned and the changes in this PR warrant a version
    bump    .
  • Finalize version.

✅ Post-merge checklist

Remove any of the following that do not apply.

  • Create a release.

Note
You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

jasonodoom and others added 30 commits May 5, 2023 14:00
@jasonodoom
Add Go hooks to support go code for our projects
a0bc20b
@jasonodoom
Add Staticcheck
3628e5f
@jasonodoom @jsf9k
Fix indentation
668724f 
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
@jasonodoom @jsf9k
Fix indentation
3d422b8 
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
@jasonodoom @jsf9k
Fix indentation
5571f47 
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
@jasonodoom @jsf9k
Fix formatting
4fd9501 
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
@jasonodoom @jsf9k
Fix formatting
412101a 
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
@jasonodoom @jsf9k
Fix formatting
a346fb5 
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
@jasonodoom
Revert updated versions for existing hooks
c47038b
@jasonodoom
Fix formatting
eb52678
@jasonodoom
Remove extra hook ids
f8179f1
@jasonodoom
Replace hooks with repo based option when available
42820e2
@mcdonnnj @jsf9k @dav3r
Remove the go-lint hook from the pre-commit configuration
7f372e6 
The golang/lint tool was archived on May 9th, 2021 and based on
golang/go#38968 no future work is planned. Coupled with the fact that
it is not available from brew we are removing this hook as local
development may be hindered by trying to satisfy running this hook.

Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
Co-authored-by: dav3r <david.redmin@gwe.cisa.dhs.gov>
@mcdonnnj @jmorrowomni
Update pre-commit hook versions
b823111 
This is done automatically with the `pre-commit autoupdate` command.
@jasonodoom @jmorrowomni
Add apostrophe to Qapla
b770fc6
@arcsector @jmorrowomni
detecting virtualenv installation successfully
24a0008
@jsf9k @jmorrowomni
Whitespace change to make shfmt linter happy
f01965a
@jsf9k @jmorrowomni
Fix two broken links
43d588f 
Resolves cisagov/skeleton-generic#131.
@mcdonnnj @jmorrowomni
Disable caching for the setup-go Action
e098255 
The cache key used relies on the existence of a go.sum file. Since we
have no expectation for Go source code, including that file, and since
we already include the Go cache in our job caching, we can safely
disable caching in the Action.
@mcdonnnj @jmorrowomni
Bump Go from 1.19 to 1.20
edf1338 
Bump the version of Go used in our GitHub Actions configuration to the
latest stable Go release.
Merge https://github.com/cisagov/skeleton-generic into lineage/skeleton
9bfa30b
@jmorrowomni
Merge branch 'develop' into add-go-hooks
42f481c
@mcdonnnj
Merge pull request #133 from cisagov/add-go-hooks
bd762fe 
Add Go hooks
Merge https://github.com/cisagov/skeleton-generic into lineage/skeleton
31fe1f5
@jasonodoom
Add steps to setup go packages for pre-commit
4cb9a4b
@jasonodoom
Update action/checkout to use same version
53f56b0
@jasonodoom
Set specific gocritic version
f261099
@jasonodoom
Update build workflow with package installtion
097b573
@jasonodoom
Group go tools together with comment
254282a
@jasonodoom @mcdonnnj
Update staticcheck id
ecf3299 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
mcdonnnj and others added 29 commits September 13, 2023 01:29
@mcdonnnj
Merge pull request #146 from cisagov/improvement/update_labeler_action
ca49bea 
Update the version of the `crazy-max/ghaction-github-labeler` Action and add a dependabot ignore directive
@mcdonnnj
Update pre-commit hook versions
94d753d 
This is done automatically with the `pre-commit autoupdate` command.
@mcdonnnj
Switch to the pre-commit mirror for black
1bc2056 
This mirror was created to leverage performance optimizations from
mypyc wheels that are available if black is installed from PyPI. These
wheels are not available if black is installed from source as it would
be using the old URL. Please see psf/black#3828 and psf/black#3405 for
more information.
@jsf9k @felddy @mcdonnnj
Add the crazy-max/ghaction-github-status GitHub action
a62ebe7 
This action is added in a separate "diagnostics" job.  As configured
it will never fail, but it will print out the status of the various
GitHub components.  This information will sometimes be useful when
determining why builds fail after the fact.

Co-authored-by: Mark Feldhousen <mark.feldhousen@gwe.cisa.dhs.gov>
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Make the lint job depend on the diagnostics job
3619c45 
Even though the diagnostics job is not currently configured to fail
due to the GitHub status, it is still true that if the job is unable
to run that does not bode well for the lint job's successful
execution.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @felddy @mcdonnnj
Add a GH Action to dump the context
f437066 
This can be useful when debugging why a GH Action failed.

Co-authored-by: felddy <mark.feldhousen@gwe.cisa.dhs.gov>
@jsf9k @mcdonnnj
Give the diagnostics job a descriptive name
c5e56a2
@jsf9k @felddy @mcdonnnj
Add the step-security/harden-runner GH Action
9afb516 
This GH Action is being configured to run in audit mode.  It should
warn us if an Action is reaching out to an unexpected web address,
overwriting source code, etc.

Co-authored-by: felddy <mark.feldhousen@gwe.cisa.dhs.gov>
@jsf9k @mcdonnnj
Add a harden-runner task to the lint job as well
9dc773c 
This task can only provide coverage for the job that contains it.
@jsf9k @mcdonnnj
Add a reminder
bb81ec3 
We need a reminder add the step-security/harden-runner action at the
top of every job.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@mcdonnnj
Merge pull request #142 from cisagov/maintenance/update_pre-commit_hooks
94903ae 
Update `pre-commit` hooks
@mcdonnnj
Merge pull request #148 from cisagov/improvement/change_black_repository
8d8577c 
Change the source repository for the `black` hook
@mcdonnnj
Merge pull request #144 from cisagov/improvement/add-github-status-jazz
c0eed09 
Add a job that runs diagnostics
@mcdonnnj
Merge github.com:cisagov/skeleton-generic into lineage/skeleton
737aaff
@mcdonnnj
Enable dependabot ignore directives
8a9d149 
Enable the new dependabot ignore directives that were added in
cisagov/skeleton-generic.
@mcdonnnj
Bump actions/checkout from 3 to 4
7f3d844 
This updates the remaining declarations to match what was pulled down
from cisagov/skeleton-generic.
@mcdonnnj
Update job dependencies for the build.yml workflow
465a5a5 
Ensure the `diagnostics` job is a dependency for the other jobs. This
aligns with what was done to the `lint` job in
cisagov/skeleton-generic.
@mcdonnnj
Add runner hardening to all jobs in our workflows
41cbf1e 
This aligns with what was done to the `lint` job of the build.yml
workflow that was inherited from cisagov/skeleton-generic.
@mcdonnnj
Bump the bandit hook from 1.7.4 to 1.7.5
1290819 
This bumps the second bandit hook that is used in this project lineage.
Since this hook does not exist in the configuration from
cisagov/skeleton-generic we must update it here.
@mcdonnnj
Remove unnecessary quotes in the codeql-analysis.yml workflow
aca5662 
We generally only use quotes when they are strictly necessary to ensure
data is interpreted as a string value. This mirrors what was done to
the configurations inherited from cisagov/skeleton-generic.
@jsf9k
Add a diagnostics job to the CodeQL workflow
0541200 
It's good to agree everywhere with the changes we made to the
build.yml workflow in cisagov/skeleton-generic#144.
@jsf9k
Add support for Python version 3.12 in build workflow
29d7d1c 
Note that these instances _will not_ be updated via the upstream pull
request cisagov/skeleton-generic#154.
@mcdonnnj
Add support for Python 3.12 to the package
580429a
@mcdonnnj
Merge pull request #124 from cisagov/lineage/skeleton
ab59592 
⚠️ CONFLICT! Lineage pull request for: skeleton
@mcdonnnj
Merge pull request #125 from cisagov/improvement/add-diagnostics-job-…
593f588 
…for-codeql-workflow

Add a diagnostics job to the CodeQL workflow
@mcdonnnj
Merge pull request #126 from cisagov/improvement/add-python-3.12
a9e6af1 
Add support for Python version 3.12 in build workflow
@mcdonnnj
Add new, disabled dependabot ignore directives
63ce462 
Add the Actions that are used in the CodeQL workflow as commented out
dependencies to ignore in the dependabot configuration. These will be
un-commented in downstream repositories so that only
cisagov/skeleton-python-library will have dependabot PRs created for
these dependencies.
@mcdonnnj
Merge pull request #127 from cisagov/improvement/update_dependabot_ig…
31075ef 
…nore_directives

Add new, disabled dependabot ignore directives
Merge https://github.com/cisagov/skeleton-python-library into lineage…
dfda899 
…/skeleton

# Conflicts:
#	.github/dependabot.yml
@coveralls
Copy link

Pull Request Test Coverage Report for Build 7268730716

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 100.0%
Totals Coverage Status
Change from base Build 5977993120: 0.0%
Covered Lines: 40
Relevant Lines: 40
💛 - Coveralls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r Awaiting requested review from dav3r dav3r is a code owner

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jasonodoom jasonodoom Awaiting requested review from jasonodoom jasonodoom is a code owner

@jsf9k jsf9k Awaiting requested review from jsf9k jsf9k is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@felddy felddy

@jsf9k jsf9k

@jasonodoom jasonodoom

@dav3r dav3r

@mcdonnnj mcdonnnj

Labels
upstream update This issue or pull request pulls in upstream updates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
9 participants
@cisagovbot @coveralls @felddy @jsf9k @jasonodoom @dav3r @mcdonnnj @arcsector @jmorrowomni