diff --git a/.ansible-lint b/.ansible-lint deleted file mode 100644 index bc8e0e5..0000000 --- a/.ansible-lint +++ /dev/null @@ -1,22 +0,0 @@ ---- -# See https://ansible-lint.readthedocs.io/en/latest/configuring.html -# for a list of the configuration elements that can exist in this -# file. -enable_list: - # Useful checks that one must opt-into. See here for more details: - # https://ansible-lint.readthedocs.io/en/latest/rules.html - - fcqn-builtins - - no-log-password - - no-same-owner -exclude_paths: - # This exclusion is implicit, unless exclude_paths is defined - - .cache - # Seems wise to ignore this too - - .github - # ansible-lint doesn't like the role name in this playbook, but it's - # what molecule requires - - molecule/default/converge.yml - # These two are Molecule configuration files, not Ansible playbooks - - molecule/default/molecule-no-systemd.yml - - molecule/default/molecule-with-systemd.yml -use_default_rules: true diff --git a/.bandit.yml b/.bandit.yml deleted file mode 100644 index 8ba42d1..0000000 --- a/.bandit.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -# Configuration file for the Bandit python security scanner -# https://bandit.readthedocs.io/en/latest/config.html - -# Tests are first included by `tests`, and then excluded by `skips`. -# If `tests` is empty, all tests are are considered included. - -tests: -# - B101 -# - B102 - -skips: -# - B101 # skip "assert used" check since assertions are required in pytests diff --git a/.flake8 b/.flake8 deleted file mode 100644 index 92ff826..0000000 --- a/.flake8 +++ /dev/null @@ -1,25 +0,0 @@ -[flake8] -max-line-length = 80 -# Select (turn on) -# * Complexity violations reported by mccabe (C) - -# http://flake8.pycqa.org/en/latest/user/error-codes.html#error-violation-codes -# * Documentation conventions compliance reported by pydocstyle (D) - -# http://www.pydocstyle.org/en/stable/error_codes.html -# * Default errors and warnings reported by pycodestyle (E and W) - -# https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes -# * Default errors reported by pyflakes (F) - -# http://flake8.pycqa.org/en/latest/glossary.html#term-pyflakes -# * Default warnings reported by flake8-bugbear (B) - -# https://github.com/PyCQA/flake8-bugbear#list-of-warnings -# * The B950 flake8-bugbear opinionated warning - -# https://github.com/PyCQA/flake8-bugbear#opinionated-warnings -select = C,D,E,F,W,B,B950 -# Ignore flake8's default warning about maximum line length, which has -# a hard stop at the configured value. Instead we use -# flake8-bugbear's B950, which allows up to 10% overage. -# -# Also ignore flake8's warning about line breaks before binary -# operators. It no longer agrees with PEP8. See, for example, here: -# https://github.com/ambv/black/issues/21. Guido agrees here: -# https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. -ignore = E501,W503 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7be2ce8..5031eef 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,97 +8,35 @@ on: types: [apb] env: - CURL_CACHE_DIR: ~/.cache/curl PIP_CACHE_DIR: ~/.cache/pip PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit - RUN_TMATE: ${{ secrets.RUN_TMATE }} jobs: lint: runs-on: ubuntu-latest steps: - - id: setup-env - uses: cisagov/setup-env-github-action@develop - uses: actions/checkout@v2 - id: setup-python uses: actions/setup-python@v2 with: - python-version: 3.9 - # We need the Go version and Go cache location for the actions/cache step, - # so the Go installation must happen before that. - - uses: actions/setup-go@v2 - with: - go-version: '1.16' - - name: Store installed Go version - id: go-version - run: | - echo "::set-output name=version::"\ - "$(go version | sed 's/^go version go\([0-9.]\+\) .*/\1/')" - - name: Lookup Go cache directory - id: go-cache - run: | - echo "::set-output name=dir::$(go env GOCACHE)" + python-version: "3.10" - uses: actions/cache@v2 env: BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ - py${{ steps.setup-python.outputs.python-version }}-\ - go${{ steps.go-version.outputs.version }}-\ - packer${{ steps.setup-env.outputs.packer-version }}-\ - tf${{ steps.setup-env.outputs.terraform-version }}-" + py${{ steps.setup-python.outputs.python-version }}" with: - # Note that the .terraform directory IS NOT included in the - # cache because if we were caching, then we would need to use - # the `-upgrade=true` option. This option blindly pulls down the - # latest modules and providers instead of checking to see if an - # update is required. That behavior defeats the benefits of caching. - # so there is no point in doing it for the .terraform directory. path: | ${{ env.PIP_CACHE_DIR }} ${{ env.PRE_COMMIT_CACHE_DIR }} - ${{ env.CURL_CACHE_DIR }} - ${{ steps.go-cache.outputs.dir }} key: "${{ env.BASE_CACHE_KEY }}\ - ${{ hashFiles('**/requirements-test.txt') }}-\ - ${{ hashFiles('**/requirements.txt') }}-\ ${{ hashFiles('**/.pre-commit-config.yaml') }}" restore-keys: | ${{ env.BASE_CACHE_KEY }} - - name: Setup curl cache - run: mkdir -p ${{ env.CURL_CACHE_DIR }} - - name: Install Packer - env: - PACKER_VERSION: ${{ steps.setup-env.outputs.packer-version }} - run: | - PACKER_ZIP="packer_${PACKER_VERSION}_linux_amd64.zip" - curl --output ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \ - --time-cond ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \ - --location \ - "https://releases.hashicorp.com/packer/${PACKER_VERSION}/${PACKER_ZIP}" - sudo unzip -d /opt/packer \ - ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" - sudo mv /usr/local/bin/packer /usr/local/bin/packer-default - sudo ln -s /opt/packer/packer /usr/local/bin/packer - - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ steps.setup-env.outputs.terraform-version }} - - name: Install shfmt - env: - PACKAGE_URL: mvdan.cc/sh/v3/cmd/shfmt - PACKAGE_VERSION: ${{ steps.setup-env.outputs.shfmt-version }} - run: go install ${PACKAGE_URL}@${PACKAGE_VERSION} - - name: Install Terraform-docs - env: - PACKAGE_URL: github.com/terraform-docs/terraform-docs - PACKAGE_VERSION: ${{ steps.setup-env.outputs.terraform-docs-version }} - run: go install ${PACKAGE_URL}@${PACKAGE_VERSION} - name: Install dependencies run: | - python -m pip install --upgrade pip - pip install --upgrade --requirement requirements-test.txt + python -m pip install --upgrade pip setuptools wheel + pip install --upgrade pre-commit - name: Set up pre-commit hook environments run: pre-commit install-hooks - name: Run pre-commit on all files run: pre-commit run --all-files - - name: Setup tmate debug session - uses: mxschmitt/action-tmate@v3 - if: env.RUN_TMATE diff --git a/.isort.cfg b/.isort.cfg deleted file mode 100644 index 46d45f3..0000000 --- a/.isort.cfg +++ /dev/null @@ -1,10 +0,0 @@ -[settings] -combine_star=true -force_sort_within_sections=true - -import_heading_stdlib=Standard Python Libraries -import_heading_thirdparty=Third-Party Libraries -import_heading_firstparty=cisagov Libraries - -# Run isort under the black profile to align with our other Python linting -profile=black diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d83fdbc..34f487a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -46,86 +46,3 @@ repos: - id: yamllint args: - --strict - - # pre-commit hooks - - repo: https://github.com/pre-commit/pre-commit - rev: v2.15.0 - hooks: - - id: validate_manifest - - # Shell script hooks - - repo: https://github.com/cisagov/pre-commit-shfmt - rev: v0.0.2 - hooks: - - id: shfmt - args: - # Indent by two spaces - - -i - - '2' - # Binary operators may start a line - - -bn - # Switch cases are indented - - -ci - # Redirect operators are followed by a space - - -sr - - repo: https://github.com/detailyang/pre-commit-shell - rev: 1.0.5 - hooks: - - id: shell-lint - - # Python hooks - - repo: https://github.com/PyCQA/bandit - rev: 1.7.0 - hooks: - - id: bandit - args: - - --config=.bandit.yml - - repo: https://github.com/psf/black - rev: 21.9b0 - hooks: - - id: black - - repo: https://gitlab.com/pycqa/flake8 - rev: 3.9.2 - hooks: - - id: flake8 - additional_dependencies: - - flake8-docstrings - - repo: https://github.com/PyCQA/isort - rev: 5.9.3 - hooks: - - id: isort - - repo: https://github.com/pre-commit/mirrors-mypy - rev: v0.910-1 - hooks: - - id: mypy - - repo: https://github.com/asottile/pyupgrade - rev: v2.29.0 - hooks: - - id: pyupgrade - - # Ansible hooks - - repo: https://github.com/ansible-community/ansible-lint - rev: v5.2.1 - hooks: - - id: ansible-lint - # files: molecule/default/playbook.yml - - # Terraform hooks - - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.52.0 - hooks: - - id: terraform_fmt - - id: terraform_validate - - # Docker hooks - - repo: https://github.com/IamTheFij/docker-pre-commit - rev: v2.0.1 - hooks: - - id: docker-compose-check - - # Packer hooks - - repo: https://github.com/cisagov/pre-commit-packer - rev: v0.0.2 - hooks: - - id: packer_validate - - id: packer_fmt diff --git a/requirements-dev.txt b/requirements-dev.txt deleted file mode 100644 index d84ee68..0000000 --- a/requirements-dev.txt +++ /dev/null @@ -1,2 +0,0 @@ ---requirement requirements-test.txt -ipython diff --git a/requirements-test.txt b/requirements-test.txt deleted file mode 100644 index 66f74db..0000000 --- a/requirements-test.txt +++ /dev/null @@ -1,2 +0,0 @@ ---requirement requirements.txt -pre-commit diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 0a8547b..0000000 --- a/requirements.txt +++ /dev/null @@ -1,2 +0,0 @@ -setuptools -wheel