1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 00:20:47 +00:00

Merge branch 'develop' into improvement/replace_beautysh_with_shfmt

This commit is contained in:
Nicholas McDonnell 2021-07-19 13:15:28 -04:00
commit 3e83a800f0
No known key found for this signature in database
GPG key ID: 7994ADE2A56BE5D1
4 changed files with 103 additions and 18 deletions

View file

@ -8,8 +8,10 @@ on:
types: [apb]
env:
CURL_CACHE_DIR: ~/.cache/curl
PIP_CACHE_DIR: ~/.cache/pip
PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit
RUN_TMATE: ${{ secrets.RUN_TMATE }}
jobs:
lint:
@ -39,11 +41,20 @@ jobs:
env:
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
py${{ steps.setup-python.outputs.python-version }}-\
go${{ env.GO_VERSION }}-"
go${{ env.GO_VERSION }}-\
packer${{ env.PACKER_VERSION }}-\
tf${{ env.TERRAFORM_VERSION }}-"
with:
# Note that the .terraform directory IS NOT included in the
# cache because if we were caching, then we would need to use
# the `-upgrade=true` option. This option blindly pulls down the
# latest modules and providers instead of checking to see if an
# update is required. That behavior defeats the benefits of caching.
# so there is no point in doing it for the .terraform directory.
path: |
${{ env.PIP_CACHE_DIR }}
${{ env.PRE_COMMIT_CACHE_DIR }}
${{ env.CURL_CACHE_DIR }}
${{ steps.go-cache.outputs.dir }}
key: "${{ env.BASE_CACHE_KEY }}\
${{ hashFiles('**/requirements-test.txt') }}-\
@ -51,8 +62,43 @@ jobs:
${{ hashFiles('**/.pre-commit-config.yaml') }}"
restore-keys: |
${{ env.BASE_CACHE_KEY }}
- name: Setup curl cache
run: mkdir -p ${{ env.CURL_CACHE_DIR }}
- name: Install Packer
run: |
PACKER_ZIP="packer_${PACKER_VERSION}_linux_amd64.zip"
curl --output ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
--time-cond ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
--location \
"https://releases.hashicorp.com/packer/${PACKER_VERSION}/${PACKER_ZIP}"
sudo unzip -d /opt/packer \
${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}"
sudo mv /usr/local/bin/packer /usr/local/bin/packer-default
sudo ln -s /opt/packer/packer /usr/local/bin/packer
- name: Install Terraform
run: |
TERRAFORM_ZIP="terraform_${TERRAFORM_VERSION}_linux_amd64.zip"
curl --output ${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}" \
--time-cond ${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}" \
--location \
"https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/${TERRAFORM_ZIP}"
sudo unzip -d /opt/terraform \
${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}"
sudo mv /usr/local/bin/terraform /usr/local/bin/terraform-default
sudo ln -s /opt/terraform/terraform /usr/local/bin/terraform
- name: Install shfmt
run: go install mvdan.cc/sh/v3/cmd/shfmt@${SHFMT_VERSION}
- name: Install Terraform-docs
run: |
go install \
github.com/terraform-docs/terraform-docs@${TERRAFORM_DOCS_VERSION}
- name: Find and initialize Terraform directories
run: |
for path in $(find . -not \( -type d -name ".terraform" -prune \) \
-type f -iname "*.tf" -exec dirname "{}" \; | sort -u); do \
echo "Initializing '$path'..."; \
terraform init -input=false -backend=false "$path"; \
done
- name: Install dependencies
run: |
python -m pip install --upgrade pip
@ -61,3 +107,6 @@ jobs:
run: pre-commit install-hooks
- name: Run pre-commit on all files
run: pre-commit run --all-files
- name: Setup tmate debug session
uses: mxschmitt/action-tmate@v3
if: env.RUN_TMATE

View file

@ -1,10 +0,0 @@
{
"MD013": {
"code_blocks": false,
"tables": false
},
"MD024": {
"allow_different_nesting": true
},
"default": true
}

40
.mdl_config.yaml Normal file
View file

@ -0,0 +1,40 @@
---
# Default state for all rules
default: true
# MD003/heading-style/header-style - Heading style
MD003:
# Enforce the ATX-closed style of header
style: "atx_closed"
# MD004/ul-style - Unordered list style
MD004:
# Enforce dashes for unordered lists
style: "dash"
# MD013/line-length - Line length
MD013:
# Do not enforce for code blocks
code_blocks: false
# Do not enforce for tables
tables: false
# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the
# same content
MD024:
# Allow headers with the same content as long as they are not in the same
# parent heading
allow_different_nesting: true
# MD029/ol-prefix - Ordered list item prefix
MD029:
# Enforce the `1.` style for ordered lists
style: "one"
# MD033/no-inline-html - Inline HTML
MD033:
# The h1 and img elements are allowed to permit header images
allowed_elements:
- h1
- img

View file

@ -35,9 +35,9 @@ repos:
hooks:
- id: markdownlint
args:
- --config=.mdl_config.json
- --config=.mdl_config.yaml
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v2.3.0
rev: v2.3.2
hooks:
- id: prettier
- repo: https://github.com/adrienverge/yamllint
@ -47,6 +47,12 @@ repos:
args:
- --strict
# pre-commit hooks
- repo: https://github.com/pre-commit/pre-commit
rev: v2.13.0
hooks:
- id: validate_manifest
# Shell script hooks
- repo: https://github.com/cisagov/pre-commit-shfmt
rev: v0.0.2
@ -75,7 +81,7 @@ repos:
args:
- --config=.bandit.yml
- repo: https://github.com/psf/black
rev: 21.5b2
rev: 21.7b0
hooks:
- id: black
- repo: https://gitlab.com/pycqa/flake8
@ -85,15 +91,15 @@ repos:
additional_dependencies:
- flake8-docstrings
- repo: https://github.com/PyCQA/isort
rev: 5.8.0
rev: 5.9.2
hooks:
- id: isort
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v0.812
rev: v0.910
hooks:
- id: mypy
- repo: https://github.com/asottile/pyupgrade
rev: v2.19.1
rev: v2.21.2
hooks:
- id: pyupgrade
@ -130,7 +136,7 @@ repos:
# Docker hooks
- repo: https://github.com/IamTheFij/docker-pre-commit
rev: v2.0.0
rev: v2.0.1
hooks:
- id: docker-compose-check