r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Merge branch 'develop' into improvement/replace_beautysh_with_shfmt

Browse Source
pull/113/head
Nicholas McDonnell 3 years ago
parent 2b48e75b23 0e4fc41e4f
commit 3e83a800f0
No known key found for this signature in database
GPG Key ID: 7994ADE2A56BE5D1
4 changed files with 103 additions and 18 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 51
      .github/workflows/build.yml
  2. 10
      .mdl_config.json
  3. 40
      .mdl_config.yaml
  4. 20
      .pre-commit-config.yaml

51
.github/workflows/build.yml
Unescape View File

@ -8,8 +8,10 @@ on:
types: [apb]
env:
CURL_CACHE_DIR: ~/.cache/curl
PIP_CACHE_DIR: ~/.cache/pip
PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit
RUN_TMATE: ${{ secrets.RUN_TMATE }}
jobs:
lint:
@ -39,11 +41,20 @@ jobs:
env:
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
py${{ steps.setup-python.outputs.python-version }}-\
go${{ env.GO_VERSION }}-"
go${{ env.GO_VERSION }}-\
packer${{ env.PACKER_VERSION }}-\
tf${{ env.TERRAFORM_VERSION }}-"
with:
# Note that the .terraform directory IS NOT included in the
# cache because if we were caching, then we would need to use
# the `-upgrade=true` option. This option blindly pulls down the
# latest modules and providers instead of checking to see if an
# update is required. That behavior defeats the benefits of caching.
# so there is no point in doing it for the .terraform directory.
path: |
${{ env.PIP_CACHE_DIR }}
${{ env.PRE_COMMIT_CACHE_DIR }}
${{ env.CURL_CACHE_DIR }}
${{ steps.go-cache.outputs.dir }}
key: "${{ env.BASE_CACHE_KEY }}\
${{ hashFiles('**/requirements-test.txt') }}-\
@ -51,8 +62,43 @@ jobs:
${{ hashFiles('**/.pre-commit-config.yaml') }}"
restore-keys: |
${{ env.BASE_CACHE_KEY }}
- name: Setup curl cache
run: mkdir -p ${{ env.CURL_CACHE_DIR }}
- name: Install Packer
run: |
PACKER_ZIP="packer_${PACKER_VERSION}_linux_amd64.zip"
curl --output ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
--time-cond ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
--location \
"https://releases.hashicorp.com/packer/${PACKER_VERSION}/${PACKER_ZIP}"
sudo unzip -d /opt/packer \
${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}"
sudo mv /usr/local/bin/packer /usr/local/bin/packer-default
sudo ln -s /opt/packer/packer /usr/local/bin/packer
- name: Install Terraform
run: |
TERRAFORM_ZIP="terraform_${TERRAFORM_VERSION}_linux_amd64.zip"
curl --output ${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}" \
--time-cond ${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}" \
--location \
"https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/${TERRAFORM_ZIP}"
sudo unzip -d /opt/terraform \
${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}"
sudo mv /usr/local/bin/terraform /usr/local/bin/terraform-default
sudo ln -s /opt/terraform/terraform /usr/local/bin/terraform
- name: Install shfmt
run: go install mvdan.cc/sh/v3/cmd/shfmt@${SHFMT_VERSION}
- name: Install Terraform-docs
run: |
go install \
github.com/terraform-docs/terraform-docs@${TERRAFORM_DOCS_VERSION}
- name: Find and initialize Terraform directories
run: |
for path in $(find . -not \( -type d -name ".terraform" -prune \) \
-type f -iname "*.tf" -exec dirname "{}" \; | sort -u); do \
echo "Initializing '$path'..."; \
terraform init -input=false -backend=false "$path"; \
done
- name: Install dependencies
run: |
python -m pip install --upgrade pip
@ -61,3 +107,6 @@ jobs:
run: pre-commit install-hooks
- name: Run pre-commit on all files
run: pre-commit run --all-files
- name: Setup tmate debug session
uses: mxschmitt/action-tmate@v3
if: env.RUN_TMATE

10
.mdl_config.json
Unescape View File

@ -1,10 +0,0 @@
{
"MD013": {
"code_blocks": false,
"tables": false
},
"MD024": {
"allow_different_nesting": true
},
"default": true
}

40
.mdl_config.yaml
Unescape View File

@ -0,0 +1,40 @@
---
# Default state for all rules
default: true
# MD003/heading-style/header-style - Heading style
MD003:
# Enforce the ATX-closed style of header
style: "atx_closed"
# MD004/ul-style - Unordered list style
MD004:
# Enforce dashes for unordered lists
style: "dash"
# MD013/line-length - Line length
MD013:
# Do not enforce for code blocks
code_blocks: false
# Do not enforce for tables
tables: false
# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the
# same content
MD024:
# Allow headers with the same content as long as they are not in the same
# parent heading
allow_different_nesting: true
# MD029/ol-prefix - Ordered list item prefix
MD029:
# Enforce the `1.` style for ordered lists
style: "one"
# MD033/no-inline-html - Inline HTML
MD033:
# The h1 and img elements are allowed to permit header images
allowed_elements:
- h1
- img

20
.pre-commit-config.yaml
Unescape View File

@ -35,9 +35,9 @@ repos:
hooks:
- id: markdownlint
args:
- --config=.mdl_config.json
- --config=.mdl_config.yaml
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v2.3.0
rev: v2.3.2
hooks:
- id: prettier
- repo: https://github.com/adrienverge/yamllint
@ -47,6 +47,12 @@ repos:
args:
- --strict
# pre-commit hooks
- repo: https://github.com/pre-commit/pre-commit
rev: v2.13.0
hooks:
- id: validate_manifest
# Shell script hooks
- repo: https://github.com/cisagov/pre-commit-shfmt
rev: v0.0.2
@ -75,7 +81,7 @@ repos:
args:
- --config=.bandit.yml
- repo: https://github.com/psf/black
rev: 21.5b2
rev: 21.7b0
hooks:
- id: black
- repo: https://gitlab.com/pycqa/flake8
@ -85,15 +91,15 @@ repos:
additional_dependencies:
- flake8-docstrings
- repo: https://github.com/PyCQA/isort
rev: 5.8.0
rev: 5.9.2
hooks:
- id: isort
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v0.812
rev: v0.910
hooks:
- id: mypy
- repo: https://github.com/asottile/pyupgrade
rev: v2.19.1
rev: v2.21.2
hooks:
- id: pyupgrade
@ -130,7 +136,7 @@ repos:
# Docker hooks
- repo: https://github.com/IamTheFij/docker-pre-commit
rev: v2.0.0
rev: v2.0.1
hooks:
- id: docker-compose-check

Write Preview
Loading…
Cancel
Save