mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-22 16:40:48 +00:00
Merge branch 'develop' into improvement/replace_beautysh_with_shfmt
This commit is contained in:
commit
3e83a800f0
4 changed files with 103 additions and 18 deletions
51
.github/workflows/build.yml
vendored
51
.github/workflows/build.yml
vendored
|
@ -8,8 +8,10 @@ on:
|
||||||
types: [apb]
|
types: [apb]
|
||||||
|
|
||||||
env:
|
env:
|
||||||
|
CURL_CACHE_DIR: ~/.cache/curl
|
||||||
PIP_CACHE_DIR: ~/.cache/pip
|
PIP_CACHE_DIR: ~/.cache/pip
|
||||||
PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit
|
PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit
|
||||||
|
RUN_TMATE: ${{ secrets.RUN_TMATE }}
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
lint:
|
lint:
|
||||||
|
@ -39,11 +41,20 @@ jobs:
|
||||||
env:
|
env:
|
||||||
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
|
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
|
||||||
py${{ steps.setup-python.outputs.python-version }}-\
|
py${{ steps.setup-python.outputs.python-version }}-\
|
||||||
go${{ env.GO_VERSION }}-"
|
go${{ env.GO_VERSION }}-\
|
||||||
|
packer${{ env.PACKER_VERSION }}-\
|
||||||
|
tf${{ env.TERRAFORM_VERSION }}-"
|
||||||
with:
|
with:
|
||||||
|
# Note that the .terraform directory IS NOT included in the
|
||||||
|
# cache because if we were caching, then we would need to use
|
||||||
|
# the `-upgrade=true` option. This option blindly pulls down the
|
||||||
|
# latest modules and providers instead of checking to see if an
|
||||||
|
# update is required. That behavior defeats the benefits of caching.
|
||||||
|
# so there is no point in doing it for the .terraform directory.
|
||||||
path: |
|
path: |
|
||||||
${{ env.PIP_CACHE_DIR }}
|
${{ env.PIP_CACHE_DIR }}
|
||||||
${{ env.PRE_COMMIT_CACHE_DIR }}
|
${{ env.PRE_COMMIT_CACHE_DIR }}
|
||||||
|
${{ env.CURL_CACHE_DIR }}
|
||||||
${{ steps.go-cache.outputs.dir }}
|
${{ steps.go-cache.outputs.dir }}
|
||||||
key: "${{ env.BASE_CACHE_KEY }}\
|
key: "${{ env.BASE_CACHE_KEY }}\
|
||||||
${{ hashFiles('**/requirements-test.txt') }}-\
|
${{ hashFiles('**/requirements-test.txt') }}-\
|
||||||
|
@ -51,8 +62,43 @@ jobs:
|
||||||
${{ hashFiles('**/.pre-commit-config.yaml') }}"
|
${{ hashFiles('**/.pre-commit-config.yaml') }}"
|
||||||
restore-keys: |
|
restore-keys: |
|
||||||
${{ env.BASE_CACHE_KEY }}
|
${{ env.BASE_CACHE_KEY }}
|
||||||
|
- name: Setup curl cache
|
||||||
|
run: mkdir -p ${{ env.CURL_CACHE_DIR }}
|
||||||
|
- name: Install Packer
|
||||||
|
run: |
|
||||||
|
PACKER_ZIP="packer_${PACKER_VERSION}_linux_amd64.zip"
|
||||||
|
curl --output ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
|
||||||
|
--time-cond ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
|
||||||
|
--location \
|
||||||
|
"https://releases.hashicorp.com/packer/${PACKER_VERSION}/${PACKER_ZIP}"
|
||||||
|
sudo unzip -d /opt/packer \
|
||||||
|
${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}"
|
||||||
|
sudo mv /usr/local/bin/packer /usr/local/bin/packer-default
|
||||||
|
sudo ln -s /opt/packer/packer /usr/local/bin/packer
|
||||||
|
- name: Install Terraform
|
||||||
|
run: |
|
||||||
|
TERRAFORM_ZIP="terraform_${TERRAFORM_VERSION}_linux_amd64.zip"
|
||||||
|
curl --output ${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}" \
|
||||||
|
--time-cond ${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}" \
|
||||||
|
--location \
|
||||||
|
"https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/${TERRAFORM_ZIP}"
|
||||||
|
sudo unzip -d /opt/terraform \
|
||||||
|
${{ env.CURL_CACHE_DIR }}/"${TERRAFORM_ZIP}"
|
||||||
|
sudo mv /usr/local/bin/terraform /usr/local/bin/terraform-default
|
||||||
|
sudo ln -s /opt/terraform/terraform /usr/local/bin/terraform
|
||||||
- name: Install shfmt
|
- name: Install shfmt
|
||||||
run: go install mvdan.cc/sh/v3/cmd/shfmt@${SHFMT_VERSION}
|
run: go install mvdan.cc/sh/v3/cmd/shfmt@${SHFMT_VERSION}
|
||||||
|
- name: Install Terraform-docs
|
||||||
|
run: |
|
||||||
|
go install \
|
||||||
|
github.com/terraform-docs/terraform-docs@${TERRAFORM_DOCS_VERSION}
|
||||||
|
- name: Find and initialize Terraform directories
|
||||||
|
run: |
|
||||||
|
for path in $(find . -not \( -type d -name ".terraform" -prune \) \
|
||||||
|
-type f -iname "*.tf" -exec dirname "{}" \; | sort -u); do \
|
||||||
|
echo "Initializing '$path'..."; \
|
||||||
|
terraform init -input=false -backend=false "$path"; \
|
||||||
|
done
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
run: |
|
run: |
|
||||||
python -m pip install --upgrade pip
|
python -m pip install --upgrade pip
|
||||||
|
@ -61,3 +107,6 @@ jobs:
|
||||||
run: pre-commit install-hooks
|
run: pre-commit install-hooks
|
||||||
- name: Run pre-commit on all files
|
- name: Run pre-commit on all files
|
||||||
run: pre-commit run --all-files
|
run: pre-commit run --all-files
|
||||||
|
- name: Setup tmate debug session
|
||||||
|
uses: mxschmitt/action-tmate@v3
|
||||||
|
if: env.RUN_TMATE
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
"MD013": {
|
|
||||||
"code_blocks": false,
|
|
||||||
"tables": false
|
|
||||||
},
|
|
||||||
"MD024": {
|
|
||||||
"allow_different_nesting": true
|
|
||||||
},
|
|
||||||
"default": true
|
|
||||||
}
|
|
40
.mdl_config.yaml
Normal file
40
.mdl_config.yaml
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
# Default state for all rules
|
||||||
|
default: true
|
||||||
|
|
||||||
|
# MD003/heading-style/header-style - Heading style
|
||||||
|
MD003:
|
||||||
|
# Enforce the ATX-closed style of header
|
||||||
|
style: "atx_closed"
|
||||||
|
|
||||||
|
# MD004/ul-style - Unordered list style
|
||||||
|
MD004:
|
||||||
|
# Enforce dashes for unordered lists
|
||||||
|
style: "dash"
|
||||||
|
|
||||||
|
# MD013/line-length - Line length
|
||||||
|
MD013:
|
||||||
|
# Do not enforce for code blocks
|
||||||
|
code_blocks: false
|
||||||
|
# Do not enforce for tables
|
||||||
|
tables: false
|
||||||
|
|
||||||
|
# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the
|
||||||
|
# same content
|
||||||
|
MD024:
|
||||||
|
# Allow headers with the same content as long as they are not in the same
|
||||||
|
# parent heading
|
||||||
|
allow_different_nesting: true
|
||||||
|
|
||||||
|
# MD029/ol-prefix - Ordered list item prefix
|
||||||
|
MD029:
|
||||||
|
# Enforce the `1.` style for ordered lists
|
||||||
|
style: "one"
|
||||||
|
|
||||||
|
# MD033/no-inline-html - Inline HTML
|
||||||
|
MD033:
|
||||||
|
# The h1 and img elements are allowed to permit header images
|
||||||
|
allowed_elements:
|
||||||
|
- h1
|
||||||
|
- img
|
|
@ -35,9 +35,9 @@ repos:
|
||||||
hooks:
|
hooks:
|
||||||
- id: markdownlint
|
- id: markdownlint
|
||||||
args:
|
args:
|
||||||
- --config=.mdl_config.json
|
- --config=.mdl_config.yaml
|
||||||
- repo: https://github.com/pre-commit/mirrors-prettier
|
- repo: https://github.com/pre-commit/mirrors-prettier
|
||||||
rev: v2.3.0
|
rev: v2.3.2
|
||||||
hooks:
|
hooks:
|
||||||
- id: prettier
|
- id: prettier
|
||||||
- repo: https://github.com/adrienverge/yamllint
|
- repo: https://github.com/adrienverge/yamllint
|
||||||
|
@ -47,6 +47,12 @@ repos:
|
||||||
args:
|
args:
|
||||||
- --strict
|
- --strict
|
||||||
|
|
||||||
|
# pre-commit hooks
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit
|
||||||
|
rev: v2.13.0
|
||||||
|
hooks:
|
||||||
|
- id: validate_manifest
|
||||||
|
|
||||||
# Shell script hooks
|
# Shell script hooks
|
||||||
- repo: https://github.com/cisagov/pre-commit-shfmt
|
- repo: https://github.com/cisagov/pre-commit-shfmt
|
||||||
rev: v0.0.2
|
rev: v0.0.2
|
||||||
|
@ -75,7 +81,7 @@ repos:
|
||||||
args:
|
args:
|
||||||
- --config=.bandit.yml
|
- --config=.bandit.yml
|
||||||
- repo: https://github.com/psf/black
|
- repo: https://github.com/psf/black
|
||||||
rev: 21.5b2
|
rev: 21.7b0
|
||||||
hooks:
|
hooks:
|
||||||
- id: black
|
- id: black
|
||||||
- repo: https://gitlab.com/pycqa/flake8
|
- repo: https://gitlab.com/pycqa/flake8
|
||||||
|
@ -85,15 +91,15 @@ repos:
|
||||||
additional_dependencies:
|
additional_dependencies:
|
||||||
- flake8-docstrings
|
- flake8-docstrings
|
||||||
- repo: https://github.com/PyCQA/isort
|
- repo: https://github.com/PyCQA/isort
|
||||||
rev: 5.8.0
|
rev: 5.9.2
|
||||||
hooks:
|
hooks:
|
||||||
- id: isort
|
- id: isort
|
||||||
- repo: https://github.com/pre-commit/mirrors-mypy
|
- repo: https://github.com/pre-commit/mirrors-mypy
|
||||||
rev: v0.812
|
rev: v0.910
|
||||||
hooks:
|
hooks:
|
||||||
- id: mypy
|
- id: mypy
|
||||||
- repo: https://github.com/asottile/pyupgrade
|
- repo: https://github.com/asottile/pyupgrade
|
||||||
rev: v2.19.1
|
rev: v2.21.2
|
||||||
hooks:
|
hooks:
|
||||||
- id: pyupgrade
|
- id: pyupgrade
|
||||||
|
|
||||||
|
@ -130,7 +136,7 @@ repos:
|
||||||
|
|
||||||
# Docker hooks
|
# Docker hooks
|
||||||
- repo: https://github.com/IamTheFij/docker-pre-commit
|
- repo: https://github.com/IamTheFij/docker-pre-commit
|
||||||
rev: v2.0.0
|
rev: v2.0.1
|
||||||
hooks:
|
hooks:
|
||||||
- id: docker-compose-check
|
- id: docker-compose-check
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue