1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-18 23:07:54 +00:00
Commit graph

131 commits

Author SHA1 Message Date
Nicholas McDonnell
abc70b1787
Adjust markdown element in product update form
Move the markdown element that explains available statuses down so it
appears close to where a user is selecting the status. Given how form
elements are rendered it has been adjusted to appear after the dropdown
itself. This mirrors changes made in the product submission form.
2021-12-28 10:54:24 -05:00
Nicholas McDonnell
230b4c999e
Add placeholders in the product submission form
Add placeholders for some of the required inputs in the form. This will
be most helpful for the product version, but for completeness they have
also been added for the product vendor and name.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
2021-12-28 10:27:14 -05:00
Nicholas McDonnell
0804f1e8e9
Update dropdown in the product submission form
Update the product update dropdown's label and options. Mainly focused
on removing usage of Yes/No because these are boolean values in YAML
and thus needed special handling compared to other strings.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
2021-12-28 10:20:14 -05:00
Nicholas McDonnell
b5ab6c3fb9
Adjust a description in the product submission form
Adjust the product name description to be more similar to other
descriptions.
2021-12-28 10:18:59 -05:00
Nicholas McDonnell
41e536e228
Adjust markdown element in product submission form
Move the markdown element that explains available statuses down so it
appears close to where a user is selecting the status. Given how form
elements are rendered it has been adjusted to appear after the dropdown
itself.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
2021-12-28 10:08:20 -05:00
Nicholas McDonnell
aa710d2818
Add missing input to issue forms
Added an input to provide information about the date of a product's
last update.
2021-12-26 20:35:19 -05:00
Nicholas McDonnell
20f82c96c0
Rename template files to reflect that they are now forms 2021-12-26 20:27:25 -05:00
Nicholas McDonnell
847a4f248e
Add an issue form for product updates
Provide an issue form for product updates to complement the one for
product submissions. This will encourage people to follow the specific
workflows for submissions and updates.
2021-12-26 20:23:20 -05:00
Nicholas McDonnell
6a09fd70f7
Use an issue form for product submissions
Switch to using a GitHub Issues form for product submission issues. This
will provide a smoother interface for users to submit products to the
database and ensure that certain values are included with a submission.
2021-12-26 20:18:23 -05:00
Nicholas McDonnell
f60b420cb5
Add GitHub Actions workflow to update software list
Add a GitHub Actions workflow and related files to automatically update
SOFTWARE-LIST.md when a push to the develop branch occurs. This
leverages the cisagov/md-table-to-yaml Python library to perform the
conversions.
2021-12-23 13:11:20 -05:00
justmurphy
98a55c77ed
Update .github/CODEOWNERS
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
2021-12-20 15:33:39 -06:00
justmurphy
56559ed10a
Change CODEOWNERS 2021-12-20 16:09:51 -05:00
Nicholas McDonnell
8ce938f3c0
Add VM Fusion dev team as dot-file CODEOWNERS 2021-12-15 15:33:40 -05:00
Nicholas McDonnell
42663be1d0
Update contents to pass pre-commit hooks 2021-12-15 15:30:14 -05:00
Nicholas McDonnell
4fede9f453
Update repository CODEOWNERS 2021-12-15 15:30:13 -05:00
Nicholas McDonnell
22ed63d41d
Pare down linting to the essentials
Reduce the linting to the essentials that fit the scope of this project.
2021-12-15 15:30:11 -05:00
Nicholas McDonnell
83c31e7d51
Merge branch 'develop' of github.com:cisagov/skeleton-generic into improvement/integrate_linting 2021-12-15 14:54:02 -05:00
justmurphy
e9016284ee
Remove blank template 2021-12-13 17:40:34 -05:00
justmurphy
a3c9319be4
Add SECURITY.md 2021-12-13 17:39:26 -05:00
justmurphy
a58a43e135 Update issue templates 2021-12-13 17:11:22 -05:00
justmurphy
80d45cc3a4
delete template 2021-12-13 17:05:02 -05:00
justmurphy
6e122ce393
delete config file 2021-12-13 17:03:56 -05:00
justmurphy
9580939eec
Create new template 2021-12-13 16:56:26 -05:00
justmurphy
49586ddd2f
Delete template 2021-12-13 16:55:55 -05:00
justmurphy
ba1e1b027d
Add config.yml allow for blank issues 2021-12-13 16:48:08 -05:00
justmurphy
6f09792c1f
Changed format for template 2021-12-13 16:27:39 -05:00
justmurphy
8a166847ba
Update template for issue submission. 2021-12-13 14:18:33 -05:00
justmurphy
1f379356f0
Update issue template 2021-12-13 13:59:14 -05:00
justmurphy
25d9f3608b Update issue template for product submission 2021-12-13 13:58:12 -05:00
Nicholas McDonnell
8797e110d3
Store Go version as a step output
This changes from using an environment variable to using a step output to store
the Go version that is installed. This mirrors changes made to the other
program versions and how they're stored.
2021-10-19 17:51:23 -04:00
Nicholas McDonnell
2699e09eb7
Use setup-env outputs for Terraform-docs version
We change the "Install Terraform-docs" step to use two local environment
variables to provide the package's URL and version to install. This allows us
to work around `yamllint` line length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
0851598edd
Use setup-env outputs for shfmt version
We change the "Install shfmt" step to use two local environment variables to
provide the package's URL and version to install. This allows us to work around
`yamllint` line length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
64b24714ac
Use setup-env outputs for Packer version
We use a `PACKER_VERSION` environment variable for the "Install Packer" step
that is populated from the `setup-env` outputs to get around `yamllint` lint
length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
1e16136272
Use setup-env outputs for Terraform version
Change from using an environment variable to the outputs of the
cisagov/setup-env-github-action instead.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
6cf78c02e1
Use an id when using cisagov/setup-env-github-action 2021-10-19 17:51:21 -04:00
Nicholas McDonnell
24df40abd1
Add dependabot configuration for Terraform
This will configure `dependabot` to scan Terraform configurations if they exist
in a repository. If a repository stores a Terraform configuration in a sub-
directory this configuration will need to be modified or an additional
configuration must be added if there still exists a Terraform configuration in
the root directory.
2021-10-19 17:45:15 -04:00
David Redmin
b51dbb577e
Revert "Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13"
This reverts commit 6a7fbf07bd.
2021-08-27 14:59:29 -04:00
David Redmin
895a692ad8
Remove lint job step to initialize Terraform directories
Initialization will now be done during the "terraform validate" step.
2021-08-27 13:02:00 -04:00
David Redmin
6a7fbf07bd
Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13
This change will be reverted when testing is completed.
2021-08-26 15:33:59 -04:00
Nicholas McDonnell
f7140d8116
Use the hashicorp/setup-terraform Action
Instead of manually installing a Terraform binary we can leverage the Action
provided by Hashicorp to do the same thing.
2021-08-09 23:42:42 -04:00
Nicholas McDonnell
3e83a800f0
Merge branch 'develop' into improvement/replace_beautysh_with_shfmt 2021-07-19 13:15:28 -04:00
Nicholas McDonnell
e2a729d0b1
Install the shfmt tool for GHA
The `shfmt` tool does not ship on the GitHub Actions runners so we must install
it manually.
2021-07-13 17:42:36 -04:00
Shane Frasier
8ee2116f42
Prefer the newer "go install" syntax
As of [Go 1.16](https://tip.golang.org/doc/go1.16#go-command) the `GO111MODULE` environment variable defaults to `on` and `go get` has been deprecated for module installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-13 17:02:13 -04:00
Shane Frasier
337d1efb8f
Capitalize Go for consistency
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-12 09:06:41 -04:00
Jeremy Frasier
bb6e566e3a
Move go installation so that it takes place before the cache task
Some variables defined in the go installation are used in the cache
task, so the go installation must happen first.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-11 21:59:58 -04:00
Jeremy Frasier
181d1b2faf
Install a specific version of terraform-docs
Note that this change is dependent on the merging of
cisagov/setup-env-github-action#31.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-10 22:36:45 -04:00
Jeremy Frasier
b629f7f623
Modify the Packer installation to model that of Terraform
The Terraform installation does not destroy the existing system
Terraform installation, and neither should the Packer installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:48:21 -04:00
Jeremy Frasier
70414cff28
Remove unnecessary line in tasks
There is no reason to create /usr/bin/terraform.  This is a vestige of
an earlier age.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:46:47 -04:00
Shane Frasier
c481043981
Break out the curl cache creation into its own step
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:43:09 -04:00
Jeremy Frasier
106af21c04
Install terraform and packer for the linting job
We should be doing this because the Packer and Terraform pre-commit
hooks leverage the corresponding executables; therefore, it makes
sense to go ahead and install the particular versions of those
executables that we support.  Also add support for optionally
debugging via tmate.

See also cisagov/skeleton-generic#74.
2021-07-09 14:56:14 -04:00
Nicholas McDonnell
2c4d7a2504
Remove user from CODEOWNERS
Due to her departure this removes hillaryj from the default CODEOWNERS we use
in our projects.
2021-04-15 11:53:57 -04:00
Nicholas McDonnell
f4131e57d8
Clean up our actions/cache step
Removed name because it was not more informative than the default. Swapped out
a hardcoded job reference for the github.job context value. Switch the base
cache key to a step environment value so we can set it once and reuse. Removed
additional restore-key value that might have undesirable results.
2020-11-20 12:22:39 -05:00
Shane Frasier
b638143238
Merge branch 'develop' into improvement/get-python-version-more-simply 2020-11-18 11:48:22 -05:00
Jeremy Frasier
02c5a6f8bf
Use the python version output by actions/setup-python
There is no need to run python code to determine the python version.
Resolves #58.

See here for details:
https://github.com/actions/setup-python/blob/main/action.yml#L14-L16
2020-11-10 22:22:15 -05:00
Jeremy Frasier
5b199bc869
Remove offending slash
Thanks to @dav3r and @mcdonnnj for the suggestion.
2020-11-03 14:51:18 -05:00
Jeremy Frasier
a842abbfef
Insist that the cisagov devs are the owners of the .github directory
This additional clause must remain at the _end_ of the CODEOWNERS file
so that it cannot be overridden by a later clause.

We want to make it so that all the .github files including CODEOWNERS
are protected so only code owners (the dev team) can approve
modifications to them.

This will prevent configuration changes from breaking Actions and
other management-type functions that the files in this directory
control. By setting the .github files/folder to require code owner
approval for changes, workflow and management changes will require dev
team review and checking.

Resolves #56.
2020-11-03 12:46:39 -05:00
Felddy
7389a1b0cf
Enable weekly dependabot scans of github-actions and pip 2020-10-07 12:43:54 -04:00
Felddy
c9c00f1d03
Replace deprecated set-env workflow syntax
See: 
https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
2020-10-07 12:42:59 -04:00
Felddy
6a4164dfba
Bump build workflow python-version to 3.9 2020-10-07 12:41:47 -04:00
Nicholas McDonnell
ae4aa123c8
Update lint job to resolve #49 2020-09-03 16:31:23 -04:00
Nicholas McDonnell
3e9441c837
Update CODEOWNERS to resolve #50 2020-09-03 16:29:38 -04:00
Nicholas McDonnell
969efdd0bb
Adjust cache key name
Make the job name the first part of the cache key since
it is the only part that isn't variable.
2020-07-30 11:08:22 -04:00
Nicholas McDonnell
6ab69f4f51
Bump actions/setup-python to v2
Keep it up-to-date even though we are not currently
using features added in v2.
2020-07-30 02:21:04 -04:00
Nicholas McDonnell
d6fe79dce3
Update actions/cache to v2
Switch the workflow to use cachev2. This puts us up to
date and allows us to consolidate into one cache item.
2020-07-30 02:19:02 -04:00
Felddy
8c99c5294a
Allow events from apb to rebuild this repository weekly. 2020-04-30 23:31:59 -04:00
Hillary
c8b4bcf126
Update CODEOWNERS 2020-04-14 12:43:18 -04:00
Nicholas McDonnell
1f3d440a1a
Rename action to accurately reflect that we are only linting, not building.
Adjust description for pre-commit hook setup to better convey what is being
done.
2020-04-06 19:02:31 -04:00
Nicholas McDonnell
b01a0ee7bd
Explicitly install pre-commit hooks as its own step so it's clearer when the
failure is with setup rather than hooks running.
2020-04-06 13:47:18 -04:00
Nicholas McDonnell
478f1688a1
Change the cache paths from hardcoded values in their appropriate blocks to environment variables declared before the job block. 2020-03-04 08:41:59 -05:00
Nicholas McDonnell
454864bc02
Incorporate the Python version into keys for pip and pre-commit caches.
This should resolve the issue seen when the Python version changes before there
is an update to .pre-commit-config.yml which results in pre-commit pointing to
a non-existent Python installation.
2020-03-03 16:49:53 -05:00
Nicholas McDonnell
e96577bce4
All references to '-r' for pip calls have been replaced with the more verbose '--requirement'. 2020-02-18 18:04:06 -05:00
Nicholas McDonnell
d99fd00bc2
Flip cache order to mirror how it is done downstream. 2020-02-12 00:14:11 -05:00
Nicholas McDonnell
f7a4166ad6
Update Python version used to 3.8
Update actions/checkout to v2
Update formatting to match downstream children
2020-02-11 10:41:17 -05:00
Jeremy Frasier
dbd589d2e2
Improve list formatting 2020-01-24 17:10:49 -05:00
Jeremy Frasier
2fa4cbe194
Make workflow run when a PR is opened, synchronized, or reopened
A user forked cisagov/scan-target-data and created a pull request, but
the required GitHub Action(s) did not run.  This is presumably because
the user does not have Actions enabled in his or her fork.  Ideally,
the required Action(s) would run in cisagov/scan-target-data when a PR
to merge changes back is created.  Based on my reading of this link,
adding the "pull_request" event type should make this happen:
https://help.github.com/en/actions/automating-your-workflow-with-github-actions/events-that-trigger-workflows#pull-request-events-for-forked-repositories
2020-01-24 16:45:48 -05:00
Mark Feldhousen
b89eecb788
Update CODEOWNERS 2019-11-18 11:11:06 -05:00
Felddy
e39dc88819
Add codeowners file with team OIS maintainers.
See: 
https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
2019-11-18 10:33:28 -05:00
Felddy
99c611557e
Remove search for previous pre-commit caches.
These seem to be very large caches.  Restoring an old one and updating 
it results in a cache larger than the maximum allowed cache size: 200MB. 
 
"Cache size of 254757924 bytes is over the 200MB limit, not saving 
cache."
So if the config changes it is best to just take the cache-miss and 
start from scratch.
2019-11-05 14:51:49 -05:00
Felddy
5d5567d303
Add GitHub action caching of pre-commit hooks and pip packages. 2019-11-05 14:27:20 -05:00
Felddy
b11e39abd7
Remove extra line. 2019-10-18 11:00:39 -04:00
Felddy
05a136bb11
Replace Travis-CI with GitHub actions. 2019-10-18 10:39:22 -04:00