1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-10 02:47:54 +00:00
Commit graph

96 commits

Author SHA1 Message Date
Nicholas McDonnell
24df40abd1
Add dependabot configuration for Terraform
This will configure `dependabot` to scan Terraform configurations if they exist
in a repository. If a repository stores a Terraform configuration in a sub-
directory this configuration will need to be modified or an additional
configuration must be added if there still exists a Terraform configuration in
the root directory.
2021-10-19 17:45:15 -04:00
David Redmin
b51dbb577e
Revert "Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13"
This reverts commit 6a7fbf07bd.
2021-08-27 14:59:29 -04:00
David Redmin
895a692ad8
Remove lint job step to initialize Terraform directories
Initialization will now be done during the "terraform validate" step.
2021-08-27 13:02:00 -04:00
David Redmin
6a7fbf07bd
Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13
This change will be reverted when testing is completed.
2021-08-26 15:33:59 -04:00
Nicholas McDonnell
f7140d8116
Use the hashicorp/setup-terraform Action
Instead of manually installing a Terraform binary we can leverage the Action
provided by Hashicorp to do the same thing.
2021-08-09 23:42:42 -04:00
Nicholas McDonnell
3e83a800f0
Merge branch 'develop' into improvement/replace_beautysh_with_shfmt 2021-07-19 13:15:28 -04:00
Nicholas McDonnell
e2a729d0b1
Install the shfmt tool for GHA
The `shfmt` tool does not ship on the GitHub Actions runners so we must install
it manually.
2021-07-13 17:42:36 -04:00
Shane Frasier
8ee2116f42
Prefer the newer "go install" syntax
As of [Go 1.16](https://tip.golang.org/doc/go1.16#go-command) the `GO111MODULE` environment variable defaults to `on` and `go get` has been deprecated for module installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-13 17:02:13 -04:00
Shane Frasier
337d1efb8f
Capitalize Go for consistency
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-12 09:06:41 -04:00
Jeremy Frasier
bb6e566e3a
Move go installation so that it takes place before the cache task
Some variables defined in the go installation are used in the cache
task, so the go installation must happen first.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-11 21:59:58 -04:00
Jeremy Frasier
181d1b2faf
Install a specific version of terraform-docs
Note that this change is dependent on the merging of
cisagov/setup-env-github-action#31.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-10 22:36:45 -04:00
Jeremy Frasier
b629f7f623
Modify the Packer installation to model that of Terraform
The Terraform installation does not destroy the existing system
Terraform installation, and neither should the Packer installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:48:21 -04:00
Jeremy Frasier
70414cff28
Remove unnecessary line in tasks
There is no reason to create /usr/bin/terraform.  This is a vestige of
an earlier age.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:46:47 -04:00
Shane Frasier
c481043981
Break out the curl cache creation into its own step
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:43:09 -04:00
Jeremy Frasier
106af21c04
Install terraform and packer for the linting job
We should be doing this because the Packer and Terraform pre-commit
hooks leverage the corresponding executables; therefore, it makes
sense to go ahead and install the particular versions of those
executables that we support.  Also add support for optionally
debugging via tmate.

See also cisagov/skeleton-generic#74.
2021-07-09 14:56:14 -04:00
Nicholas McDonnell
2c4d7a2504
Remove user from CODEOWNERS
Due to her departure this removes hillaryj from the default CODEOWNERS we use
in our projects.
2021-04-15 11:53:57 -04:00
Nicholas McDonnell
f4131e57d8
Clean up our actions/cache step
Removed name because it was not more informative than the default. Swapped out
a hardcoded job reference for the github.job context value. Switch the base
cache key to a step environment value so we can set it once and reuse. Removed
additional restore-key value that might have undesirable results.
2020-11-20 12:22:39 -05:00
Shane Frasier
b638143238
Merge branch 'develop' into improvement/get-python-version-more-simply 2020-11-18 11:48:22 -05:00
Jeremy Frasier
02c5a6f8bf
Use the python version output by actions/setup-python
There is no need to run python code to determine the python version.
Resolves #58.

See here for details:
https://github.com/actions/setup-python/blob/main/action.yml#L14-L16
2020-11-10 22:22:15 -05:00
Jeremy Frasier
5b199bc869
Remove offending slash
Thanks to @dav3r and @mcdonnnj for the suggestion.
2020-11-03 14:51:18 -05:00
Jeremy Frasier
a842abbfef
Insist that the cisagov devs are the owners of the .github directory
This additional clause must remain at the _end_ of the CODEOWNERS file
so that it cannot be overridden by a later clause.

We want to make it so that all the .github files including CODEOWNERS
are protected so only code owners (the dev team) can approve
modifications to them.

This will prevent configuration changes from breaking Actions and
other management-type functions that the files in this directory
control. By setting the .github files/folder to require code owner
approval for changes, workflow and management changes will require dev
team review and checking.

Resolves #56.
2020-11-03 12:46:39 -05:00
Felddy
7389a1b0cf
Enable weekly dependabot scans of github-actions and pip 2020-10-07 12:43:54 -04:00
Felddy
c9c00f1d03
Replace deprecated set-env workflow syntax
See: 
https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
2020-10-07 12:42:59 -04:00
Felddy
6a4164dfba
Bump build workflow python-version to 3.9 2020-10-07 12:41:47 -04:00
Nicholas McDonnell
ae4aa123c8
Update lint job to resolve #49 2020-09-03 16:31:23 -04:00
Nicholas McDonnell
3e9441c837
Update CODEOWNERS to resolve #50 2020-09-03 16:29:38 -04:00
Nicholas McDonnell
969efdd0bb
Adjust cache key name
Make the job name the first part of the cache key since
it is the only part that isn't variable.
2020-07-30 11:08:22 -04:00
Nicholas McDonnell
6ab69f4f51
Bump actions/setup-python to v2
Keep it up-to-date even though we are not currently
using features added in v2.
2020-07-30 02:21:04 -04:00
Nicholas McDonnell
d6fe79dce3
Update actions/cache to v2
Switch the workflow to use cachev2. This puts us up to
date and allows us to consolidate into one cache item.
2020-07-30 02:19:02 -04:00
Felddy
8c99c5294a
Allow events from apb to rebuild this repository weekly. 2020-04-30 23:31:59 -04:00
Hillary
c8b4bcf126
Update CODEOWNERS 2020-04-14 12:43:18 -04:00
Nicholas McDonnell
1f3d440a1a
Rename action to accurately reflect that we are only linting, not building.
Adjust description for pre-commit hook setup to better convey what is being
done.
2020-04-06 19:02:31 -04:00
Nicholas McDonnell
b01a0ee7bd
Explicitly install pre-commit hooks as its own step so it's clearer when the
failure is with setup rather than hooks running.
2020-04-06 13:47:18 -04:00
Nicholas McDonnell
478f1688a1
Change the cache paths from hardcoded values in their appropriate blocks to environment variables declared before the job block. 2020-03-04 08:41:59 -05:00
Nicholas McDonnell
454864bc02
Incorporate the Python version into keys for pip and pre-commit caches.
This should resolve the issue seen when the Python version changes before there
is an update to .pre-commit-config.yml which results in pre-commit pointing to
a non-existent Python installation.
2020-03-03 16:49:53 -05:00
Nicholas McDonnell
e96577bce4
All references to '-r' for pip calls have been replaced with the more verbose '--requirement'. 2020-02-18 18:04:06 -05:00
Nicholas McDonnell
d99fd00bc2
Flip cache order to mirror how it is done downstream. 2020-02-12 00:14:11 -05:00
Nicholas McDonnell
f7a4166ad6
Update Python version used to 3.8
Update actions/checkout to v2
Update formatting to match downstream children
2020-02-11 10:41:17 -05:00
Jeremy Frasier
dbd589d2e2
Improve list formatting 2020-01-24 17:10:49 -05:00
Jeremy Frasier
2fa4cbe194
Make workflow run when a PR is opened, synchronized, or reopened
A user forked cisagov/scan-target-data and created a pull request, but
the required GitHub Action(s) did not run.  This is presumably because
the user does not have Actions enabled in his or her fork.  Ideally,
the required Action(s) would run in cisagov/scan-target-data when a PR
to merge changes back is created.  Based on my reading of this link,
adding the "pull_request" event type should make this happen:
https://help.github.com/en/actions/automating-your-workflow-with-github-actions/events-that-trigger-workflows#pull-request-events-for-forked-repositories
2020-01-24 16:45:48 -05:00
Mark Feldhousen
b89eecb788
Update CODEOWNERS 2019-11-18 11:11:06 -05:00
Felddy
e39dc88819
Add codeowners file with team OIS maintainers.
See: 
https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
2019-11-18 10:33:28 -05:00
Felddy
99c611557e
Remove search for previous pre-commit caches.
These seem to be very large caches.  Restoring an old one and updating 
it results in a cache larger than the maximum allowed cache size: 200MB. 
 
"Cache size of 254757924 bytes is over the 200MB limit, not saving 
cache."
So if the config changes it is best to just take the cache-miss and 
start from scratch.
2019-11-05 14:51:49 -05:00
Felddy
5d5567d303
Add GitHub action caching of pre-commit hooks and pip packages. 2019-11-05 14:27:20 -05:00
Felddy
b11e39abd7
Remove extra line. 2019-10-18 11:00:39 -04:00
Felddy
05a136bb11
Replace Travis-CI with GitHub actions. 2019-10-18 10:39:22 -04:00