1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-18 14:57:54 +00:00
Commit graph

73 commits

Author SHA1 Message Date
dependabot[bot]
09f45d94be
Bump lewagon/wait-on-check-action from 1.1.1 to 1.2.0
Bumps [lewagon/wait-on-check-action](https://github.com/lewagon/wait-on-check-action) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/lewagon/wait-on-check-action/releases)
- [Commits](https://github.com/lewagon/wait-on-check-action/compare/v1.1.1...v1.2.0)

---
updated-dependencies:
- dependency-name: lewagon/wait-on-check-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-09 17:06:48 +00:00
Nicholas McDonnell
eb939db2ba
Merge github.com:cisagov/skeleton-generic into lineage/skeleton 2022-11-09 11:35:10 -05:00
Nicholas McDonnell
b9792a8d18
Add a workflow to synchronize repository labels
This adds a workflow to ensure that the repository labels are updated
to reflect changes to the label configuration file .github/labels.yml.
2022-11-08 15:22:08 -05:00
Nicholas McDonnell
71a88a5694
Remove usage of set-output from our GitHub Actions workflow
GitHub has deprecated the set-output command per:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

This updates the GitHub Actions workflow to use the newly preferred
method to set the output for a job's step.
2022-11-08 15:10:45 -05:00
dependabot[bot]
1f7c62e5f2
Bump actions/setup-python from 3 to 4
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 20:06:28 +00:00
dependabot[bot]
2775dfa470
Bump hashicorp/setup-terraform from 1 to 2
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 1 to 2.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v1...v2)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 20:00:23 +00:00
Nicholas McDonnell
fc55e84feb
Update the version of Go used from 1.18 to 1.19
Go 1.19 was released while this branch was in the wings and it makes
sense to bump to the latest Go release.
2022-11-08 13:27:47 -05:00
Nicholas McDonnell
8f6849857b
Update the version of Go used from 1.16 to 1.18
Go 1.16 is no longer supported as of the release of 1.18 so it makes
sense to update to the latest version available.
2022-05-27 18:07:10 -04:00
Nicholas McDonnell
57b4abe8fd
Update actions/setup-go from v2 to v3
Additionally as of v3.1.0 of actions/setup-go there is a go-version
output value to retrieve the version of Go installed by the Action.
This allows us to remove the step to manually retrieve this information
from the Go executable.
2022-05-27 18:04:15 -04:00
Nicholas McDonnell
6767ea9d93
Merge github.com:cisagov/skeleton-generic into lineage/skeleton 2022-04-08 16:44:54 -04:00
Nick
14aff9cadc
Merge branch 'develop' into improvement/use_python_3.10_for_gha 2022-04-01 13:13:47 -04:00
dependabot[bot]
c576ef56fb
Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 16:22:39 +00:00
Nick
6869c6830f
Merge branch 'develop' into dependabot/github_actions/actions/checkout-3 2022-04-01 12:16:34 -04:00
Nicholas McDonnell
e22c12cbd4
Use consistent quoting for software versions 2022-03-28 16:35:59 -04:00
Nicholas McDonnell
583992602c
Upgrade from Python 3.9 to 3.10 for the lint job in GHA 2022-03-28 16:29:30 -04:00
dependabot[bot]
3406c2d420
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 18:01:37 +00:00
dependabot[bot]
4ee1bfd96b
Bump actions/setup-python from 2 to 3
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-28 18:02:16 +00:00
Nicholas McDonnell
84ca8ff082
Update the workflow for Markdown generation
Update the this workflow to reflect that now individual Markdown files
are generated instead of a single file. This includes renaming the
workflow file, adjusting some step names, and tweaking some other
aspects.
2022-02-28 11:19:56 -05:00
Nicholas McDonnell
acce4c2197
Merge branch 'develop' into improvement/fix-list-displays 2022-02-28 11:19:56 -05:00
Nicholas McDonnell
eef99899dc
Add shell script pre-commit hooks
Now that software updates are handled by a bash script that is stored
in the repository these pre-commit hooks should be re-added to the
pre-commit configuration. This also includes re-adding all of the
scaffolding that installs the shfmt tool in the build.yml workflow.
2022-02-28 11:19:55 -05:00
Nicholas McDonnell
bc0e017b62
Update software list generation
Consolidate all update tasks into a single bash script that is run by
the GitHub Actions workflow. This also switches to generating
individual Markdown files for each data/cisagov_*.yml file.
2022-02-28 11:19:43 -05:00
Nick
398415eb33
Merge branch 'develop' into dependabot/github_actions/lewagon/wait-on-check-action-1.1.1 2022-02-25 12:07:01 -05:00
Nicholas McDonnell
7f11fc634b
Normalize individual cisagov_*.yml files
Add functionality to the update_software_list workflow to normalize the
component files for every push. This will ensure that they are kept in
a manner consistent with how the primary cisagov.yml file stores data.
2022-01-24 15:16:54 -05:00
dependabot[bot]
39dcbc0c60
Bump lewagon/wait-on-check-action from 1.0.0 to 1.1.1
Bumps [lewagon/wait-on-check-action](https://github.com/lewagon/wait-on-check-action) from 1.0.0 to 1.1.1.
- [Release notes](https://github.com/lewagon/wait-on-check-action/releases)
- [Commits](https://github.com/lewagon/wait-on-check-action/compare/v1.0.0...v1.1.1)

---
updated-dependencies:
- dependency-name: lewagon/wait-on-check-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-17 07:15:46 +00:00
Nicholas McDonnell
3e78ba6c4c
Add list updating workflow and configuration
Add the GitHub Actions workflow that will process the YAML files that
contain cisagov controlled software information and generate a final
Markdown file. The required template and Python requirements are
included as well.
2022-01-12 12:59:02 -05:00
Nicholas McDonnell
6e6ff55bbc
Revert the migration to a YAML format
Due to unexpected complications for user submissions we are reverting
the transition to a YAML format.
2021-12-30 16:31:50 -05:00
Nick
ed101b9604
Use the long form of a switch for git
We prefer using the long form of switches for command line programs to
improve maintainability and to better convey what is happening even if
someone is unfamiliar with the switches for a given program.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
2021-12-30 14:47:14 -05:00
Nicholas McDonnell
1c1d06ef95
Change the list update workflow testing configuration
Update the testing branch for the software list update workflow to
include the SHA of the commit that triggers the workflow. This should
help track down problems if there is a failure in testing/rendering.
2021-12-30 14:04:02 -05:00
Nicholas McDonnell
3ba78f6958
Update requirements for the update software workflow
Update the workflow's requirements to use a specific version at the updated
location of the Python project doing the heavy lifting. Additionally the
requirements file is added to the actions/cache key used.
2021-12-30 12:46:01 -05:00
Nicholas McDonnell
f60b420cb5
Add GitHub Actions workflow to update software list
Add a GitHub Actions workflow and related files to automatically update
SOFTWARE-LIST.md when a push to the develop branch occurs. This
leverages the cisagov/md-table-to-yaml Python library to perform the
conversions.
2021-12-23 13:11:20 -05:00
Nicholas McDonnell
22ed63d41d
Pare down linting to the essentials
Reduce the linting to the essentials that fit the scope of this project.
2021-12-15 15:30:11 -05:00
Nicholas McDonnell
8797e110d3
Store Go version as a step output
This changes from using an environment variable to using a step output to store
the Go version that is installed. This mirrors changes made to the other
program versions and how they're stored.
2021-10-19 17:51:23 -04:00
Nicholas McDonnell
2699e09eb7
Use setup-env outputs for Terraform-docs version
We change the "Install Terraform-docs" step to use two local environment
variables to provide the package's URL and version to install. This allows us
to work around `yamllint` line length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
0851598edd
Use setup-env outputs for shfmt version
We change the "Install shfmt" step to use two local environment variables to
provide the package's URL and version to install. This allows us to work around
`yamllint` line length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
64b24714ac
Use setup-env outputs for Packer version
We use a `PACKER_VERSION` environment variable for the "Install Packer" step
that is populated from the `setup-env` outputs to get around `yamllint` lint
length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
1e16136272
Use setup-env outputs for Terraform version
Change from using an environment variable to the outputs of the
cisagov/setup-env-github-action instead.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
6cf78c02e1
Use an id when using cisagov/setup-env-github-action 2021-10-19 17:51:21 -04:00
David Redmin
b51dbb577e
Revert "Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13"
This reverts commit 6a7fbf07bd.
2021-08-27 14:59:29 -04:00
David Redmin
895a692ad8
Remove lint job step to initialize Terraform directories
Initialization will now be done during the "terraform validate" step.
2021-08-27 13:02:00 -04:00
David Redmin
6a7fbf07bd
Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13
This change will be reverted when testing is completed.
2021-08-26 15:33:59 -04:00
Nicholas McDonnell
f7140d8116
Use the hashicorp/setup-terraform Action
Instead of manually installing a Terraform binary we can leverage the Action
provided by Hashicorp to do the same thing.
2021-08-09 23:42:42 -04:00
Nicholas McDonnell
3e83a800f0
Merge branch 'develop' into improvement/replace_beautysh_with_shfmt 2021-07-19 13:15:28 -04:00
Nicholas McDonnell
e2a729d0b1
Install the shfmt tool for GHA
The `shfmt` tool does not ship on the GitHub Actions runners so we must install
it manually.
2021-07-13 17:42:36 -04:00
Shane Frasier
8ee2116f42
Prefer the newer "go install" syntax
As of [Go 1.16](https://tip.golang.org/doc/go1.16#go-command) the `GO111MODULE` environment variable defaults to `on` and `go get` has been deprecated for module installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-13 17:02:13 -04:00
Shane Frasier
337d1efb8f
Capitalize Go for consistency
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-12 09:06:41 -04:00
Jeremy Frasier
bb6e566e3a
Move go installation so that it takes place before the cache task
Some variables defined in the go installation are used in the cache
task, so the go installation must happen first.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-11 21:59:58 -04:00
Jeremy Frasier
181d1b2faf
Install a specific version of terraform-docs
Note that this change is dependent on the merging of
cisagov/setup-env-github-action#31.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-10 22:36:45 -04:00
Jeremy Frasier
b629f7f623
Modify the Packer installation to model that of Terraform
The Terraform installation does not destroy the existing system
Terraform installation, and neither should the Packer installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:48:21 -04:00
Jeremy Frasier
70414cff28
Remove unnecessary line in tasks
There is no reason to create /usr/bin/terraform.  This is a vestige of
an earlier age.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:46:47 -04:00
Shane Frasier
c481043981
Break out the curl cache creation into its own step
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:43:09 -04:00