Update the configuration for repository labels to remove the leading
`#` from color values. With a `#` leading the values they are seen as
invalid by the GitHub API.
Additionally as of v3.1.0 of actions/setup-go there is a go-version
output value to retrieve the version of Go installed by the Action.
This allows us to remove the step to manually retrieve this information
from the Go executable.
This adds commented out ignore directives for the following GitHub
Actions:
- action/cache
- action/checkout
- action/setup-python
These should be uncommented downstream to ensure that updates to these
dependencies are pushed from pull requests made in the skeleton.
This changes from using an environment variable to using a step output to store
the Go version that is installed. This mirrors changes made to the other
program versions and how they're stored.
We change the "Install Terraform-docs" step to use two local environment
variables to provide the package's URL and version to install. This allows us
to work around `yamllint` line length limits.
We change the "Install shfmt" step to use two local environment variables to
provide the package's URL and version to install. This allows us to work around
`yamllint` line length limits.
We use a `PACKER_VERSION` environment variable for the "Install Packer" step
that is populated from the `setup-env` outputs to get around `yamllint` lint
length limits.
This will configure `dependabot` to scan Terraform configurations if they exist
in a repository. If a repository stores a Terraform configuration in a sub-
directory this configuration will need to be modified or an additional
configuration must be added if there still exists a Terraform configuration in
the root directory.
As of [Go 1.16](https://tip.golang.org/doc/go1.16#go-command) the `GO111MODULE` environment variable defaults to `on` and `go get` has been deprecated for module installation.
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
Some variables defined in the go installation are used in the cache
task, so the go installation must happen first.
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
Note that this change is dependent on the merging of
cisagov/setup-env-github-action#31.
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
The Terraform installation does not destroy the existing system
Terraform installation, and neither should the Packer installation.
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
There is no reason to create /usr/bin/terraform. This is a vestige of
an earlier age.
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
We should be doing this because the Packer and Terraform pre-commit
hooks leverage the corresponding executables; therefore, it makes
sense to go ahead and install the particular versions of those
executables that we support. Also add support for optionally
debugging via tmate.
See also cisagov/skeleton-generic#74.
Removed name because it was not more informative than the default. Swapped out
a hardcoded job reference for the github.job context value. Switch the base
cache key to a step environment value so we can set it once and reuse. Removed
additional restore-key value that might have undesirable results.
This additional clause must remain at the _end_ of the CODEOWNERS file
so that it cannot be overridden by a later clause.
We want to make it so that all the .github files including CODEOWNERS
are protected so only code owners (the dev team) can approve
modifications to them.
This will prevent configuration changes from breaking Actions and
other management-type functions that the files in this directory
control. By setting the .github files/folder to require code owner
approval for changes, workflow and management changes will require dev
team review and checking.
Resolves#56.