1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-18 14:57:54 +00:00
Commit graph

75 commits

Author SHA1 Message Date
Nicholas McDonnell
6cc53dc1f0
Fix GitHub label color values
Update the configuration for repository labels to remove the leading
`#` from color values. With a `#` leading the values they are seen as
invalid by the GitHub API.
2022-11-09 11:23:04 -05:00
Jeremy Frasier
5993231c3a
Add a label for issues or PRs that involve test code 2022-11-08 15:22:08 -05:00
Jeremy Frasier
161c4aebba
Remove duplicate label 2022-11-08 15:22:08 -05:00
Nicholas McDonnell
b9792a8d18
Add a workflow to synchronize repository labels
This adds a workflow to ensure that the repository labels are updated
to reflect changes to the label configuration file .github/labels.yml.
2022-11-08 15:22:08 -05:00
Nicholas McDonnell
e5fbd70b20
Add a label configuration file
This configuration file stores information about the labels expected in
this repository.
2022-11-08 15:22:08 -05:00
Nicholas McDonnell
71a88a5694
Remove usage of set-output from our GitHub Actions workflow
GitHub has deprecated the set-output command per:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

This updates the GitHub Actions workflow to use the newly preferred
method to set the output for a job's step.
2022-11-08 15:10:45 -05:00
Nicholas McDonnell
dfd54e9ad2
Add additional Dependabot ignore directives
This adds the other versioned Actions that should be managed by
cisagov/skeleton-generic to the list of commented out dependencies to
ignore.
2022-11-08 15:08:12 -05:00
Nicholas McDonnell
6a9c630f86
Add an ownership comment to the Dependabot configuration
Add a comment that states that the commented out ignore directives are
managed by cisagov/skeleton-generic.
2022-11-08 15:08:12 -05:00
dependabot[bot]
1f7c62e5f2
Bump actions/setup-python from 3 to 4
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 20:06:28 +00:00
dependabot[bot]
2775dfa470
Bump hashicorp/setup-terraform from 1 to 2
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 1 to 2.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v1...v2)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 20:00:23 +00:00
Nicholas McDonnell
fc55e84feb
Update the version of Go used from 1.18 to 1.19
Go 1.19 was released while this branch was in the wings and it makes
sense to bump to the latest Go release.
2022-11-08 13:27:47 -05:00
Nicholas McDonnell
8f6849857b
Update the version of Go used from 1.16 to 1.18
Go 1.16 is no longer supported as of the release of 1.18 so it makes
sense to update to the latest version available.
2022-05-27 18:07:10 -04:00
Nicholas McDonnell
57b4abe8fd
Update actions/setup-go from v2 to v3
Additionally as of v3.1.0 of actions/setup-go there is a go-version
output value to retrieve the version of Go installed by the Action.
This allows us to remove the step to manually retrieve this information
from the Go executable.
2022-05-27 18:04:15 -04:00
Nick
14aff9cadc
Merge branch 'develop' into improvement/use_python_3.10_for_gha 2022-04-01 13:13:47 -04:00
dependabot[bot]
c576ef56fb
Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 16:22:39 +00:00
Nick
496ea93027
Merge branch 'develop' into improvement/add_dependabot_ignores_for_github_actions 2022-04-01 12:29:17 -04:00
Nick
6869c6830f
Merge branch 'develop' into dependabot/github_actions/actions/checkout-3 2022-04-01 12:16:34 -04:00
Nicholas McDonnell
e22c12cbd4
Use consistent quoting for software versions 2022-03-28 16:35:59 -04:00
Nicholas McDonnell
583992602c
Upgrade from Python 3.9 to 3.10 for the lint job in GHA 2022-03-28 16:29:30 -04:00
Nicholas McDonnell
511a37cf1e
Add Dependabot ignore directives
This adds commented out ignore directives for the following GitHub
Actions:

- action/cache
- action/checkout
- action/setup-python

These should be uncommented downstream to ensure that updates to these
dependencies are pushed from pull requests made in the skeleton.
2022-03-28 16:26:36 -04:00
dependabot[bot]
3406c2d420
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 18:01:37 +00:00
dependabot[bot]
4ee1bfd96b
Bump actions/setup-python from 2 to 3
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-28 18:02:16 +00:00
Nicholas McDonnell
a05b45adf9
Add comment to Dependabot configuration
This comment explains that the configuration may have commented out
ignore directives that should be uncommented in downstream projects.
2022-02-25 08:26:08 -05:00
Nicholas McDonnell
8797e110d3
Store Go version as a step output
This changes from using an environment variable to using a step output to store
the Go version that is installed. This mirrors changes made to the other
program versions and how they're stored.
2021-10-19 17:51:23 -04:00
Nicholas McDonnell
2699e09eb7
Use setup-env outputs for Terraform-docs version
We change the "Install Terraform-docs" step to use two local environment
variables to provide the package's URL and version to install. This allows us
to work around `yamllint` line length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
0851598edd
Use setup-env outputs for shfmt version
We change the "Install shfmt" step to use two local environment variables to
provide the package's URL and version to install. This allows us to work around
`yamllint` line length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
64b24714ac
Use setup-env outputs for Packer version
We use a `PACKER_VERSION` environment variable for the "Install Packer" step
that is populated from the `setup-env` outputs to get around `yamllint` lint
length limits.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
1e16136272
Use setup-env outputs for Terraform version
Change from using an environment variable to the outputs of the
cisagov/setup-env-github-action instead.
2021-10-19 17:51:22 -04:00
Nicholas McDonnell
6cf78c02e1
Use an id when using cisagov/setup-env-github-action 2021-10-19 17:51:21 -04:00
Nicholas McDonnell
24df40abd1
Add dependabot configuration for Terraform
This will configure `dependabot` to scan Terraform configurations if they exist
in a repository. If a repository stores a Terraform configuration in a sub-
directory this configuration will need to be modified or an additional
configuration must be added if there still exists a Terraform configuration in
the root directory.
2021-10-19 17:45:15 -04:00
David Redmin
b51dbb577e
Revert "Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13"
This reverts commit 6a7fbf07bd.
2021-08-27 14:59:29 -04:00
David Redmin
895a692ad8
Remove lint job step to initialize Terraform directories
Initialization will now be done during the "terraform validate" step.
2021-08-27 13:02:00 -04:00
David Redmin
6a7fbf07bd
Temporarily use cisagov/setup-env-github-action@improvement/support_tf_0.13
This change will be reverted when testing is completed.
2021-08-26 15:33:59 -04:00
Nicholas McDonnell
f7140d8116
Use the hashicorp/setup-terraform Action
Instead of manually installing a Terraform binary we can leverage the Action
provided by Hashicorp to do the same thing.
2021-08-09 23:42:42 -04:00
Nicholas McDonnell
3e83a800f0
Merge branch 'develop' into improvement/replace_beautysh_with_shfmt 2021-07-19 13:15:28 -04:00
Nicholas McDonnell
e2a729d0b1
Install the shfmt tool for GHA
The `shfmt` tool does not ship on the GitHub Actions runners so we must install
it manually.
2021-07-13 17:42:36 -04:00
Shane Frasier
8ee2116f42
Prefer the newer "go install" syntax
As of [Go 1.16](https://tip.golang.org/doc/go1.16#go-command) the `GO111MODULE` environment variable defaults to `on` and `go get` has been deprecated for module installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-13 17:02:13 -04:00
Shane Frasier
337d1efb8f
Capitalize Go for consistency
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-12 09:06:41 -04:00
Jeremy Frasier
bb6e566e3a
Move go installation so that it takes place before the cache task
Some variables defined in the go installation are used in the cache
task, so the go installation must happen first.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-11 21:59:58 -04:00
Jeremy Frasier
181d1b2faf
Install a specific version of terraform-docs
Note that this change is dependent on the merging of
cisagov/setup-env-github-action#31.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-10 22:36:45 -04:00
Jeremy Frasier
b629f7f623
Modify the Packer installation to model that of Terraform
The Terraform installation does not destroy the existing system
Terraform installation, and neither should the Packer installation.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:48:21 -04:00
Jeremy Frasier
70414cff28
Remove unnecessary line in tasks
There is no reason to create /usr/bin/terraform.  This is a vestige of
an earlier age.

Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:46:47 -04:00
Shane Frasier
c481043981
Break out the curl cache creation into its own step
Co-authored-by: Nick M. <50747025+mcdonnnj@users.noreply.github.com>
2021-07-09 22:43:09 -04:00
Jeremy Frasier
106af21c04
Install terraform and packer for the linting job
We should be doing this because the Packer and Terraform pre-commit
hooks leverage the corresponding executables; therefore, it makes
sense to go ahead and install the particular versions of those
executables that we support.  Also add support for optionally
debugging via tmate.

See also cisagov/skeleton-generic#74.
2021-07-09 14:56:14 -04:00
Nicholas McDonnell
2c4d7a2504
Remove user from CODEOWNERS
Due to her departure this removes hillaryj from the default CODEOWNERS we use
in our projects.
2021-04-15 11:53:57 -04:00
Nicholas McDonnell
f4131e57d8
Clean up our actions/cache step
Removed name because it was not more informative than the default. Swapped out
a hardcoded job reference for the github.job context value. Switch the base
cache key to a step environment value so we can set it once and reuse. Removed
additional restore-key value that might have undesirable results.
2020-11-20 12:22:39 -05:00
Shane Frasier
b638143238
Merge branch 'develop' into improvement/get-python-version-more-simply 2020-11-18 11:48:22 -05:00
Jeremy Frasier
02c5a6f8bf
Use the python version output by actions/setup-python
There is no need to run python code to determine the python version.
Resolves #58.

See here for details:
https://github.com/actions/setup-python/blob/main/action.yml#L14-L16
2020-11-10 22:22:15 -05:00
Jeremy Frasier
5b199bc869
Remove offending slash
Thanks to @dav3r and @mcdonnnj for the suggestion.
2020-11-03 14:51:18 -05:00
Jeremy Frasier
a842abbfef
Insist that the cisagov devs are the owners of the .github directory
This additional clause must remain at the _end_ of the CODEOWNERS file
so that it cannot be overridden by a later clause.

We want to make it so that all the .github files including CODEOWNERS
are protected so only code owners (the dev team) can approve
modifications to them.

This will prevent configuration changes from breaking Actions and
other management-type functions that the files in this directory
control. By setting the .github files/folder to require code owner
approval for changes, workflow and management changes will require dev
team review and checking.

Resolves #56.
2020-11-03 12:46:39 -05:00