-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #302 from cisagov/initial_skeletonization
Initial Integration of skeleton-generic
- Loading branch information
Showing
20 changed files
with
588 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
--- | ||
# Configuration file for the Bandit python security scanner | ||
# https://bandit.readthedocs.io/en/latest/config.html | ||
|
||
# Tests are first included by `tests`, and then excluded by `skips`. | ||
# If `tests` is empty, all tests are are considered included. | ||
|
||
tests: | ||
# - B101 | ||
# - B102 | ||
|
||
skips: | ||
# - B101 # skip "assert used" check since assertions are required in pytests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
[flake8] | ||
max-line-length = 80 | ||
# Select (turn on) | ||
# * Complexity violations reported by mccabe (C) - | ||
# http://flake8.pycqa.org/en/latest/user/error-codes.html#error-violation-codes | ||
# * Documentation conventions compliance reported by pydocstyle (D) - | ||
# http://www.pydocstyle.org/en/stable/error_codes.html | ||
# * Default errors and warnings reported by pycodestyle (E and W) - | ||
# https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes | ||
# * Default errors reported by pyflakes (F) - | ||
# http://flake8.pycqa.org/en/latest/glossary.html#term-pyflakes | ||
# * Default warnings reported by flake8-bugbear (B) - | ||
# https://github.com/PyCQA/flake8-bugbear#list-of-warnings | ||
# * The B950 flake8-bugbear opinionated warning - | ||
# https://github.com/PyCQA/flake8-bugbear#opinionated-warnings | ||
select = C,D,E,F,W,B,B950 | ||
# Ignore flake8's default warning about maximum line length, which has | ||
# a hard stop at the configured value. Instead we use | ||
# flake8-bugbear's B950, which allows up to 10% overage. | ||
# | ||
# Also ignore flake8's warning about line breaks before binary | ||
# operators. It no longer agrees with PEP8. See, for example, here: | ||
# https://github.com/ambv/black/issues/21. Guido agrees here: | ||
# https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. | ||
ignore = E501,W503 |
Validating CODEOWNERS rules …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,10 @@ | ||
# Each line is a file pattern followed by one or more owners. | ||
|
||
# These owners will be the default owners for everything in | ||
# the repo. Unless a later match takes precedence, | ||
# these owners will be requested for review when someone | ||
# opens a pull request. | ||
* @dav3r @felddy @hillaryj @jsf9k @mcdonnnj @cisagov/team-ois | ||
# These owners will be the default owners for everything in the | ||
# repo. Unless a later match takes precedence, these owners will be | ||
# requested for review when someone opens a pull request. | ||
* @dav3r @felddy @hillaryj @jsf9k @mcdonnnj | ||
|
||
# These folks own any files in the .github directory at the root of | ||
# the repository and any of its subdirectories. | ||
/.github/ @dav3r @felddy @hillaryj @jsf9k @mcdonnnj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
--- | ||
|
||
version: 2 | ||
updates: | ||
- package-ecosystem: "github-actions" | ||
directory: "/" | ||
schedule: | ||
interval: "weekly" | ||
|
||
- package-ecosystem: "pip" | ||
directory: "/" | ||
schedule: | ||
interval: "weekly" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
--- | ||
version: "1" | ||
|
||
lineage: | ||
skeleton: | ||
remote-url: https://github.com/cisagov/skeleton-generic.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
--- | ||
name: build | ||
|
||
on: | ||
push: | ||
pull_request: | ||
repository_dispatch: | ||
types: [apb] | ||
|
||
env: | ||
PIP_CACHE_DIR: ~/.cache/pip | ||
PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit | ||
|
||
jobs: | ||
lint: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- id: setup-python | ||
uses: actions/setup-python@v2 | ||
with: | ||
python-version: 3.9 | ||
- uses: actions/cache@v2 | ||
env: | ||
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ | ||
py${{ steps.setup-python.outputs.python-version }}-" | ||
with: | ||
path: | | ||
${{ env.PIP_CACHE_DIR }} | ||
${{ env.PRE_COMMIT_CACHE_DIR }} | ||
key: "${{ env.BASE_CACHE_KEY }}\ | ||
${{ hashFiles('**/requirements-test.txt') }}-\ | ||
${{ hashFiles('**/requirements.txt') }}-\ | ||
${{ hashFiles('**/.pre-commit-config.yaml') }}" | ||
restore-keys: | | ||
${{ env.BASE_CACHE_KEY }} | ||
- name: Install dependencies | ||
run: | | ||
python -m pip install --upgrade pip | ||
pip install --upgrade --requirement requirements-test.txt | ||
- name: Set up pre-commit hook environments | ||
run: pre-commit install-hooks | ||
- name: Run pre-commit on all files | ||
run: pre-commit run --all-files |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,11 @@ | ||
*~ | ||
playbook.retry | ||
__pycache__ | ||
.coverage | ||
.mypy_cache | ||
.pytest_cache | ||
.python-version | ||
.terraform | ||
terraform.tfstate* | ||
*.tfvars | ||
*.dyn.tf | ||
*.tfvars | ||
packer_cache | ||
terraform.tfstate | ||
terraform.tfstate.backup |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
[settings] | ||
combine_star=true | ||
force_sort_within_sections=true | ||
|
||
import_heading_stdlib=Standard Python Libraries | ||
import_heading_thirdparty=Third-Party Libraries | ||
import_heading_firstparty=cisagov Libraries | ||
|
||
# Run isort under the black profile to align with our other Python linting | ||
profile=black |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
{ | ||
"MD013": { | ||
"code_blocks": false, | ||
"tables": false | ||
}, | ||
"MD024": { | ||
"allow_different_nesting": true | ||
}, | ||
"default": true | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
--- | ||
default_language_version: | ||
# force all unspecified python hooks to run python3 | ||
python: python3 | ||
|
||
repos: | ||
- repo: https://github.com/pre-commit/pre-commit-hooks | ||
rev: v3.2.0 | ||
hooks: | ||
- id: check-executables-have-shebangs | ||
- id: check-json | ||
- id: check-merge-conflict | ||
- id: check-xml | ||
- id: debug-statements | ||
- id: detect-aws-credentials | ||
args: | ||
- --allow-missing-credentials | ||
- id: detect-private-key | ||
- id: end-of-file-fixer | ||
exclude: files/(issue|motd) | ||
- id: mixed-line-ending | ||
args: | ||
- --fix=lf | ||
- id: pretty-format-json | ||
args: | ||
- --autofix | ||
- id: requirements-txt-fixer | ||
- id: trailing-whitespace | ||
|
||
# Text file hooks | ||
# - repo: https://github.com/igorshubovych/markdownlint-cli | ||
# rev: v0.24.0 | ||
# hooks: | ||
# - id: markdownlint | ||
# args: | ||
# - --config=.mdl_config.json | ||
- repo: https://github.com/prettier/pre-commit | ||
rev: v2.1.2 | ||
hooks: | ||
- id: prettier | ||
# - repo: https://github.com/adrienverge/yamllint | ||
# rev: v1.25.0 | ||
# hooks: | ||
# - id: yamllint | ||
|
||
# Shell script hooks | ||
# - repo: https://github.com/detailyang/pre-commit-shell | ||
# rev: 1.0.5 | ||
# hooks: | ||
# - id: shell-lint | ||
|
||
# Python hooks | ||
# - repo: https://github.com/PyCQA/bandit | ||
# rev: 1.6.2 | ||
# hooks: | ||
# - id: bandit | ||
# args: | ||
# - --config=.bandit.yml | ||
# - repo: https://github.com/python/black | ||
# rev: 20.8b1 | ||
# hooks: | ||
# - id: black | ||
# - repo: https://gitlab.com/pycqa/flake8 | ||
# rev: 3.8.4 | ||
# hooks: | ||
# - id: flake8 | ||
# additional_dependencies: | ||
# - flake8-docstrings | ||
# - repo: https://github.com/timothycrosley/isort | ||
# rev: 5.6.4 | ||
# hooks: | ||
# - id: isort | ||
# - repo: https://github.com/pre-commit/mirrors-mypy | ||
# rev: v0.790 | ||
# hooks: | ||
# - id: mypy | ||
# - repo: https://github.com/asottile/pyupgrade | ||
# rev: v2.7.2 | ||
# hooks: | ||
# - id: pyupgrade | ||
|
||
# Ansible hooks | ||
# - repo: https://github.com/ansible/ansible-lint.git | ||
# rev: v4.3.5 | ||
# hooks: | ||
# - id: ansible-lint | ||
# # files: molecule/default/playbook.yml | ||
|
||
# Terraform hooks | ||
- repo: https://github.com/antonbabenko/pre-commit-terraform.git | ||
rev: v1.43.0 | ||
hooks: | ||
- id: terraform_fmt | ||
# There are ongoing issues with how this command works. This issue | ||
# documents the core issue: | ||
# https://github.com/hashicorp/terraform/issues/21408 | ||
# We have seen issues primarily with proxy providers and Terraform code | ||
# that uses remote state. The PR | ||
# https://github.com/hashicorp/terraform/pull/24887 | ||
# has been approved and is part of the 0.13 release to resolve the issue | ||
# with remote states. | ||
# The PR | ||
# https://github.com/hashicorp/terraform/pull/24896 | ||
# is a proprosed fix to deal with `terraform validate` with proxy | ||
# providers (among other configurations). | ||
# We have decided to disable the terraform_validate hook until the issues | ||
# above have been resolved, which we hope will be with the release of | ||
# Terraform 0.13. | ||
# - id: terraform_validate | ||
|
||
# Docker hooks | ||
# - repo: https://github.com/IamTheFij/docker-pre-commit | ||
# rev: v2.0.0 | ||
# hooks: | ||
# - id: docker-compose-check |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# Already being linted by pretty-format-json | ||
*.json | ||
# Already being linted by mdl | ||
*.md | ||
# Already being linted by yamllint | ||
*.yaml | ||
*.yml |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
--- | ||
extends: default | ||
|
||
rules: | ||
# yamllint doesn't like when we use yes and no for true and false, | ||
# but that's pretty standard in Ansible. | ||
truthy: disable |
Oops, something went wrong.