Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lineage pull request for: skeleton #4

Merged
merged 116 commits into from
Aug 6, 2024
Merged

Lineage pull request for: skeleton #4

merged 116 commits into from
Aug 6, 2024

Conversation

cisagovbot
Copy link

@cisagovbot cisagovbot commented Jul 30, 2024
edited by jsf9k
Loading

Lineage Pull Request

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-python-library.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

✅ Pre-approval checklist

Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!

  • All relevant type-of-change labels have been added.
  • All new and existing tests pass.

Note

You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

dependabot bot and others added 30 commits September 13, 2023 02:01
@dependabot
Bump crazy-max/ghaction-github-status from 3 to 4
b5e5c11 
Bumps [crazy-max/ghaction-github-status](https://github.com/crazy-max/ghaction-github-status) from 3 to 4.
- [Release notes](https://github.com/crazy-max/ghaction-github-status/releases)
- [Commits](crazy-max/ghaction-github-status@v3...v4)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-github-status
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@jsf9k
Add a diagnostics job for the label syncing workflow
371179e 
Also add a runner hardening task to the labeler job.
@jsf9k @mcdonnnj
Make the dev team the owners of the linter configuration files
1f611fc 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Make dev team members the codeowners of the requirements*.txt and set…
c356768 
…up-env files

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Explicitly list the linter config files the dev team should own
0195005 
@mcdonnnj correctly pointed out that other projects add their own
configuration files that match, e.g., the /.*.yaml pattern.  We want
to ensure that we only own the linter configuration files from the
skeleton.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@dependabot
Bump hashicorp/setup-terraform from 2 to 3
b768a28 
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 2 to 3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](hashicorp/setup-terraform@v2...v3)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Prefer block style to flow style
9f31700 
We prefer block style to flow style for sequences and mappings in YAML.
@mcdonnnj
Alphabetize entries in the build workflow
696433a 
We prefer to alphabetize mapping keys in YAML documents whenever
possible.
@mcdonnnj
Add a merge_group trigger to the build workflow
6503a9e 
This should improve compatibility with merge queues. We configure it to
only trigger on the `checks_requested` type which is currently the only
supported type for this trigger. If additional types are added in the
future they should be added if appropriate.
@dependabot
Bump actions/setup-go from 4 to 5
193e799 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump actions/setup-python from 4 to 5
5c84295 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump github/codeql-action from 2 to 3
b550ea8 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Fix the dependabot ignore directive for github/codeql-action
4effa91 
This was erroneously configured with each of the sub-Actions in the
github/codeql-action repository. They are versioned as one under the
github/codeql-action namespace.
@mcdonnnj
Switch pre-commit hooks for running shfmt
4a63dbe 
This hook bundles the binaries for shfmt with a Python package which
removes the need to manually install the tool for the hook to function.
@mcdonnnj
Remove installation of shfmt in the build workflow
3236b1b 
The new pre-commit hook provides `shfmt` binaries so we no longer need
to ensure it is installed.
@mcdonnnj
Use long options for shfmt arguments
5ddb14d 
Since shfmt now supports long command line options we should use them
as that is our preference. The single quotes for the number of spaces
to indent is changed to double quotes to align with our usual quotation
style.
@mcdonnnj
Add additional shfmt options
8ecd957 
These options are baked into the functionality of the old hook but must
be explicitly declared for the new hook.
@mcdonnnj
Set the default shell for all run steps in the build workflow
242921b 
This sets the default shell for any run steps in the build workflow to
mirror our standard shellscript writing practices. In addition to
enabling our standard options it will also enable errtrace and print
any commands that are run which should make debugging/troubleshooting
more straightforward.
@mcdonnnj
Add linting with goimports to the pre-commit configuration
c7b18dc 
This will run the Go tool `goimports` against the repository if it
contains any Go files. This tool bundles the functionality of `go fmt`
with the additional benefit of sorting Go imports much like the isort
tool we use for Python code.
Add ATX Header Support for terraform-docs
f6d9d6e 
This is a temporary fix until @mcdonnnj has
his PR approved and merged into the terraform-docs
repo. This fix will perform a shallow clone of his
forked branch, build the binary, and install it.
@michaelsaki @mcdonnnj
Add prepended names to variables to describe their function
544e478 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@michaelsaki @jsf9k
Remove unnecessary capitalizations and fix grammar
f5fa0ff 
Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
@michaelsaki @mcdonnnj
Simplify steps in the build/install portion of workflow
36361dd 
PATH is handled by `setup-go` so we can refactor the code setting it. Also we are taking advantage of the -C switch to handle building from the cloned repository.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@michaelsaki
Add TODO label
3711ebe
@michaelsaki
Move TODO and add link to the issue
d114fb4 
`TODO` was placed on the wrong comment block. Also I am adding a link to the issue for the TODO.
@michaelsaki @dav3r
Alphabetize switches
c907cfc 
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
Allow setup-env to specify Python version
48db3e3 
This commit is introducing 2 new flags
into the setup-env script. -l or
--list-versions will list available
Python versions and allow the user to
select a version interactively. The second
flag -v or --version will allow a user
to set the version if installed.
(e.g. ./setup-env -v 3.9.6)
@michaelsaki @jsf9k
Add /dev/null and remove TMPFILE
c10929a 
This makes the code a bit cleaner and still accomplishes the same functionality

Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
Place flags in the correct order for -r and -p
adada40
Remove unneccessary spacing
1861b9b
mcdonnnj and others added 11 commits July 29, 2024 21:12
@mcdonnnj
Merge pull request #131 from cisagov/bug/fix_codeql_dependabot_ignore
356e542 
Fix the dependabot ignore directive for `github/codeql-action`
@mcdonnnj
Merge pull request #128 from cisagov/dependabot/github_actions/github…
1cdfd2f 
…/codeql-action-3

Bump github/codeql-action from 2 to 3
@dependabot @mcdonnnj
Bump actions/upload-artifact from 3 to 4
2ea36cb 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @mcdonnnj
Bump actions/download-artifact from 3 to 4
3664329 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Drop support for Python 3.6
3c741d2 
Python 3.6 reached end-of-life on 2021-12-23. Since the oldest version
of Debian that we use (Debian Buster) provides Python 3.7 we can safely
sunset support for this version of Python.
@mcdonnnj
Bump version from 0.2.0 to 0.2.1
111eac0
@mcdonnnj
Merge pull request #132 from cisagov/dependencies/update_artifact_act…
5b7a24b 
…ions

Bump actions/upload-artifact and actions/download-artifact from 3 to 4
@mcdonnnj
Merge pull request #134 from cisagov/improvement/drop_support_for_py3.6
272917a 
Drop support for Python 3.6
@mcdonnnj
Bump actions/setup-python from v4 to v5
e7d0482 
This covers all of the uses that are not automatically updated when
pulling in upstream updates.
@mcdonnnj
Merge pull request #137 from cisagov/bug/correct_setup-python_versions
b2b9dd9 
Ensure the use of the same version of `actions/setup-python`
Merge https://github.com/cisagov/skeleton-python-library into lineage…
4122791 
…/skeleton
@jsf9k jsf9k merged commit acf9fc2 into develop Aug 6, 2024
49 checks passed
@jsf9k jsf9k deleted the lineage/skeleton branch August 6, 2024 20:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@jsf9k jsf9k jsf9k approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jasonodoom jasonodoom Awaiting requested review from jasonodoom

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@jsf9k jsf9k

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@cisagovbot @jsf9k @dav3r @felddy @jasonodoom @mcdonnnj @michaelsaki