Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⚠️ CONFLICT! Lineage pull request for: skeleton #78

Merged
merged 79 commits into from
Dec 12, 2023
Merged

⚠️ CONFLICT! Lineage pull request for: skeleton #78

merged 79 commits into from
Dec 12, 2023

Conversation

cisagovbot
Copy link

@cisagovbot cisagovbot commented Dec 6, 2023
edited by jsf9k
Loading

Lineage Pull Request: CONFLICT

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-docker.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

The lineage/skeleton branch has one or more unresolved merge conflicts
that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone git@github.com:cisagov/saver.git saver
cd saver
git remote add skeleton https://github.com/cisagov/skeleton-docker.git
git remote set-url --push skeleton no_push
git switch develop
git switch --create lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and
    possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the
    branch, commit, and push your changes:

    git add .github/dependabot.yml Dockerfile 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message
    that git creates for you, but please do not delete the existing
    content    . It provides useful information about the merge that is
    being performed.

  5. Wait for all the automated tests to pass.

  6. Confirm each item in the "Pre-approval checklist" below.

  7. Remove any of the checklist items that do not apply.

  8. Ensure every remaining checkbox has been checked.

  9. Mark this draft pull request "Ready for review".

✅ Pre-approval checklist

Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!

  • ✌️ The conflicts in this pull request have been resolved.
  • All relevant type-of-change labels have been added.
  • All new and existing tests pass.

✅ Pre-merge checklist

Remove any of the following that do not apply. These boxes should
remain unchecked until the pull request has been approved.

  • Bump major, minor, patch, or pre-release version as appropriate via the bump_version.sh script if this repository is versioned and the changes in this PR warrant a version bump.
  • Finalize version.

✅ Post-merge checklist

Remove any of the following that do not apply.

  • Create a release.

Note

You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

jasonodoom and others added 30 commits July 10, 2023 12:52
@jasonodoom
Add steps to setup go packages for pre-commit
4cb9a4b
@jasonodoom
Update action/checkout to use same version
53f56b0
@jasonodoom
Set specific gocritic version
f261099
@jasonodoom
Update build workflow with package installtion
097b573
@jasonodoom
Group go tools together with comment
254282a
@jasonodoom @mcdonnnj
Update staticcheck id
ecf3299 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jasonodoom @mcdonnnj
Update tool names to match author stylization
1eaedf5 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jasonodoom @mcdonnnj
Update statcicheck stylization
fd04757 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k
Temporarily use a different branch of cisagov/setup-env-github-action
ddbf6f7 
This is being done for testing purposes, and this commit can be
reverted (or removed) once cisagov/setup-env-github-action#65 is
merged.
@jasonodoom
Move go packages install to separate section
a8af336
@jasonodoom @mcdonnnj
Update go-critic name
1675b12 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jasonodoom @mcdonnnj
Update staticcheck name
c6ab22e 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k
Use the correct repo name for the ansible-lint pre-commit hook
29de034 
The repo name we were using redirects to the correct place, but we may
as well cut out the middle man.
@jasonodoom
Correct staticcheck reference to setup-env, sort alphabetically and c…
1e7cb4f 
…orrect staticcheck package URL

Co-Authored By: @mcdonnnj <mcdonnj@users.noreply.github.com>
@jasonodoom @jsf9k
Remove Go section coment
5f3bc13 
Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
@mcdonnnj
Remove unnecessary quotes in the dependabot configuration
d311825 
We generally only use quotes when they are strictly necessary to ensure
data is interpreted as a string value.
@mcdonnnj
Sort the keys in the Dependabot configuration
2294d49 
Our standard practice for YAML files is to sort keys alphabetically.
@jsf9k @dv4harr10
Delete duplicate word "are"
e678502 
Co-authored-by: David Harris <David.Harris@associates.cisa.dhs.gov>
@jsf9k @dav3r
Reference correct parameter name in comment
a518cfb 
The "stopped" parameter is no longer present now that we are using
python-on-whales.

Co-authored-by: dav3r <david.redmin@gwe.cisa.dhs.gov>
@mcdonnnj
Add the ability to specify a token in bump_version.sh
0db97d1 
The token is optionally used for the build and prerelease actions to
override the default values used by the semver Python package.
@mcdonnnj
DRY out logic to update version information
f646a73 
Since the replacement and commit of version change information is
almost identical across the different logic flows it makes sense to DRY
out the code.
@mcdonnnj
Change when existing version information is retrieved
cf5c0d7 
Only retrieve the existing version information if the input to the
bump_version.sh script isn't immediately invalid (if the script does
not get 1-2 arguments).
@mcdonnnj @jsf9k
Remove git push from bump_version.sh script
d6715e7 
The team has come to the consensus that the `git push` should be at the
discretion of the user. This both prevents needless GitHub Actions runs
and ensures that the repository is updated when the user feels it is in
an appropriate state.

Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
@jasonodoom @mcdonnnj
Fix gosec stylization
948ebde 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k
Revert "Temporarily use a different branch of cisagov/setup-env-githu…
98d3d3f 
…b-action"

This reverts commit ddbf6f7.

This can be done now that cisagov/setup-env-github-action#65 has been
merged.
@jasonodoom
Add nixfmt pre-commit hook
82db36a
@dependabot
Bump actions/checkout from 3 to 4
c0b5d5b 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Bump crazy-max/ghaction-github-labeler from 4 to 5
b04654e
@mcdonnnj
Update the dependabot ignore configuration
49ac8c5 
Add crazy-max/ghaction-github-labeler as a commented out dependency to
ignore in the dependabot configuration file. This should be enabled in
downstream projects to consolidate updating this Action to the
cisagov/skeleton-generic repository.
@mcdonnnj
Merge pull request #138 from cisagov/add-go-packages
4ec50ab 
Add go packages for pre-commit
@cisagovbot cisagovbot added the upstream update This issue or pull request pulls in upstream updates label Dec 6, 2023
dependabot bot and others added 3 commits December 6, 2023 14:43
@dependabot
Bump actions/github-script from 6 to 7
b92cc51 
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump docker/build-push-action from 4 to 5
0196a0d 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v4...v5)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Add commented out option to docker/build-push-action
ef3438f 
There is currently a potential incompatibility with the default
behavior of the version of buildx being used. A default image generated
is built with provenance, which is something we would like to have, but
these default images can run on neither Google Cloud Run nor AWS
Lambda. Please see docker/buildx#1533 for mroe information. Since we
want to retain support for creating AWS Lambda images we add a
commented out disabling of this functionality that can be enabled in a
downstream repository if needed.
@jsf9k jsf9k added github-actions Pull requests that update GitHub Actions code security This issue or pull request addresses a security issue labels Dec 6, 2023
@jsf9k jsf9k added the docker Pull requests that update Docker code label Dec 6, 2023
@jsf9k jsf9k marked this pull request as ready for review December 6, 2023 17:03
@jsf9k jsf9k enabled auto-merge December 6, 2023 17:03
@jsf9k jsf9k requested a review from a team December 6, 2023 17:03
@jsf9k jsf9k merged commit 04e233c into develop Dec 12, 2023
17 checks passed
@jsf9k jsf9k deleted the lineage/skeleton branch December 12, 2023 14:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonodoom jasonodoom jasonodoom approved these changes

@dv4harr10 dv4harr10 dv4harr10 approved these changes

@dav3r dav3r Awaiting requested review from dav3r dav3r is a code owner

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jsf9k jsf9k Awaiting requested review from jsf9k jsf9k is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@jsf9k jsf9k

Labels
docker Pull requests that update Docker code github-actions Pull requests that update GitHub Actions code security This issue or pull request addresses a security issue upstream update This issue or pull request pulls in upstream updates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@cisagovbot @jasonodoom @dv4harr10 @jsf9k @dav3r @mcdonnnj