Fix yaml lint issues.

cisagov · Mar 6, 2024 · a38ff7a · a38ff7a
1 parent 597326a
commit a38ff7a
Show file tree

Hide file tree

Showing 17 changed files with 86 additions and 49 deletions.
diff --git a/.github/workflows/backend.yml b/.github/workflows/backend.yml
@@ -1,3 +1,4 @@
+---
 name: Backend Pipeline
 
 on:
@@ -145,7 +146,7 @@ jobs:
     needs: [build_worker, lint, test, test_worker, test_python]
     runs-on: ubuntu-latest
     environment: staging
-    concurrency: 1
+    concurrency: '1'
     if: github.event_name == 'push' && github.ref == 'refs/heads/develop'
     steps:
       - uses: actions/checkout@v3
@@ -194,7 +195,7 @@ jobs:
     needs: [build_worker, lint, test, test_python]
     runs-on: ubuntu-latest
     environment: production
-    concurrency: 1
+    concurrency: '1'
     if: github.event_name == 'push' && github.ref == 'refs/heads/production'
     steps:
       - uses: actions/checkout@v3

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,3 +1,4 @@
+---
 name: "CodeQL"
 
 on:

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -1,3 +1,4 @@
+---
 name: Docs
 on:
   push:

diff --git a/.github/workflows/frontend.yml b/.github/workflows/frontend.yml
@@ -1,3 +1,4 @@
+---
 name: Frontend Pipeline
 
 on:
@@ -64,7 +65,7 @@ jobs:
     needs: [lint, test]
     runs-on: ubuntu-latest
     environment: staging
-    concurrency: 1
+    concurrency: '1'
     if: github.event_name == 'push' && github.ref == 'refs/heads/develop'
     steps:
       - uses: actions/checkout@v3
@@ -94,7 +95,7 @@ jobs:
     needs: [lint, test]
     runs-on: ubuntu-latest
     environment: production
-    concurrency: 1
+    concurrency: '1'
     if: github.event_name == 'push' && github.ref == 'refs/heads/production'
     steps:
       - uses: actions/checkout@v3

diff --git a/.github/workflows/infrastructure.yml b/.github/workflows/infrastructure.yml
@@ -1,3 +1,4 @@
+---
 name: Infrastructure Pipeline
 
 on:
@@ -39,7 +40,7 @@ jobs:
     timeout-minutes: 4320
     runs-on: ubuntu-latest
     environment: staging
-    concurrency: 1
+    concurrency: '1'
     steps:
       - uses: actions/checkout@v3
 
@@ -78,7 +79,7 @@ jobs:
     timeout-minutes: 4320
     runs-on: ubuntu-latest
     environment: production
-    concurrency: 1
+    concurrency: '1'
     steps:
       - uses: actions/checkout@v3
 

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -1,8 +1,9 @@
+---
 name: Check for Vulnerabilities
 
 on:
   schedule:
-    - cron: '0 1 * * *' # every day at 1 AM
+    - cron: '0 1 * * *'  # every day at 1 AM
   workflow_dispatch:
   push:
 

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -1,4 +1,4 @@
-# Welcome #
+# Welcome
 
 We're so glad you're thinking about contributing to this open source
 project!  If you're unsure or afraid of anything, just ask or submit
@@ -11,7 +11,7 @@ Before contributing, we encourage you to read our CONTRIBUTING policy
 (you are here), our [LICENSE](LICENSE), and our [README](README.md),
 all of which should be in this repository.
 
-## Issues ##
+## Issues
 
 If you want to report a bug or request a new feature, the most direct
 method is to [create an
@@ -22,7 +22,7 @@ already been reported.  If it has then you might want to add a comment
 to the existing issue.  If it hasn't then feel free to create a new
 one.
 
-## Pull requests ##
+## Pull requests
 
 If you choose to [submit a pull
 request](https://github.com/cisagov/ASM-Dashboard/pulls), you will
@@ -38,7 +38,7 @@ regular contributor, then you will want to set up
 do that, the CI checks will run locally before you even write your
 commit message.  This speeds up your development cycle considerably.
 
-### Setting up pre-commit ###
+### Setting up pre-commit
 
 There are a few ways to do this, but we prefer to use
 [`pyenv`](https://github.com/pyenv/pyenv) and
@@ -57,7 +57,7 @@ entire environment configuration process.
 Otherwise, follow the steps below to manually configure your
 environment.
 
-#### Installing and using `pyenv` and `pyenv-virtualenv` ####
+#### Installing and using `pyenv` and `pyenv-virtualenv`
 
 On the Mac, we recommend installing [brew](https://brew.sh/).  Then
 installation is as simple as `brew install pyenv pyenv-virtualenv` and
@@ -128,7 +128,7 @@ the many things that `pyenv` can do.  See
 additional capabilities that pyenv-virtualenv adds to the `pyenv`
 command.
 
-#### Creating the Python virtual environment ####
+#### Creating the Python virtual environment
 
 Once `pyenv` and `pyenv-virtualenv` are installed on your system, you
 can create and configure the Python virtual environment with these
@@ -141,7 +141,7 @@ pyenv local ASM-Dashboard
 pip install --requirement requirements-dev.txt
 ```
 
-#### Installing the pre-commit hook ####
+#### Installing the pre-commit hook
 
 Now setting up pre-commit is as simple as:
 
@@ -153,7 +153,7 @@ At this point the pre-commit checks will run against any files that
 you attempt to commit.  If you want to run the checks against the
 entire repo, just execute `pre-commit run --all-files`.
 
-## Public domain ##
+## Public domain
 
 This project is in the public domain within the United States, and
 copyright and related rights in the work worldwide are waived through

diff --git a/README.md b/README.md
@@ -1,8 +1,8 @@
-# XFD #
+# XFD
 
 [![GitHub Build Status](https://github.com/cisagov/ASM-Dashboard/workflows/build/badge.svg)](https://github.com/cisagov/ASM-Dashboard/actions)
 
-## Contributing ##
+## Contributing
 
 We welcome contributions!  Please see [`CONTRIBUTING.md`](CONTRIBUTING.md) for
 details.

diff --git a/backend/.eslintrc.yml b/backend/.eslintrc.yml
@@ -1,3 +1,4 @@
+---
 {
   "env": { "es6": true, "node": true },
   "parser": "@typescript-eslint/parser",

diff --git a/backend/serverless.yml b/backend/serverless.yml
@@ -1,3 +1,4 @@
+---
 service: crossfeed
 
 frameworkVersion: '3'
@@ -111,44 +112,44 @@ resources:
       Type: AWS::SQS::Queue
       Properties:
         QueueName: ${self:provider.stage}-worker-control-queue
-        VisibilityTimeout: 300 # Should match or exceed function timeout
-        MaximumMessageSize: 262144 # 256 KB
-        MessageRetentionPeriod: 604800 # 7 days
+        VisibilityTimeout: 300  # Should match or exceed function timeout
+        MaximumMessageSize: 262144  # 256 KB
+        MessageRetentionPeriod: 604800  # 7 days
     ShodanQueue:
       Type: AWS::SQS::Queue
       Properties:
         QueueName: ${self:provider.stage}-shodan-queue
         VisibilityTimeout: 300
-        MaximumMessageSize: 262144 # 256 KB
-        MessageRetentionPeriod: 604800 # 7 days
+        MaximumMessageSize: 262144  # 256 KB
+        MessageRetentionPeriod: 604800  # 7 days
     DnstwistQueue:
       Type: AWS::SQS::Queue
       Properties:
         QueueName: ${self:provider.stage}-dnstwist-queue
         VisibilityTimeout: 300
-        MaximumMessageSize: 262144 # 256 KB
-        MessageRetentionPeriod: 604800 # 7 days
+        MaximumMessageSize: 262144  # 256 KB
+        MessageRetentionPeriod: 604800  # 7 days
     HibpQueue:
       Type: AWS::SQS::Queue
       Properties:
         QueueName: ${self:provider.stage}-hibp-queue
         VisibilityTimeout: 300
-        MaximumMessageSize: 262144 # 256 KB
-        MessageRetentionPeriod: 604800 # 7 days
+        MaximumMessageSize: 262144  # 256 KB
+        MessageRetentionPeriod: 604800  # 7 days
     IntelxQueue:
       Type: AWS::SQS::Queue
       Properties:
         QueueName: ${self:provider.stage}-intelx-queue
         VisibilityTimeout: 300
-        MaximumMessageSize: 262144 # 256 KB
-        MessageRetentionPeriod: 604800 # 7 days
+        MaximumMessageSize: 262144  # 256 KB
+        MessageRetentionPeriod: 604800  # 7 days
     CybersixgillQueue:
       Type: AWS::SQS::Queue
       Properties:
         QueueName: ${self:provider.stage}-cybersixgill-queue
         VisibilityTimeout: 300
-        MaximumMessageSize: 262144 # 256 KB
-        MessageRetentionPeriod: 604800 # 7 days
+        MaximumMessageSize: 262144  # 256 KB
+        MessageRetentionPeriod: 604800  # 7 days
 
 functions:
   - ${file(./src/tasks/functions.yml)}

diff --git a/backend/src/api/functions.yml b/backend/src/api/functions.yml
@@ -1,12 +1,13 @@
+---
 api:
   handler: src/api.handler
   events:
     - http:
-        path: / # this matches the base path
+        path: /  # this matches the base path
         method: ANY
         cors: true
     - http:
-        path: /{any+} # this matches any path, the token 'any' doesn't mean anything special
+        path: /{any+}  # this matches any path, the token 'any' doesn't mean anything special
         method: ANY
         cors: true
   # provisionedConcurrency: 1
diff --git a/backend/src/tasks/functions.yml b/backend/src/tasks/functions.yml
@@ -1,3 +1,4 @@
+---
 cloudwatchToS3:
   handler: src/tasks/cloudwatchToS3.handler
   timeout: 900
@@ -33,10 +34,10 @@ checkUserExpiration:
   timeout: 300
   handler: src/tasks/checkUserExpiration.handler
   events:
-    - schedule: cron(0 0 * * ? *) # Runs every day at midnight
+    - schedule: cron(0 0 * * ? *)  # Runs every day at midnight
 scanExecution:
   handler: src/tasks/scanExecution.handler
-  timeout: 300 # 5 minutes
+  timeout: 300  # 5 minutes
   environment:
     SQS_QUEUE_NAME: ${self:provider.stage}-worker-control-queue
   events:

diff --git a/backend/worker/.safety-policy.yml b/backend/worker/.safety-policy.yml
@@ -1,14 +1,15 @@
+---
 # Safety Security and License Configuration file
 # We recommend checking this file into your source control in the root of your Python project
 # If this file is named .safety-policy.yml and is in the same directory where you run `safety check` it will be used by default.
 # Otherwise, you can use the flag `safety check --policy-file <path-to-this-file>` to specify a custom location and name for the file.
 # To validate and review your policy file, run the validate command: `safety validate policy_file --path <path-to-this-file>`
-security: # configuration for the `safety check` command
-  ignore-cvss-severity-below: 0 # A severity number between 0 and 10. Some helpful reference points: 9=ignore all vulnerabilities except CRITICAL severity. 7=ignore all vulnerabilities except CRITICAL & HIGH severity. 4=ignore all vulnerabilities except CRITICAL, HIGH & MEDIUM severity.
-  ignore-cvss-unknown-severity: False # True or False. We recommend you set this to False.
-  ignore-vulnerabilities: # Here you can list multiple specific vulnerabilities you want to ignore (optionally for a time period)
+security:  # configuration for the `safety check` command
+  ignore-cvss-severity-below: 0  # A severity number between 0 and 10. Some helpful reference points: 9=ignore all vulnerabilities except CRITICAL severity. 7=ignore all vulnerabilities except CRITICAL & HIGH severity. 4=ignore all vulnerabilities except CRITICAL, HIGH & MEDIUM severity.
+  ignore-cvss-unknown-severity: False  # True or False. We recommend you set this to False.
+  ignore-vulnerabilities:  # Here you can list multiple specific vulnerabilities you want to ignore (optionally for a time period)
     # We recommend making use of the optional `reason` and `expires` keys for each vulnerability that you ignore.
-    54672: # Vulnerability found in scrapy version >= 0.7
-      reason: No fix currently available # optional, for internal note purposes to communicate with your team. This reason will be reported in the Safety reports
-      expires: '2024-06-01' # We will revisit for a fix in 6 months.
-  continue-on-vulnerability-error: False # Suppress non-zero exit codes when vulnerabilities are found. Enable this in pipelines and CI/CD processes if you want to pass builds that have vulnerabilities. We recommend you set this to False.
+    54672:  # Vulnerability found in scrapy version >= 0.7
+      reason: No fix currently available  # optional, for internal note purposes to communicate with your team. This reason will be reported in the Safety reports
+      expires: '2024-06-01'  # We will revisit for a fix in 6 months.
+  continue-on-vulnerability-error: False  # Suppress non-zero exit codes when vulnerabilities are found. Enable this in pipelines and CI/CD processes if you want to pass builds that have vulnerabilities. We recommend you set this to False.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -135,8 +135,8 @@ services:
   rabbitmq:
     image: 'rabbitmq:3.8-management'
     ports:
-      - '5672:5672' # RabbitMQ default port
-      - '15672:15672' # RabbitMQ management plugin
+      - '5672:5672'  # RabbitMQ default port
+      - '15672:15672'  # RabbitMQ management plugin
     networks:
       - backend
     environment:

diff --git a/docs/src/documentation-pages/dev/pe.md b/docs/src/documentation-pages/dev/pe.md
@@ -69,7 +69,9 @@ Then enter pe database password.
 Follow [this guide](https://www.postgresqltutorial.com/psql-commands/) for psql command basics.
 
 ## Populate the database with pg dump file
+
 Locate the latest postgres dump file and run:
+
 ```bash
 pg_restore -U pe -d pe "[path to sql dump file]"
 ```
-Original file line number
+Diff line change
@@ -1,3 +1,4 @@
+    ---
     name: "CodeQL"
     on:
@@ Expand Down @@