Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert .yamllint to match lineage; fix issues flagged by yamllint. #32

Merged
merged 14 commits into from
Mar 13, 2024
Merged

Revert .yamllint to match lineage; fix issues flagged by yamllint. #32

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
de664dd
Revert .yamllint to match lineage; fix issues flagged by yamllint.
Matthew-Grayson Mar 8, 2024
7a3a78d
Remove duplicate github-actions entry, commented out code, unnecessar…
Matthew-Grayson Mar 8, 2024
79abf6c
Refactor yaml string format for consistency.
Matthew-Grayson Mar 8, 2024
a61ae86
Troubleshoot URL var in infrastructure.yml.
Matthew-Grayson Mar 8, 2024
67f31a1
Specify terraform directory in dependabot.yml.
Matthew-Grayson Mar 8, 2024
7ed8684
Merge branch 30-pre-commit-prevents-commits-due-to-ansible-lint-and-p…
Matthew-Grayson Mar 11, 2024
bf265dd
Merge branch 'develop' of github.com:cisagov/XFD into 26-resolve-yaml…
Matthew-Grayson Mar 12, 2024
b6c4767
Convert .eslintrc files to pure yaml for consistency.
Matthew-Grayson Mar 12, 2024
a9f041d
Merge branch 'develop' of github.com:cisagov/XFD into 26-resolve-yaml…
Matthew-Grayson Mar 13, 2024
d6e6c6f
Remove build steps related to Packer; remove build steps related to G…
Matthew-Grayson Mar 13, 2024
f33da81
Specify GOPATH.
Matthew-Grayson Mar 13, 2024
c7c3289
Remove curl cache used for packer; Specify Go version as string.
Matthew-Grayson Mar 13, 2024
8261ab6
Enclose all version numbers in single quotes: avoids errors like vers…
Matthew-Grayson Mar 13, 2024
adb7284
Add ignore for dependencies managed by skeleton.
Matthew-Grayson Mar 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
92 changes: 43 additions & 49 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,66 +1,60 @@
---
version: 2
updates:
- directory: /
# ignore:
# # Managed by cisagov/ASM-Dashboard
# - dependency-name: actions/cache
# - dependency-name: actions/checkout
# - dependency-name: actions/setup-go
# - dependency-name: actions/setup-python
# - dependency-name: crazy-max/ghaction-dump-context
# - dependency-name: crazy-max/ghaction-github-labeler
# - dependency-name: crazy-max/ghaction-github-status
# - dependency-name: hashicorp/setup-terraform
# - dependency-name: mxschmitt/action-tmate
# - dependency-name: step-security/harden-runner
package-ecosystem: github-actions
Matthew-Grayson marked this conversation as resolved.
Show resolved Hide resolved
- package-ecosystem: github-actions
directory: /
schedule:
interval: weekly
- directory: /
package-ecosystem: terraform
ignore:
- dependency-name: '*'
update-types: [version-update:semver-patch, version-update:semver-minor]
# Managed by cisagov/skeleton-generic
- dependency-name: actions/cache
- dependency-name: actions/checkout
- dependency-name: actions/setup-go
- dependency-name: actions/setup-python
- dependency-name: crazy-max/ghaction-dump-context
- dependency-name: crazy-max/ghaction-github-labeler
- dependency-name: crazy-max/ghaction-github-status
- dependency-name: hashicorp/setup-terraform
- dependency-name: mxschmitt/action-tmate
- dependency-name: step-security/harden-runner
- package-ecosystem: terraform
directory: /infrastructure
schedule:
interval: weekly
- package-ecosystem: 'npm'
directory: '/'
schedule:
interval: 'weekly'
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch","version-update:semver-minor"]
- package-ecosystem: "npm"
directory: "/frontend"
- package-ecosystem: npm
directory: /
schedule:
interval: "weekly"
interval: weekly
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch","version-update:semver-minor"]
- package-ecosystem: "npm"
directory: "/backend"
- dependency-name: '*'
update-types: [version-update:semver-patch, version-update:semver-minor]
- package-ecosystem: npm
directory: /frontend
schedule:
interval: "weekly"
interval: weekly
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch","version-update:semver-minor"]
- package-ecosystem: "pip"
directory: "/backend/worker"
- dependency-name: '*'
update-types: [version-update:semver-patch, version-update:semver-minor]
- package-ecosystem: npm
directory: /backend
schedule:
interval: "weekly"
interval: weekly
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch","version-update:semver-minor"]
- package-ecosystem: 'docker'
directory: '/'
- dependency-name: '*'
update-types: [version-update:semver-patch, version-update:semver-minor]
- package-ecosystem: pip
directory: /backend/worker
schedule:
interval: 'weekly'
interval: weekly
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch","version-update:semver-minor"]
- package-ecosystem: 'github-actions'
directory: '/'
- dependency-name: '*'
update-types: [version-update:semver-patch, version-update:semver-minor]
- package-ecosystem: docker
directory: /
schedule:
interval: 'weekly'
interval: weekly
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch","version-update:semver-minor"]

- dependency-name: '*'
update-types: [version-update:semver-patch, version-update:semver-minor]
47 changes: 22 additions & 25 deletions .github/workflows/backend.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,15 @@ on:
- develop
- production
paths:
- 'backend/**'
- '.github/workflows/backend.yml'
- backend/**
- .github/workflows/backend.yml
pull_request:
branches:
- develop
- production
paths:
- 'backend/**'
- '.github/workflows/backend.yml'
- backend/**
- .github/workflows/backend.yml

defaults:
run:
Expand All @@ -33,9 +33,8 @@ jobs:
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: ${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Lint
Expand All @@ -53,8 +52,7 @@ jobs:
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
restore-keys: ${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Run site locally
Expand Down Expand Up @@ -86,8 +84,7 @@ jobs:
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
restore-keys: ${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Build
Expand Down Expand Up @@ -117,9 +114,8 @@ jobs:
- uses: actions/cache@v3
with:
path: ~/.cache/pip
key: pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
pip-
key: pip-${{ hashFiles(**/requirements.txt) }}
restore-keys: pip-
- run: pip install -r worker/requirements.txt
- run: pytest
build_worker:
Expand All @@ -134,9 +130,8 @@ jobs:
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: ${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Build worker container
Expand All @@ -157,9 +152,8 @@ jobs:
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: ${{ runner.os }}-node-
- name: Install dependencies
run: npm ci

Expand All @@ -185,7 +179,9 @@ jobs:
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

- name: Run syncdb
run: aws lambda invoke --function-name crossfeed-staging-syncdb --region us-east-1 /dev/stdout
run: |
aws lambda invoke --function-name crossfeed-staging-syncdb \
--region us-east-1 /dev/stdout
working-directory: backend
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
Expand All @@ -206,9 +202,8 @@ jobs:
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: ${{ runner.os }}-node-
- name: Install dependencies
run: npm ci

Expand All @@ -234,7 +229,9 @@ jobs:
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

- name: Run syncdb
run: aws lambda invoke --function-name crossfeed-prod-syncdb --region us-east-1 /dev/stdout
run: |
aws lambda invoke --function-name crossfeed-prod-syncdb --region us-east-1 \
/dev/stdout
working-directory: backend
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
Expand Down
42 changes: 4 additions & 38 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ jobs:
- id: setup-python
uses: actions/setup-python@v4
with:
python-version: "3.11"
python-version: '3.11'
# We need the Go version and Go cache location for the actions/cache step,
# so the Go installation must happen before that.
- id: setup-go
Expand All @@ -56,17 +56,15 @@ jobs:
# There is no expectation for actual Go code so we disable caching as
# it relies on the existence of a go.sum file.
cache: false
go-version: "1.20"
go-version: '1.20'
- name: Lookup Go cache directory
id: go-cache
run: |
echo "dir=$(go env GOCACHE)" >> $GITHUB_OUTPUT
run: echo "dir=$(go env GOCACHE)" >> $GITHUB_OUTPUT
- uses: actions/cache@v3
env:
BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
py${{ steps.setup-python.outputs.python-version }}-\
go${{ steps.setup-go.outputs.go-version }}-\
packer${{ steps.setup-env.outputs.packer-version }}-\
tf${{ steps.setup-env.outputs.terraform-version }}-"
with:
# Note that the .terraform directory IS NOT included in the
Expand All @@ -78,52 +76,20 @@ jobs:
path: |
${{ env.PIP_CACHE_DIR }}
${{ env.PRE_COMMIT_CACHE_DIR }}
${{ env.CURL_CACHE_DIR }}
${{ steps.go-cache.outputs.dir }}
key: "${{ env.BASE_CACHE_KEY }}\
${{ hashFiles('**/requirements-test.txt') }}-\
${{ hashFiles('**/requirements.txt') }}-\
${{ hashFiles('**/.pre-commit-config.yaml') }}"
restore-keys: |
${{ env.BASE_CACHE_KEY }}
- name: Setup curl cache
run: mkdir -p ${{ env.CURL_CACHE_DIR }}
- name: Install Packer
env:
PACKER_VERSION: ${{ steps.setup-env.outputs.packer-version }}
run: |
PACKER_ZIP="packer_${PACKER_VERSION}_linux_amd64.zip"
curl --output ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
--time-cond ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
--location \
"https://releases.hashicorp.com/packer/${PACKER_VERSION}/${PACKER_ZIP}"
sudo unzip -d /opt/packer \
${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}"
sudo mv /usr/local/bin/packer /usr/local/bin/packer-default
sudo ln -s /opt/packer/packer /usr/local/bin/packer
restore-keys: ${{ env.BASE_CACHE_KEY }}
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ steps.setup-env.outputs.terraform-version }}
- name: Install go-critic
env:
PACKAGE_URL: github.com/go-critic/go-critic/cmd/gocritic
PACKAGE_VERSION: ${{ steps.setup-env.outputs.go-critic-version }}
run: go install ${PACKAGE_URL}@${PACKAGE_VERSION}
- name: Install gosec
env:
PACKAGE_URL: github.com/securego/gosec/v2/cmd/gosec
PACKAGE_VERSION: ${{ steps.setup-env.outputs.gosec-version }}
run: go install ${PACKAGE_URL}@${PACKAGE_VERSION}
- name: Install shfmt
env:
PACKAGE_URL: mvdan.cc/sh/v3/cmd/shfmt
PACKAGE_VERSION: ${{ steps.setup-env.outputs.shfmt-version }}
run: go install ${PACKAGE_URL}@${PACKAGE_VERSION}
- name: Install staticcheck
env:
PACKAGE_URL: honnef.co/go/tools/cmd/staticcheck
PACKAGE_VERSION: ${{ steps.setup-env.outputs.staticcheck-version }}
run: go install ${PACKAGE_URL}@${PACKAGE_VERSION}
- name: Install Terraform-docs
env:
PACKAGE_URL: github.com/terraform-docs/terraform-docs
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
---
name: "CodeQL"
name: CodeQL

on:
push:
branches: [ "develop", "production" ]
branches: [develop, production]
pull_request:
branches: [ "develop" ]
branches: [develop]
schedule:
- cron: "23 17 * * 6"

Expand All @@ -21,7 +21,7 @@ jobs:
strategy:
fail-fast: false
matrix:
language: [ javascript ]
language: [javascript]

steps:
- name: Checkout
Expand Down
25 changes: 7 additions & 18 deletions .github/workflows/docs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,16 @@ on:
branches:
- develop
paths:
- 'docs/**'
- 'backend/**'
- '.github/workflows/docs.yml'
- docs/**
- backend/**
- .github/workflows/docs.yml
pull_request:
branches:
- develop
paths:
- 'docs/**'
- 'backend/**'
- '.github/workflows/docs.yml'
- docs/**
- backend/**
- .github/workflows/docs.yml

defaults:
run:
Expand All @@ -34,22 +34,11 @@ jobs:
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
restore-keys: ${{ runner.os }}-node-
- name: Install dependencies
run: sudo apt-get update && sudo apt-get install -y libvips-dev glib2.0-dev
- run: npm ci
- name: Lint
run: npm run lint
- name: Build
run: npm run build
# - name: Deploy to GitHub Pages
# if: github.event_name == 'push' && github.ref == 'refs/heads/master'
# uses: crazy-max/[email protected]
# with:
# keep_history: false
# target_branch: gh-pages
# build_dir: docs/public
# fqdn: docs.crossfeed.cyber.dhs.gov
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Loading
Loading