Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⚠️ CONFLICT! Lineage pull request for: skeleton #216

Draft
wants to merge 151 commits into
base: develop
Choose a base branch
from
Draft

⚠️ CONFLICT! Lineage pull request for: skeleton #216

wants to merge 151 commits into from

Conversation

cisagovbot
Copy link

Lineage Pull Request: CONFLICT

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-generic.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

The lineage/skeleton branch has one or more unresolved merge conflicts
that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone [email protected]:cisagov/XFD.git XFD
cd XFD
git remote add skeleton https://github.com/cisagov/skeleton-generic.git
git remote set-url --push skeleton no_push
git switch develop
git switch --create lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and
    possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the
    branch, commit, and push your changes:

    git add .github/workflows/build.yml .pre-commit-config.yaml CONTRIBUTING.md 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message
    that git creates for you, but please do not delete the existing
    content    . It provides useful information about the merge that is
    being performed.

  5. Wait for all the automated tests to pass.

  6. Confirm each item in the "Pre-approval checklist" below.

  7. Remove any of the checklist items that do not apply.

  8. Ensure every remaining checkbox has been checked.

  9. Mark this draft pull request "Ready for review".

✅ Pre-approval checklist

Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!

  • ✌️ The conflicts in this pull request have been resolved.
  • All future TODOs are captured in issues, which are referenced
    in code comments.
  • All relevant type-of-change labels have been added.
  • All relevant repo and/or project documentation has been updated
    to reflect the changes in this PR.
  • Tests have been added and/or modified to cover the changes in this PR.
  • All new and existing tests pass.

✅ Pre-merge checklist

Remove any of the following that do not apply. These boxes should
remain unchecked until the pull request has been approved.

  • Bump major, minor, patch, or pre-release version as
    appropriate
    via the bump_version.sh script if this repository is
    versioned and the changes in this PR warrant a version
    bump    .
  • Finalize version.

✅ Post-merge checklist

Remove any of the following that do not apply.

  • Create a release.

Note

You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

dependabot bot and others added 30 commits September 13, 2023 02:01
@dependabot
Bump crazy-max/ghaction-github-status from 3 to 4
b5e5c11 
Bumps [crazy-max/ghaction-github-status](https://github.com/crazy-max/ghaction-github-status) from 3 to 4.
- [Release notes](https://github.com/crazy-max/ghaction-github-status/releases)
- [Commits](crazy-max/ghaction-github-status@v3...v4)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-github-status
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@jsf9k
Add a diagnostics job for the label syncing workflow
371179e 
Also add a runner hardening task to the labeler job.
@jsf9k @mcdonnnj
Make the dev team the owners of the linter configuration files
1f611fc 
Co-authored-by: Nick <[email protected]>
@jsf9k @mcdonnnj
Make dev team members the codeowners of the requirements*.txt and set…
c356768 
…up-env files

Co-authored-by: Nick <[email protected]>
@jsf9k @mcdonnnj
Explicitly list the linter config files the dev team should own
0195005 
@mcdonnnj correctly pointed out that other projects add their own
configuration files that match, e.g., the /.*.yaml pattern.  We want
to ensure that we only own the linter configuration files from the
skeleton.

Co-authored-by: Nick <[email protected]>
@dependabot
Bump hashicorp/setup-terraform from 2 to 3
b768a28 
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 2 to 3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](hashicorp/setup-terraform@v2...v3)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@mcdonnnj
Prefer block style to flow style
9f31700 
We prefer block style to flow style for sequences and mappings in YAML.
@mcdonnnj
Alphabetize entries in the build workflow
696433a 
We prefer to alphabetize mapping keys in YAML documents whenever
possible.
@mcdonnnj
Add a merge_group trigger to the build workflow
6503a9e 
This should improve compatibility with merge queues. We configure it to
only trigger on the `checks_requested` type which is currently the only
supported type for this trigger. If additional types are added in the
future they should be added if appropriate.
@dependabot
Bump actions/setup-go from 4 to 5
193e799 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump actions/setup-python from 4 to 5
5c84295 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@mcdonnnj
Switch pre-commit hooks for running shfmt
4a63dbe 
This hook bundles the binaries for shfmt with a Python package which
removes the need to manually install the tool for the hook to function.
@mcdonnnj
Remove installation of shfmt in the build workflow
3236b1b 
The new pre-commit hook provides `shfmt` binaries so we no longer need
to ensure it is installed.
@mcdonnnj
Use long options for shfmt arguments
5ddb14d 
Since shfmt now supports long command line options we should use them
as that is our preference. The single quotes for the number of spaces
to indent is changed to double quotes to align with our usual quotation
style.
@mcdonnnj
Add additional shfmt options
8ecd957 
These options are baked into the functionality of the old hook but must
be explicitly declared for the new hook.
@mcdonnnj
Set the default shell for all run steps in the build workflow
242921b 
This sets the default shell for any run steps in the build workflow to
mirror our standard shellscript writing practices. In addition to
enabling our standard options it will also enable errtrace and print
any commands that are run which should make debugging/troubleshooting
more straightforward.
@mcdonnnj
Add linting with goimports to the pre-commit configuration
c7b18dc 
This will run the Go tool `goimports` against the repository if it
contains any Go files. This tool bundles the functionality of `go fmt`
with the additional benefit of sorting Go imports much like the isort
tool we use for Python code.
Add ATX Header Support for terraform-docs
f6d9d6e 
This is a temporary fix until @mcdonnnj has
his PR approved and merged into the terraform-docs
repo. This fix will perform a shallow clone of his
forked branch, build the binary, and install it.
@michaelsaki @mcdonnnj
Add prepended names to variables to describe their function
544e478 
Co-authored-by: Nick <[email protected]>
@michaelsaki @jsf9k
Remove unnecessary capitalizations and fix grammar
f5fa0ff 
Co-authored-by: Shane Frasier <[email protected]>
@michaelsaki @mcdonnnj
Simplify steps in the build/install portion of workflow
36361dd 
PATH is handled by `setup-go` so we can refactor the code setting it. Also we are taking advantage of the -C switch to handle building from the cloned repository.

Co-authored-by: Nick <[email protected]>
@michaelsaki
Add TODO label
3711ebe
@michaelsaki
Move TODO and add link to the issue
d114fb4 
`TODO` was placed on the wrong comment block. Also I am adding a link to the issue for the TODO.
@michaelsaki @dav3r
Alphabetize switches
c907cfc 
Co-authored-by: dav3r <[email protected]>
Allow setup-env to specify Python version
48db3e3 
This commit is introducing 2 new flags
into the setup-env script. -l or
--list-versions will list available
Python versions and allow the user to
select a version interactively. The second
flag -v or --version will allow a user
to set the version if installed.
(e.g. ./setup-env -v 3.9.6)
@michaelsaki @jsf9k
Add /dev/null and remove TMPFILE
c10929a 
This makes the code a bit cleaner and still accomplishes the same functionality

Co-authored-by: Shane Frasier <[email protected]>
Place flags in the correct order for -r and -p
adada40
Remove unneccessary spacing
1861b9b
@michaelsaki @jsf9k
Alphabetize flags and descriptions
3f623e4 
Co-authored-by: Shane Frasier <[email protected]>
@jsf9k
Move misplaced exit
9497dc2 
If the Python version exists then we want the script to continue
execution.
mcdonnnj and others added 30 commits September 25, 2024 06:44
@mcdonnnj
Merge pull request #170 from cisagov/dependabot/github_actions/crazy-…
184e749 
…max/ghaction-github-status-4

Bump crazy-max/ghaction-github-status from 3 to 4
@mcdonnnj
Merge pull request #171 from cisagov/dependabot/github_actions/action…
d99c117 
…s/cache-4

Bump actions/cache from 3 to 4
@mcdonnnj
Merge pull request #187 from cisagov/improvement/use_setup_packer_action
2491ca0 
Use an Action to install Packer in our GitHub Actions workflows
@mcdonnnj
Merge pull request #176 from cisagov/improvement/correct-semantic-pyt…
f6c9537 
…hon-version-checks

Add checks for correct semantic version of Python
@mcdonnnj
Merge pull request #188 from cisagov/remove-odoom-as-a-codeowner
10e5f6f 
Remove @jasonodoom as a codeowner
@mcdonnnj
Add a pre-commit hook to run pip-audit
045a998 
The pip-audit tool will audit any supplied pip requirements files for
vulnerable packages.
@mcdonnnj
Merge pull request #178 from cisagov/improvement/add_pre-commit_meta_…
28dc4ce 
…hook

Add the `check-useless-excludes` hook to the pre-commit configuration
@mcdonnnj
Merge pull request #179 from cisagov/improvement/add_pip-audit_pre-co…
5801cec 
…mmit_hook

Add a pre-commit hook to run `pip-audit`
@mcdonnnj
Merge pull request #184 from cisagov/improvement/pin-flake8-docstrings
e61255c 
Add a lower-bound pin for the `flake8-docstrings` `pip` package
@mcdonnnj
Merge pull request #185 from cisagov/maintenance/update_pre-commit_hooks
44cd1be 
Update `pre-commit` hooks
@mcdonnnj
Use the rbubley/mirrors-prettier hook for prettier
c502f1a 
This replaces the now archived pre-commit/mirrors-prettier hook.
@mcdonnnj
Merge pull request #186 from cisagov/improvement/switch_prettier_hook
f0e55b3 
Switch the `pre-commit` hook used to run `prettier`
Merge https://github.com/cisagov/skeleton-generic into lineage/skeleton
6232826 
# Conflicts:
#	.github/CODEOWNERS
#	.github/workflows/build.yml
#	.pre-commit-config.yaml
@mcdonnnj
Add a new trigger for the sync-labels GitHub Actions workflow
942c0dc 
Add a `workflow_dispatch` trigger so we can manually run the workflow
if needed.
@mcdonnnj
Remove unnecessary quotes in the sync-labels workflow
a267662
@mcdonnnj
Add four new hooks from pre-commit/pre-commit-hooks
dc7f09e
@mcdonnnj
Add the GitHubSecurityLab/actions-permissions/monitor Action
343d2cc 
This Action will provide information about the usage of GITHUB_TOKEN in
the workflow. It should be added to _every_ job in _any_ workflow to
provide information for analysis.
@mcdonnnj
Restrict permissions of GITHUB_TOKEN
8a77a8b 
This changes the default permissions for the GITHUB_TOKEN used in our
GitHub Actions configuration to the minimum required to successfully
run.
@mcdonnnj
Update pre-commit hook versions
3b1d4ef 
This is done automatically with the `pre-commit autoupdate` command.
@mcdonnnj
Sort hook ids in each pre-commit hook entry
1d285f2 
Ensure that all hook ids are sorted alphabetically in each hook entry
in our pre-commit configuration.
@mcdonnnj
Merge pull request #189 from cisagov/improvement/manually_run_sync-la…
5da1059 
…bels_workflow

Allow the `sync-labels` workflow to be run manually
@mcdonnnj
Merge pull request #190 from cisagov/improvement/add_actions-permissi…
ff221ba 
…ons-monitor

Add the `GitHubSecurityLab/actions-permissions/monitor` Action
@mcdonnnj
Merge pull request #191 from cisagov/improvement/github_tokenn_polp
971602a 
Explicitly define permissions of `GITHUB_TOKEN` in our GitHub Actions workflows
@mcdonnnj
Merge pull request #192 from cisagov/maintenance/update_pre-commit_hooks
bdf8a25 
Update `pre-commit` hook versions
@mcdonnnj
Merge pull request #193 from cisagov/improvement/add_more_pre-commit_…
6959971 
…hooks

Add additional hooks from `pre-commit/pre-commit-hooks`
@mcdonnnj
Merge pull request #194 from cisagov/improvement/ensure_pre-commit_ho…
f517db7 
…oks_are_sorted

Sort hook ids in each `pre-commit` hook entry
Merge https://github.com/cisagov/skeleton-generic into lineage/skeleton
435499e 
# Conflicts:
#	.github/dependabot.yml
#	.github/workflows/sync-labels.yml
#	.pre-commit-config.yaml
@mcdonnnj
Update the commented out dependabot ignore directives
8824475 
Add a directive for hashicorp/setup-packer that was missed when it was
added to the `build` workflow. Add a directive for
cisagov/setup-env-github-action that is not strictly necessary since we
currently just pull from the `develop` branch, but is good to have in
case we were to change that in the future.
@mcdonnnj
Merge pull request #195 from cisagov/bug/add_missing_dependabot_ignore
e6afb68 
Add missing dependabot ignore directives
Merge https://github.com/cisagov/skeleton-generic into lineage/skeleton
de77c88
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r Awaiting requested review from dav3r dav3r will be requested when the pull request is marked ready for review dav3r is a code owner

@felddy felddy Awaiting requested review from felddy felddy will be requested when the pull request is marked ready for review felddy is a code owner

@jsf9k jsf9k Awaiting requested review from jsf9k jsf9k will be requested when the pull request is marked ready for review jsf9k is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj will be requested when the pull request is marked ready for review mcdonnnj is a code owner

@aloftus23 aloftus23 Awaiting requested review from aloftus23 aloftus23 will be requested when the pull request is marked ready for review aloftus23 is a code owner

@cduhn17 cduhn17 Awaiting requested review from cduhn17 cduhn17 will be requested when the pull request is marked ready for review cduhn17 is a code owner

@Matthew-Grayson Matthew-Grayson Awaiting requested review from Matthew-Grayson Matthew-Grayson will be requested when the pull request is marked ready for review Matthew-Grayson is a code owner

@nickviola nickviola Awaiting requested review from nickviola nickviola will be requested when the pull request is marked ready for review nickviola is a code owner

@rapidray12 rapidray12 Awaiting requested review from rapidray12 rapidray12 will be requested when the pull request is marked ready for review rapidray12 is a code owner

@schmelz21 schmelz21 Awaiting requested review from schmelz21 schmelz21 will be requested when the pull request is marked ready for review schmelz21 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@nickviola nickviola

@aloftus23 aloftus23

@schmelz21 schmelz21

@cduhn17 cduhn17

@Matthew-Grayson Matthew-Grayson

@rapidray12 rapidray12

Labels
upstream update This issue or pull request pulls in upstream updates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
10 participants
@cisagovbot @nickviola @aloftus23 @schmelz21 @cduhn17 @Matthew-Grayson @rapidray12 @jsf9k @mcdonnnj @michaelsaki