From fccb4f6eb4e970ecf54d48cd66b7111506805a25 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:41:57 +0400 Subject: [PATCH 01/19] Change by terraform in repo workflow config, Add .github/dependabot.yaml --- .github/dependabot.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 0335fea..be5dc92 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -1,8 +1,13 @@ version: 2 updates: - - package-ecosystem: "terraform" - directory: - - "/" + + - package-ecosystem: github-actions + directory: "/" + schedule: + interval: "daily" + + - package-ecosystem: terraform + directory: "/" schedule: interval: "daily" From 143aefe1bffb122bd819000227fcf2ccc1bff594 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:01 +0400 Subject: [PATCH 02/19] Change by terraform in repo workflow config, Add .github/workflows/tflint.yaml --- .github/workflows/tflint.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml index e3f711e..78eb241 100644 --- a/.github/workflows/tflint.yaml +++ b/.github/workflows/tflint.yaml @@ -18,9 +18,9 @@ jobs: matrix: path: - / - + steps: - - uses: dasmeta/reusable-actions-workflows/tflint@main + - uses: dasmeta/reusable-actions-workflows/tflint@4.2.0 with: aws-region: ${{ secrets.AWS_REGION}} aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} From f67c8462ea44677640f28caa0a6c20b0d2e4bf3d Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:03 +0400 Subject: [PATCH 03/19] Change by terraform in repo workflow config, Add .github/workflows/tfsec.yaml --- .github/workflows/tfsec.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tfsec.yaml b/.github/workflows/tfsec.yaml index 934fbf5..3f9ad3b 100644 --- a/.github/workflows/tfsec.yaml +++ b/.github/workflows/tfsec.yaml @@ -14,7 +14,7 @@ jobs: id-token: write security-events: write steps: - - uses: dasmeta/reusable-actions-workflows/tfsec@main + - uses: dasmeta/reusable-actions-workflows/tfsec@4.2.0 with: fetch-depth: 0 continue-on-error: true From 44f8fb99360ae0b54a3ee8200a1cf8c53c91144b Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:05 +0400 Subject: [PATCH 04/19] Change by terraform in repo workflow config, Add .github/workflows/pr-title-checker.yaml --- .github/workflows/pr-title-checker.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 .github/workflows/pr-title-checker.yaml diff --git a/.github/workflows/pr-title-checker.yaml b/.github/workflows/pr-title-checker.yaml new file mode 100644 index 0000000..0ad09fb --- /dev/null +++ b/.github/workflows/pr-title-checker.yaml @@ -0,0 +1,16 @@ +name: 'PR Title Checker' +on: + pull_request: + types: [edited, opened, synchronize, reopened] + +jobs: + title-check: + runs-on: ubuntu-latest + steps: + - uses: deepakputhraya/action-pr-title@v1.0.2 + with: + regex: 'DMVP-[0-9]*:' # Regex the title should match. + allowed_prefixes: 'DMVP-' # title should start with the given prefix + prefix_case_sensitive: false # title prefix are case insensitive + min_length: 5 # Min length of the title + max_length: -1 # Max length of the title From d8500910543e4c182778f5372a07c2501fe3f19f Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:06 +0400 Subject: [PATCH 05/19] Change by terraform in repo workflow config, Add githooks/commit-msg --- githooks/commit-msg | 61 +++++++++++++++------------------------------ 1 file changed, 20 insertions(+), 41 deletions(-) diff --git a/githooks/commit-msg b/githooks/commit-msg index 009fca5..b760692 100644 --- a/githooks/commit-msg +++ b/githooks/commit-msg @@ -1,41 +1,20 @@ -{ - "convention" : { - "commitTypes": [ - "feat", - "fix", - "perf", - "refactor", - "style", - "test", - "build", - "ops", - "docs", - "merge", - "chore" - ], - "commitScopes": [], - "releaseTagGlobPattern": "v[0-9]*.[0-9]*.[0-9]*", - "issueRegexPattern": "(^|\\s)#\\d+(\\s|$)" - }, - "changelog" : { - "commitTypes": [ - "feat", - "fix", - "perf", - "merge" - ], - "includeInvalidCommits": true, - "commitScopes": [], - "commitIgnoreRegexPattern": "^WIP ", - "headlines": { - "feat": "Features", - "fix": "Bug Fixes", - "perf": "Performance Improvements", - "merge": "Merged Branches", - "breakingChange": "BREAKING CHANGES" - }, - "commitUrl": "https://github.com/ACCOUNT/REPOSITORY/commit/%commit%", - "commitRangeUrl": "https://github.com/ACCOUNT/REPOSITORY/compare/%from%...%to%?diff=split", - "issueUrl": "https://github.com/ACCOUNT/REPOSITORY/issues/%issue%" - } -} +#!/usr/bin/env bash +# File generated by pre-commit: https://pre-commit.com +# ID: 138fd403232d2ddd5efb44317e38bf03 + +# start templated +INSTALL_PYTHON=/usr/bin/python3 +ARGS=(hook-impl --config=.pre-commit-config.yaml --hook-type=commit-msg) +# end templated + +HERE="$(cd "$(dirname "$0")" && pwd)" +ARGS+=(--hook-dir "$HERE" -- "$@") + +if command -v pre-commit > /dev/null; then + exec pre-commit "${ARGS[@]}" +elif [ -x "$INSTALL_PYTHON" ]; then + exec "$INSTALL_PYTHON" -mpre_commit "${ARGS[@]}" +else + echo '`pre-commit` not found. Did you forget to activate your virtualenv?' 1>&2 + exit 1 +fi From 611a27ae1b0c68ab3c93a52f6d02b238ccd7d3c5 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:08 +0400 Subject: [PATCH 06/19] Change by terraform in repo workflow config, Add .github/workflows/branch-name-check.yaml --- .github/workflows/branch-name-check.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .github/workflows/branch-name-check.yaml diff --git a/.github/workflows/branch-name-check.yaml b/.github/workflows/branch-name-check.yaml new file mode 100644 index 0000000..396e83c --- /dev/null +++ b/.github/workflows/branch-name-check.yaml @@ -0,0 +1,14 @@ +name: 'Branch Naming Check' +on: pull_request + +jobs: + branch-naming-rules: + runs-on: ubuntu-latest + steps: + - uses: deepakputhraya/action-branch-name@master + with: + regex: 'DMVP-[0-9]*' # Regex the branch should match. This example enforces grouping + allowed_prefixes: 'DMVP-' # All branches should start with the given prefix + ignore: master,develop # Ignore exactly matching branch names from convention + min_length: 5 # Min length of the branch name + max_length: 30 # Max length of the branch name From f717b3f8918b008fce906c4b4b677fdd25624785 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:09 +0400 Subject: [PATCH 07/19] Change by terraform in repo workflow config, Add .github/workflows/terraform-test.yaml --- .github/workflows/terraform-test.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform-test.yaml b/.github/workflows/terraform-test.yaml index 6f1c8ec..8a0f009 100644 --- a/.github/workflows/terraform-test.yaml +++ b/.github/workflows/terraform-test.yaml @@ -16,9 +16,9 @@ jobs: matrix: path: - / - + steps: - - uses: dasmeta/reusable-actions-workflows/terraform-test@main + - uses: dasmeta/reusable-actions-workflows/terraform-test@4.2.0 with: aws-region: ${{ secrets.AWS_REGION}} aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} From 2026f79856977cd01e2a51febc9c9b1a8a0312f8 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:11 +0400 Subject: [PATCH 08/19] Change by terraform in repo workflow config, Add .pre-commit-config.yaml --- .pre-commit-config.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1e2bb60..cd2b6fa 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -26,3 +26,11 @@ repos: - --hook-config=--path-to-file=README.md - --hook-config=--add-to-existing-file=true - --hook-config=--create-file-if-not-exist=true + - repo: https://github.com/qoomon/git-conventional-commits + rev: v2.4.0 + hooks: + - id: conventional-commits + - repo: https://github.com/zricethezav/gitleaks + rev: v8.12.0 + hooks: + - id: gitleaks From bb33fd752b8a94e36a813546e2bc383ac5028d55 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:21 +0400 Subject: [PATCH 09/19] Change by terraform in repo workflow config, Add .github/workflows/pre-commit.yaml --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 848929c..f43ab25 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -14,7 +14,7 @@ jobs: id-token: write steps: - name: Pre-Commit - uses: dasmeta/reusable-actions-workflows/pre-commit@main + uses: dasmeta/reusable-actions-workflows/pre-commit@4.2.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} From c1de831b7ce9cfb2287fc693fe4a729ac1c6226f Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:26 +0400 Subject: [PATCH 10/19] Change by terraform in repo workflow config, Add githooks/pre-commit From 631cd8cc2422a7cdad51f8bc6f3ab3c6b52ef317 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:28 +0400 Subject: [PATCH 11/19] Change by terraform in repo workflow config, Add git-conventional-commits.json From 6228e1a361ad71235076b356f3af5a2c90df3e50 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:30 +0400 Subject: [PATCH 12/19] Change by terraform in repo workflow config, Add .github/workflows/semantic-release.yaml --- .github/workflows/semantic-release.yaml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/semantic-release.yaml diff --git a/.github/workflows/semantic-release.yaml b/.github/workflows/semantic-release.yaml new file mode 100644 index 0000000..93f58dc --- /dev/null +++ b/.github/workflows/semantic-release.yaml @@ -0,0 +1,22 @@ +name: Semantic-Release +on: [pull_request, push] +jobs: + publish: + runs-on: ubuntu-latest + permissions: + actions: write + contents: write + discussions: write + pull-requests: write + id-token: write + steps: + - uses: actions/checkout@v2 + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: 16 + - name: Semantic Release + uses: cycjimmy/semantic-release-action@v3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} From fd0cedcd0026568d75413c9cb8420634458acafc Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:32 +0400 Subject: [PATCH 13/19] Change by terraform in repo workflow config, Add commitlint.config.js From 8ccf26338b860caa8a3fbec7073cfd762c12a107 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:33 +0400 Subject: [PATCH 14/19] Change by terraform in repo workflow config, Add package.json From f40944bec6674a1fe74b406d0fa2e7fc216caf03 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:35 +0400 Subject: [PATCH 15/19] Change by terraform in repo workflow config, Add .github/workflows/checkov.yaml --- .github/workflows/checkov.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checkov.yaml b/.github/workflows/checkov.yaml index bf97c32..960e52f 100644 --- a/.github/workflows/checkov.yaml +++ b/.github/workflows/checkov.yaml @@ -17,9 +17,9 @@ jobs: matrix: path: - / - + steps: - - uses: dasmeta/reusable-actions-workflows/checkov@main + - uses: dasmeta/reusable-actions-workflows/checkov@4.2.0 with: fetch-depth: 0 directory: ${{ matrix.path }} From a4520f682478968bd83d9170e62541dfcfbbea7b Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 13 Oct 2023 17:42:36 +0400 Subject: [PATCH 16/19] Change by terraform in repo workflow config, Add .github/workflows/infracost.yaml --- .github/workflows/infracost.yaml | 57 ++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 .github/workflows/infracost.yaml diff --git a/.github/workflows/infracost.yaml b/.github/workflows/infracost.yaml new file mode 100644 index 0000000..b4be8fa --- /dev/null +++ b/.github/workflows/infracost.yaml @@ -0,0 +1,57 @@ +name: Infracost +on: + pull_request: + push: + branches: [main, master] +jobs: + terraform-validate: + runs-on: ubuntu-latest + permissions: + actions: write + contents: write + discussions: write + pull-requests: write + security-events: write + id-token: write + strategy: + matrix: + path: + - / + + steps: + - name: Setup Infracost + uses: infracost/actions/setup@v2 + with: + api-key: ${{secrets.INFRACOST_API_KEY}} + + - name: Checkout base branch + uses: actions/checkout@v3 + with: + ref: '${{ github.event.pull_request.base.ref }}' + + - name: Generate Infracost cost estimate baseline + run: | + infracost breakdown --path=${{ matrix.path }} \ + --format=json \ + --out-file=/tmp/infracost-base.json + continue-on-error: true + + - name: Checkout PR branch + uses: actions/checkout@v3 + + - name: Generate Infracost diff + run: | + infracost diff --path=${{ matrix.path }}\ + --format=json \ + --compare-to=/tmp/infracost-base.json \ + --out-file=/tmp/infracost.json + continue-on-error: true + + - name: Post Infracost comment + run: | + infracost comment github --path=/tmp/infracost.json \ + --repo=$GITHUB_REPOSITORY \ + --github-token=${{github.token}} \ + --pull-request=${{github.event.pull_request.number}} \ + --behavior=update + continue-on-error: true From 39e6cefcc55aea8097a611d00f62c24bd6d3b37b Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 3 Nov 2023 13:56:28 +0400 Subject: [PATCH 17/19] Change by terraform in repo workflow config, Add .github/workflows/infracost.yaml --- .github/workflows/infracost.yaml | 57 -------------------------------- 1 file changed, 57 deletions(-) delete mode 100644 .github/workflows/infracost.yaml diff --git a/.github/workflows/infracost.yaml b/.github/workflows/infracost.yaml deleted file mode 100644 index b4be8fa..0000000 --- a/.github/workflows/infracost.yaml +++ /dev/null @@ -1,57 +0,0 @@ -name: Infracost -on: - pull_request: - push: - branches: [main, master] -jobs: - terraform-validate: - runs-on: ubuntu-latest - permissions: - actions: write - contents: write - discussions: write - pull-requests: write - security-events: write - id-token: write - strategy: - matrix: - path: - - / - - steps: - - name: Setup Infracost - uses: infracost/actions/setup@v2 - with: - api-key: ${{secrets.INFRACOST_API_KEY}} - - - name: Checkout base branch - uses: actions/checkout@v3 - with: - ref: '${{ github.event.pull_request.base.ref }}' - - - name: Generate Infracost cost estimate baseline - run: | - infracost breakdown --path=${{ matrix.path }} \ - --format=json \ - --out-file=/tmp/infracost-base.json - continue-on-error: true - - - name: Checkout PR branch - uses: actions/checkout@v3 - - - name: Generate Infracost diff - run: | - infracost diff --path=${{ matrix.path }}\ - --format=json \ - --compare-to=/tmp/infracost-base.json \ - --out-file=/tmp/infracost.json - continue-on-error: true - - - name: Post Infracost comment - run: | - infracost comment github --path=/tmp/infracost.json \ - --repo=$GITHUB_REPOSITORY \ - --github-token=${{github.token}} \ - --pull-request=${{github.event.pull_request.number}} \ - --behavior=update - continue-on-error: true From bcfe787a105a4a7d4e63d84369f23b52412b6706 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 3 Nov 2023 13:58:29 +0400 Subject: [PATCH 18/19] Change by terraform in repo workflow config, Add .github/dependabot.yaml --- .github/dependabot.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index be5dc92..2509343 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -2,12 +2,16 @@ version: 2 updates: - - package-ecosystem: github-actions + - package-ecosystem: "github-actions" directory: "/" schedule: interval: "daily" + commit-message: + prefix: feat - - package-ecosystem: terraform + - package-ecosystem: "terraform" directory: "/" schedule: interval: "daily" + commit-message: + prefix: feat From 600415aa4951c67b927e9d0b96cca1a68c730d26 Mon Sep 17 00:00:00 2001 From: Viktorya Ghazaryan <76973530+viktoryathegreat@users.noreply.github.com> Date: Fri, 3 Nov 2023 13:59:24 +0400 Subject: [PATCH 19/19] Change by terraform in repo workflow config, Add .github/workflows/semantic-release.yaml --- .github/workflows/semantic-release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/semantic-release.yaml b/.github/workflows/semantic-release.yaml index 93f58dc..d6ce913 100644 --- a/.github/workflows/semantic-release.yaml +++ b/.github/workflows/semantic-release.yaml @@ -10,13 +10,13 @@ jobs: pull-requests: write id-token: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v3 with: node-version: 16 - name: Semantic Release - uses: cycjimmy/semantic-release-action@v3 + uses: cycjimmy/semantic-release-action@v4 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }}