diff --git a/.circleci/config.yml b/.circleci/config.yml index e82b19f7..8d10e716 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,7 +2,7 @@ version: 2.1 orbs: - architect: giantswarm/architect@4.29.0 + architect: giantswarm/architect@4.33.0 commands: run-ats: diff --git a/.github/workflows/zz_generated.add-team-labels.yaml b/.github/workflows/zz_generated.add-team-labels.yaml index 9e96e1d5..4a2db906 100644 --- a/.github/workflows/zz_generated.add-team-labels.yaml +++ b/.github/workflows/zz_generated.add-team-labels.yaml @@ -14,7 +14,7 @@ jobs: mkdir -p artifacts wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ -O artifacts/users.yaml \ - https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml + https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml - name: Upload Artifact uses: actions/upload-artifact@v3 with: @@ -45,7 +45,7 @@ jobs: done echo "EOF" >> $GITHUB_ENV - name: Apply label to issue - if: ${{ env.LABEL != '' }} + if: ${{ env.LABEL != '' && env.LABEL != 'null' && env.LABEL != null }} uses: actions-ecosystem/action-add-labels@v1 with: github_token: ${{ secrets.ISSUE_AUTOMATION }} diff --git a/.github/workflows/zz_generated.add-to-project-board.yaml b/.github/workflows/zz_generated.add-to-project-board.yaml index 0392ed51..ae6b3986 100644 --- a/.github/workflows/zz_generated.add-to-project-board.yaml +++ b/.github/workflows/zz_generated.add-to-project-board.yaml @@ -16,7 +16,7 @@ jobs: mkdir -p artifacts wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ -O artifacts/users.yaml \ - https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml + https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml - name: Upload Artifact uses: actions/upload-artifact@v3 with: @@ -28,7 +28,7 @@ jobs: mkdir -p artifacts wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ -O artifacts/labels.yaml \ - https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/label-mapping.yaml + https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/label-mapping.yaml - name: Upload Artifact uses: actions/upload-artifact@v3 with: @@ -56,7 +56,7 @@ jobs: echo "BOARD=${BOARD}" >> $GITHUB_ENV - name: Add issue to personal board - if: ${{ env.BOARD != 'null' && env.BOARD != '' }} + if: ${{ env.BOARD != 'null' && env.BOARD != '' && env.BOARD != null }} uses: actions/add-to-project@main with: project-url: ${{ env.BOARD }} @@ -82,7 +82,7 @@ jobs: echo "BOARD=${BOARD}" >> $GITHUB_ENV - name: Add issue to team board - if: ${{ env.BOARD != 'null' && env.BOARD != '' }} + if: ${{ env.BOARD != 'null' && env.BOARD != '' && env.BOARD != null }} uses: actions/add-to-project@main with: project-url: ${{ env.BOARD }} diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml index 15b85a05..3126cdf5 100644 --- a/.github/workflows/zz_generated.check_values_schema.yaml +++ b/.github/workflows/zz_generated.check_values_schema.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.1.1 +# devctl@6.14.0 # name: 'Values and schema' on: @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -34,6 +34,12 @@ jobs: run: | for chart_yaml in helm/*/Chart.yaml; do helm_dir="${chart_yaml%/Chart.yaml}" + + if [ ! -f ${helm_dir}/values.schema.json ]; then + echo "Skipping validation for '${helm_dir}' folder, because 'values.schema.json' does not exist..." + continue + fi + values=${helm_dir}/values.yaml if [ -f ${helm_dir}/ci/ci-values.yaml ]; then # merge ci-values.yaml into values.yaml (providing required values) diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml index d75983be..2df0ad9d 100644 --- a/.github/workflows/zz_generated.create_release.yaml +++ b/.github/workflows/zz_generated.create_release.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.1.1 +# devctl@6.14.0 # name: Create Release on: @@ -15,7 +15,7 @@ on: jobs: debug_info: name: Debug info - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: Print github context JSON run: | @@ -24,7 +24,7 @@ jobs: EOF gather_facts: name: Gather facts - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 outputs: project_go_path: ${{ steps.get_project_go_path.outputs.path }} ref_version: ${{ steps.ref_version.outputs.refversion }} @@ -53,7 +53,7 @@ jobs: echo "version=${version}" >> $GITHUB_OUTPUT - name: Checkout code if: ${{ steps.get_version.outputs.version != '' }} - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Get project.go path id: get_project_go_path if: ${{ steps.get_version.outputs.version != '' }} @@ -84,7 +84,7 @@ jobs: echo "refversion=${refversion}" >> $GITHUB_OUTPUT update_project_go: name: Update project.go - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 if: ${{ needs.gather_facts.outputs.version != '' && needs.gather_facts.outputs.project_go_path != '' && needs.gather_facts.outputs.ref_version != 'true' }} needs: - gather_facts @@ -103,7 +103,7 @@ jobs: tarball_binary_path: "*/src/${binary}" smoke_test: "${binary} --version" - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Update project.go id: update_project_go env: @@ -143,10 +143,10 @@ jobs: version: "${{ needs.gather_facts.outputs.version }}" title: "Bump version to ${{ steps.update_project_go.outputs.new_version }}" run: | - hub pull-request -f -m "${{ env.title }}" -b ${{ env.base }} -h ${{ env.branch }} -r ${{ github.actor }} + gh pr create --title "${{ env.title }}" --body "" --base ${{ env.base }} --head ${{ env.branch }} --reviewer ${{ github.actor }} create_release: name: Create release - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 needs: - gather_facts if: ${{ needs.gather_facts.outputs.version }} @@ -154,7 +154,7 @@ jobs: upload_url: ${{ steps.create_gh_release.outputs.upload_url }} steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.sha }} - name: Ensure correct version in project.go @@ -194,7 +194,7 @@ jobs: create-release-branch: name: Create release branch - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 needs: - gather_facts if: ${{ needs.gather_facts.outputs.version }} @@ -208,7 +208,7 @@ jobs: tarball_binary_path: "*/src/${binary}" smoke_test: "${binary} --version" - name: Check out the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 # Clone the whole history, not just the most recent commit. - name: Fetch all tags and branches diff --git a/.github/workflows/zz_generated.create_release_pr.yaml b/.github/workflows/zz_generated.create_release_pr.yaml index 4e2eff1e..40d9bb1b 100644 --- a/.github/workflows/zz_generated.create_release_pr.yaml +++ b/.github/workflows/zz_generated.create_release_pr.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.1.1 +# devctl@6.14.0 # name: Create Release PR on: @@ -30,7 +30,7 @@ on: jobs: debug_info: name: Debug info - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: Print github context JSON run: | @@ -39,7 +39,7 @@ jobs: EOF gather_facts: name: Gather facts - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 outputs: repo_name: ${{ steps.gather_facts.outputs.repo_name }} branch: ${{ steps.gather_facts.outputs.branch }} @@ -136,7 +136,7 @@ jobs: fi create_release_pr: name: Create release PR - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 needs: - gather_facts if: ${{ needs.gather_facts.outputs.skip != 'true' }} @@ -152,7 +152,7 @@ jobs: binary: "architect" version: "6.11.0" - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ needs.gather_facts.outputs.branch }} - name: Prepare release changes @@ -227,4 +227,4 @@ jobs: base: "${{ needs.gather_facts.outputs.base }}" version: "${{ needs.gather_facts.outputs.version }}" run: | - hub pull-request -f -m "Release v${{ env.version }}" -a ${{ github.actor }} -b ${{ env.base }} -h ${{ needs.gather_facts.outputs.branch }} + gh pr create --assignee ${{ github.actor }} --title "Release v${{ env.version }}" --body "" --base ${{ env.base }} --head "${{ needs.gather_facts.outputs.branch }}" diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml index 2a5f4fb6..6efd6284 100644 --- a/.github/workflows/zz_generated.gitleaks.yaml +++ b/.github/workflows/zz_generated.gitleaks.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.1.1 +# devctl@6.14.0 # name: gitleaks @@ -10,8 +10,8 @@ jobs: gitleaks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: '0' - name: gitleaks-action - uses: zricethezav/gitleaks-action@v1.6.0 + uses: giantswarm/gitleaks-action@main diff --git a/.github/workflows/zz_generated.update_chart.yaml b/.github/workflows/zz_generated.update_chart.yaml index ea4d2137..a72475a3 100644 --- a/.github/workflows/zz_generated.update_chart.yaml +++ b/.github/workflows/zz_generated.update_chart.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.18.2 +# devctl@6.14.0 # # @@ -21,7 +21,7 @@ on: jobs: debug_info: name: Debug info - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: Print github context JSON run: | @@ -30,7 +30,7 @@ jobs: EOF gather_facts: name: Gather facts - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 outputs: repo_name: ${{ steps.gather_facts.outputs.repo_name }} branch: ${{ steps.gather_facts.outputs.branch }} @@ -60,23 +60,25 @@ jobs: - name: Check if PR exists id: pr_exists env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" run: | - if gh pr view --repo ${{ github.repository }} ${{ steps.gather_facts.outputs.branch }} | grep -i 'state:[[:space:]]*open' >/dev/null; then - gh pr view --repo ${{ github.repository }} ${{ steps.gather_facts.outputs.branch }} + head="${{ steps.gather_facts.outputs.branch }}" + branch="${head#refs/heads/}" # Strip "refs/heads/" prefix. + if gh pr view --repo "${{ github.repository }}" "${branch}" --json state --jq .state | grep -i 'open' > /dev/null; then + gh pr view --repo "${{ github.repository }}" "${branch}" echo "skip=true" >> $GITHUB_OUTPUT else echo "skip=false" >> $GITHUB_OUTPUT fi create_update_pr: name: Create update PR - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 needs: - gather_facts if: ${{ needs.gather_facts.outputs.skip != 'true' }} steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ needs.gather_facts.outputs.branch }} - name: Install vendir @@ -110,20 +112,25 @@ jobs: make update-chart APPLICATION="${chart}" - name: Set up git identity run: | - git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" - git config --local user.name "github-actions[bot]" + git config --local user.email "dev@giantswarm.io" + git config --local user.name "taylorbot" - name: Create update commit run: | git add -A - git commit -m "Sync chart with upstream." + git commit -m "Automated update from upstream" - name: Push changes env: - remote_repo: "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" + remote_repo: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git" run: | git push "${remote_repo}" HEAD:${{ needs.gather_facts.outputs.branch }} - name: Update PR env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" base: "${{ needs.gather_facts.outputs.base }}" run: | - hub pull-request -f -m "Update chart from upstream" -m "This PR was created by the \`update-chart\` automated workflow." -m "**:warning: Make sure all tests have passed before merging.**" -l "automated-update" -a ${{ github.actor }} -b ${{ env.base }} -h ${{ needs.gather_facts.outputs.branch }} + gh pr create --title "Automated update from upstream" --label "automated-update" --assignee ${{ github.actor }} --base ${{ env.base }} --head ${{ needs.gather_facts.outputs.branch }} --body-file - << EOF + This PR was created by the \`update-chart\` GitHub Actions workflow. + - [ ] **:warning: All tests are passing** + - [ ] **:warning: The CHANGELOG.md file has been updated** + - [ ] **:warning: Additional changes in ignored files (see vendir.yml) have been adapted and migrated** + EOF diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index dd9b9d76..86048b62 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -6,7 +6,7 @@ repos: # format Python code with black - repo: https://github.com/psf/black - rev: 23.3.0 + rev: 23.10.0 hooks: - id: black language_version: python3 @@ -34,12 +34,12 @@ repos: # static type checking with mypy - repo: https://github.com/pre-commit/mirrors-mypy - rev: v1.3.0 + rev: v1.6.1 hooks: - id: mypy - repo: https://github.com/pycqa/flake8 - rev: '6.0.0' # pick a git hash / tag to point to + rev: '6.1.0' # pick a git hash / tag to point to hooks: - id: flake8 @@ -51,12 +51,12 @@ repos: args: [ --format=json ] - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.34.0 + rev: v0.37.0 hooks: - id: markdownlint - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.4.0 + rev: v4.5.0 hooks: - id: check-added-large-files - id: check-docstring-first diff --git a/Makefile b/Makefile index b19e4381..0f7f27b8 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.1.1 +# devctl@6.14.0 # include Makefile.*.mk diff --git a/Makefile.gen.app.mk b/Makefile.gen.app.mk index 0af26ad5..3787b357 100644 --- a/Makefile.gen.app.mk +++ b/Makefile.gen.app.mk @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.1.1 +# devctl@6.14.0 # ##@ App diff --git a/renovate.json b/renovate.json deleted file mode 100644 index 05aefaa3..00000000 --- a/renovate.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "extends": [ - "config:base", - ":reviewer(team:team-shield)" - ], - "labels": ["dependencies", "renovate"], - "assigneesFromCodeOwners": true, - "packageRules": [ - { - "matchUpdateTypes": ["patch", "pin", "digest"], - "automerge": true - } - ], - "dependencyDashboard": true, - "ignorePaths": [ - ".github/workflows/zz_generated.*", - ".github/workflows/codeql-analysis.yml" - ], - "ignoreDeps": [ - "architect", - "zricethezav/gitleaks-action", - "actions/setup-go" - ], - "regexManagers": [ - { - "fileMatch": ["^helm\\/.+\\/values\\.yaml$"], - "matchStrings": ["repo: (?.*)\n(\\s)*version: (?.*?)\n"], - "datasourceTemplate": "github-releases", - "extractVersionTemplate": "^v(?.*)$" - } - ], - "schedule": [ "after 6am on thursday" ] -} diff --git a/renovate.json5 b/renovate.json5 new file mode 100644 index 00000000..6e730b58 --- /dev/null +++ b/renovate.json5 @@ -0,0 +1,8 @@ +{ + "extends": [ + // Base config - https://github.com/giantswarm/renovate-presets/blob/main/default.json5 + "github>giantswarm/renovate-presets:default.json5", + // Python specific config - https://github.com/giantswarm/renovate-presets/blob/main/lang-python.json5 + "github>giantswarm/renovate-presets:lang-python.json5", + ], +}