⚠️ CONFLICT! Lineage pull request for: skeleton #95
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Nick <[email protected]>
Co-authored-by: Nick <[email protected]>
Co-authored-by: Nick <[email protected]>
This is done automatically with the `pre-commit autoupdate` command. The pre-commit/mirrors-prettier was manually held back because the latest tags are for alpha releases of the next major version.
The hook is manually updated to the last v3 tag available from the pre-commit/mirrors-prettier repository. We then add the latest release of v3 available from NPM as an additional depdency.
…max/ghaction-github-status-4 Bump crazy-max/ghaction-github-status from 3 to 4
…abel-sync-workflow Add a diagnostics job for the label syncing workflow
…-configs Make the dev team the owners of the linter configuration files
…orp/setup-terraform-3 Bump hashicorp/setup-terraform from 2 to 3
…_queues Improve merge queue support
…s/setup-go-5 Bump actions/setup-go from 4 to 5
…s/setup-python-5 Bump actions/setup-python from 4 to 5
Update `pre-commit` hooks
…steps Set the default `shell` for all `run` steps in the `build` workflow
…pecify_python Allow setup-env to specify Python version
…om_action Use `cisagov/setup-env-github-action` to provide the Python and Go versions to use
…ok_for_shfmt Switch the pre-commit hook used to run `shfmt`
Add a pre-commit hook to run `goimports`
…upport_terraform-docs Add ATX Header Support for `terraform-docs`
This hook bundles the binaries for shellcheck with a Python package which removes the need to ensure the tool is installed for the hook to function. It also ties the version of shellcheck used to the hook which will help guarantee consistency.
…ok_for_shellcheck Switch the pre-commit hook used to run `shellcheck`
This commit will make a few changes. The orginal version of the semantic checking function was a bit more difficult to read. It is now somewhat easier to follow how the regex is structured. Also the function has been renamed to check_python_version since it has 2 functions, making sure that the version is semantically correct and the second is to make sure that it is installed on the user's machine. This makes it easier to follow the logic for the flags, -p or --python-version and -l or --list-versions
…ttps://github.com/cisagov/skeleton-generic into improvement/correct-semantic-python-version-checks
Apply our standard job preamble via cisagov/action-job-preamble
CodeQL now supports GitHub Actions as a language, so it makes sense to add such a workflow to this repository. See this link for more details: https://github.blog/changelog/2024-12-17-find-and-fix-actions-workflows-vulnerabilities-with-codeql-public-preview/
Also correctly sort YAML keys. Co-authored-by: Nick <[email protected]>
This aligns with the changes in cisagov/skeleton-generic#201. Co-authored-by: Nick M <[email protected]>
Children of this skeleton repository will require this Dependabot ignore directive.
Use cisagov/action-job-preamble instead of crazy-max/ghaction-github-status and crazy-max/ghaction-dump-context directly.
This action reviews dependency changes for vulnerabilities and license changes.
This aligns with the changes in cisagov/skeleton-generic#201. Co-authored-by: Nick M <[email protected]>
Children of this skeleton repository will require this Dependabot ignore directive.
Use cisagov/action-job-preamble instead of crazy-max/ghaction-github-status and crazy-max/ghaction-dump-context directly. Also disable permissions monitoring since it is poorly implemented and has been causing a lot of problems due to hogging or leaking memory.
…alysis Add a CodeQL workflow to this repository
…tion-to-lint-job Add a workflow to run `actions/dependency-review-action`
Add version file and `bump-version` script
Update `pre-commit` hook versions
But do leave a commented-out line that can be uncommented to do so. The idea is that we should only comment out this functionality where we really must. Co-authored-by: Nick M <[email protected]>
…-monitoring-by-default Do not disable GitHub permissions monitoring by default
Now that CodeQL is used in the upstream cisagov/skeleton-generic project we should allow management of the github/codeql-action action to be handled upstream.
This action replaces the individual use of GitHubSecurityLab/actions-permissions/monitor and step-security/harden-runner just as was done for the diagnostics and lint jobs.
The GitHubSecurityLabs/actions-permissions/monitor action keeps causing build failures in this job due to network connectivity issues when trying to download dependencies. Thus we must disable it to allow the build to succeed.
⚠️ CONFLICT! Lineage pull request for: skeleton
Since the only thing being cached in the `build` and `build-push-all` jobs is Docker info it makes sense to let the action handle caching since it supports caching directly with the Actions cache.
We set the cache mode to `max` for the docker/build-push-action action so we should explain why we are overriding the default of `min`. Co-authored-by: dav3r <[email protected]>
…kerhub_readme Move the Docker Hub description update to its own job
…ly_for_image_building Let `docker/build-push-action` handle caching
# Conflicts: # .github/dependabot.yml # .github/lineage.yml # .github/workflows/build.yml
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Lineage Pull Request: CONFLICT
Lineage has created this pull request to incorporate new changes found in an
upstream repository:
Upstream repository:
https://github.com/cisagov/skeleton-docker.gitRemote branch:
HEADCheck the changes in this pull request to ensure they won't cause issues with
your project.
The
lineage/skeletonbranch has one or more unresolved merge conflictsthat you must resolve before merging this pull request!
How to resolve the conflicts
Take ownership of this pull request by removing any other assignees.
Clone the repository locally, and reapply the merge:
Review the changes displayed by the
statuscommand. Fix any conflicts andpossibly incorrect auto-merges.
After resolving each of the conflicts,
addyour changes to thebranch,
commit, andpushyour changes:Note that you may append to the default merge commit message
that git creates for you, but please do not delete the existing
content. It provides useful information about the merge that is
being performed.
Wait for all the automated tests to pass.
Confirm each item in the "Pre-approval checklist" below.
Remove any of the checklist items that do not apply.
Ensure every remaining checkbox has been checked.
Mark this draft pull request "Ready for review".
✅ Pre-approval checklist
Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!
in code comments.
to reflect the changes in this PR.
✅ Pre-merge checklist
Remove any of the following that do not apply. These boxes should
remain unchecked until the pull request has been approved.
appropriate
via the
bump_version.shscript if this repository isversioned and the changes in this PR warrant a version
bump.
✅ Post-merge checklist
Remove any of the following that do not apply.
Note
You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.
For more information:
🛠 Lineage configurations for this project are stored in
.github/lineage.yml📚 Read more about Lineage