Lineage pull request for: skeleton #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cisagovbot
requested review from
dav3r,
felddy,
jsf9k and
mcdonnnj
as code owners
cisagovbot
added
the
upstream update
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
|
This one still has foo from the previous Lineage PR present. I think @mcdonnnj is the person best suited to resolve this one. |
This will run the Go tool `goimports` against the repository if it contains any Go files. This tool bundles the functionality of `go fmt` with the additional benefit of sorting Go imports much like the isort tool we use for Python code.
This is a temporary fix until @mcdonnnj has his PR approved and merged into the terraform-docs repo. This fix will perform a shallow clone of his forked branch, build the binary, and install it.
Co-authored-by: Nick <[email protected]>
Co-authored-by: Shane Frasier <[email protected]>
PATH is handled by `setup-go` so we can refactor the code setting it. Also we are taking advantage of the -C switch to handle building from the cloned repository. Co-authored-by: Nick <[email protected]>
`TODO` was placed on the wrong comment block. Also I am adding a link to the issue for the TODO.
Co-authored-by: dav3r <[email protected]>
This commit is introducing 2 new flags into the setup-env script. -l or --list-versions will list available Python versions and allow the user to select a version interactively. The second flag -v or --version will allow a user to set the version if installed. (e.g. ./setup-env -v 3.9.6)
This makes the code a bit cleaner and still accomplishes the same functionality Co-authored-by: Shane Frasier <[email protected]>
Co-authored-by: Shane Frasier <[email protected]>
If the Python version exists then we want the script to continue execution.
pyenv local is run below.
If PYTHON_VERSION is an empty string then the system Python will be used.
This will explicitly define the name for the Compose project.
Ensure that all of the keys in the Compose file are sorted alphabetically.
The value for the `published` key in a `ports` definition is expected to be a string.
Using `compose` instead of `docker-compose` is now the preferred default for Docker Compose files.
Make wording in note more precise
…format Update Docker Compose file
Remove functionality to create special buildx Dockerfile
…mver-pin Add a comment explaining why we pin `semver`
Use the peter-evans/dockerhub-description Action to update the Docker Hub description instead of a bash script.
Instead of updating the description whenever the `build` workflow is run we will only update the description on `push` events to the `develop` branch. This will ensure that only approved edits are pushed to Docker Hub.
…r_hub_update Use a GitHub Action to update the Docker Hub description
This replaces a nonexistent input name with the valid one.
Correct input to the `peter-evans/dockerhub-description` Action
Bump the following package versions: - pip from 24.3.1 to 25.0.1 - pipenv from 2024.4.0 to 2024.4.1 - setuptools from 75.6.0 to 75.8.0
Update the dependencies installed in the Python virtual environment by running `pipenv lock` in the `src/` directory.
…ncies Update image dependencies
Instead of comparing the project version and the version read from the container log directly as strings it makes sense to parse them and contextually compare them. This is important if you are comparing, for example, a Python package version that should match the Docker image, but the Docker image has a build identifier (ex: `1.0.0` and `1.0.0+build.1`). The version should be considered equivalent in this scenario if a project is properly following SemVer versioning.
…on_comparisons Use the `semver` package to parse the log version in testing
Instead of overriding the context and file we can allow the Action to fall back on its default behaviour of using the `git` context to pull the source needed to build the image. This also allows us to remove the actions/checkout Action from the `build` and `build-push-all` jobs.
This instructs prettier to ignore `*.lock` files since they are just JSON files and will be formatted by the pretty-format-json hook.
…ld_jobs Use `docker/build-push-action` default behavior
Add a missing ignore for prettier
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Lineage Pull Request
Lineage has created this pull request to incorporate new changes found in an
upstream repository:
Upstream repository:
https://github.com/cisagov/skeleton-docker.gitRemote branch:
HEADCheck the changes in this pull request to ensure they won't cause issues with
your project.
✅ Pre-approval checklist
Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!
in code comments.
to reflect the changes in this PR.
✅ Pre-merge checklist
Remove any of the following that do not apply. These boxes should
remain unchecked until the pull request has been approved.
appropriate
via the
bump_version.shscript if this repository isversioned and the changes in this PR warrant a version
bump.
✅ Post-merge checklist
Remove any of the following that do not apply.
For more information:
🛠 Lineage configurations for this project are stored in
.github/lineage.yml📚 Read more about Lineage