From 30d3ea7028cc3a33b9835b975c47ebd8c1f5194e Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sun, 4 Feb 2024 20:47:56 -0700 Subject: [PATCH 1/7] chore: standardize repo to template and update README.md --- .adr-dir | 1 + .github/ISSUE_TEMPLATE/bug_report.md | 27 ++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 22 +++++++ .github/ISSUE_TEMPLATE/tech_debt.md | 16 +++++ .github/pull_request_template.md | 20 ++++++ .github/workflows/scorecard.yaml | 50 +++++++++++++++ CONTRIBUTING.md | 50 ++++++++++++--- README.md | 78 ++++++++++------------- SECURITY.md | 9 +++ adr/0001-record-architecture-decisions.md | 23 +++++++ adr/template.md | 19 ++++++ docs/DEVELOPMENT_MAINTENANCE.md | 2 + renovate.json | 45 ++++++------- 13 files changed, 284 insertions(+), 78 deletions(-) create mode 100644 .adr-dir create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/ISSUE_TEMPLATE/tech_debt.md create mode 100644 .github/pull_request_template.md create mode 100644 .github/workflows/scorecard.yaml create mode 100644 SECURITY.md create mode 100644 adr/0001-record-architecture-decisions.md create mode 100644 adr/template.md diff --git a/.adr-dir b/.adr-dir new file mode 100644 index 00000000..0a5ca20a --- /dev/null +++ b/.adr-dir @@ -0,0 +1 @@ +adr diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..d35438a6 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,27 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: 'possible-bug 🐛' +assignees: '' +--- + +### Environment +Device and OS: +App/package versions: +Kubernetes distro being used: +Other: + +### Steps to reproduce +1. + +### Expected result + +### Actual Result + +### Visual Proof (screenshots, videos, text, etc) + +### Severity/Priority + +### Additional Context +Add any other context or screenshots about the technical debt here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 00000000..b25e1c31 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,22 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: 'enhancement ✨' +assignees: '' +--- + +### Is your feature request related to a problem? Please describe. +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +### Describe the solution you'd like + +- **Given** a state +- **When** an action is taken +- **Then** something happens + +### Describe alternatives you've considered +(optional) A clear and concise description of any alternative solutions or features you've considered. + +### Additional context +Add any other context or screenshots about the feature request here. diff --git a/.github/ISSUE_TEMPLATE/tech_debt.md b/.github/ISSUE_TEMPLATE/tech_debt.md new file mode 100644 index 00000000..d4d3e970 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/tech_debt.md @@ -0,0 +1,16 @@ +--- +name: Tech debt +about: Record something that should be investigated or refactored in the future. +title: '' +labels: 'tech-debt 💳' +assignees: '' +--- + +### Describe what should be investigated or refactored +A clear and concise description of what should be changed/researched. Ex. This piece of the code is not DRY enough [...] + +### Links to any relevant code +(optional) i.e. - https://github.com/defenseunicorns/uds-package-gitlab/blob/main/README.md?plain=1#L1 + +### Additional context +Add any other context or screenshots about the technical debt here. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..413259f5 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,20 @@ +## Description + +... + +## Related Issue + +Fixes # + +Relates to # + +## Type of change + +- [ ] Bug fix (non-breaking change which fixes an issue) +- [ ] New feature (non-breaking change which adds functionality) +- [ ] Other (security config, docs update, etc) + +## Checklist before merging + +- [ ] Test, docs, adr added or updated as needed +- [ ] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-package-gitlab/blob/main/CONTRIBUTING.md#developer-workflow) followed diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml new file mode 100644 index 00000000..f9307bf7 --- /dev/null +++ b/.github/workflows/scorecard.yaml @@ -0,0 +1,50 @@ +name: Scorecards supply-chain security +on: + # Only the default branch is supported. + branch_protection_rule: + schedule: + - cron: '30 1 * * 6' + push: + branches: [ "main" ] + +# Declare default permissions as read only. +permissions: read-all + +jobs: + analysis: + name: Scorecards analysis + runs-on: ubuntu-latest + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Used to receive a badge. + id-token: write + + steps: + - name: "Checkout code" + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + persist-credentials: false + + - name: "Run analysis" + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + with: + results_file: results.sarif + results_format: sarif + repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} + publish_results: true + + # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF + # format to the repository Actions tab. + - name: "Upload artifact" + uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + # Upload the results to GitHub's code scanning dashboard. + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12 + with: + sarif_file: results.sarif diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5a0b2b0e..4eef88a7 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,8 +1,8 @@ -# Welcome to the Gitlab UDS Package +# Welcome to the GitLab UDS Capability -Thank you for your interest in this Defense Unicorns UDS Package! +Thank you for your interest in this Defense Unicorns UDS Capability! -This document describes the process and requirements for contributing to this UDS Package. +This document describes the process and requirements for contributing to this UDS Capability. ## Developer Experience @@ -16,12 +16,42 @@ Specifically: * Continuous integration (CI) pipeline tests are definitive * We create immutable release artifacts -## Definition of Done +### Developer Workflow -We apply these general principles to all User Stories and activities contributing to the UDS SWF. +:key: == Required by automation -* Automated continuous integration (CI) pipeline tests pass -* CI pipeline tests have been updated to meet system changes -* Changes are peer reviewed -* Acceptance criteria is met -* Documentation is updated to reflect what changed +1. Drop a comment in any issue to let everyone know you're working on it and submit a Draft PR (step 4) as soon as you are able. +2. :key: Set up your Git config to GPG sign all commits. [Here's some documentation on how to set it up](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits). You won't be able to merge your PR if you have any unverified commits. +3. Create a Draft Pull Request as soon as you can, even if it is just 5 minutes after you started working on it. We lean towards working in the open as much as we can. + > ⚠️ **NOTE:** _:key: We use [Conventional Commit messages](https://www.conventionalcommits.org/) in PR titles so, if you can, use one of `fix:`, `feat:`, `chore:`, `docs:` or similar. If you need help, just use with `wip:` and we'll help with the rest_ +4. :key: Automated tests will begin based on the paths you have edited in your Pull Request. + > ⚠️ **NOTE:** _If you are an external third-party contributor, the pipelines won't run until a [CODEOWNER](./CODEOWNERS) approves the pipeline run._ +5. :key: Be sure to heed the `needs-adr`,`needs-docs`,`needs-tests` labels as appropriate for the PR. Once you have addressed all of the needs, remove the label or request a maintainer to remove it. +6. Once the review is complete and approved, a core member of the project will merge your PR. If you are an external third-party contributor, two core members of the project will be required to approve the PR. +7. Close the issue if it is fully resolved by your PR. _Hint: You can add "Fixes #XX" to the PR description to automatically close an issue when the PR is merged._ + +### Architecture Decision Records (ADR) + +We've chosen to use ADRs to document architecturally significant decisions. We primarily use the guidance found in [this article by Michael Nygard](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions) with a couple of tweaks: + +- The criteria for when an ADR is needed is undefined. The team will decide when the team needs an ADR. +- We will use the tool [adr-tools](https://github.com/npryce/adr-tools) to make it easier on us to create and maintain ADRs. +- We will keep ADRs specific to this package in the repository under `adr/NNNN-name-of-adr.md`. + > `adr-tools` is configured with a dotfile to automatically use this directory and format. +- We will keep ADRs relating to Software Factory as a whole in the [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) repository under `adr/NNNN-name-of-adr.md`. + +### How to use `adr-tools` + +```bash +# Create a new ADR titled "Use Bisquick for all waffle making" +adr new Use Bisquick for all waffle making + +# Create a new ADR that supersedes a previous one. Let's say, for example, that the previous ADR about Bisquick was ADR number 9. +adr new -s 9 Use scratch ingredients for all waffle making + +# Create a new ADR that amends a previous one. Let's say the previous one was ADR number 15 +adr new -l "15:Amends:Amended by" Use store-bought butter for all waffle making + +# Get full help docs. There are all sorts of other helpful commands that help manage the decision log. +adr help +``` diff --git a/README.md b/README.md index ec3f1aea..ebb44ea1 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,14 @@ -# uds-package-gitlab +# UDS GitLab Zarf Package -Bigbang [Gitlab](https://repo1.dso.mil/big-bang/product/packages/gitlab) deployed via flux by zarf +[![Latest Release](https://img.shields.io/github/v/release/defenseunicorns/uds-package-gitlab)](https://github.com/defenseunicorns/uds-package-gitlab/releases) +[![Build Status](https://img.shields.io/github/actions/workflow/status/defenseunicorns/uds-package-gitlab/tag-and-release.yaml)](https://github.com/defenseunicorns/uds-package-gitlab/actions/workflows/tag-and-release.yaml) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-gitlab/badge)](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-gitlab) -## Deployment Prerequisites +This package is designed for use as part of a [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) bundle deployed on [UDS Core](https://github.com/defenseunicorns/uds-core), and is based on the Bigbang [GitLab](https://repo1.dso.mil/big-bang/product/packages/gitlab) chart. -### GitLab Package +## Pre-requisites -The Gitlab Package expects the pieces listed below to exist in the cluster before being deployed. +The GitLab Package expects the pieces listed below to exist in the cluster before being deployed. #### General @@ -31,12 +33,12 @@ The Gitlab Package expects the pieces listed below to exist in the cluster befor #### Object Storage -Object Storage works a bit differently as there are many kinds of file stores gitlab can be configured to use. +Object Storage works a bit differently as there are many kinds of file stores GitLab can be configured to use. - Create the secret `gitlab-object-store` in the `gitlab` namespace with the following keys: - An example for in-cluster Minio can be found in this repository at the path `utils/pkg-deps/gitlab/minio/secret.yaml` - `connection` - - This key refers to the configuration for the main gitlab service. The documentation for what goes in this key is located [here](https://docs.gitlab.com/16.0/ee/administration/object_storage.html#configure-the-connection-settings) + - This key refers to the configuration for the main GitLab service. The documentation for what goes in this key is located [here](https://docs.gitlab.com/16.0/ee/administration/object_storage.html#configure-the-connection-settings) - `registry` - This key refers to the configuration for the gitlab registry. The documentation for what goes in this key is located [here](https://docs.docker.com/registry/configuration/#storage) - `backups` @@ -56,51 +58,39 @@ Object Storage works a bit differently as there are many kinds of file stores gi - uds-gitlab-tmp - These buckets can have a suffix applied via the `BUCKET_SUFFIX` zarf variable (e.x. `-some-deployment-name` plus `uds-gitlab-backups` would be `uds-gitlab-backups-some-deployment-name`) -## Deploying +## Flavors -### Deploy Everything +| Flavor | Description | Example Creation | +| ------ | ----------- | ---------------- | +| upstream | Uses upstream images within the package. | `zarf package create . -f upstream` | +| registry1 | Uses images from registry1.dso.mil within the package. | `zarf package create . -f registry1` | -#### Via Makefile and local package +> :warning: **Note:** To create the registry1 flavor you will need to be logged into Iron Bank - you can find instructions on how to do this in the [Big Bang Zarf Tutorial](https://docs.zarf.dev/docs/zarf-tutorials/big-bang#setup). -```bash -# This will destroy and create a compatible k3d cluster then it will run make build/all and make deploy/all. Follow the breadcrumbs in the Makefile to see what and how its doing it. -make cluster/full -``` +## Releases -### From GHCR OCI Via Zarf +The released packages can be found in [ghcr](https://github.com/defenseunicorns/uds-package-gitlab/pkgs/container/packages%2Fuds%2Fgitlab). -```bash -zarf package deploy ghcr.io/defenseunicorns/uds-capability/gitlab:0.0.6-amd64 -``` +## UDS Tasks (for local dev and CI) -## Building +*For local dev, this requires you install [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) -### Use zarf to login to the needed registries i.e. registry1.dso.mil and ghcr.io +| Task | Description | Example | +| ---- | ----------- | ------- | +| setup-cluster | Uses the `k3d-core-istio` bundle to create a cluster for testing against | `uds run setup-cluster` | +| create-package | Creates just the GitLab package | `uds run create-package --set FLAVOR=` | +| create-test-bundle | Creates GitLab and GitLab dependency packages and then bundles them | `uds run create-test-bundle` | +| deploy-test-bundle | Deploy GitLab and GitLab dependency bundle | `uds run deploy-test-bundle` | +| test-package | Run checks against a deployed package | `uds run test-package` | +| cleanup | Teardown the cluster | `uds run cleanup` | +| cleanup-bundle | Remove the GitLab Bundle | `uds run cleanup-bundle` | -```bash -# Download Zarf -make build/zarf +## Values -# Login to the registry -set +o history +See: +1. [/values/gitlab-values.yaml](/values/gitlab-values.yaml) +2. [/values/upstream.yaml](/values/upstream.yaml) -# registry1.dso.mil (To access registry1 images needed during build time) -export REGISTRY1_USERNAME="YOUR-USERNAME-HERE" -export REGISTRY1_TOKEN="YOUR-TOKEN-HERE" -echo $REGISTRY1_TOKEN | build/zarf tools registry login registry1.dso.mil --username $REGISTRY1_USERNAME --password-stdin +## Contributing -# ghcr.io (If you need to push to GHCR) -export GH_USERNAME="YOUR-USERNAME-HERE" -export GH_TOKEN="YOUR-TOKEN-HERE" -echo $GH_TOKEN | build/zarf tools registry login ghcr.io --username $GH_USERNAME --password-stdin - -set -o history -``` - -### Creating the Package - -```bash -make build/uds-capability-gitlab -``` - -## Documentation +Please see the [CONTRIBUTING.md](./CONTRIBUTING.md) diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..3831fe4b --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,9 @@ +# Security Policy + +## Supported Versions + +As UDS Software Factory has not yet reached v1.0.0, only the current latest minor release is supported. + +## Reporting a Vulnerability + +Please email `security-notice [at] defenseunicorns.com` to report a vulnerability. If you are unable to disclose details via email, please let us know and we can coordinate alternate communications. diff --git a/adr/0001-record-architecture-decisions.md b/adr/0001-record-architecture-decisions.md new file mode 100644 index 00000000..60c36e54 --- /dev/null +++ b/adr/0001-record-architecture-decisions.md @@ -0,0 +1,23 @@ +# 1. Record architecture decisions + +Date: 20224-02-04 + +## Status + +Accepted + +## Context + +> NOTE: +> +> This file was automatically created when we used [adr-tools](https://github.com/npryce/adr-tools) to initialize the document log in the repo. ADRs on ADRs are a little silly, but it does give a lightweight way to direct the reader over to our contributor guide that has a lot more information. + +We need to record the architectural decisions made on this project. + +## Decision + +We will use Architecture Decision Records, as [described by Michael Nygard](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions), with a couple of small tweaks. See the [Documentation section in the Contributor guide](../CONTRIBUTING.md#documentation) for full details. + +## Consequences + +See Michael Nygard's article, linked above. For a lightweight ADR toolset, see Nat Pryce's [adr-tools](https://github.com/npryce/adr-tools). diff --git a/adr/template.md b/adr/template.md new file mode 100644 index 00000000..596fb252 --- /dev/null +++ b/adr/template.md @@ -0,0 +1,19 @@ +# NUMBER. TITLE + +Date: DATE + +## Status + +STATUS + +## Context + +The issue motivating this decision, and any context that influences or constrains the decision. + +## Decision + +The change that we're proposing or have agreed to implement. + +## Consequences + +What becomes easier or more difficult to do and any risks introduced by the change that will need to be mitigated. diff --git a/docs/DEVELOPMENT_MAINTENANCE.md b/docs/DEVELOPMENT_MAINTENANCE.md index 8f7c668b..f721b861 100644 --- a/docs/DEVELOPMENT_MAINTENANCE.md +++ b/docs/DEVELOPMENT_MAINTENANCE.md @@ -2,6 +2,8 @@ ## How to upgrade this capability + + This package is pulling in the [bigbang gitlab chart](https://repo1.dso.mil/big-bang/product/packages/gitlab) The [gitlab-flux-values.yaml](../gitlab-flux-values.yaml) file contains values used when creating the flux resources for this capability. This includes the version of the chart and the base values used for this capability. diff --git a/renovate.json b/renovate.json index 8145c529..abf8a0e7 100644 --- a/renovate.json +++ b/renovate.json @@ -14,13 +14,9 @@ "rebaseStalePrs": true, "schedule": ["after 7am and before 9am every weekday"], "dependencyDashboard": true, - "platform": "github", - "onboarding": false, - "requireConfig": false, "dependencyDashboardTitle": "Renovate Dashboard 🤖", "rebaseWhen": "conflicted", "commitBodyTable": true, - "ignorePaths": ["archive/**"], "suppressNotifications": ["prIgnoreNotification"], "pre-commit": { "enabled": true @@ -31,8 +27,6 @@ "kubernetes": { "fileMatch": ["\\.yaml$"], "ignorePaths": [ - "ansible", - "scripts", ".github" ] }, @@ -42,8 +36,8 @@ "hostType": "docker", "description": "Encrypted creds for registry1, scoped to this Github org using: https://github.com/renovatebot/renovate/blob/main/docs/usage/configuration-options.md#encrypted", "encrypted": { - "username": "wcFMA/xDdHCJBTolARAAiYqwOfwkjFnb7ifSRLxTGwyh5K8sUv4LFnEt9+clanU0hAoab9qY+98XLG9F5q+JuNWW9XSRgEYvg21LPhpux+2n+sF/n5UHNEc0X2C9zPVKBzRBu4RoNlsWNdq+wQaznHuw/iKmcDKddB29GTcXAC27ON78ex4jW4GBBEIY75OYfWUVJl3VM8cbK3t5iPNeldmdtS/1rEe8U2tGRdYvkwbMjM1hscHfc5wK06zt8NKz874jpqDYs9jT3FVrJbG9FHoTsrLvC9cEknu1BR3+LrEEV2UTpN+xkLbkCiI9F3rHwwYrAKpm3VDxjieWP2PbAZcazPvqNrC12pR3QrdbIN+6w7Xc9lIOuCcR+nB1mCTaZv4wGYoHmXat/nW58wAHqGzEnkfgfW7/dXvvZPoV/54CW2B8/iEp3oCf/mHk6tM/nlaN0fOcyFuLthD2t3L8bZEU8v88Bpa9sZgQYTg8vO3zGZeXqTznmq8NfseCXezho0syBize/4c7NI67JoVGJGUtOSZ56cNJkmNEhzH3CCKoD+j6shrojQ1yPLFgfxMa1zkp0tcAJ2dMxBbdMiGRKJcnJLRUi3N0z5I+JdydSZlFFj6Y+w7jWs1cff3mTyFCyhK3USyz+pF/ctTwpWixWWR7Zu/I0lqOr90LMri0bjzOf3xWP0eV3Osbi40BmdjScgG2LbZNVbKesnxaKLqzeubgLz9aTVTjHfHWQ753t4Ge/NPq+618M8JXuujYRc/Hw4bm1G7NHTKxPhiHCmDu+wPsNvt+nUvyk9Wb72XHYNdA8bUjV1gHj/1oSc3yGjOyiyaxDUR+nkPB8B+tr1cMWcVczw", - "password": "wcFMA/xDdHCJBTolAQ/9FqgG7wEhIpomA4DpTgDIQdShdkpUHxRCAaOXOaYamKxmyqQgX0N55hVvMt100/JK0AomtTehrWjsyYmvOA5bi2QqkJgEu7Vk/Nyg+CeJj27lZnbZ2wkWhIPUUZKbnGzNg8vmFqeSbI/nhcwwG+1Iiy06pBf/NB1V8KeezD3ICPJAe7HfW5FYDpuAnqo4ktagTEcmKp9bSztAEmNVgS325mE+SB5oGI7zZre4WLDmYCcawCJfwE2HqiWp9E42oiyEgsAa2RNmy/9RLMRq8QmAJY9UuAMDgyRUKh1bVEh2rhg3pV8N8ImqD8a7y/b5HOH5SE1b459K7rUACimJf8GtQtuUmU3bEhhYzafbN8sB6PByOgWEqPKvcCffLghCzsene4lOyie48rC0UZSTRrNiebcLLeJTnkQsUNm8x6GN34mZU4qkBam7Isvdyc7BcSo2rvMbsuMJEuns8Ua3TQlAab1PXofHjwf7aDPee4hLtJsR75IdeWA3mhPKo2hnZ08cBDwhsB7aXYxrH3rXAbPx7FvgcxGA73gCFwNXLf6S2xHb+D7C/ny4z9XhIQk4BrxKlmPFlfpELoijHQ34VBilM/XkeICbtBJghE31X3Ef/LZdLBsR9gvT4nK+zRRLVnEqndO4YkHFOjwKWQxyaGmN+ZE5gSbPx0R1EBo7vM48merSdgGRZxfF5OodxM/b3+xxBe6CXqi5yYVeNf/Op/lH/5baX6LUQCYHSNPXPHMstFYQm9QBwn6rA2aOYXojRehYwj8ymQo0wJ0TgVtGHDu+ODhTiPjZV1Mm7vVkucl63FLCDe7odIAgNVMBRInDbGYhKmA+I7To1gU" + "username": "wcFMA/xDdHCJBTolAQ//a+5GNAOsD/UOKnqJDdbPRr73EXRgyRdtMOIqDyjGZIKcdVo64StgUb1O37O5bazoyGeYkcISaWjInxRuoBOxqFhdo5cTUIJavjm2Sn75OWCDBUr2Q5/OSluQDbp7QO9g4+cHxcjtldlMswZg0RIoSX8rtAcNvJePvuWDKRHmUSDbWrNoAPaqOUvBIUF+BUR8o2UtKY4c986B9sqz1/ZiyL7vmenuoFi36MPpq123b6xra9/Q8Zb+AGZY6guhI0kmmSvLPwuNpU/W9ocpaUW1jOgJdYDowZqoTC27uozw1rCq38ybL94GMeG+pzWJd7LBVbfpDnU10j5UC5l5coxghh8dBYNzirsRbYW9KMV3CSeRNxOqfUuJ9AfWekCBWQMkueDtop+lzZhpvsPnXYTV6V0+TE+W5lg0wApcGUNM5XsEHV/gchSULZCWUTHpyZfkUoyc3dXax7K9LawrNLLpJg3Oz0c5Y4WXS1SqfY3U6n84Q95URZC+uRl5BqzBwQSQYbWsnon+g3My+GukdhHlynoiJwQo/ch5gIfgiA59VrL/H9L/ABAyYzQ7KUEguQrNh8hbNG0dfpMLMIrdUDhno5vTeccx2k5R/EOQopxZCY+k2Xfqgg5okAG9eQKhhGKcQD+A8y6X2V0cPkHQ35TCi5AObrcQiiemBZUy3G6IJIrSdQFEs+WcBPT4GPgOAsZWUJKU4RU3qdhdUGZy/VwJSsB05/E65fRTGl5i0e5PhIoIbh4uaPgWnbJyvKi87bIIJhe9bxP/m2lDs5GPeXSrvBb0GT3t9l3aHUYW3uKp5GABwmvX6ptMbNoYoQRSLptR/gE80RPFSQ", + "password": "wcFMA/xDdHCJBTolAQ//bu2ZFKmMysjpkOkwQSgLigvUMDw1SHpp1YN8y1LerOqMfTocdswihRFbB/FFRP/bYG1ByhnAvxqhbdV0TRQqYTRXZehrlT+SDEVEJyK9eGS+ozClbccG64ebZSJ4y9rMFW3sK4Ja9ZyAEsX0S4vO88XwJhtOYmMGTXLlcSfiANQB8a9jISzov27FQOzdPx6cEd19FGxmX5vAdH9FWDwhVA6QSTrip4h5tZ6THylNc3md2TGRYUVTxMtsZdp/bnhv+I3LqmodR0vEP9Or/dbhtqnMy2sdS6HsANUaZ+7j4D0qDL7EEcxk+CHM5lM2sSz6u4+J4u01XDkn0HJ/mShPDSWUoU01Va/ZpRL8zw/bjKApDBSgvBOwF7eXfUKqLrg2zURm2quUf7XwuVTXmBMg3DSEuRBlW8kM0rGWGyv7U62sx+2zjK0v2uNHJz0hzWaEfriOQu4B7/avb+CIupfVYGNllyMTuB2ySDMLKN3Q/EB7q97apWqwcnThxRhK7t3e59ea4JDxodxeeTG3m/UgBLBlXCutk7BsC7NQPaSeOzV7mw6AOVQz+Bn0DAGd1x03ITYAcgfYvSW7VCfhrvnmuSVICHA7GTYevC7RBYhexWdgHZb98mIt1vVA2C+h7eqsx+xWhHQFE2+lNRTRmj9ccU/6qz1+3zqHdMQ/WD8MLofSdgFLU/A7qljUm/dk1MEVMtGznukdRpJJV4PsEcwh2OV/9is5KPyFQ83M7sl3/fY+CBaHFEiT4j/bSBznmxL3TuAjMdIT7j0cNsOxnsHllgRHL1qG3S2ZmAQ0Ex4gIUUGn2VbZLyRogJspsjxx5ZYuuYVfhtSaTU" } } ], @@ -76,32 +70,35 @@ { "fileMatch": [".*\/?zarf\\.ya?ml$"], "matchStrings": [ - "-\\s+['\"](?[^:]+):(?.*)['\"]" + "-\\s+['\"]?(?[^:]+):(?.*)['\"]?" ], "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}", "datasourceTemplate": "docker", "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" }, { - "fileMatch": ["^Makefile$"], + "fileMatch": [ + "(^|/)zarf.yaml$" + ], + "matchStringsStrategy": "recursive", "matchStrings": [ - "renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?( extractVersion=(?.*?))?( registryUrl=(?.*?))?\\s.*?=\\s*['\"]?(?.*?)['\"]?\\s" + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-)", + "(?m)name: (?.+)(.|\\n)*?url: (?.+)(.|\\n)*?version: (?.+)" ], - "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}", - "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" - } - ], - "packageRules": [ - { - "matchManagers": ["terraform"], - "matchDepTypes": ["module"], - "matchDatasources": ["github-tags", "git-tags"], - "versioning": "loose" + "datasourceTemplate": "helm" }, { - "matchPackagePatterns": ["big-bang/.*"], - "matchDatasources": ["gitlab-tags"], - "allowedVersions": "!/^v.*$/" + "fileMatch": [ + "(^|/)zarf.yaml$" + ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-)", + "(?m)name: (?.+)(.|\\n)*?version: (?.+)(.|\\n)*?url: (?.+)" + ], + "datasourceTemplate": "helm" } ] } From 3cd27497c2303e427a93dbca9a562b40b6443688 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sun, 4 Feb 2024 20:50:36 -0700 Subject: [PATCH 2/7] Revert changing the renovate creds --- renovate.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/renovate.json b/renovate.json index abf8a0e7..446c7dfb 100644 --- a/renovate.json +++ b/renovate.json @@ -36,8 +36,8 @@ "hostType": "docker", "description": "Encrypted creds for registry1, scoped to this Github org using: https://github.com/renovatebot/renovate/blob/main/docs/usage/configuration-options.md#encrypted", "encrypted": { - "username": "wcFMA/xDdHCJBTolAQ//a+5GNAOsD/UOKnqJDdbPRr73EXRgyRdtMOIqDyjGZIKcdVo64StgUb1O37O5bazoyGeYkcISaWjInxRuoBOxqFhdo5cTUIJavjm2Sn75OWCDBUr2Q5/OSluQDbp7QO9g4+cHxcjtldlMswZg0RIoSX8rtAcNvJePvuWDKRHmUSDbWrNoAPaqOUvBIUF+BUR8o2UtKY4c986B9sqz1/ZiyL7vmenuoFi36MPpq123b6xra9/Q8Zb+AGZY6guhI0kmmSvLPwuNpU/W9ocpaUW1jOgJdYDowZqoTC27uozw1rCq38ybL94GMeG+pzWJd7LBVbfpDnU10j5UC5l5coxghh8dBYNzirsRbYW9KMV3CSeRNxOqfUuJ9AfWekCBWQMkueDtop+lzZhpvsPnXYTV6V0+TE+W5lg0wApcGUNM5XsEHV/gchSULZCWUTHpyZfkUoyc3dXax7K9LawrNLLpJg3Oz0c5Y4WXS1SqfY3U6n84Q95URZC+uRl5BqzBwQSQYbWsnon+g3My+GukdhHlynoiJwQo/ch5gIfgiA59VrL/H9L/ABAyYzQ7KUEguQrNh8hbNG0dfpMLMIrdUDhno5vTeccx2k5R/EOQopxZCY+k2Xfqgg5okAG9eQKhhGKcQD+A8y6X2V0cPkHQ35TCi5AObrcQiiemBZUy3G6IJIrSdQFEs+WcBPT4GPgOAsZWUJKU4RU3qdhdUGZy/VwJSsB05/E65fRTGl5i0e5PhIoIbh4uaPgWnbJyvKi87bIIJhe9bxP/m2lDs5GPeXSrvBb0GT3t9l3aHUYW3uKp5GABwmvX6ptMbNoYoQRSLptR/gE80RPFSQ", - "password": "wcFMA/xDdHCJBTolAQ//bu2ZFKmMysjpkOkwQSgLigvUMDw1SHpp1YN8y1LerOqMfTocdswihRFbB/FFRP/bYG1ByhnAvxqhbdV0TRQqYTRXZehrlT+SDEVEJyK9eGS+ozClbccG64ebZSJ4y9rMFW3sK4Ja9ZyAEsX0S4vO88XwJhtOYmMGTXLlcSfiANQB8a9jISzov27FQOzdPx6cEd19FGxmX5vAdH9FWDwhVA6QSTrip4h5tZ6THylNc3md2TGRYUVTxMtsZdp/bnhv+I3LqmodR0vEP9Or/dbhtqnMy2sdS6HsANUaZ+7j4D0qDL7EEcxk+CHM5lM2sSz6u4+J4u01XDkn0HJ/mShPDSWUoU01Va/ZpRL8zw/bjKApDBSgvBOwF7eXfUKqLrg2zURm2quUf7XwuVTXmBMg3DSEuRBlW8kM0rGWGyv7U62sx+2zjK0v2uNHJz0hzWaEfriOQu4B7/avb+CIupfVYGNllyMTuB2ySDMLKN3Q/EB7q97apWqwcnThxRhK7t3e59ea4JDxodxeeTG3m/UgBLBlXCutk7BsC7NQPaSeOzV7mw6AOVQz+Bn0DAGd1x03ITYAcgfYvSW7VCfhrvnmuSVICHA7GTYevC7RBYhexWdgHZb98mIt1vVA2C+h7eqsx+xWhHQFE2+lNRTRmj9ccU/6qz1+3zqHdMQ/WD8MLofSdgFLU/A7qljUm/dk1MEVMtGznukdRpJJV4PsEcwh2OV/9is5KPyFQ83M7sl3/fY+CBaHFEiT4j/bSBznmxL3TuAjMdIT7j0cNsOxnsHllgRHL1qG3S2ZmAQ0Ex4gIUUGn2VbZLyRogJspsjxx5ZYuuYVfhtSaTU" + "username": "wcFMA/xDdHCJBTolARAAiYqwOfwkjFnb7ifSRLxTGwyh5K8sUv4LFnEt9+clanU0hAoab9qY+98XLG9F5q+JuNWW9XSRgEYvg21LPhpux+2n+sF/n5UHNEc0X2C9zPVKBzRBu4RoNlsWNdq+wQaznHuw/iKmcDKddB29GTcXAC27ON78ex4jW4GBBEIY75OYfWUVJl3VM8cbK3t5iPNeldmdtS/1rEe8U2tGRdYvkwbMjM1hscHfc5wK06zt8NKz874jpqDYs9jT3FVrJbG9FHoTsrLvC9cEknu1BR3+LrEEV2UTpN+xkLbkCiI9F3rHwwYrAKpm3VDxjieWP2PbAZcazPvqNrC12pR3QrdbIN+6w7Xc9lIOuCcR+nB1mCTaZv4wGYoHmXat/nW58wAHqGzEnkfgfW7/dXvvZPoV/54CW2B8/iEp3oCf/mHk6tM/nlaN0fOcyFuLthD2t3L8bZEU8v88Bpa9sZgQYTg8vO3zGZeXqTznmq8NfseCXezho0syBize/4c7NI67JoVGJGUtOSZ56cNJkmNEhzH3CCKoD+j6shrojQ1yPLFgfxMa1zkp0tcAJ2dMxBbdMiGRKJcnJLRUi3N0z5I+JdydSZlFFj6Y+w7jWs1cff3mTyFCyhK3USyz+pF/ctTwpWixWWR7Zu/I0lqOr90LMri0bjzOf3xWP0eV3Osbi40BmdjScgG2LbZNVbKesnxaKLqzeubgLz9aTVTjHfHWQ753t4Ge/NPq+618M8JXuujYRc/Hw4bm1G7NHTKxPhiHCmDu+wPsNvt+nUvyk9Wb72XHYNdA8bUjV1gHj/1oSc3yGjOyiyaxDUR+nkPB8B+tr1cMWcVczw", + "password": "wcFMA/xDdHCJBTolAQ/9FqgG7wEhIpomA4DpTgDIQdShdkpUHxRCAaOXOaYamKxmyqQgX0N55hVvMt100/JK0AomtTehrWjsyYmvOA5bi2QqkJgEu7Vk/Nyg+CeJj27lZnbZ2wkWhIPUUZKbnGzNg8vmFqeSbI/nhcwwG+1Iiy06pBf/NB1V8KeezD3ICPJAe7HfW5FYDpuAnqo4ktagTEcmKp9bSztAEmNVgS325mE+SB5oGI7zZre4WLDmYCcawCJfwE2HqiWp9E42oiyEgsAa2RNmy/9RLMRq8QmAJY9UuAMDgyRUKh1bVEh2rhg3pV8N8ImqD8a7y/b5HOH5SE1b459K7rUACimJf8GtQtuUmU3bEhhYzafbN8sB6PByOgWEqPKvcCffLghCzsene4lOyie48rC0UZSTRrNiebcLLeJTnkQsUNm8x6GN34mZU4qkBam7Isvdyc7BcSo2rvMbsuMJEuns8Ua3TQlAab1PXofHjwf7aDPee4hLtJsR75IdeWA3mhPKo2hnZ08cBDwhsB7aXYxrH3rXAbPx7FvgcxGA73gCFwNXLf6S2xHb+D7C/ny4z9XhIQk4BrxKlmPFlfpELoijHQ34VBilM/XkeICbtBJghE31X3Ef/LZdLBsR9gvT4nK+zRRLVnEqndO4YkHFOjwKWQxyaGmN+ZE5gSbPx0R1EBo7vM48merSdgGRZxfF5OodxM/b3+xxBe6CXqi5yYVeNf/Op/lH/5baX6LUQCYHSNPXPHMstFYQm9QBwn6rA2aOYXojRehYwj8ymQo0wJ0TgVtGHDu+ODhTiPjZV1Mm7vVkucl63FLCDe7odIAgNVMBRInDbGYhKmA+I7To1gU" } } ], From 3b6ca1fd61de4cb5eb8b41b04ddacbbbe7bb78c5 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sun, 4 Feb 2024 21:12:58 -0700 Subject: [PATCH 3/7] cape -> package --- CONTRIBUTING.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 4eef88a7..e88fa6ed 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,8 +1,8 @@ -# Welcome to the GitLab UDS Capability +# Welcome to the GitLab UDS Package -Thank you for your interest in this Defense Unicorns UDS Capability! +Thank you for your interest in this Defense Unicorns UDS Package! -This document describes the process and requirements for contributing to this UDS Capability. +This document describes the process and requirements for contributing to this UDS Package. ## Developer Experience From 970b7b6365bb7eb4af2ba1abab9c056038efe80f Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 13 Feb 2024 20:18:04 -0700 Subject: [PATCH 4/7] Update contributing guidelines + renovate --- CONTRIBUTING.md | 54 +------------------------------- renovate.json | 83 +------------------------------------------------ 2 files changed, 2 insertions(+), 135 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e88fa6ed..ebd112a4 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,56 +2,4 @@ Thank you for your interest in this Defense Unicorns UDS Package! -This document describes the process and requirements for contributing to this UDS Package. - -## Developer Experience - -Continuous Delivery is core to our development philosophy. Check out [https://minimumcd.org](https://minimumcd.org) for a good baseline agreement on what that means. - -Specifically: - -* We do trunk-based development (main) with short-lived feature branches that originate from the trunk, get merged into the trunk, and are deleted after the merge -* We don't merge code into main that isn't releasable -* We perform automated testing on all changes before they get merged to main -* Continuous integration (CI) pipeline tests are definitive -* We create immutable release artifacts - -### Developer Workflow - -:key: == Required by automation - -1. Drop a comment in any issue to let everyone know you're working on it and submit a Draft PR (step 4) as soon as you are able. -2. :key: Set up your Git config to GPG sign all commits. [Here's some documentation on how to set it up](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits). You won't be able to merge your PR if you have any unverified commits. -3. Create a Draft Pull Request as soon as you can, even if it is just 5 minutes after you started working on it. We lean towards working in the open as much as we can. - > ⚠️ **NOTE:** _:key: We use [Conventional Commit messages](https://www.conventionalcommits.org/) in PR titles so, if you can, use one of `fix:`, `feat:`, `chore:`, `docs:` or similar. If you need help, just use with `wip:` and we'll help with the rest_ -4. :key: Automated tests will begin based on the paths you have edited in your Pull Request. - > ⚠️ **NOTE:** _If you are an external third-party contributor, the pipelines won't run until a [CODEOWNER](./CODEOWNERS) approves the pipeline run._ -5. :key: Be sure to heed the `needs-adr`,`needs-docs`,`needs-tests` labels as appropriate for the PR. Once you have addressed all of the needs, remove the label or request a maintainer to remove it. -6. Once the review is complete and approved, a core member of the project will merge your PR. If you are an external third-party contributor, two core members of the project will be required to approve the PR. -7. Close the issue if it is fully resolved by your PR. _Hint: You can add "Fixes #XX" to the PR description to automatically close an issue when the PR is merged._ - -### Architecture Decision Records (ADR) - -We've chosen to use ADRs to document architecturally significant decisions. We primarily use the guidance found in [this article by Michael Nygard](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions) with a couple of tweaks: - -- The criteria for when an ADR is needed is undefined. The team will decide when the team needs an ADR. -- We will use the tool [adr-tools](https://github.com/npryce/adr-tools) to make it easier on us to create and maintain ADRs. -- We will keep ADRs specific to this package in the repository under `adr/NNNN-name-of-adr.md`. - > `adr-tools` is configured with a dotfile to automatically use this directory and format. -- We will keep ADRs relating to Software Factory as a whole in the [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) repository under `adr/NNNN-name-of-adr.md`. - -### How to use `adr-tools` - -```bash -# Create a new ADR titled "Use Bisquick for all waffle making" -adr new Use Bisquick for all waffle making - -# Create a new ADR that supersedes a previous one. Let's say, for example, that the previous ADR about Bisquick was ADR number 9. -adr new -s 9 Use scratch ingredients for all waffle making - -# Create a new ADR that amends a previous one. Let's say the previous one was ADR number 15 -adr new -l "15:Amends:Amended by" Use store-bought butter for all waffle making - -# Get full help docs. There are all sorts of other helpful commands that help manage the decision log. -adr help -``` +This package is part of Defense Unicorns' UDS Software Factory and follows the contributing guidelines outlined in that repositories' [CONTRIBUTING.md](https://github.com/defenseunicorns/uds-software-factory/blob/main/CONTRIBUTING.md) file. diff --git a/renovate.json b/renovate.json index 1ca97ec5..22d3ddd5 100644 --- a/renovate.json +++ b/renovate.json @@ -3,34 +3,13 @@ "forkProcessing": "enabled", "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - ":dependencyDashboard", + "github>defenseunicorns/uds-common//config/renovate.json5", ":semanticPrefixFixDepsChoreOthers", "config:base", "group:all", "replacements:all", "workarounds:all" ], - "timezone": "America/New_York", - "rebaseStalePrs": true, - "schedule": ["after 7am and before 9am every weekday"], - "dependencyDashboard": true, - "dependencyDashboardTitle": "Renovate Dashboard 🤖", - "rebaseWhen": "conflicted", - "commitBodyTable": true, - "suppressNotifications": ["prIgnoreNotification"], - "labels": ["renovate"], - "pre-commit": { - "enabled": true - }, - "helm-values": { - "fileMatch": ["./.+\\.yaml$"] - }, - "kubernetes": { - "fileMatch": ["\\.yaml$"], - "ignorePaths": [ - ".github" - ] - }, "hostRules": [ { "matchHost": "registry1.dso.mil", @@ -41,65 +20,5 @@ "password": "wcFMA/xDdHCJBTolAQ/9FqgG7wEhIpomA4DpTgDIQdShdkpUHxRCAaOXOaYamKxmyqQgX0N55hVvMt100/JK0AomtTehrWjsyYmvOA5bi2QqkJgEu7Vk/Nyg+CeJj27lZnbZ2wkWhIPUUZKbnGzNg8vmFqeSbI/nhcwwG+1Iiy06pBf/NB1V8KeezD3ICPJAe7HfW5FYDpuAnqo4ktagTEcmKp9bSztAEmNVgS325mE+SB5oGI7zZre4WLDmYCcawCJfwE2HqiWp9E42oiyEgsAa2RNmy/9RLMRq8QmAJY9UuAMDgyRUKh1bVEh2rhg3pV8N8ImqD8a7y/b5HOH5SE1b459K7rUACimJf8GtQtuUmU3bEhhYzafbN8sB6PByOgWEqPKvcCffLghCzsene4lOyie48rC0UZSTRrNiebcLLeJTnkQsUNm8x6GN34mZU4qkBam7Isvdyc7BcSo2rvMbsuMJEuns8Ua3TQlAab1PXofHjwf7aDPee4hLtJsR75IdeWA3mhPKo2hnZ08cBDwhsB7aXYxrH3rXAbPx7FvgcxGA73gCFwNXLf6S2xHb+D7C/ny4z9XhIQk4BrxKlmPFlfpELoijHQ34VBilM/XkeICbtBJghE31X3Ef/LZdLBsR9gvT4nK+zRRLVnEqndO4YkHFOjwKWQxyaGmN+ZE5gSbPx0R1EBo7vM48merSdgGRZxfF5OodxM/b3+xxBe6CXqi5yYVeNf/Op/lH/5baX6LUQCYHSNPXPHMstFYQm9QBwn6rA2aOYXojRehYwj8ymQo0wJ0TgVtGHDu+ODhTiPjZV1Mm7vVkucl63FLCDe7odIAgNVMBRInDbGYhKmA+I7To1gU" } } - ], - "regexManagers": [ - { - "fileMatch": [".*\\.ya?ml$"], - "matchStrings": [ - "# renovate: datasource=helm\n .*- name: (?.*?)\n *url: (?.*?)\n *version: (?.*)\n" - ], - "datasourceTemplate": "helm", - "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" - }, - { - "fileMatch": [".*\\.ya?ml$"], - "matchStrings": [ - "# renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?( extractVersion=(?.*?))?( registryUrl=(?.*?))?\\s.*?:\\s*['\"]?(?.*?)['\"]?\\s" - ], - "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}", - "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" - }, - { - "fileMatch": [".*\\.ya?ml$"], - "matchStrings": [ - "# renovate: zarf-uri datasource=github-tags depName=(?.*?)( versioning=(?.*?))?\\s.*?uri: ['\"]https:\\/\\/github.com\\/defenseunicorns\\/zarf\\/releases\\/download\\/(?.*)\\/zarf_.*_Linux_amd64['\"]", - "# renovate: zarf-uri datasource=github-tags depName=(?.*?)( versioning=(?.*?))?\\s.*?uri: ['\"]https:\\/\\/github.com\\/defenseunicorns\\/zarf\\/releases\\/download\\/.*\\/zarf_(?.*)_Linux_amd64['\"]" - ], - "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}", - "datasourceTemplate": "github-tags" - }, - { - "fileMatch": [".*\/?zarf\\.ya?ml$"], - "matchStrings": [ - "-\\s+['\"]?(?[^:]+):(?.*)['\"]?" - ], - "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}", - "datasourceTemplate": "docker", - "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" - }, - { - "fileMatch": [ - "(^|/)zarf.yaml$" - ], - "matchStringsStrategy": "recursive", - "matchStrings": [ - "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", - "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-)", - "(?m)name: (?.+)(.|\\n)*?url: (?.+)(.|\\n)*?version: (?.+)" - ], - "datasourceTemplate": "helm" - }, - { - "fileMatch": [ - "(^|/)zarf.yaml$" - ], - "matchStringsStrategy": "recursive", - "matchStrings": [ - "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", - "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-)", - "(?m)name: (?.+)(.|\\n)*?version: (?.+)(.|\\n)*?url: (?.+)" - ], - "datasourceTemplate": "helm" - } ] } From 56987986fc825fb420499919f03d14248ce75c10 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 13 Feb 2024 20:27:28 -0700 Subject: [PATCH 5/7] Update security.md --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 3831fe4b..558eb01f 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,7 @@ ## Supported Versions -As UDS Software Factory has not yet reached v1.0.0, only the current latest minor release is supported. +As [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) has not yet reached v1.0.0, only the current latest minor release is supported. ## Reporting a Vulnerability From e699c2b46ac33088858f4756df83ecbad95732c1 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 13 Feb 2024 20:49:12 -0700 Subject: [PATCH 6/7] remove values --- README.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/README.md b/README.md index ebb44ea1..47f53d2b 100644 --- a/README.md +++ b/README.md @@ -85,12 +85,6 @@ The released packages can be found in [ghcr](https://github.com/defenseunicorns/ | cleanup | Teardown the cluster | `uds run cleanup` | | cleanup-bundle | Remove the GitLab Bundle | `uds run cleanup-bundle` | -## Values - -See: -1. [/values/gitlab-values.yaml](/values/gitlab-values.yaml) -2. [/values/upstream.yaml](/values/upstream.yaml) - ## Contributing Please see the [CONTRIBUTING.md](./CONTRIBUTING.md) From 588e39fd7546f4fcf5bd9f9311be10a89d08f1a3 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 13 Feb 2024 20:59:41 -0700 Subject: [PATCH 7/7] update commitlint --- .github/workflows/commitlint.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 24495034..762f2277 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -22,7 +22,9 @@ jobs: uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 - name: Install commitlint - run: npm install --save-dev @commitlint/{config-conventional,cli} + run: | + npm install --save-dev @commitlint/config-conventional@18.6.0 + npm install --save-dev @commitlint/cli@18.6.0 - name: Lint PR title run: echo "${{ github.event.pull_request.title }}" | npx commitlint