fix: standardize repo to template and update README.md

.adr-dir

@@ -0,0 +1 @@
+adr

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: 'possible-bug 🐛'
+assignees: ''
+---
+
+### Environment
+Device and OS:
+App/package versions:
+Kubernetes distro being used:
+Other:
+
+### Steps to reproduce
+1.
+
+### Expected result
+
+### Actual Result
+
+### Visual Proof (screenshots, videos, text, etc)
+
+### Severity/Priority
+
+### Additional Context
+Add any other context or screenshots about the technical debt here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,22 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: 'enhancement ✨'
+assignees: ''
+---
+
+### Is your feature request related to a problem? Please describe.
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+### Describe the solution you'd like
+
+- **Given** a state
+- **When** an action is taken
+- **Then** something happens
+
+### Describe alternatives you've considered
+(optional) A clear and concise description of any alternative solutions or features you've considered.
+
+### Additional context
+Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/tech_debt.md

@@ -0,0 +1,16 @@
+---
+name: Tech debt
+about: Record something that should be investigated or refactored in the future.
+title: ''
+labels: 'tech-debt 💳'
+assignees: ''
+---
+
+### Describe what should be investigated or refactored
+A clear and concise description of what should be changed/researched. Ex. This piece of the code is not DRY enough [...]
+
+### Links to any relevant code
+(optional) i.e. - https://github.com/defenseunicorns/uds-package-gitlab/blob/main/README.md?plain=1#L1
+
+### Additional context
+Add any other context or screenshots about the technical debt here.

.github/pull_request_template.md

@@ -0,0 +1,20 @@
+## Description
+
+...
+
+## Related Issue
+
+Fixes #
+<!-- or -->
+Relates to #
+
+## Type of change
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Other (security config, docs update, etc)
+
+## Checklist before merging
+
+- [ ] Test, docs, adr added or updated as needed
+- [ ] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-package-gitlab/blob/main/CONTRIBUTING.md#developer-workflow) followed

.github/workflows/scorecard.yaml

@@ -0,0 +1,50 @@
+name: Scorecards supply-chain security
+on:
+  # Only the default branch is supported.
+  branch_protection_rule:
+  schedule:
+    - cron: '30 1 * * 6'
+  push:
+    branches: [ "main" ]
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  analysis:
+    name: Scorecards analysis
+    runs-on: ubuntu-latest
+    permissions:
+      # Needed to upload the results to code-scanning dashboard.
+      security-events: write
+      # Used to receive a badge.
+      id-token: write
+
+    steps:
+      - name: "Checkout code"
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          persist-credentials: false
+
+      - name: "Run analysis"
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
+          publish_results: true
+
+      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
+      # format to the repository Actions tab.
+      - name: "Upload artifact"
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      # Upload the results to GitHub's code scanning dashboard.
+      - name: "Upload to code-scanning"
+        uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12
+        with:
+          sarif_file: results.sarif

CONTRIBUTING.md

@@ -1,27 +1,5 @@
-# Welcome to the Gitlab UDS Package
+# Welcome to the GitLab UDS Package
 
 Thank you for your interest in this Defense Unicorns UDS Package!
 
-This document describes the process and requirements for contributing to this UDS Package.
-
-## Developer Experience
-
-Continuous Delivery is core to our development philosophy. Check out [https://minimumcd.org](https://minimumcd.org) for a good baseline agreement on what that means.
-
-Specifically:
-
-* We do trunk-based development (main) with short-lived feature branches that originate from the trunk, get merged into the trunk, and are deleted after the merge
-* We don't merge code into main that isn't releasable
-* We perform automated testing on all changes before they get merged to main
-* Continuous integration (CI) pipeline tests are definitive
-* We create immutable release artifacts
-
-## Definition of Done
-
-We apply these general principles to all User Stories and activities contributing to the UDS SWF.
-
-* Automated continuous integration (CI) pipeline tests pass
-* CI pipeline tests have been updated to meet system changes
-* Changes are peer reviewed
-* Acceptance criteria is met
-* Documentation is updated to reflect what changed
+This package is part of Defense Unicorns' UDS Software Factory and follows the contributing guidelines outlined in that repositories' [CONTRIBUTING.md](https://github.com/defenseunicorns/uds-software-factory/blob/main/CONTRIBUTING.md) file.

README.md

@@ -1,12 +1,14 @@
-# uds-package-gitlab
+# UDS GitLab Zarf Package
 
-Bigbang [Gitlab](https://repo1.dso.mil/big-bang/product/packages/gitlab) deployed via flux by zarf
+[![Latest Release](https://img.shields.io/github/v/release/defenseunicorns/uds-package-gitlab)](https://github.com/defenseunicorns/uds-package-gitlab/releases)
+[![Build Status](https://img.shields.io/github/actions/workflow/status/defenseunicorns/uds-package-gitlab/tag-and-release.yaml)](https://github.com/defenseunicorns/uds-package-gitlab/actions/workflows/tag-and-release.yaml)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-gitlab/badge)](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-gitlab)
 
-## Deployment Prerequisites
+This package is designed for use as part of a [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) bundle deployed on [UDS Core](https://github.com/defenseunicorns/uds-core), and is based on the Bigbang [GitLab](https://repo1.dso.mil/big-bang/product/packages/gitlab) chart.
 
-### GitLab Package
+## Pre-requisites
 
-The Gitlab Package expects the pieces listed below to exist in the cluster before being deployed.
+The GitLab Package expects the pieces listed below to exist in the cluster before being deployed.
 
 #### General
 
@@ -31,12 +33,12 @@ The Gitlab Package expects the pieces listed below to exist in the cluster befor
 
 #### Object Storage
 
-Object Storage works a bit differently as there are many kinds of file stores gitlab can be configured to use.
+Object Storage works a bit differently as there are many kinds of file stores GitLab can be configured to use.
 
 - Create the secret `gitlab-object-store` in the `gitlab` namespace with the following keys:
   - An example for in-cluster Minio can be found in this repository at the path `utils/pkg-deps/gitlab/minio/secret.yaml`
   - `connection`
-    - This key refers to the configuration for the main gitlab service. The documentation for what goes in this key is located [here](https://docs.gitlab.com/16.0/ee/administration/object_storage.html#configure-the-connection-settings)
+    - This key refers to the configuration for the main GitLab service. The documentation for what goes in this key is located [here](https://docs.gitlab.com/16.0/ee/administration/object_storage.html#configure-the-connection-settings)
   - `registry`
     - This key refers to the configuration for the gitlab registry. The documentation for what goes in this key is located [here](https://docs.docker.com/registry/configuration/#storage)
   - `backups`
@@ -56,51 +58,33 @@ Object Storage works a bit differently as there are many kinds of file stores gi
   - uds-gitlab-tmp
 - These buckets can have a suffix applied via the `BUCKET_SUFFIX` zarf variable (e.x. `-some-deployment-name` plus `uds-gitlab-backups` would be `uds-gitlab-backups-some-deployment-name`)
 
-## Deploying
+## Flavors
 
-### Deploy Everything
+| Flavor | Description | Example Creation |
+| ------ | ----------- | ---------------- |
+| upstream | Uses upstream images within the package. | `zarf package create . -f upstream` |
+| registry1 | Uses images from registry1.dso.mil within the package. | `zarf package create . -f registry1` |
 
-#### Via Makefile and local package
+> :warning: **Note:** To create the registry1 flavor you will need to be logged into Iron Bank - you can find instructions on how to do this in the [Big Bang Zarf Tutorial](https://docs.zarf.dev/docs/zarf-tutorials/big-bang#setup).
 
-```bash
-# This will destroy and create a compatible k3d cluster then it will run make build/all and make deploy/all. Follow the breadcrumbs in the Makefile to see what and how its doing it.
-make cluster/full
-```
+## Releases
 
-### From GHCR OCI Via Zarf
+The released packages can be found in [ghcr](https://github.com/defenseunicorns/uds-package-gitlab/pkgs/container/packages%2Fuds%2Fgitlab).
 
-```bash
-zarf package deploy ghcr.io/defenseunicorns/uds-capability/gitlab:0.0.6-amd64
-```
+## UDS Tasks (for local dev and CI)
 
-## Building
+*For local dev, this requires you install [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install)
 
-### Use zarf to login to the needed registries i.e. registry1.dso.mil and ghcr.io
+| Task | Description | Example |
+| ---- | ----------- | ------- |
+| setup-cluster | Uses the `k3d-core-istio` bundle to create a cluster for testing against | `uds run setup-cluster` |
+| create-package | Creates just the GitLab package | `uds run create-package --set FLAVOR=<flavor>` |
+| create-test-bundle | Creates GitLab and GitLab dependency packages and then bundles them | `uds run create-test-bundle` |
+| deploy-test-bundle | Deploy GitLab and GitLab dependency bundle | `uds run deploy-test-bundle` |
+| test-package | Run checks against a deployed package | `uds run test-package` |
+| cleanup | Teardown the cluster | `uds run cleanup` |
+| cleanup-bundle | Remove the GitLab Bundle | `uds run cleanup-bundle` |
 
-```bash
-# Download Zarf
-make build/zarf
+## Contributing
 
-# Login to the registry
-set +o history
-
-# registry1.dso.mil (To access registry1 images needed during build time)
-export REGISTRY1_USERNAME="YOUR-USERNAME-HERE"
-export REGISTRY1_TOKEN="YOUR-TOKEN-HERE"
-echo $REGISTRY1_TOKEN | build/zarf tools registry login registry1.dso.mil --username $REGISTRY1_USERNAME --password-stdin
-
-# ghcr.io (If you need to push to GHCR)
-export GH_USERNAME="YOUR-USERNAME-HERE"
-export GH_TOKEN="YOUR-TOKEN-HERE"
-echo $GH_TOKEN | build/zarf tools registry login ghcr.io --username $GH_USERNAME --password-stdin
-
-set -o history
-```
-
-### Creating the Package
-
-```bash
-make build/uds-capability-gitlab
-```
-
-## Documentation
+Please see the [CONTRIBUTING.md](./CONTRIBUTING.md)

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+As [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) has not yet reached v1.0.0, only the current latest minor release is supported.
+
+## Reporting a Vulnerability
+
+Please email `security-notice [at] defenseunicorns.com` to report a vulnerability. If you are unable to disclose details via email, please let us know and we can coordinate alternate communications.

adr/0001-record-architecture-decisions.md

@@ -0,0 +1,23 @@
+# 1. Record architecture decisions
+
+Date: 20224-02-04
+
+## Status
+
+Accepted
+
+## Context
+
+> NOTE:
+>
+> This file was automatically created when we used [adr-tools](https://github.com/npryce/adr-tools) to initialize the document log in the repo. ADRs on ADRs are a little silly, but it does give a lightweight way to direct the reader over to our contributor guide that has a lot more information.
+
+We need to record the architectural decisions made on this project.
+
+## Decision
+
+We will use Architecture Decision Records, as [described by Michael Nygard](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions), with a couple of small tweaks. See the [Documentation section in the Contributor guide](../CONTRIBUTING.md#documentation) for full details.
+
+## Consequences
+
+See Michael Nygard's article, linked above. For a lightweight ADR toolset, see Nat Pryce's [adr-tools](https://github.com/npryce/adr-tools).

adr/template.md

@@ -0,0 +1,19 @@
+# NUMBER. TITLE
+
+Date: DATE
+
+## Status
+
+STATUS
+
+## Context
+
+The issue motivating this decision, and any context that influences or constrains the decision.
+
+## Decision
+
+The change that we're proposing or have agreed to implement.
+
+## Consequences
+
+What becomes easier or more difficult to do and any risks introduced by the change that will need to be mitigated.

docs/DEVELOPMENT_MAINTENANCE.md

@@ -2,6 +2,8 @@
 
 ## How to upgrade this capability
 
+<!-- TODO: (@WSTARR) Update these instructions -->
+
 This package is pulling in the [bigbang gitlab chart](https://repo1.dso.mil/big-bang/product/packages/gitlab)
 
 The [gitlab-flux-values.yaml](../gitlab-flux-values.yaml) file contains values used when creating the flux resources for this capability. This includes the version of the chart and the base values used for this capability.

renovate.json

@@ -3,40 +3,13 @@
   "forkProcessing": "enabled",
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
   "extends": [
-    ":dependencyDashboard",
+    "github>defenseunicorns/uds-common//config/renovate.json5",
     ":semanticPrefixFixDepsChoreOthers",
     "config:base",
     "group:all",
     "replacements:all",
     "workarounds:all"
   ],
-  "timezone": "America/New_York",
-  "rebaseStalePrs": true,
-  "schedule": ["after 7am and before 9am every weekday"],
-  "dependencyDashboard": true,
-  "platform": "github",
-  "onboarding": false,
-  "requireConfig": false,
-  "dependencyDashboardTitle": "Renovate Dashboard 🤖",
-  "rebaseWhen": "conflicted",
-  "commitBodyTable": true,
-  "ignorePaths": ["archive/**"],
-  "suppressNotifications": ["prIgnoreNotification"],
-  "labels": ["renovate"],
-  "pre-commit": {
-    "enabled": true
-  },
-  "helm-values": {
-    "fileMatch": ["./.+\\.yaml$"]
-  },
-  "kubernetes": {
-    "fileMatch": ["\\.yaml$"],
-    "ignorePaths": [
-      "ansible",
-      "scripts",
-      ".github"
-    ]
-  },
   "hostRules": [
     {
       "matchHost": "registry1.dso.mil",