diff --git a/.github/dependabot.yml b/.github/dependabot.yml index af70eda..8f55a9e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,3 +1,5 @@ +# TODO: @memes - update to match requirements +# spell-checker: disable --- version: 2 updates: @@ -13,14 +15,12 @@ updates: interval: "weekly" reviewers: - memes - # TODO @memes - remove if not a go project - - package-ecosystem: "gomod" + - package-ecosystem: "pip" directory: "/" schedule: interval: "weekly" reviewers: - memes - # TODO @memes - remove if repo doesn't contain Terraform - package-ecosystem: "terraform" directory: "/" schedule: diff --git a/.github/workflows/go-lint.yml b/.github/workflows/go-lint.yml deleted file mode 100644 index f47854e..0000000 --- a/.github/workflows/go-lint.yml +++ /dev/null @@ -1,61 +0,0 @@ -# TODO @memes remove is not a golang project -# These github actions will perform linting and go tests -# spell-checker: disable ---- -name: go-lint - -# yamllint disable-line rule:truthy -on: - pull_request: - push: - branches: [main] - -permissions: - contents: read - pull-requests: read - -jobs: - go-mod-tidy: - # TODO @memes enable if this is a go project - if: false - runs-on: ubuntu-latest - steps: - - name: Checkout source - uses: actions/checkout@v4 - - name: Setup go - uses: actions/setup-go@v5 - with: - go-version-file: go.mod - cache: true - - name: Verify go.mod and go.sum are up to date - run: go mod tidy && git diff --exit-code -- go.mod go.sum - golangci-lint: - # TODO @memes enable if this is a go project - if: false - runs-on: ubuntu-latest - steps: - - name: Checkout source - uses: actions/checkout@v4 - - name: Setup go - uses: actions/setup-go@v5 - with: - go-version-file: go.mod - cache: true - - name: Execute linter - uses: golangci/golangci-lint-action@v3.7.0 - with: - version: latest - go-test: - # TODO @memes enable if this is a go project - if: false - runs-on: ubuntu-latest - steps: - - name: Checkout source - uses: actions/checkout@v4 - - name: Setup go - uses: actions/setup-go@v5 - with: - go-version-file: go.mod - cache: true - - name: Run go tests - run: go test -v ./... diff --git a/.github/workflows/go-release.yml b/.github/workflows/go-release.yml deleted file mode 100644 index 17252c2..0000000 --- a/.github/workflows/go-release.yml +++ /dev/null @@ -1,69 +0,0 @@ -# TODO @memes remove is not a golang project -# spell-checker: disable ---- -name: go-release - -# yamllint disable-line rule:truthy -on: - push: - tags: - - 'v*' - -permissions: - contents: write - packages: write - id-token: write - -jobs: - goreleaser: - runs-on: ubuntu-latest - steps: - - name: Checkout source - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: go.mod - cache: true - - name: Install cosign - if: ${{ success() }} - uses: sigstore/cosign-installer@v3.3.0 - - name: Install syft - if: ${{ success() }} - uses: anchore/sbom-action/download-syft@v0.15.3 - - id: docker-login - name: Login to Docker hub - if: ${{ success() }} - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - logout: true - - id: ghcr-login - name: Login to GitHub Container Registry - if: ${{ success() }} - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Run GoReleaser - if: ${{ success() }} - uses: goreleaser/goreleaser-action@v5 - with: - distribution: goreleaser - version: latest - args: release --clean - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Trigger Go Report update - if: ${{ success() }} - uses: fjogeleit/http-request-action@v1.15.2 - with: - url: 'https://goreportcard.com/checks' - method: 'POST' - contentType: 'application/x-www-form-urlencoded' - data: 'repo=github.com/${{ github.repository }}' - preventFailureOnNoResponse: 'true' diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 145e07b..33d1874 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -8,7 +8,8 @@ name: pre-commit on: pull_request: push: - branches: [main] + branches: + - main permissions: contents: read pull-requests: read @@ -34,12 +35,3 @@ jobs: with: python-version: '3.12' - uses: pre-commit/action@v3.0.0 - # TODO @memes - this is enabled in repo-template but should be disabled as - # necessary - hadolint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: hadolint/hadolint-action@v3.1.0 - with: - dockerfile: Dockerfile diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 574dc70..96838bd 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -14,17 +14,13 @@ permissions: jobs: release-please: - # TODO @memes - enable release-please action as needed - if: false runs-on: ubuntu-latest steps: - name: Release Please uses: GoogleCloudPlatform/release-please-action@v4.0.2 with: # TODO @memes - make sure release-type and package-name are correct. - release-type: go - package-name: repo-template - # TODO @memes - If this is a go project, or if other actions are to be - # triggered by the result of this action, set token to a secret with - # a GitHub PAT as content. - # token: ${{ secrets.RELEASE_PLEASE_TOKEN }} + release-type: simple + # TODO @memes - If other actions are not going to be triggered by the + # result of this action this can be removed. + token: ${{ secrets.RELEASE_PLEASE_TOKEN }} diff --git a/.gitignore b/.gitignore index cdf182f..d343366 100644 --- a/.gitignore +++ b/.gitignore @@ -3,9 +3,6 @@ .direnv .tool-versions -# Ignore generated Gorelease binaries -dist/ - # Ignore Ruby .bundle Gemfile.lock diff --git a/.golangci.yml b/.golangci.yml deleted file mode 100644 index e7be060..0000000 --- a/.golangci.yml +++ /dev/null @@ -1,159 +0,0 @@ -# TODO @mmes - remove if not a golang project -# spell-checker: disable ---- -run: - concurrency: 6 - timeout: 5m -issues: - max-issues-per-linter: 0 - max-same-issues: 0 -linters: - disable-all: true - enable: - - asciicheck - - bodyclose - - deadcode - - depguard - - dogsled - - dupl - - durationcheck - - errcheck - - errorlint - - exportloopref - - gochecknoglobals - - gochecknoinits - - goconst - - gocritic - - gocyclo - - godot - - godox - - goerr113 - - gofmt - - gofumpt - - goheader - - goimports - - gomoddirectives - - gomodguard - - goprintffuncname - - gosec - - gosimple - - govet - - importas - - ineffassign - - makezero - - misspell - - nakedret - - nolintlint - - paralleltest - - prealloc - - predeclared - - promlinter - - revive - - rowserrcheck - - sqlclosecheck - - staticcheck - - structcheck - - stylecheck - - thelper - - typecheck - - unconvert - - unparam - - unused - - varcheck - - whitespace - - wrapcheck -linters-settings: - # TODO @memes - update the list of allowed imports - depguard: - rules: - main: - files: - - $all - - "!$test" - allow: - - $gostd - - github.com/memes - test: - files: - - $test - allow: - - $gostd - - github.com/memes - errcheck: - check-type-assertions: true - check-blank: true - gocritic: - enabled-checks: - # Diagnostic - - appendAssign - - argOrder - - badCond - - caseOrder - - codegenComment - - commentedOutCode - - deprecatedComment - - dupArg - - dupBranchBody - - dupCase - - dupSubExpr - - exitAfterDefer - - flagDeref - - flagName - - nilValReturn - - offBy1 - - sloppyReassign - - weakCond - - octalLiteral - - # Performance - - appendCombine - - equalFold - - hugeParam - - indexAlloc - - rangeExprCopy - - rangeValCopy - - # Style - - assignOp - - boolExprSimplify - - captLocal - - commentFormatting - - commentedOutImport - - defaultCaseOrder - - docStub - - elseif - - emptyFallthrough - - emptyStringTest - - hexLiteral - - methodExprCall - - regexpMust - - singleCaseSwitch - - sloppyLen - - stringXbytes - - switchTrue - - typeAssertChain - - typeSwitchVar - - underef - - unlabelStmt - - unlambda - - unslice - - valSwap - - wrapperFunc - - yodaStyleExpr - - ifElseChain - - # Opinionated - - builtinShadow - - importShadow - - initClause - - nestingReduce - - paramTypeCombine - - ptrToRefParam - - typeUnparen - - unnamedResult - - unnecessaryBlock - nolintlint: - allow-unused: false - allow-no-explanation: [] - require-explanation: true - require-specific: true diff --git a/.goreleaser.yml b/.goreleaser.yml deleted file mode 100644 index c36f8db..0000000 --- a/.goreleaser.yml +++ /dev/null @@ -1,111 +0,0 @@ -# use goreleaser for builds and containers -# -# TODO: @memes -# - search for APP and update as needed -# - modify labels, as needed -# spell-checker: disable ---- -project_name: APP -builds: - - env: - - CGO_ENABLED=0 - flags: - - -trimpath - ldflags: - - -s -w -X main.version={{ .Version }}-{{ .Commit }} - goos: - - freebsd - - linux - - windows - - darwin - goarch: - - amd64 - - '386' - - arm - - arm64 - ignore: - - goos: darwin - goarch: '386' - # TODO: @memes - modify to match location of main package if not in root - main: ./cmd/APP/ - mod_timestamp: '{{ .CommitTimestamp }}' -gomod: - proxy: true -archives: - - format: binary - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' - rlcp: true -source: - enabled: true - rlcp: true -checksum: - name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' - algorithm: sha256 -sboms: - - id: archive - artifacts: archive - - id: source - artifacts: source -signs: - - artifacts: checksum - cmd: cosign - env: - - COSIGN_EXPERIMENTAL=1 - certificate: '${artifact}.pem' - args: - - sign-blob - - --output-certificate - - '${certificate}' - - --output-signature - - '${signature}' - - '${artifact}' - - '--yes' - output: true -snapshot: - name_template: "{{ incpatch .Tag }}-next" -changelog: - skip: true -dockers: - - goos: linux - goarch: amd64 - image_templates: - - memes/{{ .ProjectName }}:latest - - memes/{{ .ProjectName }}:{{ .Tag }} - - memes/{{ .ProjectName }}:{{ .Major }} - - ghcr.io/memes/{{ .ProjectName }}:latest - - ghcr.io/memes/{{ .ProjectName }}:{{ .Tag }} - - ghcr.io/memes/{{ .ProjectName }}:{{ .Major }} - dockerfile: Dockerfile - use: docker - build_flag_templates: - # yamllint disable rule:line-length - - "--pull" - - "--label=maintainer=Matthew Emes " - - "--label=org.opencontainers.image.title={{ .ProjectName }}" - - "--label=org.opencontainers.image.authors=memes@matthewemes.com" - - "--label=org.opencontainers.image.description={{ .ProjectName }} description" - - "--label=org.opencontainers.image.licenses=MIT" - - "--label=org.opencontainers.image.created={{ .Date }}" - - "--label=org.opencontainers.image.source={{ .GitURL }}/tree/{{ .FullCommit }}" - - "--label=org.opencontainers.image.documentation={{ .GitURL }}/tree/{{ .FullCommit }}/README.md" - - "--label=org.opencontainers.image.version={{ .Version }}" - - "--label=org.opencontainers.image.revision={{ .FullCommit }}" - - "--label=org.opencontainers.image.url={{ .GitURL }}" - # yamllint enable rule:line-length -docker_signs: - - cmd: cosign - env: - - COSIGN_EXPERIMENTAL=1 - artifacts: images - output: true - args: - - sign - - '${artifact}' - - '--yes' -release: - draft: false - prerelease: auto -milestones: - - close: true - fail_on_error: false - name_template: "{{ .Tag }}" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 080837f..1ba4147 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -7,14 +7,23 @@ repos: hooks: - id: yamllint files: \.(yml|yaml|talismanrc)$ - types: [file, yaml] + types: + - file + - yaml entry: yamllint --strict - repo: https://github.com/antonbabenko/pre-commit-terraform rev: v1.86.0 hooks: - id: terraform_fmt - id: terraform_docs - args: ['--args=--sort-by=required --hide=providers'] + args: + - '--args=--sort-by=required --hide=providers' + - repo: https://github.com/compilerla/conventional-pre-commit + rev: v3.0.0 + hooks: + - id: conventional-pre-commit + stages: + - commit-msg - repo: https://github.com/mattlqx/pre-commit-ruby rev: v1.3.5 hooks: @@ -30,6 +39,11 @@ repos: - id: check-merge-conflict - id: detect-private-key - id: end-of-file-fixer + # TODO: @memes - remove/modify if push to main is allowed + - id: no-commit-to-branch + args: + - -b + - main - id: trailing-whitespace - repo: https://github.com/thoughtworks/talisman rev: v1.31.0 diff --git a/.talismanrc b/.talismanrc index c38ce46..ab1abe3 100644 --- a/.talismanrc +++ b/.talismanrc @@ -8,3 +8,7 @@ fileignoreconfig: checksum: 1a73442a316535a2e8a67a401aef15943f73ab0e405577f6f405e81400a12d57 - filename: .github/workflows/pre-commit.yml checksum: d973823a6d233c44075ad96c2f92e2d2522b3c5767ef6e8376f0731e8a55ab38 +- filename: README.md + ignore_detectors: + - filecontent +version: "1.0" diff --git a/.vscode/settings.json b/.vscode/settings.json index 98aaa4b..5cb2a8b 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,5 @@ { "yaml.schemas": { - "https://json.schemastore.org/github-issue-config.json": ".github/ISSUE_TEMPLATE/config.yml", - "https://goreleaser.com/static/schema.json": ".goreleaser.yml" + "https://json.schemastore.org/github-issue-config.json": ".github/ISSUE_TEMPLATE/config.yml" } } diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c18b373..f56d4f2 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -14,38 +14,21 @@ applied. [pre-commit] is used to ensure that all files have consistent formatting and to avoid committing secrets. - -[golangci-lint] is used to enforce Go code passes -linting and formatting rules ([gofumpt] is the expected Go code formatter). Rules -are defined in [.golangci.yml](.golangci.yml). - 1. Install [pre-commit] in a virtual python environment or globally: see [instructions](https://pre-commit.com/#installation) -2. Install [golangci-lint] from a binary or from source: see [instructions](https://golangci-lint.run/usage/install/#local-installation) -3. Fork and clone this repo -4. Install pre-commit hook to git +2. Fork and clone this repo +3. Install pre-commit hook to git E.g. ```shell - pip install pre-commit - pre-commit install - ``` - -5. Create a new branch for changes -6. Execute tests and `golangci-lint` to validate changes. Please address any - issues raised. - - ```shell - go test -v ./... - golangci-lint run + pip install -r requirements-dev.txt + pre-commit install --hook-type commit-msg --hook-type pre-commit ``` -7. Commit and push changes for PR +4. Create a new branch for changes +5. Commit and push changes for PR The hook will ensure that `pre-commit` will be run against all staged changes during `git commit`. [pre-commit]: https://pre-commit.com/ - -[gofumpt]: https://github.com/mvdan/gofumpt -[golangci-lint]: https://golangci-lint.run/ diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 00885f2..0000000 --- a/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -# TODO: @memes -# - search for APP and update as needed -# - expose ports in scratch container -# - add additional labels, if needed -# - add CMD as needed -FROM alpine:3.13.5 as ca -RUN apk --no-cache add ca-certificates-bundle=20191127-r5 - -FROM scratch -COPY --from=ca /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ -EXPOSE 8080 -COPY APP /APP -ENTRYPOINT ["/APP"] diff --git a/README.md b/README.md index 50227be..8ee3fe0 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # repo-template ![GitHub release](https://img.shields.io/github/v/release/memes/repo-template?sort=semver) -![Maintenance](https://img.shields.io/maintenance/yes/2023) +![Maintenance](https://img.shields.io/maintenance/yes/2024) [![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-2.1-4baaaa.svg)](CODE_OF_CONDUCT.md) This repository contains common settings and actions that I tend to use in my @@ -15,20 +15,11 @@ demos and projects. 1. Use as a template when creating a new GitHub repo, or copy the contents into a bare-repo directory. -2. Remove Go tooling if needed, or update it to make sure it meets repo layout - - - `.github/workflows/go-lint.yml` - - `.github/workflows/go-release.yml` - - `.golangci.yml` - - `.goreleaser.yml` - - `Dockerfile` - -3. Update `.pre-commit-config.yml` to add/remove plugins as necessary. -4. Create `.envrc` and `.tool-versions` for asdf and direnv integration; - `dot.envrc` and `dot.tool-versions` provide starting points. -5. Modify README.md and CONTRIBUTING.md, change LICENSE as needed. -6. Review GitHub PR and issue templates. -7. If using `release-please` action, make sure that _Settings_ > _Action_ > - _General_ > _Allow GitHub Actions to create and approve pull requests_ is - checked. -8. Commit changes. +2. Update `.pre-commit-config.yml` to add/remove plugins as necessary. +3. Modify README.md and CONTRIBUTING.md, change LICENSE as needed. +4. Review GitHub PR and issue templates. +5. If using `release-please` action, make these changes to repo Settings: + 1. _Settings_ > _Actions_ > _General_ > + _Allow GitHub Actions to create and approve pull requests_ is checked. + 2. _Settings_ > _Secrets and Variables_ > _Actions_, and add `RELEASE_PLEASE_TOKEN` with PAT as a _Repository Secret_. +6. Commit changes. diff --git a/dot.envrc b/dot.envrc deleted file mode 100644 index 2f16b54..0000000 --- a/dot.envrc +++ /dev/null @@ -1,8 +0,0 @@ -# TODO: @memes - update as necessary and rename to .envrc -use asdf - -# Python via .tool-versions -layout python - -# Ruby via .tool-versions -# layout ruby diff --git a/dot.tool-versions b/dot.tool-versions deleted file mode 100644 index eb034dc..0000000 --- a/dot.tool-versions +++ /dev/null @@ -1,4 +0,0 @@ -# TODO: @memes - update as necessary and rename to .tool-versions -python 3.10.9 3.8.16 -# ruby 3.0.4 -terraform 1.3.6 diff --git a/requirements-dev.txt b/requirements-dev.txt new file mode 100644 index 0000000..09c7242 --- /dev/null +++ b/requirements-dev.txt @@ -0,0 +1,3 @@ +# Python requirements for hacking on this repo +pre-commit==3.6.0 +-r requirements.txt diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..e9f4907 --- /dev/null +++ b/requirements.txt @@ -0,0 +1 @@ +# Python requirements for this repo diff --git a/version.txt b/version.txt new file mode 100644 index 0000000..e69de29