diff --git a/aqua.yaml b/.aqua/aqua.yaml similarity index 80% rename from aqua.yaml rename to .aqua/aqua.yaml index bb3ca39..500ba43 100644 --- a/aqua.yaml +++ b/.aqua/aqua.yaml @@ -3,7 +3,7 @@ # https://aquaproj.github.io/ registries: - type: standard - ref: v4.119.0 # renovate: depName=aquaproj/aqua-registry + ref: v4.121.0 # renovate: depName=aquaproj/aqua-registry packages: - name: miniscruff/changie@v1.18.0 - name: golang/go@go1.21.6 @@ -11,12 +11,12 @@ packages: - name: magefile/mage@v1.15.0 - name: charmbracelet/glow@v1.5.1 - name: mvdan/gofumpt@v0.5.0 - - name: golang.org/x/tools/gopls@v0.14.2 + - name: golang.org/x/tools/gopls@gopls/v0.14.2 - name: golang/tools/gorename@v0.17.0 - name: golang/tools/stringer@v0.17.0 - name: golang/tools/gomvpkg@v0.17.0 - name: golang/tools/godoc@v0.17.0 - name: golang/tools/guru@v0.17.0 - - name: anchore/syft@v0.100.0 + - name: anchore/syft@v0.101.0 - name: thycotic/dsv-cli@v1.40.5 - name: Schniz/fnm@v1.35.1 diff --git a/.changes/v0.0.2.md b/.changes/v0.0.2.md new file mode 100644 index 0000000..1c275c2 --- /dev/null +++ b/.changes/v0.0.2.md @@ -0,0 +1,5 @@ +## v0.0.2 - 2024-01-16 + +### โฌ†๏ธ Dependencies + +- Update dependent libraries and go version. No user facing changes, just continued maintenance for improved security & stability. diff --git a/.changie.yaml b/.changie.yaml index 7bf1e76..a55aa12 100644 --- a/.changie.yaml +++ b/.changie.yaml @@ -30,14 +30,26 @@ footerFormat: | {{ end }} {{ end }} kinds: - - label: ๐ŸŽ‰ Feature - - label: ๐Ÿ”จ Refactor + - label: ๐Ÿค– CI & Build + auto: patch + - label: ๐ŸŽ‰ New Product Feature + auto: minor - label: โฌ‡๏ธ Deprecated + auto: minor + - label: ๐Ÿงช Tests + auto: patch + - label: ๐Ÿ”จ Refactor + auto: patch - label: ๐Ÿ› Bug Fix + auto: patch - label: ๐Ÿ”ฅ Breaking Change + auto: minor - label: ๐Ÿ”’ Security + auto: patch - label: โฌ†๏ธ Dependencies - - label: ๐Ÿค– Development + auto: patch + - label: ๐Ÿ”ฅ Major Version Change (Breaking Changes) + auto: major newlines: afterChange: 0 afterChangelogHeader: 1 @@ -81,3 +93,17 @@ custom: type: int minLength: 6 optional: true +replacements: + # chart versions align with the release and get bumped by changie for us on `changie merge`. + - path: 'dsv/package.json' + find: ' "version": ".*",' + replace: ' "version": "{{.VersionNoPrefix}}",' + - path: dsv/task.json + find: ' "Major": .*,' + replace: ' "Major": {{.Major}},' + - path: dsv/task.json + find: ' "Minor": .*,' + replace: ' "Minor": {{.Minor}},' + - path: dsv/task.json + find: ' "Patch": .*' + replace: ' "Patch": {{.Patch}}' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index eb8b72e..e73e0f2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -8,6 +8,10 @@ on: pull_request: workflow_dispatch: workflow_call: # so composite actions can use this +permissions: + pull-requests: read + contents: read + checks: write jobs: lint: uses: delineaxpm/github-workflows/.github/workflows/lint.yml@main diff --git a/.node-version b/.node-version index 7ec5619..8b0beab 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -18.17.1 \ No newline at end of file +20.11.0 diff --git a/.trunk/.gitignore b/.trunk/.gitignore index cf2f254..15966d0 100644 --- a/.trunk/.gitignore +++ b/.trunk/.gitignore @@ -2,6 +2,8 @@ *logs *actions *notifications +*tools plugins user_trunk.yaml user.yaml +tmp diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 2a0f718..9e16922 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -16,23 +16,30 @@ actions: - files: [go.mod] runtimes: enabled: - - go@1.18.3 - - node@16.14.2 - - python@3.10.3 + - go@1.21.6 + - node@20.11.0 + - python@3.10.8 lint: enabled: - - actionlint@1.6.21 + - checkov@3.1.61 + - osv-scanner@1.5.0 + - oxipng@9.0.0 + - renovate@37.134.0 + - terrascan@1.18.11 + - trivy@0.48.3 + - trufflehog@3.63.9 + - actionlint@1.6.26 - git-diff-check - - gitleaks@8.15.0 - - gofmt@1.16.7 - - golangci-lint@1.50.1 - - hadolint@2.10.0 - - markdownlint@0.32.2 - - prettier@2.7.1 - - shellcheck@0.8.0 - - shfmt@3.5.0 - - taplo@release-taplo-cli-0.7.0 - - yamllint@1.28.0 + - gitleaks@8.18.1 + - gofmt@1.20.4 + - golangci-lint@1.55.2 + - hadolint@2.12.0 + - markdownlint@0.38.0 + - prettier@3.2.2 + - shellcheck@0.9.0 + - shfmt@3.6.0 + - taplo@0.8.1 + - yamllint@1.33.0 threshold: - linters: [markdownlint] level: high @@ -50,9 +57,9 @@ lint: - .changes/unreleased/*.yaml cli: - version: 1.0.1 + version: 1.19.0 plugins: sources: - id: trunk - ref: v0.0.5 + ref: v1.2.1 uri: https://github.com/trunk-io/plugins diff --git a/.vscode/settings.json b/.vscode/settings.json index e16d1d2..7f41175 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -5,8 +5,8 @@ "[go]": { "debug.saveBeforeStart": "allEditorsInActiveGroup", "editor.codeActionsOnSave": { - "source.fixAll": true, - "source.organizeImports": false + "source.fixAll": "explicit", + "source.organizeImports": "never" }, "editor.defaultFormatter": "trunk.io", "editor.formatOnSave": true diff --git a/CHANGELOG.md b/CHANGELOG.md index 61050b8..4039b7f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,4 +6,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html), and is generated by [Changie](https://github.com/miniscruff/changie). -No releases yet, this file will be updated when generating your first release. +## v0.0.2 - 2024-01-16 + +### โฌ†๏ธ Dependencies + +- Update dependent libraries and go version. No user facing changes, just continued maintenance for improved security & stability. diff --git a/RELEASE.md b/RELEASE.md index 7a72121..df09d3a 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -18,7 +18,7 @@ This project uses an different approach to release, driving it from changelog an ### Creating New Notes - During development, new changes of note get tracked via `changie new`. This can span many pull requests, whatever makes sense as version to ship as changes to users. -- To release the changes into a version, `changie batch ` (unless breaking changes occur, you'll want to stick with minor for feature additions, and patch for fixes or non app work. +- To release the changes into a version, `changie batch auto` (unless breaking changes occur, you'll want to stick with minor for feature additions, and patch for fixes or non app work. Keep your summary of changes that users would care about in the `.changes/` files it will create. @@ -26,6 +26,8 @@ Keep your summary of changes that users would care about in the `.changes/` file Update [CHANGELOG.md](CHANGELOG.md) by running `changie merge` which will rebuild the changelog file with all the documented notes. +> This will bump the version automatically in the `task.json` and `package.json`. + ### Format & Lint - Run `trunk fmt --all; trunk check --all` to finalize run through. diff --git a/dsv/package.json b/dsv/package.json index e475171..1d49765 100644 --- a/dsv/package.json +++ b/dsv/package.json @@ -1,6 +1,6 @@ { "name": "DelineaDSV", - "version": "1.0.0", + "version": "0.0.2", "description": "", "main": "index.js", "scripts": { @@ -9,15 +9,15 @@ "author": "", "license": "ISC", "dependencies": { - "azure-pipelines-task-lib": "4.4.0", + "azure-pipelines-task-lib": "4.8.0", "typed-rest-client": "1.8.11" }, "devDependencies": { - "@types/mocha": "10.0.1", - "@types/node": "18.17.4", - "@types/q": "1.5.5", + "@types/mocha": "10.0.6", + "@types/node": "20.11.4", + "@types/q": "1.5.8", "mocha": "10.2.0", "sync-request": "6.1.0", - "typescript": "4.9.5" + "typescript": "5.3.3" } } diff --git a/dsv/task.json b/dsv/task.json index aeb7aba..7327afe 100644 --- a/dsv/task.json +++ b/dsv/task.json @@ -11,7 +11,7 @@ "version": { "Major": 0, "Minor": 0, - "Patch": 1 + "Patch": 2 }, "instanceNameFormat": "Retrieve $(SecretPath) from Delinea DevOps Secrets Vault", "inputs": [