From 598590cd1df02edd0a4c579293d02007ecb93471 Mon Sep 17 00:00:00 2001 From: Sheldon Hull Date: Tue, 16 Jan 2024 14:03:25 +0100 Subject: [PATCH 1/5] chore: vscode gopls settings migration [skip ci] --- .vscode/settings.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index e16d1d2..7f41175 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -5,8 +5,8 @@ "[go]": { "debug.saveBeforeStart": "allEditorsInActiveGroup", "editor.codeActionsOnSave": { - "source.fixAll": true, - "source.organizeImports": false + "source.fixAll": "explicit", + "source.organizeImports": "never" }, "editor.defaultFormatter": "trunk.io", "editor.formatOnSave": true From e84d9e02e806c3ca1d1447946d61b012a7f03eb8 Mon Sep 17 00:00:00 2001 From: Sheldon Hull Date: Tue, 16 Jan 2024 14:05:56 +0100 Subject: [PATCH 2/5] chore(deps): bump tooling and dependent libraries --- .aqua/aqua.yaml | 22 ++++++++++++++++++++++ .changes/v0.0.1.md | 7 +++++++ .changie.yaml | 18 +++++++++++++++--- CHANGELOG.md | 8 +++++++- aqua.yaml | 22 ---------------------- 5 files changed, 51 insertions(+), 26 deletions(-) create mode 100644 .aqua/aqua.yaml create mode 100644 .changes/v0.0.1.md delete mode 100644 aqua.yaml diff --git a/.aqua/aqua.yaml b/.aqua/aqua.yaml new file mode 100644 index 0000000..d0eb4f8 --- /dev/null +++ b/.aqua/aqua.yaml @@ -0,0 +1,22 @@ +--- +# aqua - Declarative CLI Version Manager +# https://aquaproj.github.io/ +registries: + - type: standard + ref: v4.119.0 # renovate: depName=aquaproj/aqua-registry +packages: + - name: miniscruff/changie@v1.18.0 + - name: golang/go@go1.21.6 + - name: direnv/direnv@v2.33.0 + - name: magefile/mage@v1.15.0 + - name: charmbracelet/glow@v1.5.1 + - name: mvdan/gofumpt@v0.5.0 + - name: golang.org/x/tools/gopls@gopls/v0.14.2 + - name: golang/tools/gorename@v0.17.0 + - name: golang/tools/stringer@v0.17.0 + - name: golang/tools/gomvpkg@v0.17.0 + - name: golang/tools/godoc@v0.17.0 + - name: golang/tools/guru@v0.17.0 + - name: anchore/syft@v0.100.0 + - name: thycotic/dsv-cli@v1.40.5 + - name: Schniz/fnm@v1.35.1 diff --git a/.changes/v0.0.1.md b/.changes/v0.0.1.md new file mode 100644 index 0000000..89cadb7 --- /dev/null +++ b/.changes/v0.0.1.md @@ -0,0 +1,7 @@ +## v0.0.1 - 2024-01-16 + +### โฌ†๏ธ Dependencies + +- Update dependent libraries and go version. No user facing changes, just continued maintenance for improved security & stability. + +### Related diff --git a/.changie.yaml b/.changie.yaml index 7bf1e76..ee78051 100644 --- a/.changie.yaml +++ b/.changie.yaml @@ -30,14 +30,26 @@ footerFormat: | {{ end }} {{ end }} kinds: - - label: ๐ŸŽ‰ Feature - - label: ๐Ÿ”จ Refactor + - label: ๐Ÿค– CI & Build + auto: patch + - label: ๐ŸŽ‰ New Product Feature + auto: minor - label: โฌ‡๏ธ Deprecated + auto: minor + - label: ๐Ÿงช Tests + auto: patch + - label: ๐Ÿ”จ Refactor + auto: patch - label: ๐Ÿ› Bug Fix + auto: patch - label: ๐Ÿ”ฅ Breaking Change + auto: minor - label: ๐Ÿ”’ Security + auto: patch - label: โฌ†๏ธ Dependencies - - label: ๐Ÿค– Development + auto: patch + - label: ๐Ÿ”ฅ Major Version Change (Breaking Changes) + auto: major newlines: afterChange: 0 afterChangelogHeader: 1 diff --git a/CHANGELOG.md b/CHANGELOG.md index 61050b8..67dbf9b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,4 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html), and is generated by [Changie](https://github.com/miniscruff/changie). -No releases yet, this file will be updated when generating your first release. +## v0.0.1 - 2024-01-16 + +### โฌ†๏ธ Dependencies + +- Update dependent libraries and go version. No user facing changes, just continued maintenance for improved security & stability. + +### Related diff --git a/aqua.yaml b/aqua.yaml deleted file mode 100644 index 70df7fc..0000000 --- a/aqua.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# aqua - Declarative CLI Version Manager -# https://aquaproj.github.io/ -registries: - - type: standard - ref: v4.35.0 # renovate: depName=aquaproj/aqua-registry -packages: - - name: miniscruff/changie@v1.12.0 - - name: golang/go@go1.20.6 - - name: direnv/direnv@v2.32.3 - - name: magefile/mage@v1.15.0 - - name: charmbracelet/glow@v1.5.1 - - name: mvdan/gofumpt@v0.5.0 - - name: golang.org/x/tools/gopls@v0.13.1 - - name: golang/tools/gorename@v0.12.0 - - name: golang/tools/stringer@v0.12.0 - - name: golang/tools/gomvpkg@v0.12.0 - - name: golang/tools/godoc@v0.12.0 - - name: golang/tools/guru@v0.12.0 - - name: anchore/syft@v0.86.1 - - name: thycotic/dsv-cli@v1.40.5 - - name: Schniz/fnm@v1.35.0 From 1f53d8b1b09f15d42c7c0333b2b8d7db6229733d Mon Sep 17 00:00:00 2001 From: Sheldon Hull Date: Tue, 16 Jan 2024 14:05:56 +0100 Subject: [PATCH 3/5] chore(deps): bump tooling and dependent libraries --- dsv/package.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/dsv/package.json b/dsv/package.json index e475171..56f5428 100644 --- a/dsv/package.json +++ b/dsv/package.json @@ -9,15 +9,15 @@ "author": "", "license": "ISC", "dependencies": { - "azure-pipelines-task-lib": "4.4.0", + "azure-pipelines-task-lib": "4.8.0", "typed-rest-client": "1.8.11" }, "devDependencies": { - "@types/mocha": "10.0.1", - "@types/node": "18.17.4", - "@types/q": "1.5.5", + "@types/mocha": "10.0.6", + "@types/node": "20.11.4", + "@types/q": "1.5.8", "mocha": "10.2.0", "sync-request": "6.1.0", - "typescript": "4.9.5" + "typescript": "5.3.3" } } From c6462307c1672a8e505f248482578caad17d8335 Mon Sep 17 00:00:00 2001 From: Sheldon Hull Date: Tue, 16 Jan 2024 14:56:12 +0100 Subject: [PATCH 4/5] chore(release): upgrade dependencies and versioning strategy - Updated various dependencies for enhanced security and stability - Switched to automatic versioning using 'changie batch auto' - Aligned package and task.json versions with release via changie - Updated Go, Node, and Python versions - Updated linter versions for various languages - Configured `.gitignore` to ignore new tool operations - Updated trunk and plugin references in `trunk.yaml` - Minor alterations on `CHANGELOG.md` and `RELEASE.md` based on new versioning strategy - Adjusted cli version in `trunk.yaml` file - Version bump in `package.json` and `task.json` reflecting new release version - No breaking or user-facing changes introduced. --- .changes/{v0.0.1.md => v0.0.2.md} | 4 +--- .changie.yaml | 14 +++++++++++ .node-version | 2 +- .trunk/.gitignore | 2 ++ .trunk/trunk.yaml | 39 ++++++++++++++++++------------- CHANGELOG.md | 4 +--- RELEASE.md | 4 +++- dsv/package.json | 2 +- dsv/task.json | 2 +- 9 files changed, 47 insertions(+), 26 deletions(-) rename .changes/{v0.0.1.md => v0.0.2.md} (81%) diff --git a/.changes/v0.0.1.md b/.changes/v0.0.2.md similarity index 81% rename from .changes/v0.0.1.md rename to .changes/v0.0.2.md index 89cadb7..1c275c2 100644 --- a/.changes/v0.0.1.md +++ b/.changes/v0.0.2.md @@ -1,7 +1,5 @@ -## v0.0.1 - 2024-01-16 +## v0.0.2 - 2024-01-16 ### โฌ†๏ธ Dependencies - Update dependent libraries and go version. No user facing changes, just continued maintenance for improved security & stability. - -### Related diff --git a/.changie.yaml b/.changie.yaml index ee78051..a55aa12 100644 --- a/.changie.yaml +++ b/.changie.yaml @@ -93,3 +93,17 @@ custom: type: int minLength: 6 optional: true +replacements: + # chart versions align with the release and get bumped by changie for us on `changie merge`. + - path: 'dsv/package.json' + find: ' "version": ".*",' + replace: ' "version": "{{.VersionNoPrefix}}",' + - path: dsv/task.json + find: ' "Major": .*,' + replace: ' "Major": {{.Major}},' + - path: dsv/task.json + find: ' "Minor": .*,' + replace: ' "Minor": {{.Minor}},' + - path: dsv/task.json + find: ' "Patch": .*' + replace: ' "Patch": {{.Patch}}' diff --git a/.node-version b/.node-version index 7ec5619..8b0beab 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -18.17.1 \ No newline at end of file +20.11.0 diff --git a/.trunk/.gitignore b/.trunk/.gitignore index cf2f254..15966d0 100644 --- a/.trunk/.gitignore +++ b/.trunk/.gitignore @@ -2,6 +2,8 @@ *logs *actions *notifications +*tools plugins user_trunk.yaml user.yaml +tmp diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 2a0f718..9e16922 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -16,23 +16,30 @@ actions: - files: [go.mod] runtimes: enabled: - - go@1.18.3 - - node@16.14.2 - - python@3.10.3 + - go@1.21.6 + - node@20.11.0 + - python@3.10.8 lint: enabled: - - actionlint@1.6.21 + - checkov@3.1.61 + - osv-scanner@1.5.0 + - oxipng@9.0.0 + - renovate@37.134.0 + - terrascan@1.18.11 + - trivy@0.48.3 + - trufflehog@3.63.9 + - actionlint@1.6.26 - git-diff-check - - gitleaks@8.15.0 - - gofmt@1.16.7 - - golangci-lint@1.50.1 - - hadolint@2.10.0 - - markdownlint@0.32.2 - - prettier@2.7.1 - - shellcheck@0.8.0 - - shfmt@3.5.0 - - taplo@release-taplo-cli-0.7.0 - - yamllint@1.28.0 + - gitleaks@8.18.1 + - gofmt@1.20.4 + - golangci-lint@1.55.2 + - hadolint@2.12.0 + - markdownlint@0.38.0 + - prettier@3.2.2 + - shellcheck@0.9.0 + - shfmt@3.6.0 + - taplo@0.8.1 + - yamllint@1.33.0 threshold: - linters: [markdownlint] level: high @@ -50,9 +57,9 @@ lint: - .changes/unreleased/*.yaml cli: - version: 1.0.1 + version: 1.19.0 plugins: sources: - id: trunk - ref: v0.0.5 + ref: v1.2.1 uri: https://github.com/trunk-io/plugins diff --git a/CHANGELOG.md b/CHANGELOG.md index 67dbf9b..4039b7f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,10 +6,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html), and is generated by [Changie](https://github.com/miniscruff/changie). -## v0.0.1 - 2024-01-16 +## v0.0.2 - 2024-01-16 ### โฌ†๏ธ Dependencies - Update dependent libraries and go version. No user facing changes, just continued maintenance for improved security & stability. - -### Related diff --git a/RELEASE.md b/RELEASE.md index 7a72121..df09d3a 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -18,7 +18,7 @@ This project uses an different approach to release, driving it from changelog an ### Creating New Notes - During development, new changes of note get tracked via `changie new`. This can span many pull requests, whatever makes sense as version to ship as changes to users. -- To release the changes into a version, `changie batch ` (unless breaking changes occur, you'll want to stick with minor for feature additions, and patch for fixes or non app work. +- To release the changes into a version, `changie batch auto` (unless breaking changes occur, you'll want to stick with minor for feature additions, and patch for fixes or non app work. Keep your summary of changes that users would care about in the `.changes/` files it will create. @@ -26,6 +26,8 @@ Keep your summary of changes that users would care about in the `.changes/` file Update [CHANGELOG.md](CHANGELOG.md) by running `changie merge` which will rebuild the changelog file with all the documented notes. +> This will bump the version automatically in the `task.json` and `package.json`. + ### Format & Lint - Run `trunk fmt --all; trunk check --all` to finalize run through. diff --git a/dsv/package.json b/dsv/package.json index 56f5428..1d49765 100644 --- a/dsv/package.json +++ b/dsv/package.json @@ -1,6 +1,6 @@ { "name": "DelineaDSV", - "version": "1.0.0", + "version": "0.0.2", "description": "", "main": "index.js", "scripts": { diff --git a/dsv/task.json b/dsv/task.json index aeb7aba..7327afe 100644 --- a/dsv/task.json +++ b/dsv/task.json @@ -11,7 +11,7 @@ "version": { "Major": 0, "Minor": 0, - "Patch": 1 + "Patch": 2 }, "instanceNameFormat": "Retrieve $(SecretPath) from Delinea DevOps Secrets Vault", "inputs": [ From 32fbdd43620bbc8d6479bd2c774b67567dcda109 Mon Sep 17 00:00:00 2001 From: Sheldon Hull Date: Thu, 18 Jan 2024 17:13:47 +0100 Subject: [PATCH 5/5] ci(lint): add permissions to lint workflow - Added 'pull-requests', 'contents' read permissions - Added 'checks' write permission --- .github/workflows/lint.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index eb8b72e..e73e0f2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -8,6 +8,10 @@ on: pull_request: workflow_dispatch: workflow_call: # so composite actions can use this +permissions: + pull-requests: read + contents: read + checks: write jobs: lint: uses: delineaxpm/github-workflows/.github/workflows/lint.yml@main