⚠️ CONFLICT! Lineage pull request for: skeleton #55
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [crazy-max/ghaction-github-status](https://github.com/crazy-max/ghaction-github-status) from 3 to 4. - [Release notes](https://github.com/crazy-max/ghaction-github-status/releases) - [Commits](crazy-max/ghaction-github-status@v3...v4) --- updated-dependencies: - dependency-name: crazy-max/ghaction-github-status dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Also add a runner hardening task to the labeler job.
Co-authored-by: Nick <[email protected]>
…up-env files Co-authored-by: Nick <[email protected]>
@mcdonnnj correctly pointed out that other projects add their own configuration files that match, e.g., the /.*.yaml pattern. We want to ensure that we only own the linter configuration files from the skeleton. Co-authored-by: Nick <[email protected]>
The CodeQL workflow already had a harden-runner task, but it's good to agree everywhere with the changes we made to the build.yml workflow in cisagov/skeleton-generic#144.
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 2 to 3. - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](hashicorp/setup-terraform@v2...v3) --- updated-dependencies: - dependency-name: hashicorp/setup-terraform dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
ansible-galaxy does not appear to allow roles to depend on collections. See here for more details: cisagov/skeleton-ansible-role#153 (comment)
We prefer block style to flow style for sequences and mappings in YAML.
We prefer to alphabetize mapping keys in YAML documents whenever possible.
This should improve compatibility with merge queues. We configure it to only trigger on the `checks_requested` type which is currently the only supported type for this trigger. If additional types are added in the future they should be added if appropriate.
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
This hook bundles the binaries for shfmt with a Python package which removes the need to manually install the tool for the hook to function.
The new pre-commit hook provides `shfmt` binaries so we no longer need to ensure it is installed.
Since shfmt now supports long command line options we should use them as that is our preference. The single quotes for the number of spaces to indent is changed to double quotes to align with our usual quotation style.
These options are baked into the functionality of the old hook but must be explicitly declared for the new hook.
This sets the default shell for any run steps in the build workflow to mirror our standard shellscript writing practices. In addition to enabling our standard options it will also enable errtrace and print any commands that are run which should make debugging/troubleshooting more straightforward.
This will run the Go tool `goimports` against the repository if it contains any Go files. This tool bundles the functionality of `go fmt` with the additional benefit of sorting Go imports much like the isort tool we use for Python code.
This is a temporary fix until @mcdonnnj has his PR approved and merged into the terraform-docs repo. This fix will perform a shallow clone of his forked branch, build the binary, and install it.
Co-authored-by: Nick <[email protected]>
Co-authored-by: Shane Frasier <[email protected]>
PATH is handled by `setup-go` so we can refactor the code setting it. Also we are taking advantage of the -C switch to handle building from the cloned repository. Co-authored-by: Nick <[email protected]>
`TODO` was placed on the wrong comment block. Also I am adding a link to the issue for the TODO.
Co-authored-by: dav3r <[email protected]>
This commit is introducing 2 new flags into the setup-env script. -l or --list-versions will list available Python versions and allow the user to select a version interactively. The second flag -v or --version will allow a user to set the version if installed. (e.g. ./setup-env -v 3.9.6)
This makes the code a bit cleaner and still accomplishes the same functionality Co-authored-by: Shane Frasier <[email protected]>
jsf9k
added
improvement
This allows us to run each platform's Molecule tests separately. This at least makes it easier and faster to re-run platforms that sporadically fail.
jsf9k
force-pushed
the
lineage/skeleton
branch
3 times, most recently
from
7db43cf to
e1b918b
Compare
For reasons I haven't been able to discern, the Fedora and Ubuntu Focal molecule tests work fine locally but fail in GitHub Actions due to being unable to perform some iptables operations. I would think this was due to some kernel module not being loaded in the underlying host instance, except that other platforms pass just fine in GitHub Actions. I've already spent too much time on this, and the role works just fine when building a Fedora AMI and we do not actually require Ubuntu Focal support, so I will make the executive decision to remove Fedora and Ubuntu Focal support for now. I created issue #3 to document this.
jsf9k
requested review from
dav3r,
felddy,
jasonodoom,
jsf9k and
mcdonnnj
as code owners
|
@mcdonnnj and @dav3r - Are you OK with this temporary solution? Note that cisagov/ansible-role-openvpn#78 would need similar changes (i.e., temporarily dropping support for Ubuntu Focal and Fedora). I think that is OK since we don't require Ubuntu or Fedora support for that role. |
|
I am fine with temporarily removing support for Ubuntu Focal and Fedora. |
dav3r
approved these changes
Apr 23, 2024
dv4harr10
approved these changes
Apr 23, 2024
mcdonnnj
approved these changes
Apr 24, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Lineage Pull Request: CONFLICT
Lineage has created this pull request to incorporate new changes found in an
upstream repository:
Upstream repository:
https://github.com/cisagov/skeleton-ansible-role.gitRemote branch:
HEADCheck the changes in this pull request to ensure they won't cause issues with
your project.
The
lineage/skeletonbranch has one or more unresolved merge conflictsthat you must resolve before merging this pull request!
How to resolve the conflicts
Take ownership of this pull request by removing any other assignees.
Clone the repository locally, and reapply the merge:
Review the changes displayed by the
statuscommand. Fix any conflicts andpossibly incorrect auto-merges.
After resolving each of the conflicts,
addyour changes to thebranch,
commit, andpushyour changes:Note that you may append to the default merge commit message
that git creates for you, but please do not delete the existing
content. It provides useful information about the merge that is
being performed.
Wait for all the automated tests to pass.
Confirm each item in the "Pre-approval checklist" below.
Remove any of the checklist items that do not apply.
Ensure every remaining checkbox has been checked.
Mark this draft pull request "Ready for review".
✅ Pre-approval checklist
Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!
Note
You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.
For more information:
🛠 Lineage configurations for this project are stored in
.github/lineage.yml📚 Read more about Lineage