Remove depupdater workflows

remerge · Nov 23, 2023 · a23a7ed · a23a7ed
1 parent bf361e8
commit a23a7ed
Show file tree

Hide file tree

Showing 26 changed files with 1,013 additions and 395 deletions.
diff --git a/.checkov.yml b/.checkov.yml
@@ -0,0 +1,31 @@
+---
+quiet: true
+compact: false
+
+skip-check:
+  # https://github.com/bridgecrewio/checkov/issues/5286
+  - CKV_TF_1
+  # do not enforce Customer Supplied Encryption Keys (CSEK)
+  - CKV_GCP_37
+  - CKV_GCP_38
+  - CKV_GCP_80
+  - CKV_GCP_81
+  - CKV_GCP_83
+  - CKV_GCP_84
+  - CKV_GCP_85
+  - CKV_GCP_90
+  - CKV_GCP_91
+  - CKV_GCP_93
+  # do not enforce vpc flow logs
+  - CKV_GCP_26
+  - CKV_GCP_61
+  # restricted default service account is ok
+  - CKV_GCP_30
+  # do not enforce bucket access log
+  - CKV_GCP_62
+  # do not enforce bucket object versioning
+  - CKV_GCP_78
+  # we want serial port console access
+  - CKV_GCP_35
+  # base64 high entropy check causes too many false positives
+  - CKV_SECRET_6
diff --git a/.copier-answers.yml b/.copier-answers.yml
@@ -0,0 +1,16 @@
+---
+# Changes here will be overwritten by Copier
+_commit: v2.4.4
+_src_path: gh:remerge/template
+project_id: workflows
+project_license: private
+project_name: GitHub Actions Workflows
+project_owner: core
+project_type: default
+run_workflows_for_all_branches: false
+use_ansible: false
+use_consul: false
+use_golang: false
+use_nomad: false
+use_python: false
+use_terraform: false
diff --git a/.envrc b/.envrc
@@ -0,0 +1,20 @@
+# Turns on shell execution strictness. This will force the .envrc
+# evaluation context to exit immediately if:
+#
+# - any command in a pipeline returns a non-zero exit status that is
+#   not otherwise handled as part of `if`, `while`, or `until` tests,
+#   return value negation (`!`), or part of a boolean (`&&` or `||`)
+#   chain.
+# - any variable that has not explicitly been set or declared (with
+#   either `declare` or `local`) is referenced.
+strict_env
+
+# Loads a ".env" file into the current environment
+dotenv_if_exists "${PWD}"/../.env
+dotenv_if_exists "${PWD}"/.env
+
+# Add local scripts to PATH
+PATH_add "${PWD}/bin"
+
+# Enforce correct 1Password account
+export OP_ACCOUNT=remerge.1password.com
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1,2 @@
+# By default all files are owned by the project owner
+* @remerge/core
diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml
@@ -1,7 +1,8 @@
 ---
 self-hosted-runner:
-  # Labels of self-hosted runner in array of string
   labels:
     - generic
-    - default
+    - self-hosted
     - nomad
+    - docker
+    - default
diff --git a/.github/workflows/check-repos-i-depend-on.yml b/.github/workflows/check-repos-i-depend-on.yml
diff --git a/.github/workflows/handle-possible-dependency-update.yml b/.github/workflows/handle-possible-dependency-update.yml
diff --git a/.github/workflows/notify-repos-that-depend-on-me.yml b/.github/workflows/notify-repos-that-depend-on-me.yml
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
@@ -0,0 +1,28 @@
+---
+name: pre-commit
+
+on:
+  pull_request:
+  push:
+    branches: [main, master]
+
+permissions: read-all
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Load envrc
+        uses: HatsuneMiku3939/direnv-action@v1
+
+      - name: Setup pre-commit
+        run: python -m pip install pre-commit
+
+      - name: Install project dependencies
+        run: make install
+
+      - name: Run pre-commit checks
+        uses: pre-commit/[email protected]
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# By default all files are owned by the project owner
		* @remerge/core