Added README, LICENSE, CONTRIBUTING, CODE_OF_CONDUCT md files

ibarra-michelle · ibarra-michelle · commit e6bc7750a6cf · 2022-03-15T16:03:05.000-04:00
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
@@ -0,0 +1,29 @@
+# US-EPA-CAMD Code of Conduct
+## Introduction
+We are committed to building a safe, friendly, and harassment-free culture for everyone. We pledge to interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
+
+## Scope
+This Code of Conduct applies to the [USEPA](https://github.com/USEPA) GitHub organization, its communications, events, and anyone participating in the US-EPA-CAMD GitHub community. Your use of our repositories means you accept and agree to abide by this Code of Conduct, and the [EPA Comment Policy,](https://www.epa.gov/web-policies-and-procedures/epa-comment-policy/) which will be periodically revised.
+
+## Expectations of Visitors and Contributors
+We expect all visitors and contributors to the US-EPA-CAMD GitHub organization and its repositories to have a safe and engaging experience that is beneficial to our community. Members of our community have a diverse set of experiences and skillsets. As you engage our community, please ensure you are:
+- Considerate: As an open source community, what you do will affect others. Ensure what you do is in the best interest of the project, and community at large.
+- Collaborative: The essence of open source is collaborative in nature. Be respectful of differing opinions and viewpoints.
+- Patient: Remember that open source is a culture change in government and while this repository is a testament to that change, change is occurring thanks to many in this community. Be patient if your question or issue is not answered right away. 
+- Be mindful: Be aware of your actions, and others' actions. Treat people with empathy, dignity, and respect - the way you want to be treated.
+- Use clear communication: We don’t all speak the same language. Further, written or typed words may lack the tone or body language necessary to interpret intent or meaning. If your words could have more than one meaning, take time to be clear with your words and remember to be kind.
+
+## Unacceptable Behavior
+Users have a reasonable expectation to engage in our community free from harassment. Harassment can include but is not limited to offensive verbal comments related to gender, age, sexual orientation, disability, physical appearance, race, religion, deliberate intimidation, disruption of talks or events. 
+Anything that is unlawful, objectionable, offensive, abusive, threatening, defamatory, obscene, hateful, inflammatory, profane, racially, sexually or religiously offensive is not permitted.
+
+## Enforcement
+Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful. Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, issues, and other contributions that are not aligned to this Code of Conduct.
+
+Unacceptable behavior from any community member, including those with decision-making authority, will not be tolerated. Anyone asked to cease unacceptable behavior is expected to comply immediately. If a community member engages in unacceptable behavior, the US-EPA-CAMD GitHub organization will take any action it deems appropriate, up to and including a temporary ban or permanent expulsion from the community without warning. This can include removal from email lists, team meetings, and repositories.
+
+## Attribution
+This Code of Conduct is adapted from the following sources:
+- [Contributor Covenant](https://www.contributor-covenant.org/)
+- [Technology Transformation Services (TTS) Code of Conduct](https://18f.gsa.gov/code-of-conduct/)
+- [Consumer Financial Protection Bureau (CFPB) Code of Conduct](https://github.com/cfpb/consumerfinance.gov/blob/main/CODE_OF_CONDUCT.md)
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,12 @@
+## Welcome!
+
+We’re so glad you’re thinking about contributing to an EPA open source project!
+
+Please be aware that this repository is currently undergoing testing, so it is likely we will not immediately address your issue or pull request as your idea may already be in our product roadmap. 
+
+We encourage you to read this project’s CONTRIBUTING policy (you are here), its
+[LICENSE](https://github.com/usepa/code-json-generator/blob/main/LICENSE), and its [README](https://github.com/usepa/code-json-generator/blob/README.md).
+
+All contributions to this project will be released under the MIT dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest.
+
+If you have any questions or want to read more, check out the [EPA Open Source Project Repo](https://github.com/USEPA/open-source-projects) and [EPA's Open Source Software Guide](https://www.epa.gov/developers/code).
diff --git a/LICENSE.md b/LICENSE.md
@@ -0,0 +1,21 @@
+#MIT License
+
+Copyright (c) 2020 U.S. Federal Government (in countries where recognized)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
@@ -0,0 +1,209 @@
+
+Inventory
+=========
+
+![Daily code.json update](https://github.com/usepa/code-json-generator/workflows/Daily%20code.json%20update/badge.svg)
+
+This application generates a machine-readable software inventory compliant
+with [Code.gov Metadata Schema version 2.0.0][1]. To accomplish this goal,
+the application connects to a series of Git hosting API "endpoints",
+inspects the configured projects, and generates an inventory. This application has been enhanced to automate the generation of the [Agency's code.json file](https://code-json-cg.app.cloud.gov/code.json) through GitHub Actions.
+
+The application configuration supports internal/external hosting platforms
+with or without authentication (for private repositories). It currently works
+with GitHub and GitLab REST APIs but could easily be extended for other hosting
+platform APIs as well.
+
+For each project, the application will attempt to use a developer-provided
+"code.json" snippet which is a JSON file containing the "releases" array
+for the project as defined by the [Code.gov Metadata Schema version 2.0.0][1].
+
+If a "code.json" snippet file is not provided by the project maintainer, the
+application will attempt to infer sufficient/required properties from the
+target project and generate the best possible metadata for inclusion in the
+agency inventory.
+
+Generating the code.json file
+---------------
+The code.json file can be generated by any of the GitHub Actions: 
+
+1. The [daily.yml](https://github.com/USEPA/code-json-generator/actions/workflows/daily.yml) generates the code.json file to this repository's [output branch](https://github.com/USEPA/code-json-generator/tree/output).
+
+2. The [daily-deploy.yml](https://github.com/USEPA/code-json-generator/actions/workflows/daily-deploy.yml) generates the code.json file to this repository's [master branch](https://github.com/USEPA/code-json-generator/tree/master). Currently, this workflow is not active.
+
+3. The [go-push (replacing Build and Deploy)](https://github.com/USEPA/code-json-generator/actions/workflows/go-push.yml) generates the code.json file to this repository's [master branch](https://github.com/USEPA/code-json-generator/tree/master) on the git push command. Currently, this workflow is not active.
+
+Branch Directory
+---------------
+1. output - includes the code.json file generated by the [daily.yml](https://github.com/USEPA/code-json-generator/actions/workflows/daily.yml).
+2. cloudgov-deployment - provides intial code-json-generator GitHub Action workflow and removes 4000+ commit history generating the code.json file and deploying to cloud.gov. 
+3. including-history and history-cloud.gov-deployment - provides intial code-json-generator GitHub Action workflow and includes 4000+ commit history generating the code.json file and deploying to cloud.gov. 
+
+
+Getting Started - deploying to cloud.gov
+---------------
+
+This section describes the process to acquire and run the code-json-generator
+application in cloud.gov with the daily-deploy.yml workflow.
+
+### Prerequisites
+
+This application is a command line Node application. Node must be installed
+on the system prior to running this application.
+
+[https://nodejs.org/][2]
+
+### Install the application
+
+On the command line:
+```
+$ npm install -g code-json-generator
+```
+
+### Configure the application runtime
+
+The application requires a configuration file to dictate which repositories
+to include in the generated inventory. An [example configuration file][3]
+is provided to help get started.
+
+1. Update the configuration file with your Agency's respective endpoints.
+2. Delete the existing create-agency-inventory-config.js file in the bin folder.
+3. Move the new configuration file from the etc folder into the bin folder.
+4. Rename the configuration file to create-agency-inventory-config.js.
+
+Running locally or on cloud.gov
+-------------------------------
+You can run the code.json generator locally or deploy it to cloud.gov.
+
+### Run the application locally
+
+Running the application locally will help identify the specific repositories with missing or invalid code.json files. After all repositories have a valid code.json file, running the application will generate the Agency code.json locally.
+
+The application provides command-line usage syntax help via the `--help` switch.
+```
+$ create-inventory.js --help
+
+  Usage: create-inventory [options]
+
+  Options:
+
+    -V, --version            output the version number
+    -c, --configFile <file>  Configuration file
+    -h, --help               output usage information
+```
+To run the application locally, you need to:
+
+1. Change the working directory to the bin folder. 
+
+2. To generate an inventory, run the application and provide a configuration file
+using the `--configFile <file>` switch. The generated inventory will, by
+default, be printed to STDOUT. This output can be redirected to a file
+for persistence.
+
+``` 
+$ create-inventory.js --configFile ./create-agency-inventory.config.json > code.json
+```
+> Note: This example assumes a file containing proper configuration is located
+> in the current working directory and is called `create-agency-inventory.config.json`.
+> Adjust this usage to suit actual work environment.
+
+Deployment to Cloud.gov with GitHub Actions
+-------------------------------------------
+You can deploy the app to Cloud.gov with GitHub Actions.
+
+### Prerequisites
+To do this you will need a Cloud.gov account and the [Cloud Foundry Command Line Tools](https://github.com/cloudfoundry/cli#installers-and-compressed-binaries) installed on your machine.  
+
+1. Login to cloud.gov
+2. Navigate to your organization's space which the app will be deployed to.
+3. Follow the documentation to create a cloud.gov service account plan: [space deployer](https://cloud.gov/docs/services/cloud-gov-service-account/) for continuous deployment to Cloud.gov.
+4. Add the service key username as the CG_USERNAME secret in the GitHub Repository's Secrets.
+5. Add the service key username as the CG_USERNAME secret in the GitHub Repository's Secrets. 
+
+### Deploying to cloud.gov
+
+You need to establish the name of your application before deploying it to cloud.gov.
+
+1. Change the working directory to the etc/manifests folder.
+
+2. Open the frontend.yml file.
+
+3. Update the applications "name:" to whatever subdomain you wish to use (e.g., your-app-name).
+
+4. Save, commit and push your changes.
+
+5. You will see the code.json file located at: your-app-name.app.cloud.gov/code.json
+
+### Update frequency of the Agency's code.json file
+
+You can modify how frequently the Agency's code.json file is generated and published to cloud.gov.
+
+1. Change the working directory to the .github/workflows folder.
+
+2. Open the daily-deploy.yml file.
+
+3. Update the `schedule` event per the desired frequency.
+
+4. Save, commit and push your changes.
+
+Agency code.json Daily update through GitHub Actions
+-------------------------------------------
+
+GitHub Actions is being used to run a scheduled event to create the Agency's code.json file daily.
+
+As mentioned earlier, if a "code.json" snippet file is not provided by the project maintainer, the
+application will attempt to infer sufficient/required properties from the
+target project and generate the best possible metadata for inclusion in the
+agency inventory.
+
+The example EPA Agency code.json for the github.com/USEPA organization can be [found here](https://code-json-cg.app.cloud.gov/code.json). 
+
+Development
+-----------
+
+To develop and possibly contribute to this project please review the
+[code of conduct][4] and [contributing guidelines][5].
+
+### Obtain the source code
+
+Potentially fork this repository and then clone the fork to obtain the source
+code.
+
+```
+$ git clone <fork_urn>/code-json-generator.git
+$ cd code-json-generator
+```
+
+### Develop in a feature branch
+
+Updates should be developed in a feature branch on the local clone of a fork.
+```
+$ git checkout -b feature-X
+```
+
+### Submit pull requests for review and integration
+
+Commit changes to feature branches and push feature branches to the forked
+remote. Submit a pull request back to this upstream repository for review
+and integration. If the pull request fixes an open issue on this repository,
+include the text `fixes #N` (where `N` is the issue number fixed) in the
+pull request title or description.
+```
+$ git commit -am 'Implemented feature'
+$ git push origin feature-X
+```
+
+
+[1]: https://code.gov/#/policy-guide/docs/compliance/inventory-code
+[2]: https://nodejs.org/
+[3]: ./etc/config-example.json
+[4]: ./CODE_OF_CONDUCT.md
+[5]: ./CONTRIBUTING.md
+
+### Credits
+
+This repository reused material from the [USGS code-json-generator repository](https://github.com/usgs/code-json-generator/).
+
+### Disclaimer
+
+The United States Environmental Protection Agency (EPA) GitHub project code is provided on an "as is" basis and the user assumes responsibility for its use.  EPA has relinquished control of the information and no longer has responsibility to protect the integrity , confidentiality, or availability of the information.  Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation or favoring by EPA.  The EPA seal and logo shall not be used in any manner to imply endorsement of any commercial product or activity by EPA or the United States Government.
