Merge pull request #61 from cisagov/skeletonize

Skeletonize

Author: jsf9k

.ansible-lint

@@ -0,0 +1,22 @@
+---
+# See https://ansible-lint.readthedocs.io/en/latest/configuring.html
+# for a list of the configuration elements that can exist in this
+# file.
+enable_list:
+  # Useful checks that one must opt-into.  See here for more details:
+  # https://ansible-lint.readthedocs.io/en/latest/rules.html
+  - fcqn-builtins
+  - no-log-password
+  - no-same-owner
+exclude_paths:
+  # This exclusion is implicit, unless exclude_paths is defined
+  - .cache
+  # Seems wise to ignore this too
+  - .github
+kinds:
+  # This will force our systemd specific molecule configurations to be treated
+  # as plain yaml files by ansible-lint. This mirrors the default kind
+  # configuration in ansible-lint for molecule configurations:
+  # yaml: "**/molecule/*/{base,molecule}.{yaml,yml}"
+  - yaml: "**/molecule/*/molecule-{no,with}-systemd.yml"
+use_default_rules: true

.bandit.yml

@@ -0,0 +1,13 @@
+---
+# Configuration file for the Bandit python security scanner
+# https://bandit.readthedocs.io/en/latest/config.html
+
+# Tests are first included by `tests`, and then excluded by `skips`.
+# If `tests` is empty, all tests are are considered included.
+
+tests:
+# - B101
+# - B102
+
+skips:
+  - B101  # skip "assert used" check since assertions are required in pytests

.flake8

@@ -0,0 +1,25 @@
+[flake8]
+max-line-length = 80
+# Select (turn on)
+# * Complexity violations reported by mccabe (C) -
+#   http://flake8.pycqa.org/en/latest/user/error-codes.html#error-violation-codes
+# * Documentation conventions compliance reported by pydocstyle (D) -
+#   http://www.pydocstyle.org/en/stable/error_codes.html
+# * Default errors and warnings reported by pycodestyle (E and W) -
+#   https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes
+# * Default errors reported by pyflakes (F) -
+#   http://flake8.pycqa.org/en/latest/glossary.html#term-pyflakes
+# * Default warnings reported by flake8-bugbear (B) -
+#   https://github.com/PyCQA/flake8-bugbear#list-of-warnings
+# * The B950 flake8-bugbear opinionated warning -
+#   https://github.com/PyCQA/flake8-bugbear#opinionated-warnings
+select = C,D,E,F,W,B,B950
+# Ignore flake8's default warning about maximum line length, which has
+# a hard stop at the configured value.  Instead we use
+# flake8-bugbear's B950, which allows up to 10% overage.
+#
+# Also ignore flake8's warning about line breaks before binary
+# operators.  It no longer agrees with PEP8.  See, for example, here:
+# https://github.com/ambv/black/issues/21. Guido agrees here:
+# https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b.
+ignore = E501,W503

.github/CODEOWNERS

@@ -0,0 +1,10 @@
+# Each line is a file pattern followed by one or more owners.
+
+# These owners will be the default owners for everything in the
+# repo. Unless a later match takes precedence, these owners will be
+# requested for review when someone opens a pull request.
+* @dav3r @jsf9k @mcdonnnj
+
+# These folks own any files in the .github directory at the root of
+# the repository and any of its subdirectories.
+/.github/ @dav3r @felddy @jsf9k @mcdonnnj

.github/dependabot.yml

@@ -0,0 +1,45 @@
+---
+
+# Any ignore directives should be uncommented in downstream projects to disable
+# Dependabot updates for the given dependency. Downstream projects will get
+# these updates when the pull request(s) in the appropriate skeleton are merged
+# and Lineage processes these changes.
+
+version: 2
+updates:
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    ignore:
+      # Managed by cisagov/skeleton-generic
+      - dependency-name: actions/cache
+      - dependency-name: actions/checkout
+      - dependency-name: actions/setup-go
+      - dependency-name: actions/setup-python
+      - dependency-name: hashicorp/setup-terraform
+      - dependency-name: mxschmitt/action-tmate
+      # Managed by cisagov/skeleton-docker
+      - dependency-name: actions/download-artifact
+      - dependency-name: actions/github-script
+      - dependency-name: actions/upload-artifact
+      - dependency-name: docker/build-push-action
+      - dependency-name: docker/login-action
+      - dependency-name: docker/setup-buildx-action
+      - dependency-name: docker/setup-qemu-action
+      - dependency-name: github/codeql-action
+
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "terraform"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/labels.yml

@@ -0,0 +1,73 @@
+---
+# Rather than breaking up descriptions into multiline strings we disable that
+# specific rule in yamllint for this file.
+# yamllint disable rule:line-length
+- color: "eb6420"
+  description: This issue or pull request is awaiting the outcome of another issue or pull request
+  name: blocked
+- color: "000000"
+  description: This issue or pull request involves changes to existing functionality
+  name: breaking change
+- color: "d73a4a"
+  description: This issue or pull request addresses broken functionality
+  name: bug
+- color: "07648d"
+  description: This issue will be advertised on code.gov's Open Tasks page (https://code.gov/open-tasks)
+  name: code.gov
+- color: "0366d6"
+  description: Pull requests that update a dependency file
+  name: dependencies
+- color: "2497ed"
+  description: Pull requests that update Docker code
+  name: docker
+- color: "5319e7"
+  description: This issue or pull request improves or adds to documentation
+  name: documentation
+- color: "cfd3d7"
+  description: This issue or pull request already exists or is covered in another issue or pull request
+  name: duplicate
+- color: "b005bc"
+  description: A high-level objective issue encompassing multiple issues instead of a specific unit of work
+  name: epic
+- color: "000000"
+  description: Pull requests that update GitHub Actions code
+  name: github-actions
+- color: "0e8a16"
+  description: This issue or pull request is well-defined and good for newcomers
+  name: good first issue
+- color: "ff7518"
+  description: Pull request that should count toward Hacktoberfest participation
+  name: hacktoberfest-accepted
+- color: "a2eeef"
+  description: This issue or pull request will add or improve functionality, maintainability, or ease of use
+  name: improvement
+- color: "fef2c0"
+  description: This issue or pull request is not applicable, incorrect, or obsolete
+  name: invalid
+- color: "ce099a"
+  description: This pull request is ready to merge during the next Lineage Kraken release
+  name: kraken 🐙
+- color: "a4fc5d"
+  description: This issue or pull request requires further information
+  name: need info
+- color: "fcdb45"
+  description: This pull request is awaiting an action or decision to move forward
+  name: on hold
+- color: "3772a4"
+  description: Pull requests that update Python code
+  name: python
+- color: "ef476c"
+  description: This issue is a request for information or needs discussion
+  name: question
+- color: "00008b"
+  description: This issue or pull request adds or otherwise modifies test code
+  name: test
+- color: "1d76db"
+  description: This issue or pull request pulls in upstream updates
+  name: upstream update
+- color: "d4c5f9"
+  description: This issue or pull request increments the version number
+  name: version bump
+- color: "ffffff"
+  description: This issue will not be incorporated
+  name: wontfix

.github/lineage.yml

@@ -0,0 +1,5 @@
+---
+lineage:
+  skeleton:
+    remote-url: https://github.com/cisagov/skeleton-docker.git
+version: '1'