Skip to content

Commit

Permalink
Merge branch 'main' into f/henriklundstrom/fix-required-checks-minus-…
Browse files Browse the repository at this point in the history
…apply
  • Loading branch information
henriklundstrom committed May 15, 2024
2 parents d5398eb + 6c3b17c commit bc44e6f
Show file tree
Hide file tree
Showing 177 changed files with 4,736 additions and 4,111 deletions.
2 changes: 1 addition & 1 deletion .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
# that flag starts the download asynchronously so we'd have a race
# condition.
# renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp
TERRAFORM_VERSION: 1.7.5
TERRAFORM_VERSION: 1.8.3
steps:
- checkout
- run: make build-service
Expand Down
12 changes: 12 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
root = true

[*]
charset = utf-8
end_of_line = lf
trim_trailing_whitespace = true
insert_final_newline = true

[*.md]
indent_style = space
indent_size = 3
trim_trailing_whitespace = false
2 changes: 1 addition & 1 deletion .github/labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,6 @@ provider/gitlab:

website:
- changed-files:
- any-glob-to-any-file: 'runatlantis.io/.vuepress/**/*'
- any-glob-to-any-file: 'runatlantis.io/.vitepress/**/*'
- any-glob-to-any-file: 'package.json'
- any-glob-to-any-file: 'pnpm-lock.yaml'
133 changes: 68 additions & 65 deletions .github/renovate.json5
Original file line number Diff line number Diff line change
@@ -1,108 +1,111 @@
{
extends: [
"config:base",
"schedule:daily",
'config:best-practices',
':separateMultipleMajorReleases',
'schedule:daily',
],
commitMessageSuffix: " in {{packageFile}}",
commitMessageSuffix: ' in {{packageFile}}',
dependencyDashboardAutoclose: true,
automerge: true,
baseBranches: ["main", "/^release\-.*/"],
baseBranches: [
'main',
'/^release-.*/',
],
platformAutomerge: true,
labels: ["dependencies"],
labels: [
'dependencies',
],
postUpdateOptions: [
"gomodTidy",
"gomodUpdateImportPaths",
"pnpmDedupe",
'gomodTidy',
'gomodUpdateImportPaths',
'pnpmDedupe',
],
// needed so e2e tests do not stomp over each other
prHourlyLimit: 1,
lockFileMaintenance: {
enabled: true,
},
osvVulnerabilityAlerts: true,
vulnerabilityAlerts: {
enabled: true,
labels: [
"security",
'security',
],
},
packageRules: [
// For vuepress
{
"matchPackageNames": ["vuepress", "@vuepress/client", "@vuepress/markdown", "@vuepress/utils"],
"groupName": "vuepress",
"allowedVersions": "!/pre.*$/",
"matchFileNames": ["package.json"],
"enabled": false
},
// e2e test depends on testing/Dockefile testing-image which has conftest specific version.
// to upgrade conftest versions, we need following PRs.
// 1. update testing/Dockerfile conftest version
// 2. update testing-env tag
// 3. update e2e conftest version
// This will allow conftest version updates in testing/Dockefile
{
matchPaths: ["testing/**"],
matchPackagePatterns: ["conftest"],
additionalBranchPrefix: "{{baseDir}}-",
groupName: "conftest-testing",
/*
prBodyNotes: [
":warning: Upgrade testing-env conftest and then upgrade other conftest versions for e2e :warning:",
matchFileNames: [
'testing/**',
],
*/
matchPackagePatterns: [
'conftest',
],
additionalBranchPrefix: '{{packageFileDir}}-',
groupName: 'conftest-testing',
},
{
ignorePaths: ["testing/**"],
matchPackagePatterns: ["github-actions"],
groupName: "github-",
ignorePaths: [
'testing/**',
],
matchPackagePatterns: [
'github-actions',
],
groupName: 'github-',
},
/*
// This tag is currently latest so we can skip this check for now unless we need to pin it again.
{
// we need to upgrade testing-env on ci quickly
matchPackageNames: ["ghcr.io/runatlantis/testing-env"],
groupName: "testing-env-ci-test",
schedule: ["every 1 hour after 00:00 and before 23:59 every day"],
matchDatasources: [
'docker',
],
matchPackageNames: [
'node',
'cimg/node',
],
versioning: 'node',
},
*/
{
// use LTS node version for node docker image
matchDatasources: ["docker"],
matchPackageNames: ["node", "cimg/node"],
versioning: "node",
matchPackageNames: [
'go',
'golang',
],
versioning: 'go',
groupName: 'go'
},
],
// https://docs.renovatebot.com/modules/manager/regex/
regexManagers: [
customManagers: [
{
fileMatch: ["(^|/)Dockerfile$", "(^|/)Dockerfile\\.[^/]*$"],
customType: 'regex',
fileMatch: [
'(^|/)Dockerfile$',
'(^|/)Dockerfile\\.[^/]*$',
],
matchStrings: [
// example:
// renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp
// ENV DEFAULT_TERRAFORM_VERSION=x.x.x
"renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\sENV .*?_VERSION=(?<currentValue>.*)\\s",
'renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\sENV .*?_VERSION=(?<currentValue>.*)\\s',
],
versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}",
versioningTemplate: '{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}',
extractVersionTemplate: '^v(?<version>\\d+\\.\\d+\\.\\d+)',
},
{
fileMatch: [".*go$"],
customType: 'regex',
fileMatch: [
'.*go$',
],
matchStrings: [
// example:
// const ConftestVersion = "x.x.x" // renovate: datasource=github-releases depName=open-policy-agent/conftest
"\\sconst .*Version = \"(?<currentValue>.*)\"\\s// renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s",
'\\sconst .*Version = "(?<currentValue>.*)"\\s// renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s',
],
versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}",
versioningTemplate: '{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}',
extractVersionTemplate: '^v(?<version>\\d+\\.\\d+\\.\\d+)',
},
{
fileMatch: [".circleci/config.yml$"],
customType: 'regex',
fileMatch: [
'.circleci/config.yml$',
'^\\.github/workflows/[^/]+\\.ya?ml$',
],
matchStrings: [
// example:
// # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp
// TRRAFORM_VERSION: x.x.x
"renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*?_VERSION: (?<currentValue>.*)\\s",
'renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*?_VERSION: (?<currentValue>.*)\\s',
],
versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}",
versioningTemplate: '{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}',
extractVersionTemplate: '^v(?<version>\\d+\\.\\d+\\.\\d+)',
},
]
],
}
23 changes: 14 additions & 9 deletions .github/workflows/atlantis-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,11 @@ on:
branches:
- 'main'
- 'release-**'
types:
- opened
- reopened
- synchronize
- ready_for_review
workflow_dispatch:

concurrency:
Expand All @@ -25,8 +30,8 @@ jobs:
if: github.event.pull_request.draft == false
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
id: changes
with:
filters: |
Expand All @@ -52,22 +57,22 @@ jobs:
PUSH: ${{ github.event_name != 'pull_request' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

# Lint the Dockerfile first before setting anything up
- name: Lint Dockerfile
uses: hadolint/[email protected]
uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: "Dockerfile"

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
with:
image: tonistiigi/binfmt:latest
platforms: arm64,arm

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
# https://github.com/docker/build-push-action/issues/761#issuecomment-1575006515
with:
driver-opts: |
Expand All @@ -81,7 +86,7 @@ jobs:
# if it's v0.10.0 and debian, it will do v0.10.0-debian, latest-debian
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
env:
SUFFIX: ${{ format('-{0}', matrix.image_type) }}
with:
Expand Down Expand Up @@ -113,7 +118,7 @@ jobs:
# Suffix is not used here since there's no way to disable it above
- name: Login to Packages Container registry
uses: docker/login-action@v3
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand All @@ -126,7 +131,7 @@ jobs:

- name: "Build ${{ env.PUSH == 'true' && 'and push' || '' }} ${{ env.DOCKER_REPO }} image"
if: contains(fromJson('["push", "pull_request"]'), github.event_name)
uses: docker/build-push-action@v5
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5
with:
cache-from: type=gha
cache-to: type=gha,mode=max
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@ jobs:
if: github.event.pull_request.draft == false
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
id: changes
with:
filters: |
Expand Down Expand Up @@ -67,11 +67,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -85,7 +85,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
uses: github/codeql-action/autobuild@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -98,7 +98,7 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3
with:
category: "/language:${{matrix.language}}"

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,4 @@ jobs:
if: github.event.pull_request.draft == false
runs-on: ubuntu-22.04
steps:
- uses: actions/labeler@v5
- uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5
10 changes: 5 additions & 5 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ jobs:
if: github.event.pull_request.draft == false
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
id: changes
with:
filters: |
Expand All @@ -39,15 +39,15 @@ jobs:
name: Linting
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

# need to setup go toolchain explicitly
- uses: actions/setup-go@v5
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
with:
go-version-file: go.mod

- name: golangci-lint
uses: reviewdog/action-golangci-lint@v2
uses: reviewdog/action-golangci-lint@00311c26a97213f93f2fd3a3524d66762e956ae0 # v2
with:
tool_name: golangci-lint

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,6 @@ jobs:
name: Validate PR title
runs-on: ubuntu-22.04
steps:
- uses: amannn/action-semantic-pull-request@v5
- uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
28 changes: 28 additions & 0 deletions .github/workflows/pr-size-labeler.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: pr-size

on: [pull_request]

jobs:
labeler:
runs-on: ubuntu-latest
name: Label the PR size
steps:
- uses: codelytv/pr-size-labeler@54ef36785e9f4cb5ecf1949cfc9b00dbb621d761 # v1
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
xs_label: 'size/xs'
xs_max_size: '10'
s_label: 'size/s'
s_max_size: '200'
m_label: 'size/m'
m_max_size: '1000'
l_label: 'size/l'
l_max_size: '10000'
xl_label: 'size/xl'
fail_if_xl: 'false'
message_if_xl: >
This PR exceeds the recommended size of 1000 lines.
Please make sure you are NOT addressing multiple issues with one PR.
Note this PR might be rejected due to its size.
github_api_url: 'https://api.github.com'
files_to_ignore: ''
Loading

0 comments on commit bc44e6f

Please sign in to comment.