From 5e21893a8094ccdec9d88dae969000b8b31d156b Mon Sep 17 00:00:00 2001 From: Aleksander Zaruczewski Date: Wed, 28 Feb 2024 23:07:50 +0200 Subject: [PATCH] ci: add trunk (#93) --- .github/ISSUE_TEMPLATE/03_feature.md | 2 +- .github/workflows/auto_approve.yml | 1 - .github/workflows/changelog_enforcer.yml | 5 +- .github/workflows/dependency_review.yml | 7 +- .github/workflows/lint.yml | 17 ++-- .github/workflows/trunk_upgrade.yml | 28 ++++++ .markdownlint.json | 8 -- .trunk/.gitignore | 9 ++ .trunk/configs/.markdownlint.yaml | 5 + .trunk/configs/.yamllint.yaml | 7 ++ .trunk/trunk.yaml | 40 ++++++++ ATTRIBUTION.md | 114 +++++++++++------------ CHANGELOG.md | 23 +++++ CONTRIBUTING.md | 7 +- 14 files changed, 190 insertions(+), 83 deletions(-) create mode 100644 .github/workflows/trunk_upgrade.yml delete mode 100644 .markdownlint.json create mode 100644 .trunk/.gitignore create mode 100644 .trunk/configs/.markdownlint.yaml create mode 100644 .trunk/configs/.yamllint.yaml create mode 100644 .trunk/trunk.yaml diff --git a/.github/ISSUE_TEMPLATE/03_feature.md b/.github/ISSUE_TEMPLATE/03_feature.md index 0470fa5..5ca27c3 100644 --- a/.github/ISSUE_TEMPLATE/03_feature.md +++ b/.github/ISSUE_TEMPLATE/03_feature.md @@ -14,4 +14,4 @@ labels: enhancement **Is this a feature you would work on yourself?** -* [ ] I plan to open a pull request for this feature. +- [ ] I plan to open a pull request for this feature. diff --git a/.github/workflows/auto_approve.yml b/.github/workflows/auto_approve.yml index fce69ab..eaff862 100644 --- a/.github/workflows/auto_approve.yml +++ b/.github/workflows/auto_approve.yml @@ -4,7 +4,6 @@ on: pull_request: branches: - main - - release-* types: - opened - synchronize diff --git a/.github/workflows/changelog_enforcer.yml b/.github/workflows/changelog_enforcer.yml index 7084458..8c3841f 100644 --- a/.github/workflows/changelog_enforcer.yml +++ b/.github/workflows/changelog_enforcer.yml @@ -4,7 +4,6 @@ on: pull_request: branches: - main - - release-* types: - opened - synchronize @@ -18,7 +17,9 @@ permissions: jobs: changelog-enforcer: runs-on: ubuntu-latest - if: ((github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'skip workflows')) || github.event_name == 'push') && github.actor != 'dependabot[bot]' + if: > + ((github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'skip workflows')) || + github.event_name == 'push') && github.actor != 'dependabot[bot]' steps: - uses: dangoslen/changelog-enforcer@v3 with: diff --git a/.github/workflows/dependency_review.yml b/.github/workflows/dependency_review.yml index d49a145..1fe732b 100644 --- a/.github/workflows/dependency_review.yml +++ b/.github/workflows/dependency_review.yml @@ -4,7 +4,6 @@ on: pull_request: branches: - main - - release-* types: - opened - synchronize @@ -18,7 +17,11 @@ permissions: jobs: dependency-review: runs-on: ubuntu-latest - if: (github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'skip workflows')) || github.event_name == 'push' + if: > + (github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'skip workflows')) || + github.event_name == 'push' steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - uses: actions/dependency-review-action@v4 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 679ba6e..27ed0c3 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -4,7 +4,6 @@ on: pull_request: branches: - main - - release-* types: - opened - synchronize @@ -14,7 +13,6 @@ on: push: branches: - main - - release-* permissions: contents: read @@ -27,14 +25,15 @@ jobs: with: fetch-depth: 0 - uses: wagoid/commitlint-github-action@v5 - markdownlint: + trunk: + if: > + (github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'skip workflows')) || + github.event_name == 'push' runs-on: ubuntu-latest - if: (github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'skip workflows')) || github.event_name == 'push' + permissions: + checks: write steps: - uses: actions/checkout@v4 - - uses: DavidAnson/markdownlint-cli2-action@v15 with: - globs: | - **/*.md - !.github/** - !LICENSE.md + fetch-depth: 0 + - uses: trunk-io/trunk-action@v1 diff --git a/.github/workflows/trunk_upgrade.yml b/.github/workflows/trunk_upgrade.yml new file mode 100644 index 0000000..d93af56 --- /dev/null +++ b/.github/workflows/trunk_upgrade.yml @@ -0,0 +1,28 @@ +name: Upgrade Trunk + +on: + schedule: + - cron: 0 8 * * 1-5 + workflow_dispatch: {} + +permissions: read-all + +jobs: + trunk-upgrade: + runs-on: ubuntu-latest + + permissions: + contents: write + pull-requests: write + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-go@v5 + with: + go-version-file: go.mod + - uses: trunk-io/trunk-action/upgrade@v1 + with: + prefix: "ci(deps): " + lowercase-title: true diff --git a/.markdownlint.json b/.markdownlint.json deleted file mode 100644 index ac5fccc..0000000 --- a/.markdownlint.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "default": true, - "MD013": { - "line_length": 120, - "code_blocks": false, - "tables": false - }, -} diff --git a/.trunk/.gitignore b/.trunk/.gitignore new file mode 100644 index 0000000..15966d0 --- /dev/null +++ b/.trunk/.gitignore @@ -0,0 +1,9 @@ +*out +*logs +*actions +*notifications +*tools +plugins +user_trunk.yaml +user.yaml +tmp diff --git a/.trunk/configs/.markdownlint.yaml b/.trunk/configs/.markdownlint.yaml new file mode 100644 index 0000000..4e7f940 --- /dev/null +++ b/.trunk/configs/.markdownlint.yaml @@ -0,0 +1,5 @@ +default: true +MD013: + line_length: 120 + code_blocks: false + tables: false diff --git a/.trunk/configs/.yamllint.yaml b/.trunk/configs/.yamllint.yaml new file mode 100644 index 0000000..184e251 --- /dev/null +++ b/.trunk/configs/.yamllint.yaml @@ -0,0 +1,7 @@ +rules: + quoted-strings: + required: only-when-needed + extra-allowed: ["{|}"] + key-duplicates: {} + octal-values: + forbid-implicit-octal: true diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml new file mode 100644 index 0000000..bf91b99 --- /dev/null +++ b/.trunk/trunk.yaml @@ -0,0 +1,40 @@ +# This file controls the behavior of Trunk: https://docs.trunk.io/cli +# To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml +version: 0.1 +cli: + version: 1.20.1 +# Trunk provides extensibility via plugins. (https://docs.trunk.io/plugins) +plugins: + sources: + - id: trunk + ref: v1.4.3 + uri: https://github.com/trunk-io/plugins +# Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes) +runtimes: + enabled: + - node@18.12.1 + - python@3.10.8 +# This is the section where you manage your linters. (https://docs.trunk.io/check/configuration) +lint: + enabled: + - actionlint@1.6.27 + - checkov@3.2.26 + - git-diff-check + - markdownlint@0.39.0 + - prettier@3.2.5 + - trivy@0.49.1 + - trufflehog@3.68.2 + - yamllint@1.35.1 + ignore: + - linters: + - markdownlint + paths: + - .github/** + - CHANGELOG.md + - LICENSE.md +actions: + enabled: + - trunk-announce + - trunk-check-pre-push + - trunk-fmt-pre-commit + - trunk-upgrade-available diff --git a/ATTRIBUTION.md b/ATTRIBUTION.md index ea6c58d..5ac03c6 100644 --- a/ATTRIBUTION.md +++ b/ATTRIBUTION.md @@ -439,7 +439,7 @@ SOFTWARE. ```markdown ### Creative Commons Attribution 4.0 International Public License -*Official translations of this legal tool are available in [other languages](#languages).* +_Official translations of this legal tool are available in [other languages](#languages)._ By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution 4.0 International Public License ("Public License"). To the extent this Public License may @@ -483,43 +483,41 @@ Licensed Material available under these terms and conditions. **Section 2 – Scope.** -1. **License grant**. -1. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, - royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the - Licensed Material to: -1. reproduce and Share the Licensed Material, in whole or in part; and -2. produce, reproduce, and Share Adapted Material. -2. Exceptions and Limitations. For the avoidance of doubt, where - Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply - with its terms and conditions. - 3. Term. The term of this Public License is specified in - Section [6(a)](#s6a). - 4. Media and formats; technical modifications allowed. The Licensor - authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, - and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right - or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, - including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this - Public License, simply making modifications authorized by this Section [2(a)(4)](#s2a4) never produces Adapted - Material. - 5. Downstream recipients. - -
- - 1. Offer from the Licensor – Licensed Material. Every recipient - of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights - under the terms and conditions of this Public License. - 2. No downstream restrictions. You may not offer or impose any - additional or different terms or conditions on, or apply any Effective Technological Measures to, the - Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed - Material. - -
+1. **License grant**. +1. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, + royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the + Licensed Material to: +1. reproduce and Share the Licensed Material, in whole or in part; and +1. produce, reproduce, and Share Adapted Material. +1. Exceptions and Limitations. For the avoidance of doubt, where + Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply + with its terms and conditions. 3. Term. The term of this Public License is specified in + Section [6(a)](#s6a). 4. Media and formats; technical modifications allowed. The Licensor + authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, + and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right + or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, + including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this + Public License, simply making modifications authorized by this Section [2(a)(4)](#s2a4) never produces Adapted + Material. 5. Downstream recipients. + +
+ + 1. Offer from the Licensor – Licensed Material. Every recipient + of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights + under the terms and conditions of this Public License. + 2. No downstream restrictions. You may not offer or impose any + additional or different terms or conditions on, or apply any Effective Technological Measures to, the + Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed + Material. + +
6. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section [3(a)(1)(A)(i)](#s3a1Ai). -2. **Other rights**. + +1. **Other rights**. 1. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or @@ -537,25 +535,26 @@ Your exercise of the Licensed Rights is expressly made subject to the following 1. **Attribution**. - 1. If You Share the Licensed Material (including in modified form), You must: - - 1. retain the following if it is supplied by the Licensor with the Licensed Material: - 1. identification of the creator(s) of the Licensed Material and any others designated to receive - attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); - 2. a copyright notice; - 3. a notice that refers to this Public License; - 4. a notice that refers to the disclaimer of warranties; - 5. a URI or hyperlink to the Licensed Material to the extent reasonably practicable; - 2. indicate if You modified the Licensed Material and retain an indication of any previous modifications; and - 3. indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or - hyperlink to, this Public License. - 2. You may satisfy the conditions in Section [3(a)(1)](#s3a1) in any reasonable manner based on the medium, means, - and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions - by providing a URI or hyperlink to a resource that includes the required information. - 3. If requested by the Licensor, You must remove any of the information required by Section [3(a)(1)(A)](#s3a1A) to - the extent reasonably practicable. - 4. If You Share Adapted Material You produce, the Adapter's License You apply must not prevent recipients of the - Adapted Material from complying with this Public License. + 1. If You Share the Licensed Material (including in modified form), You must: + + 1. retain the following if it is supplied by the Licensor with the Licensed Material: + 1. identification of the creator(s) of the Licensed Material and any others designated to receive + attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); + 2. a copyright notice; + 3. a notice that refers to this Public License; + 4. a notice that refers to the disclaimer of warranties; + 5. a URI or hyperlink to the Licensed Material to the extent reasonably practicable; + 2. indicate if You modified the Licensed Material and retain an indication of any previous modifications; and + 3. indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or + hyperlink to, this Public License. + + 2. You may satisfy the conditions in Section [3(a)(1)](#s3a1) in any reasonable manner based on the medium, means, + and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions + by providing a URI or hyperlink to a resource that includes the required information. + 3. If requested by the Licensor, You must remove any of the information required by Section [3(a)(1)(A)](#s3a1A) to + the extent reasonably practicable. + 4. If You Share Adapted Material You produce, the Adapter's License You apply must not prevent recipients of the + Adapted Material from complying with this Public License. **Section 4 – Sui Generis Database Rights.** @@ -586,7 +585,7 @@ License where the Licensed Rights include other Copyright and Similar Rights. Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You.** -1. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the +3. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. **Section 6 – Term and Termination.** @@ -595,10 +594,11 @@ License where the Licensed Rights include other Copyright and Similar Rights. comply with this Public License, then Your rights under this Public License terminate automatically. 2. Where Your right to use the Licensed Material has terminated under Section [6(a)](#s6a), it reinstates: - 1. automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the - violation; or - 2. upon express reinstatement by the Licensor.For the avoidance of doubt, this Section [6(b)](#s6b) does not affect - any right the Licensor may have to seek remedies for Your violations of this Public License. + 1. automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the + violation; or + 2. upon express reinstatement by the Licensor.For the avoidance of doubt, this Section [6(b)](#s6b) does not affect + any right the Licensor may have to seek remedies for Your violations of this Public License. + 3. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. 4. Sections [1](#s1), [5](#s5), [6](#s6), [7](#s7), and [8](#s8) survive termination of this Public License. diff --git a/CHANGELOG.md b/CHANGELOG.md index 436f3ee..a2f1bc3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -30,6 +30,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.3.1] - 2023-02-12 + ### Added - `commitlint` linter @@ -37,6 +38,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.3.0] - 2022-08-26 + ### Added - Skip labels for Changelog Enforcer @@ -45,17 +47,20 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - Auto Approve workflow + ### Changed - Disabled creation of issues without using a template - Disabled Changelog Enforcer for dependabot + ### Removed - Dropped comment from Dependency Review workflow + ### Fixed - Prevent Changelog Enforcer from triggering on `push` events @@ -63,11 +68,13 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.2.5] - 2022-07-30 + ### Removed - `markdownlint` comments from PR template + ### Fixed - Changelog links @@ -75,17 +82,20 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.2.4] - 2022-07-29 + ### Added - Some info to `README.md` - Attribution to Font Awesome project + ### Changed - Drop title case from issue template names + ### Fixed - GitHub username in `FUNDING.yml` @@ -94,12 +104,14 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.2.3] - 2022-07-29 + ### Changed - Update license links in `README.md` - Use `pull_request` event in GitHub Actions workflows + ### Fixed - Line length in `README.md` @@ -107,6 +119,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.2.2] - 2022-07-29 + ### Removed - Security policy contact link @@ -114,6 +127,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.2.1] - 2022-07-29 + ### Changed - Release branch wildcard in GitHub Actions workflows @@ -122,6 +136,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.2.0] - 2022-07-29 + ### Added - `lint.yml` GitHub Actions workflow featuring `markdownlint` @@ -133,6 +148,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - `ATTRIBUTION.md` + ### Changed - Drop trailing dots from list items in `CONTRIBUTING.md` @@ -148,11 +164,13 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - Improve pull request template + ### Removed - `enforce_changelog_entries.yml` GitHub Actions workflow + ### Fixed - `dependency_review.yml` GitHub Actions workflow @@ -161,12 +179,14 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.1.0] - 2022-07-28 + ### Added - `FUNDING.yml` GitHub config - `enforce_changelog_entries.yml` GitHub Actions workflow + ### Changed - Drop title case for `enforce_changelog_entries.yml` GitHub Actions workflow's name @@ -175,6 +195,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.0.1] - 2022-07-28 + ### Changed - Lowercase the documentation word in `CONTRIBUTING.md` @@ -182,12 +203,14 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.0.0] - 2022-07-28 + ### Added - The template - The changelog + [Unreleased]: https://github.com/Serpentiel/template/compare/v1.3.1...main [1.3.1]: https://github.com/Serpentiel/template/compare/v1.3.0...v1.3.1 [1.3.0]: https://github.com/Serpentiel/template/compare/v1.2.5...v1.3.0 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 91872a5..237658b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -7,6 +7,7 @@ First off, thanks for taking the time to contribute! ❤️ + All types of contributions are encouraged and valued. See the [Table of Contents](#table-of-contents) for different ways to help and details about how this project handles them. Please make sure to read the relevant section before making your contribution. It will make it a lot easier for us maintainers and smooth out the experience for all involved. The @@ -158,10 +159,10 @@ Once the bug report is filed: - The project team will check the issue and label and/or relabel it accordingly - A team member will try to reproduce the issue with your provided steps - If there are no reproduction steps or no obvious way to reproduce the issue, the team will ask you for those steps - and label the issue as `needs repro`—bugs with the `needs repro` label will not be addressed until they are - reproduced + and label the issue as `needs repro`—bugs with the `needs repro` label will not be addressed until they are + reproduced - If the team is able to reproduce the issue, it will be labeled as `needs fix`, as well as possibly other labels, - and the issue will be left to be [implemented by someone](#your-first-code-contribution) + and the issue will be left to be [implemented by someone](#your-first-code-contribution) ### Suggesting Enhancements