Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⚠️ CONFLICT! Lineage pull request for: skeleton #6

Draft
wants to merge 453 commits into
base: develop
Choose a base branch
from
Draft

⚠️ CONFLICT! Lineage pull request for: skeleton #6

wants to merge 453 commits into from

Conversation

cisagovbot
Copy link

Lineage Pull Request: CONFLICT

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-docker.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

The lineage/skeleton branch has one or more unresolved merge conflicts
that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone git@github.com:cisagov/cyhy-commander-docker.git cyhy-commander-docker
cd cyhy-commander-docker
git remote add skeleton https://github.com/cisagov/skeleton-docker.git
git remote set-url --push skeleton no_push
git switch develop
git checkout -b lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and
    possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the
    branch, commit, and push your changes:

    git add .github/dependabot.yml README.md 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message
    that git creates for you, but please do not delete the existing
    content    . It provides useful information about the merge that is
    being performed.

  5. Wait for all the automated tests to pass.

  6. Check the "Everything is cool" checkbox below:

    • ✌️ The conflicts in this pull request have been resolved.

  7. Mark this draft pull request "Ready for review".

Note: You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

@cisagovbot cisagovbot added the upstream update This issue or pull request pulls in upstream updates label Nov 22, 2022
jsf9k and others added 21 commits September 14, 2023 15:45
@jsf9k @mcdonnnj
Make the dev team the owners of the linter configuration files
1f611fc 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Make dev team members the codeowners of the requirements*.txt and set…
c356768 
…up-env files

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Explicitly list the linter config files the dev team should own
0195005 
@mcdonnnj correctly pointed out that other projects add their own
configuration files that match, e.g., the /.*.yaml pattern.  We want
to ensure that we only own the linter configuration files from the
skeleton.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@dependabot
Bump docker/login-action from 2 to 3
6ee9882 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump docker/setup-buildx-action from 2 to 3
05bb592 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump docker/setup-qemu-action from 2 to 3
f05a983 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump python from 3.11.4-alpine to 3.12.0-alpine
768b6cb 
Bumps python from 3.11.4-alpine to 3.12.0-alpine.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@jsf9k
Add a diagnostics job to the CodeQL workflow
8c6b096 
It's good to agree everywhere with the changes we made to the
build.yml workflow in cisagov/skeleton-generic#144.
@dependabot
Bump hashicorp/setup-terraform from 2 to 3
b768a28 
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 2 to 3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](hashicorp/setup-terraform@v2...v3)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Prefer block style to flow style
9f31700 
We prefer block style to flow style for sequences and mappings in YAML.
@mcdonnnj
Alphabetize entries in the build workflow
696433a 
We prefer to alphabetize mapping keys in YAML documents whenever
possible.
@mcdonnnj
Add a merge_group trigger to the build workflow
6503a9e 
This should improve compatibility with merge queues. We configure it to
only trigger on the `checks_requested` type which is currently the only
supported type for this trigger. If additional types are added in the
future they should be added if appropriate.
@mcdonnnj
Merge pull request #172 from cisagov/lineage/skeleton
6bc69ce 
⚠️ CONFLICT! Lineage pull request for: skeleton
@mcdonnnj
Merge pull request #177 from cisagov/dependabot/docker/python-3.12.0-…
dde0921 
…alpine

Bump python from 3.11.4-alpine to 3.12.0-alpine
@mcdonnnj
Merge pull request #178 from cisagov/improvement/add-diagnostics-job-…
0af9c06 
…for-codeql-workflow

Add a diagnostics job to the CodeQL workflow
@mcdonnnj
Merge pull request #168 from cisagov/documentation/fix-comment
c70e91e 
Modify comment referencing "stopped" parameter
@mcdonnnj
Merge pull request #169 from cisagov/improvement/enhance_bump_version…
bf95545 
…_script

Enhance the functionality of the `bump_version.sh` script
@mcdonnnj
Merge pull request #173 from cisagov/dependabot/github_actions/docker…
6d49cfa 
…/login-action-3

Bump docker/login-action from 2 to 3
@mcdonnnj
Merge pull request #175 from cisagov/dependabot/github_actions/docker…
8dde580 
…/setup-buildx-action-3

Bump docker/setup-buildx-action from 2 to 3
@mcdonnnj
Merge pull request #176 from cisagov/dependabot/github_actions/docker…
1ea8a3f 
…/setup-qemu-action-3

Bump docker/setup-qemu-action from 2 to 3
Merge https://github.com/cisagov/skeleton-docker into lineage/skeleton
e0f6eec 
# Conflicts:
#	.github/dependabot.yml
mcdonnnj and others added 30 commits December 6, 2024 15:31
@mcdonnnj
Install core Python packages into the system Python environment
5dca6d9 
Install the core Python packages (pip, setuptools, and wheel) into the
system Python environment before installing pipenv. This keeps things
consistent with our usual approach to Python environments.
@mcdonnnj @jsf9k
Fix outdated comment in the Dockerfile
79d8de9 
The comment references a command that is no longer being run.

Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
@mcdonnnj @dav3r
Fix typo in Dockerfile comment
440ba70 
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
@mcdonnnj
Update image tag information in the README
78f4f78 
Change the tags used in the table to match the version of the project.
Previously "1.2.3" was used as an example version but there is no
reason not to use the real version of the image.
@mcdonnnj
Add instructions for managing Python dependencies
1774267
@mcdonnnj
Merge pull request #191 from cisagov/improvement/pin_Python_configura…
704b76f 
…tion

Install Python dependencies with `pipenv`
@mcdonnnj
Merge pull request #192 from cisagov/improvement/update_readme
11f8e08 
Update the README
@mcdonnnj
Bump setuptools from 69.1.0 to 69.1.1
af716cc
@mcdonnnj
Bump Python from 3.12.0 to 3.12.2
a65ebdc
@mcdonnnj
Bump Alpine Linux from 3.18 to 3.19
5d52367
@mcdonnnj
Bump cisagov/skeleton-python-library from 0.0.1 to 0.2.0
56afca0 
Update the Dockerfile and testing to accommodate changes in the new
version.
@mcdonnnj
Bump version from 0.0.1 to 0.2.0
ae0d4a8
@mcdonnnj
Merge pull request #193 from cisagov/improvement/update_dependencies
95e533b 
Update dependencies
@mcdonnnj @dav3r
Correct usage of the term "symlink"
965da2c 
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
@mcdonnnj
Bump python from 3.12.2-alpine3.19 to 3.13.1-alpine3.20
570b7d5 
The version of Python listed in the Pipfile is updated to match the new
Docker image tag.
@mcdonnnj
Bump Python packages installed in the Dockerfile
b3c5df5 
- pip from 24.0 to 24.3.1
- pipenv from 2023.12.1 to 2024.4.0
- setuptools from 69.1.1 to 75.6.0
- wheel from 0.42.0 to 0.45.1
@mcdonnnj
Update Python virtual environment dependencies
c09b352 
Update the dependencies installed in the Python virtual environment by
running `pipenv lock` in the `src/` directory.
@mcdonnnj
Merge pull request #200 from cisagov/improvement/update_dependencies
192d9e6 
Update image dependencies
@mcdonnnj
Add a missing Oxford comma to a comment in the Dockerfile
a1ece8f
@mcdonnnj @jsf9k
Ensure FROM/AS keywords use the same casing
fd69f45 
This resolves the following warning from Docker when building the
image:
FromAsCasing: 'as' and 'FROM' keywords' casing do not match

Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
@mcdonnnj
Merge pull request #195 from cisagov/improvement/update_Dockerfile_co…
0d48ebd 
…nfiguration

Update Dockerfile configuration
Merge https://github.com/cisagov/skeleton-docker into lineage/skeleton
69a3f1b 
# Conflicts:
#	.github/dependabot.yml
@mcdonnnj
Ensure the bump-version script can bump prereleases
59c6cfc 
Currently there is a bug in the script's logic that prevents you from
running `./bump-version prerelease` to bump _just_ the prerelease. This
is due to faulty checking logic to ensure expected behavior when
combining bump commands.
@mcdonnnj
Stop using an environment variable to store platforms
bb998dd 
Instead of using the CSV style in an environment variable we can
instead use a newline delimited list directly for the `platforms`
input. Since the environment variable is only used to provide a value
for the `platforms` input there should be no issue with this change.
@mcdonnnj
Merge pull request #205 from cisagov/bugfix/allow_bump-version_to_bum…
f26b47c 
…p_prereleases

Ensure the `bump-version` script can bump pre-releases
@mcdonnnj
Merge pull request #206 from cisagov/improvement/stop_storing_platfor…
04f09e0 
…ms_in_environment_variable

Stop using an environment variable to store the list of platforms to build
@mcdonnnj
Use the docker/metadata-action Action to generate metadata
ec3b18e 
Switch to using the docker/metadata-action GitHub Action to generate
Docker image metadata. This replaces manually specifying the labels and
calculating appropriate tags. This approach will both be easier as well
as eliminate some of the issues we've had with manually calculating the
image tags.
@mcdonnnj
Only check the version label on releases
5698c17 
Update the test configuration to only check the
org.opencontainers.image.version label on releases. We must make this
change because the docker/metadata-action will only populate the label
with an appropriate value on a release. Otherwise it will be the branch
that is sourced when building the image.
@mcdonnnj
Merge pull request #207 from cisagov/improvement/use_metadata-action
7a5cddf 
Use the `docker/metadata-action` GitHub Action to generate our image metadata
Merge https://github.com/cisagov/skeleton-docker into lineage/skeleton
fb6fc7e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r Awaiting requested review from dav3r dav3r will be requested when the pull request is marked ready for review dav3r is a code owner

@felddy felddy Awaiting requested review from felddy felddy will be requested when the pull request is marked ready for review felddy is a code owner

@jsf9k jsf9k Awaiting requested review from jsf9k jsf9k will be requested when the pull request is marked ready for review jsf9k is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj will be requested when the pull request is marked ready for review mcdonnnj is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@felddy felddy

@jasonodoom jasonodoom

@dav3r dav3r

@mcdonnnj mcdonnnj

Labels
upstream update This issue or pull request pulls in upstream updates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@cisagovbot @felddy @jsf9k @jasonodoom @dav3r @mcdonnnj @michaelsaki