Merge pull request #12 from cisagov/improvement/actions

Migrate CI system and Docker Hub organization

.github/workflows/build.yml

@@ -0,0 +1,95 @@
+---
+name: build
+
+on: [push]
+
+env:
+  IMAGE_NAME: cisagov/example
+  PIP_CACHE_DIR: ~/.cache/pip
+  PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+      - name: Cache pip test requirements
+        uses: actions/cache@v1
+        with:
+          path: ${{ env.PIP_CACHE_DIR }}
+          key: "${{ runner.os }}-pip-test-\
+            ${{ hashFiles('**/requirements-test.txt') }}"
+          restore-keys: |
+            ${{ runner.os }}-pip-test-
+            ${{ runner.os }}-pip-
+      - name: Cache pre-commit hooks
+        uses: actions/cache@v1
+        with:
+          path: ${{ env.PRE_COMMIT_CACHE_DIR }}
+          key: "${{ runner.os }}-pre-commit-\
+            ${{ hashFiles('**/.pre-commit-config.yaml') }}"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install --upgrade -r requirements-test.txt
+      - name: Run linters on all files
+        run: pre-commit run --all-files
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - name: Determine image version
+        id: get_ver
+        run: |
+          echo "##[set-output name=version;]$(./bump_version.sh show)"
+      - name: Build docker image
+        run: |
+          version=$(./bump_version.sh show)
+          docker build \
+            --tag "$IMAGE_NAME" \
+            --build-arg GIT_COMMIT=$(git log -1 --format=%H) \
+            --build-arg GIT_REMOTE=$(git remote get-url origin) \
+            --build-arg VERSION=${{ steps.get_ver.outputs.version }} \
+            .
+      - name: Save docker image artifact
+        run: |
+          mkdir dist
+          version=$(./bump_version.sh show)
+          docker save $IMAGE_NAME:latest | gzip > dist/image.tar.gz
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v1
+        with:
+          name: dist
+          path: dist
+  test:
+    runs-on: ubuntu-latest
+    needs: [build]
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+      - name: Cache pip test requirements
+        uses: actions/cache@v1
+        with:
+          path: ${{ env.PIP_CACHE_DIR }}
+          key: "${{ runner.os }}-pip-test-\
+            ${{ hashFiles('**/requirements-test.txt') }}"
+          restore-keys: |
+            ${{ runner.os }}-pip-test-
+            ${{ runner.os }}-pip-
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install --upgrade -r requirements-test.txt
+      - name: Download docker image artifact
+        uses: actions/download-artifact@v1
+        with:
+          name: dist
+      - name: Load docker image
+        run: docker load < dist/image.tar.gz
+      - name: Run tests
+        run: pytest

.github/workflows/release.yml

@@ -0,0 +1,53 @@
+---
+name: release
+
+on:
+  release:
+    types: [prereleased, released]
+
+env:
+  IMAGE_NAME: cisagov/example
+  DOCKER_PW: ${{ secrets.DOCKER_PW }}
+  DOCKER_USER: ${{ secrets.DOCKER_USER }}
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+      - name: Determine image version
+        id: get_ver
+        run: |
+          echo "##[set-output name=version;]$(./bump_version.sh show)"
+      - name: Build Docker image
+        run: |
+          docker build \
+            --tag "$IMAGE_NAME" \
+            --build-arg GIT_COMMIT=$(git log -1 --format=%H) \
+            --build-arg GIT_REMOTE=$(git remote get-url origin) \
+            --build-arg VERSION=${{ steps.get_ver.outputs.version }} \
+            .
+      - name: Tag Docker image
+        run: |
+          IFS='.' read -r -a version_array \
+            <<< "${{ steps.get_ver.outputs.version }}"
+          docker login --username "$DOCKER_USER" --password "$DOCKER_PW"
+          docker tag "$IMAGE_NAME" "${IMAGE_NAME}:latest"
+          docker tag "$IMAGE_NAME" \
+            "${IMAGE_NAME}:${{ steps.get_ver.outputs.version }}"
+          docker tag "$IMAGE_NAME" \
+            "${IMAGE_NAME}:${version_array[0]}.${version_array[1]}"
+          docker tag "$IMAGE_NAME" "${IMAGE_NAME}:${version_array[0]}"
+      - name: Publish image to Docker Hub
+        run: |
+          IFS='.' read -r -a version_array \
+            <<< "${{ steps.get_ver.outputs.version }}"
+          docker push "${IMAGE_NAME}:latest"
+          docker push "${IMAGE_NAME}:${{ steps.get_ver.outputs.version }}"
+          docker push "${IMAGE_NAME}:${version_array[0]}.${version_array[1]}"
+          docker push "${IMAGE_NAME}:${version_array[0]}"
+      - name: Publish README.md to Docker Hub
+        run: ./push_readme.sh

.pre-commit-config.yaml

@@ -1,7 +1,7 @@
 ---
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v2.3.0
+    rev: v2.4.0
     hooks:
       - id: check-executables-have-shebangs
       - id: check-json
@@ -24,27 +24,27 @@ repos:
       - id: requirements-txt-fixer
       - id: trailing-whitespace
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.18.0
+    rev: v0.19.0
     hooks:
       - id: markdownlint
         args:
           - --config=.mdl_config.json
   - repo: https://github.com/adrienverge/yamllint
-    rev: v1.17.0
+    rev: v1.18.0
     hooks:
       - id: yamllint
   - repo: https://github.com/detailyang/pre-commit-shell
     rev: 1.0.5
     hooks:
       - id: shell-lint
   - repo: https://gitlab.com/pycqa/flake8
-    rev: 3.7.8
+    rev: 3.7.9
     hooks:
       - id: flake8
         additional_dependencies:
           - flake8-docstrings
   - repo: https://github.com/asottile/pyupgrade
-    rev: v1.23.0
+    rev: v1.25.1
     hooks:
       - id: pyupgrade
   # Run bandit on "tests" tree with a configuration
@@ -64,11 +64,11 @@ repos:
         name: bandit (everything else)
         exclude: tests
   - repo: https://github.com/python/black
-    rev: 19.3b0
+    rev: 19.10b0
     hooks:
       - id: black
   - repo: https://github.com/ansible/ansible-lint.git
-    rev: v4.1.1a0
+    rev: v4.1.1a3
     hooks:
       - id: ansible-lint
   - repo: https://github.com/antonbabenko/pre-commit-terraform.git

README.md

@@ -1,31 +1,30 @@
 # skeleton-docker 💀🐳 #
 
-[![Build Status](https://travis-ci.com/cisagov/skeleton-docker.svg?branch=develop)](https://travis-ci.com/cisagov/skeleton-docker)
+[![GitHub Build Status](https://github.com/cisagov/skeleton-docker/workflows/build/badge.svg)](https://github.com/cisagov/skeleton-docker/actions)
 [![Total alerts](https://img.shields.io/lgtm/alerts/g/cisagov/skeleton-docker.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/cisagov/skeleton-docker/alerts/)
 [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/cisagov/skeleton-docker.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/cisagov/skeleton-docker/context:python)
 
 ## Docker Image ##
 
-![MicroBadger Layers](https://img.shields.io/microbadger/layers/dhsncats/example.svg)
-![MicroBadger Size](https://img.shields.io/microbadger/image-size/dhsncats/example.svg)
+![MicroBadger Layers](https://img.shields.io/microbadger/layers/cisagov/example.svg)
+![MicroBadger Size](https://img.shields.io/microbadger/image-size/cisagov/example.svg)
 
 This is a docker skeleton project that can be used to quickly get a
 new [cisagov](https://github.com/cisagov) GitHub docker project
 started.  This skeleton project contains [licensing
-information](LICENSE), as well as [pre-commit
-hooks](https://pre-commit.com) and a [Travis
-CI](https://travis-ci.com) configuration appropriate for docker
-containers and the major languages that we use.
+information](LICENSE), as well as [pre-commit hooks](https://pre-commit.com)
+and [GitHub Actions](https://github.com/features/actions) configurations
+appropriate for docker containers and the major languages that we use.
 
 ## Usage ##
 
 ### Install ###
 
-Pull `dhsncats/example` from the Docker repository:
+Pull `cisagov/example` from the Docker repository:
 
-    docker pull dhsncats/example
+    docker pull cisagov/example
 
-Or build `dhsncats/example` from source:
+Or build `cisagov/example` from source:
 
     git clone https://github.com/cisagov/skeleton-docker.git
     cd skeleton-docker

docker-compose.yml

@@ -15,7 +15,7 @@ services:
       # e.g., --build-arg VERSION=0.0.1
       context: .
       dockerfile: Dockerfile
-    image: dhsncats/example
+    image: cisagov/example
     init: true
     restart: "no"
     environment:
@@ -31,7 +31,7 @@ services:
 
   example-version:
     # Run the container to collect version information
-    image: dhsncats/example
+    image: cisagov/example
     init: true
     restart: "no"
     command: --version

tests/container_test.py

@@ -12,7 +12,7 @@
 SECRET_QUOTE = (
     "There are no secrets better kept than the secrets everybody guesses."  # nosec
 )
-TRAVIS_TAG = os.getenv("TRAVIS_TAG")
+RELEASE_TAG = os.getenv("RELEASE_TAG")
 VERSION_FILE = "src/version.txt"
 
 
@@ -54,7 +54,7 @@ def test_output(main_container):
 
 
 @pytest.mark.skipif(
-    TRAVIS_TAG in [None, ""], reason="this is not a release (TRAVIS_TAG not set)"
+    RELEASE_TAG in [None, ""], reason="this is not a release (RELEASE_TAG not set)"
 )
 def test_release_version():
     """Verify that release tag version agrees with the module version."""
@@ -63,8 +63,8 @@ def test_release_version():
         exec(f.read(), pkg_vars)  # nosec
     project_version = pkg_vars["__version__"]
     assert (
-        TRAVIS_TAG == f"v{project_version}"
-    ), "TRAVIS_TAG does not match the project version"
+        RELEASE_TAG == f"v{project_version}"
+    ), "RELEASE_TAG does not match the project version"
 
 
 def test_log_version(version_container):