From e71365c9bfacc98be4ac7e2e71e7de11b59b73da Mon Sep 17 00:00:00 2001 From: jamesrwarren Date: Tue, 22 Oct 2024 14:47:16 +0100 Subject: [PATCH 1/2] DDLS-377 replace dependabot with renovate --- .github/dependabot.yml | 23 -------- CODE_OF_CONDUCT.md | 121 +++++++++++++++++++++++++++++++++++++++++ CONTRIBUTING.md | 35 ++++++++++++ renovate.json | 49 +++++++++++++++++ 4 files changed, 205 insertions(+), 23 deletions(-) delete mode 100644 .github/dependabot.yml create mode 100644 CODE_OF_CONDUCT.md create mode 100644 CONTRIBUTING.md create mode 100644 renovate.json diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 6109674..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,23 +0,0 @@ -version: 2 -updates: - - - package-ecosystem: "docker" - directory: "/" - schedule: - interval: "daily" - pull-request-branch-name: - separator: "-" - - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - pull-request-branch-name: - separator: "-" - - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - pull-request-branch-name: - separator: "-" diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..3821417 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,121 @@ +# Code of Conduct + +Civil servant team members are bound by the [Civil Service Code](https://www.gov.uk/government/publications/civil-service-code/the-civil-service-code). External contributors are expected to follow this Contributor Code of Conduct. + +## Contributor Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity +and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience +* Focusing on what is best not just for us as individuals, but for the overall community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or advances of any kind +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email address, without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at +[modernisinglpa@digital.justice.gov.uk](mailto:modernisinglpa@digital.justice.gov.uk). + +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series +of actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or +permanent ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within +the community. + +## Attribution + +This Code of Conduct is adapted from the Contributor Covenant, +version 2.0, available at +[https://www.contributor-covenant.org/version/2/0/code_of_conduct.html](https://www.contributor-covenant.org/version/2/0/code_of_conduct.html). + +[homepage]: https://www.contributor-covenant.org diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..2aa3245 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,35 @@ +# Contributing + +> We welcome contributions. + +Please read this file to get a feel for what the expectations are. + +- [Contributing](#contributing) + - [Code of Conduct](#code-of-conduct) + - [Coding Conventions](#coding-conventions) + - [Opening pull requests](#opening-pull-requests) + - [Commit messages](#commit-messages) + +## Code of Conduct + +Civil servants on this product all follow the [Civil Service Code](https://www.gov.uk/government/publications/civil-service-code/the-civil-service-code). External contributors should review the [Code of Conduct](CODE_OF_CONDUCT.md). + +## Coding Conventions + +For Go code we use errcheck, go-fmt-goimports and staticcheck. + +For Terraform code, TFLint is used. + +Code standards are enforced by the [pre-commit hooks](./.pre-commit-config.yaml) and the [build pipeline](./.github/workflows/). We recommend you install [pre-commit](https://pre-commit.com/) for local development. + +## Opening pull requests + +We have a pull request template, which will help you explain your work. It covers the purpose, approach and a checklist of key things to be sure of. + +A passing PR build in Github Actions is required before a merge, along with approval from a member of the team. + +We use a rebase workflow. Our primary branch is *main*. Please rebase branches on main if you need to pull in changes and use squash and merge for the final commit so we can back out changes. + +## Commit messages + +Explain what your work changes in the commit message and why it does so. diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..08e7d63 --- /dev/null +++ b/renovate.json @@ -0,0 +1,49 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:base", + "schedule:earlyMondays" + ], + "branchPrefix": "renovate-", + "commitMessageAction": "Renovate Update", + "labels": [ + "Dependencies", + "Renovate" + ], + "prConcurrentLimit": 3, + "branchConcurrentLimit": 0, + "separateMultipleMajor": true, + "lockFileMaintenance": { "enabled": false }, + "packageRules": [ + { + "automerge": false, + "groupName": "Patch & Minor Updates", + "groupSlug": "all-minor-patch-updates", + "labels": [ + "Dependencies", + "Renovate" + ], + "matchPackagePatterns": [ + "*" + ], + "matchUpdateTypes": [ + "minor", + "patch" + ], + "prCreation": "immediate", + "stabilityDays": 3 + } + ], + "major": { + "automerge": false, + "labels": [ + "Dependencies", + "Renovate" + ], + "prCreation": "immediate", + "stabilityDays": 3 + }, + "vulnerabilityAlerts": { + "enabled": false + } +} From e1e5944a3dad1608d36efdfba2083ab7f17d0349 Mon Sep 17 00:00:00 2001 From: jamesrwarren Date: Tue, 22 Oct 2024 14:53:16 +0100 Subject: [PATCH 2/2] DDLS-377 replace dependabot with renovate --- .pre-commit-config.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..8e51096 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,34 @@ +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks + +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: check-added-large-files # prevents giant files from being committed. + args: ["--maxkb=20480"] + - id: check-case-conflict # checks for files that would conflict in case-insensitive filesystems. + - id: check-merge-conflict # checks for files that contain merge conflict strings. + - id: check-yaml # checks yaml files for parseable syntax. + - id: detect-private-key # detects the presence of private keys. + - id: end-of-file-fixer # ensures that a file is either empty, or ends with one newline. + - id: mixed-line-ending # replaces or checks mixed line ending. + args: ["--fix=auto"] + - id: requirements-txt-fixer # sorts entries in requirements.txt. + - id: trailing-whitespace # trims trailing whitespace. + + - repo: https://github.com/antonbabenko/pre-commit-terraform + rev: v1.96.1 + hooks: + - id: terraform_fmt + - id: terraform_tflint + + - repo: https://github.com/awslabs/git-secrets + rev: master + hooks: + - id: git-secrets + + - repo: https://github.com/ambv/black + rev: 24.10.0 + hooks: + - id: black