⚠️ CONFLICT! Lineage pull request for: skeleton #6
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Additionally as of v3.1.0 of actions/setup-go there is a go-version output value to retrieve the version of Go installed by the Action. This allows us to remove the step to manually retrieve this information from the Go executable.
Go 1.16 is no longer supported as of the release of 1.18 so it makes sense to update to the latest version available.
Go 1.19 was released while this branch was in the wings and it makes sense to bump to the latest Go release.
Update Go installation in the `build.yml` workflow
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 1 to 2. - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](hashicorp/setup-terraform@v1...v2) --- updated-dependencies: - dependency-name: hashicorp/setup-terraform dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…orp/setup-terraform-2 Bump hashicorp/setup-terraform from 1 to 2
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v3...v4) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…s/setup-python-4 Bump actions/setup-python from 3 to 4
Add a comment that states that the commented out ignore directives are managed by cisagov/skeleton-generic.
This adds the other versioned Actions that should be managed by cisagov/skeleton-generic to the list of commented out dependencies to ignore.
…nores Update Dependabot ignore directives
GitHub has deprecated the set-output command per: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ This updates the GitHub Actions workflow to use the newly preferred method to set the output for a job's step.
Remove usage of `set-output` from our GitHub Actions workflow
Increase the line length maximum from the default of 80 to 88. This 10% increase mirrors the line length allowed in other linter configurations such as black.
…-length_rules Update the `line-length` configuration for `yamllint`
Per PyCQA/flake8#1290 this hook moved from GitLab to GitHub. The version we use is bumped to the latest tag on GitHub as well.
Update the `flake8` pre-commit hook configuration
Update pre-commit hooks using `pre-commit autoupdate`. The `ansible-lint` hook is intentionally held back due to issues with upgrading to v6.
Update pre-commit hooks
This configuration file stores information about the labels expected in this repository.
This adds a workflow to ensure that the repository labels are updated to reflect changes to the label configuration file .github/labels.yml.
Add workflow to manage repository labels
Update the configuration for repository labels to remove the leading `#` from color values. With a `#` leading the values they are seen as invalid by the GitHub API.
There was a missing empty line in the `.yamllint` file between two rule definitions.
Update two configuration files
Add the `diagnostics` job as a dependency for the other jobs. Reformat the dependencies for those jobs to match the formatting of the `lint` job. This aligns with what was pulled down from cisagov/skeleton-generic.
Ensure that top-level keys except for `steps` are alphabetically sorted.
We generally only use quotes when they are strictly necessary to ensure data is interpreted as a string value. This mirrors what was done to the configurations inherited from cisagov/skeleton-generic.
This aligns with what was done to the `lint` job of the build.yml workflow that was inherited from cisagov/skeleton-generic.
We generally only use quotes when they are strictly necessary to ensure data is interpreted as a string value. This mirrors what was done to the configurations inherited from cisagov/skeleton-generic.
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2...v3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v2...v3) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps python from 3.11.4-alpine to 3.12.0-alpine. --- updated-dependencies: - dependency-name: python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
It's good to agree everywhere with the changes we made to the build.yml workflow in cisagov/skeleton-generic#144.
⚠️ CONFLICT! Lineage pull request for: skeleton
…alpine Bump python from 3.11.4-alpine to 3.12.0-alpine
…for-codeql-workflow Add a diagnostics job to the CodeQL workflow
Modify comment referencing "stopped" parameter
…_script Enhance the functionality of the `bump_version.sh` script
…/login-action-3 Bump docker/login-action from 2 to 3
…/setup-buildx-action-3 Bump docker/setup-buildx-action from 2 to 3
…/setup-qemu-action-3 Bump docker/setup-qemu-action from 2 to 3
# Conflicts: # .github/dependabot.yml
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v6...v7) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v4...v5) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
There is currently a potential incompatibility with the default behavior of the version of buildx being used. A default image generated is built with provenance, which is something we would like to have, but these default images can run on neither Google Cloud Run nor AWS Lambda. Please see docker/buildx#1533 for mroe information. Since we want to retain support for creating AWS Lambda images we add a commented out disabling of this functionality that can be enabled in a downstream repository if needed.
…s/github-script-7 Bump actions/github-script from 6 to 7
…/build-push-action-5 Bump docker/build-push-action from 4 to 5
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Lineage Pull Request: CONFLICT
Lineage has created this pull request to incorporate new changes found in an
upstream repository:
Upstream repository:
https://github.com/cisagov/skeleton-docker.gitRemote branch:
HEADCheck the changes in this pull request to ensure they won't cause issues with
your project.
The
lineage/skeletonbranch has one or more unresolved merge conflictsthat you must resolve before merging this pull request!
How to resolve the conflicts
Take ownership of this pull request by removing any other assignees.
Clone the repository locally, and reapply the merge:
Review the changes displayed by the
statuscommand. Fix any conflicts andpossibly incorrect auto-merges.
After resolving each of the conflicts,
addyour changes to thebranch,
commit, andpushyour changes:Note that you may append to the default merge commit message
that git creates for you, but please do not delete the existing
content. It provides useful information about the merge that is
being performed.
Wait for all the automated tests to pass.
Check the "Everything is cool" checkbox below:
Mark this draft pull request "Ready for review".
Note: You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.
For more information:
🛠 Lineage configurations for this project are stored in
.github/lineage.yml📚 Read more about Lineage