Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: standardize repo to template and update README.md #20

Merged
merged 10 commits into from
Feb 14, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .adr-dir
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
adr
27 changes: 27 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: 'possible-bug 🐛'
assignees: ''
---

### Environment
Device and OS:
App/package versions:
Kubernetes distro being used:
Other:

### Steps to reproduce
1.

### Expected result

### Actual Result

### Visual Proof (screenshots, videos, text, etc)

### Severity/Priority

### Additional Context
Add any other context or screenshots about the technical debt here.
22 changes: 22 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: 'enhancement ✨'
assignees: ''
---

### Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

### Describe the solution you'd like

- **Given** a state
- **When** an action is taken
- **Then** something happens

### Describe alternatives you've considered
(optional) A clear and concise description of any alternative solutions or features you've considered.

### Additional context
Add any other context or screenshots about the feature request here.
16 changes: 16 additions & 0 deletions .github/ISSUE_TEMPLATE/tech_debt.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
---
name: Tech debt
about: Record something that should be investigated or refactored in the future.
title: ''
labels: 'tech-debt 💳'
assignees: ''
---

### Describe what should be investigated or refactored
A clear and concise description of what should be changed/researched. Ex. This piece of the code is not DRY enough [...]

### Links to any relevant code
(optional) i.e. - https://github.com/defenseunicorns/uds-package-mattermost/blob/main/README.md?plain=1#L1

### Additional context
Add any other context or screenshots about the technical debt here.
20 changes: 20 additions & 0 deletions .github/pull_request_template.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
## Description

...

## Related Issue

Fixes #
<!-- or -->
Relates to #

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [ ] Test, docs, adr added or updated as needed
- [ ] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-package-mattermost/blob/main/CONTRIBUTING.md#developer-workflow) followed
4 changes: 3 additions & 1 deletion .github/workflows/commitlint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,9 @@ jobs:
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2

- name: Install commitlint
run: npm install --save-dev @commitlint/{config-conventional,cli}
run: |
npm install --save-dev @commitlint/[email protected]
npm install --save-dev @commitlint/[email protected]

- name: Lint PR title
run: echo "${{ github.event.pull_request.title }}" | npx commitlint
50 changes: 50 additions & 0 deletions .github/workflows/scorecard.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
name: Scorecards supply-chain security
on:
# Only the default branch is supported.
branch_protection_rule:
schedule:
- cron: '30 1 * * 6'
push:
branches: [ "main" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
analysis:
name: Scorecards analysis
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Used to receive a badge.
id-token: write

steps:
- name: "Checkout code"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
publish_results: true

# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12
with:
sarif_file: results.sarif
28 changes: 3 additions & 25 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,27 +1,5 @@
# Welcome to the Matter Operator UDS Capability
# Welcome to the Mattermost UDS Package

Thank you for your interest in this Defense Unicorns UDS Capability!
Thank you for your interest in this Defense Unicorns UDS Package!

This document describes the process and requirements for contributing to this UDS Capability.

## Developer Experience

Continuous Delivery is core to our development philosophy. Check out [https://minimumcd.org](https://minimumcd.org) for a good baseline agreement on what that means.

Specifically:

* We do trunk-based development (main) with short-lived feature branches that originate from the trunk, get merged into the trunk, and are deleted after the merge
* We don't merge code into main that isn't releasable
* We perform automated testing on all changes before they get merged to main
* Continuous integration (CI) pipeline tests are definitive
* We create immutable release artifacts

## Definition of Done

We apply these general principles to all User Stories and activities contributing to the UDS SWF.

* Automated continuous integration (CI) pipeline tests pass
* CI pipeline tests have been updated to meet system changes
* Changes are peer reviewed
* Acceptance criteria is met
* Documentation is updated to reflect what changed
This package is part of Defense Unicorns' UDS Software Factory and follows the contributing guidelines outlined in that repositories' [CONTRIBUTING.md](https://github.com/defenseunicorns/uds-software-factory/blob/main/CONTRIBUTING.md) file.
41 changes: 32 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,14 +1,12 @@
# UDS Mattermost Package

This repo contains a UDS Package for [Mattermost](https://mattermost.com/), along with an example bundle and UDS tasks for development.
[![Latest Release](https://img.shields.io/github/v/release/defenseunicorns/uds-package-mattermost)](https://github.com/defenseunicorns/uds-package-mattermost/releases)
[![Build Status](https://img.shields.io/github/actions/workflow/status/defenseunicorns/uds-package-mattermost/tag-and-release.yaml)](https://github.com/defenseunicorns/uds-package-mattermost/actions/workflows/tag-and-release.yaml)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-mattermost/badge)](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-mattermost)

## Flavors

Two flavors of this package are produced at this time:
- `upstream`: This flavor uses the upstream images (same ones deployed by the chart by default) and is intended for a quick and seamless development experience
- `registry1` (amd64 architecture only): This flavor uses hardened images from [Ironbank](https://p1.dso.mil/services/iron-bank) and is intended for production environments
This package is designed for use as part of a [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) bundle deployed on [UDS Core](https://github.com/defenseunicorns/uds-core).

## Dependencies
## Prerequisites

Mattermost requires two dependencies, postgres and s3 compatible object storage. Wiring Mattermost to your dependencies is done primarily via helm values, which will require the use of a bundle created with uds-cli.

Expand Down Expand Up @@ -50,6 +48,31 @@ To use IRSA make sure to NOT set the two key variables and add the appropriate r
value: "arn:aws:iam::123456789:role/mattermost-role"
```

## Additional Config
## Flavors

| Flavor | Description | Example Creation |
| ------ | ----------- | ---------------- |
| upstream | Uses upstream images within the package. | `zarf package create . -f upstream` |
| registry1 | Uses images from registry1.dso.mil within the package. | `zarf package create . -f registry1` |

## Releases

The released packages can be found in [ghcr](https://github.com/defenseunicorns/uds-package-mattermost/pkgs/container/packages%2Fuds%2Fmattermost).

## UDS Tasks (for local dev and CI)

*For local dev, this requires installing [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install)

| Task | Description | Example |
| ---- | ----------- | ------- |
| setup-cluster | Uses the `k3d-core-istio` bundle to create a cluster for testing against | `uds run setup-cluster` |
| create-package | Creates just the Mattermost package | `uds run create-package --set FLAVOR=<flavor>` |
| create-test-bundle | Creates Mattermost and Mattermost dependency packages and then bundles them | `uds run create-test-bundle` |
| deploy-package | Deploy Mattermost package only | `uds run deploy-package` |
| deploy-test-bundle | Deploy Mattermost and Mattermost dependency bundle | `uds run deploy-test-bundle` |
| test-package | Run checks against a deployed package or bundle | `uds run test-package` |
| cleanup | Teardown the cluster | `uds run cleanup` |

## Contributing

Additional configuration can be done via overrides to configure a number of Mattermost properties like SSO. Check the full list of values in the config chart [here](./chart/values.yaml). If you find that you need something else exposed please open an issue!
Please see the [CONTRIBUTING.md](./CONTRIBUTING.md)
9 changes: 9 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Security Policy

## Supported Versions

As [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) has not yet reached v1.0.0, only the current latest minor release is supported.

## Reporting a Vulnerability

Please email `security-notice [at] defenseunicorns.com` to report a vulnerability. If you are unable to disclose details via email, please let us know and we can coordinate alternate communications.
23 changes: 23 additions & 0 deletions adr/0001-record-architecture-decisions.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# 1. Record architecture decisions

Date: 2024-02-04

## Status

Accepted

## Context

> NOTE:
>
> This file was automatically created when we used [adr-tools](https://github.com/npryce/adr-tools) to initialize the document log in the repo. ADRs on ADRs are a little silly, but it does give a lightweight way to direct the reader over to our contributor guide that has a lot more information.

We need to record the architectural decisions made on this project.

## Decision

We will use Architecture Decision Records, as [described by Michael Nygard](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions), with a couple of small tweaks. See the [Documentation section in the Contributor guide](../CONTRIBUTING.md#documentation) for full details.

## Consequences

See Michael Nygard's article, linked above. For a lightweight ADR toolset, see Nat Pryce's [adr-tools](https://github.com/npryce/adr-tools).
19 changes: 19 additions & 0 deletions adr/template.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# NUMBER. TITLE

Date: DATE

## Status

STATUS

## Context

The issue motivating this decision, and any context that influences or constrains the decision.

## Decision

The change that we're proposing or have agreed to implement.

## Consequences

What becomes easier or more difficult to do and any risks introduced by the change that will need to be mitigated.
78 changes: 6 additions & 72 deletions renovate.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,69 +3,12 @@
"forkProcessing": "enabled",
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
":dependencyDashboard",
":semanticCommits",
":semanticCommitTypeAll(chore)",
"group:all"
],
"branchConcurrentLimit": 0,
"prConcurrentLimit": 0,
"prHourlyLimit": 0,
"rebaseStalePrs": true,
"dependencyDashboard": true,
"dependencyDashboardTitle": "Renovate Dashboard 🤖",
"rebaseWhen": "conflicted",
"commitBodyTable": true,
"suppressNotifications": ["prIgnoreNotification"],
"pre-commit": {
"enabled": true
},
"helm-values": {
"fileMatch": ["./.+\\.yaml$"]
},
"regexManagers": [
{
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"- name: (?<depName>.*?)\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n",
"- name: (?<depName>.*?)\n *version: (?<currentValue>.*)\n *url: (?<registryUrl>.*?)\n",
"- name: (?<depName>.*?)\n *namespace: .*\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n",
"- name: (?<depName>.*?)\n *namespace: .*\n *version: (?<currentValue>.*)\n *url: (?<registryUrl>.*?)\n"
],
"datasourceTemplate": "helm"
},
{
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"- [\"]?(?<depName>[^\"\n]*):(?<currentValue>[^\"\n]*)[\"]?"
],
"datasourceTemplate": "docker"
},
{
"depNameTemplate": "defenseunicorns/uds-cli",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"# renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=(?<versioning>[^\n]+)\n.*?uds@(?<currentValue>.*)"
],
"datasourceTemplate": "github-tags",
"extractVersionTemplate": "^v(?<version>.*)$"
},
{
"depNameTemplate": "defenseunicorns/zarf",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"# renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=(?<versioning>.*?)\n.*?(version:) (?<currentValue>.*)"
],
"datasourceTemplate": "github-tags"
},
{
"depNameTemplate": "defenseunicorns/uds-common-tasks",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/(?<currentValue>[^/]+)/.*"
],
"datasourceTemplate": "github-tags"
}
"github>defenseunicorns/uds-common//config/renovate.json5",
":semanticPrefixFixDepsChoreOthers",
"config:base",
"group:all",
"replacements:all",
"workarounds:all"
],
"hostRules": [
{
Expand All @@ -77,14 +20,5 @@
"password": "wcFMA/xDdHCJBTolAQ/6A4VHieAREvIZ35w9tpdLuvCysq3951xcwBD+o5A6QNYz9K5J0X4NDp2NF5FwEeEBgh3CGF7t/jXHdvvFUSo1wnTT0N+XoU4fXta1px9rkZssPWaMmqbmQ+KWXrEo7SMYK4nXBdExtIZ/j8XvjvTZ1apAh+ySW41eAKXbeQC+5I2rjDJegH6hI7kGkQDzmSAoaDX/Nw8seccozzOj9GEGxPbtF1UYJIfG0jZObf0GowXXCtCOEd5QcQQnzILIaiN0tgZgXrQKFehMTboi8rgYLtRI3LIObUjxl7O59q7ZBCkUuyt9nYF14i9PD8IltVdPsTrGpyK/yQMFrjHWkIPGFHZC9dLyjQlhTjMFBYdye9KGfoZHnKR5pXZw7JvCho/PaP3S8y4LXPJa7YHty0wEcP1eWT0b1hapHnsyDEJ22xyCz0hVFeUnXRPj3zSqBzn4+wVPZmxcCwuLNmu28JJ76SNYAf/4hTjlc2+8WasB/C8rNA+ASf+C6SsMMp677JffWXJtfJHgtPGV+gTCBITG7D8pkCVyIdoiGDv503QDiw59YdocEHkIaRw6EzSZ5XFEHz0mbnTZ7HgRYPklsQzVvetEOmctFdZgYZZ1hjVOkWIjiuSR+hDc3IT/TdXEohZxizAZAEmmsli0Q70m2EWJo1tUqxS9soQGKGQc/crIdpHSdgFfBI3gyKZP4ehv1WzYqrWlg1syDgbNllgEJIIBxv+ZI+QMJUF8SdtleMkxE6PYvc1bzpj6nTrM1oahiK8BUKS+cTpXQr1+LneL1mQ/4rSqNQO5ooBweej3Ql0cDNzjahfYc/1AwctQOdjZRpmGUs+RaMezgF8"
}
}
],
"packageRules": [
{
"matchFileNames": [".github/**"],
"excludePackageNames": ["defenseunicorns/zarf","defenseunicorns/uds-cli"],
"groupName": "githubactions",
"commitMessageTopic": "githubactions",
"pinDigests": true
}
]
}
Loading