diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 79c21d6a..00000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -version: 2 -updates: - - package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: "weekly" - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - ignore: - - dependency-name: "*" - update-types: ["version-update:semver-patch"] diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index ccf03507..00000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: CI - -on: - push: - branches: - - main - pull_request: - branches: - - main - -jobs: - build: - runs-on: ubuntu-latest - strategy: - matrix: - python-version: ['3.7', '3.8', '3.9', '3.10'] - - steps: - - uses: actions/checkout@v3 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - uses: actions/cache@v3 - with: - path: ~/.cache/pip - key: ${{ runner.os }}-python-${{ matrix.python-version }}-pip-${{ hashFiles('.github/workflows/ci.yml') }} - restore-keys: ${{ runner.os }}-python-${{ matrix.python-version }}-pip - - name: Install dependencies - run: | - python -m pip install --upgrade pip - python -m pip install tox tox-gh-actions - - name: Lint - if: matrix.python-version == '3.10' - run: tox -e flake8 - - name: Tests - run: tox diff --git a/.woodpecker/build-latest-image.yaml b/.woodpecker/build-latest-image.yaml index 0a1fdccb..40c39eb5 100644 --- a/.woodpecker/build-latest-image.yaml +++ b/.woodpecker/build-latest-image.yaml @@ -5,25 +5,10 @@ when: - event: [pull_request] # Only run when PR targets development or other branches (not main) evaluate: 'CI_COMMIT_TARGET_BRANCH != "main"' - # Build the source branch - branch: - exclude: [main] - - event: [pull_request] - # Also build latest image when development branch creates PR to main - evaluate: 'CI_COMMIT_TARGET_BRANCH == "main" && CI_COMMIT_BRANCH == "development"' - branch: [development] variables: - &docker_repo "josaorg/safepass" - &slack_channel "builds" - # Docker build arguments template - - &build_args_template - - CI_COMMIT_SHA=${CI_COMMIT_SHA} - - CI_BUILD_NUMBER=${CI_BUILD_NUMBER} - - CI_BUILD_LINK=${CI_BUILD_LINK} - - CI_COMMIT_LINK=${CI_COMMIT_LINK} - - CI_REPO_LINK=${CI_REPO_LINK} - - CI_BUILD_FINISHED=${CI_BUILD_FINISHED} # Success message template - &success_message > ✅ *SUCCESS* - Latest Build #{{ build.number }} @@ -49,10 +34,11 @@ variables: steps: # Security check - scan for secrets/credentials - - name: check-for-leaks - image: zricethezav/gitleaks:v8.18.4 - commands: - - gitleaks detect --source . --verbose + - name: run-pre-commit-hooks + image: josaorg/pre-commit-runner + settings: + args: "--all-files" + skip: "end-of-file-fixer, yamllint" # Build latest image (development and other branches) - name: build-latest-image @@ -67,9 +53,19 @@ steps: from_secret: DOCKER_HUB_USERNAME password: from_secret: DOCKER_HUB_PASSWORD - build_args: *build_args_template + build_args: + CI_REPO: "${CI_REPO}" + CI_REPO_NAME: "${CI_REPO_NAME}" + CI_REPO_URL: "${CI_REPO_URL}" + CI_COMMIT_SHA: "${CI_COMMIT_SHA}" + CI_COMMIT_REF: "${CI_COMMIT_REF}" + CI_PIPELINE_URL: "${CI_PIPELINE_URL}" + CI_PIPELINE_CREATED: "${CI_PIPELINE_CREATED}" + CI_PREV_PIPELINE_URL: "${CI_PREV_PIPELINE_URL}" + CI_PIPELINE_NUMBER: "${CI_PIPELINE_NUMBER}" + depends_on: - - check-for-leaks + - run-pre-commit-hooks # Slack notification for latest build success - name: notify-slack-latest-success @@ -82,7 +78,7 @@ steps: when: - status: success depends_on: - - check-for-leaks + - run-pre-commit-hooks - build-latest-image # Slack notification for latest build failure @@ -96,5 +92,5 @@ steps: when: - status: failure depends_on: - - check-for-leaks + - run-pre-commit-hooks - build-latest-image diff --git a/.woodpecker/build-stable-image.yaml b/.woodpecker/build-stable-image.yaml index d5f3b669..e6170190 100644 --- a/.woodpecker/build-stable-image.yaml +++ b/.woodpecker/build-stable-image.yaml @@ -11,14 +11,6 @@ when: variables: - &docker_repo "josaorg/safepass" - &slack_channel "builds" - # Docker build arguments template - - &build_args_template - - CI_COMMIT_SHA=${CI_COMMIT_SHA} - - CI_BUILD_NUMBER=${CI_BUILD_NUMBER} - - CI_BUILD_LINK=${CI_BUILD_LINK} - - CI_COMMIT_LINK=${CI_COMMIT_LINK} - - CI_REPO_LINK=${CI_REPO_LINK} - - CI_BUILD_FINISHED=${CI_BUILD_FINISHED} # Success message template - &success_message > ✅ *SUCCESS* - Stable Build #{{ build.number }} @@ -43,11 +35,11 @@ variables: • <{{ build.link }}|View Build> steps: - # Security check - scan for secrets/credentials - - name: check-for-leaks - image: zricethezav/gitleaks:v8.18.4 - commands: - - gitleaks detect --source . --verbose + - name: run-pre-commit-hooks + image: josaorg/pre-commit-runner + settings: + args: "--all-files" + skip: "end-of-file-fixer, yamllint" # Build stable image (main branch only) - name: build-stable-image @@ -62,9 +54,19 @@ steps: from_secret: DOCKER_HUB_USERNAME password: from_secret: DOCKER_HUB_PASSWORD - build_args: *build_args_template + build_args: + CI_REPO: "${CI_REPO}" + CI_REPO_NAME: "${CI_REPO_NAME}" + CI_REPO_URL: "${CI_REPO_URL}" + CI_COMMIT_SHA: "${CI_COMMIT_SHA}" + CI_COMMIT_REF: "${CI_COMMIT_REF}" + CI_PIPELINE_URL: "${CI_PIPELINE_URL}" + CI_PIPELINE_CREATED: "${CI_PIPELINE_CREATED}" + CI_PREV_PIPELINE_URL: "${CI_PREV_PIPELINE_URL}" + CI_PIPELINE_NUMBER: "${CI_PIPELINE_NUMBER}" + depends_on: - - check-for-leaks + - run-pre-commit-hooks # Slack notification for stable build success - name: notify-slack-stable-success @@ -77,7 +79,7 @@ steps: when: - status: success depends_on: - - check-for-leaks + - run-pre-commit-hooks - build-stable-image # Slack notification for stable build failure @@ -91,5 +93,5 @@ steps: when: - status: failure depends_on: - - check-for-leaks + - run-pre-commit-hooks - build-stable-image