From 1c4fffc02860628e44a9010a74c2396af4a2b5b4 Mon Sep 17 00:00:00 2001 From: Mike Houston Date: Mon, 8 Jul 2024 10:28:46 +0100 Subject: [PATCH 1/3] CCM-5100: Backport suggested changes to template repo --- .github/actions/lint-terraform/action.yaml | 1 + .tool-versions | 2 +- .vscode/settings.json | 7 +------ scripts/config/pre-commit.yaml | 8 ++++---- scripts/config/vale/styles/Vocab/words/accept.txt | 1 + scripts/git-repo/branch-protection.md | 4 ++-- scripts/terraform/terraform.mk | 4 ++-- 7 files changed, 12 insertions(+), 15 deletions(-) diff --git a/.github/actions/lint-terraform/action.yaml b/.github/actions/lint-terraform/action.yaml index d5dfe35d..28d990cd 100644 --- a/.github/actions/lint-terraform/action.yaml +++ b/.github/actions/lint-terraform/action.yaml @@ -16,5 +16,6 @@ runs: run: | stacks=${{ inputs.root-modules }} for dir in $(find infrastructure/environments -maxdepth 1 -mindepth 1 -type d; echo ${stacks//,/$'\n'}); do + dir=$dir opts='-backend=false' make terraform-init dir=$dir make terraform-validate done diff --git a/.tool-versions b/.tool-versions index 079427cb..3691a541 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,6 +1,6 @@ # This file is for you! Please, updated to the versions agreed by your team. -terraform 1.7.0 +terraform 1.8.5 pre-commit 3.6.0 nodejs 18.18.2 gitleaks 8.18.4 diff --git a/.vscode/settings.json b/.vscode/settings.json index c2928649..5c7b4134 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -10,11 +10,6 @@ "**/Thumbs.db": true, ".devcontainer": true, ".github": true, - ".vscode": false, - "docs": true, - "infrastructure": true, - "scripts": true, - "terraform": true, - "tests": true + ".vscode": false } } diff --git a/scripts/config/pre-commit.yaml b/scripts/config/pre-commit.yaml index a7c48eae..41dafe77 100644 --- a/scripts/config/pre-commit.yaml +++ b/scripts/config/pre-commit.yaml @@ -19,28 +19,28 @@ repos: hooks: - id: scan-secrets name: Scan secrets - entry: /bin/env check=whole-history ./scripts/githooks/scan-secrets.sh + entry: /usr/bin/env check=whole-history ./scripts/githooks/scan-secrets.sh language: script pass_filenames: false - repo: local hooks: - id: check-file-format name: Check file format - entry: /bin/env check=staged-changes ./scripts/githooks/check-file-format.sh + entry: /usr/bin/env check=branch ./scripts/githooks/check-file-format.sh language: script pass_filenames: false - repo: local hooks: - id: check-markdown-format name: Check Markdown format - entry: /bin/env check=staged-changes ./scripts/githooks/check-markdown-format.sh + entry: /usr/bin/env check=branch ./scripts/githooks/check-markdown-format.sh language: script pass_filenames: false - repo: local hooks: - id: check-english-usage name: Check English usage - entry: /bin/env check=staged-changes ./scripts/githooks/check-english-usage.sh + entry: /usr/bin/env check=branch ./scripts/githooks/check-english-usage.sh language: script pass_filenames: false - repo: local diff --git a/scripts/config/vale/styles/Vocab/words/accept.txt b/scripts/config/vale/styles/Vocab/words/accept.txt index bf5939ab..dc124c03 100644 --- a/scripts/config/vale/styles/Vocab/words/accept.txt +++ b/scripts/config/vale/styles/Vocab/words/accept.txt @@ -23,3 +23,4 @@ endfor drawio rawContent endcapture +Cognito diff --git a/scripts/git-repo/branch-protection.md b/scripts/git-repo/branch-protection.md index 1821a1c7..0e513f86 100644 --- a/scripts/git-repo/branch-protection.md +++ b/scripts/git-repo/branch-protection.md @@ -1,8 +1,8 @@ -# Github +# GitHub ## Branch Protection Rules -This will create the default branch protection rules using Github API. +This will create the default branch protection rules using GitHub API. ```sh ./branch-protection.sh $reponame $PAT diff --git a/scripts/terraform/terraform.mk b/scripts/terraform/terraform.mk index 6339b196..111acda9 100644 --- a/scripts/terraform/terraform.mk +++ b/scripts/terraform/terraform.mk @@ -47,8 +47,8 @@ clean:: # Remove Terraform files (terraform) - optional: terraform_dir|dir=[path _terraform: # Terraform command wrapper - mandatory: cmd=[command to execute]; optional: dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], opts=[options to pass to the Terraform command, default is none/empty] dir=$(or ${dir}, ${TERRAFORM_STACK}) - source scripts/terraform/terraform.lib.sh - terraform-${cmd} # 'dir' and 'opts' are accessible by the function as environment variables, if set + . scripts/terraform/terraform.lib.sh && \ + terraform-${cmd} # 'dir' and 'opts' are accessible by the function as environment variables, if set # ============================================================================== # Quality checks - please DO NOT edit this section! From 316bf12486b2b2892b2c35b5022e1c48caf91743 Mon Sep 17 00:00:00 2001 From: Mike Houston Date: Tue, 9 Jul 2024 10:26:34 +0100 Subject: [PATCH 2/3] CCM-5100: Update TF version to latest --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index 3691a541..cd5707c6 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,6 +1,6 @@ # This file is for you! Please, updated to the versions agreed by your team. -terraform 1.8.5 +terraform 1.9.1 pre-commit 3.6.0 nodejs 18.18.2 gitleaks 8.18.4 From fd8a7b8898dec4152602a3c1238bf5a6dd24f537 Mon Sep 17 00:00:00 2001 From: Mike Houston Date: Tue, 9 Jul 2024 10:33:01 +0100 Subject: [PATCH 3/3] CCM-5100: Update CODEOWNERS --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d2827c83..44937ff3 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,7 +1,7 @@ # NHS Notify Code Owners # Notify default owners -* @rossbugginsnhs @m-houston @edmundcraske2-nhs @timireland +* @rossbugginsnhs @m-houston @aidenvaines-bjss @timireland # Codeowners must be final check /.github/CODEOWNERS @NHSDigital/nhs-notify-code-owners