diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ec55c85e..2e5b1b68 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,15 +58,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ runner.os }}-python-${{ env.python_version }}-pipenv-${{ hashFiles('Pipfile.lock') }} - - name: Install the dependencies - run: | - python -m pip install --upgrade pipenv - mkdir "${RUNNER_TEMP}/bin" - curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b "${RUNNER_TEMP}/bin" - chmod +x "${RUNNER_TEMP}/bin/syft" - curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b "${RUNNER_TEMP}/bin" - chmod +x "${RUNNER_TEMP}/bin/grype" - echo "${RUNNER_TEMP}/bin" >> "${GITHUB_PATH}" - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo @@ -96,8 +87,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ runner.os }}-python-${{ env.python_version }}-pipenv-${{ hashFiles('Pipfile.lock') }} - - name: Install the dependencies - run: python -m pip install --upgrade pipenv - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 561c2685..0d80a61f 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -26,14 +26,12 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ runner.os }}-python-${{ env.python_version }}-pipenv-${{ hashFiles('Pipfile.lock') }} - - name: Install the dependencies - run: | - python -m pip install --upgrade pipenv - echo "CODEQL_PYTHON=$(pipenv run which python)" >> "${GITHUB_ENV}" - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo run: task -v init + - name: Setup CodeQL + run: echo "CODEQL_PYTHON=$(pipenv run which python)" >> "${GITHUB_ENV}" - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index e4824118..e4f536ab 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -30,8 +30,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ runner.os }}-python-${{ env.python_version }}-pipenv-${{ hashFiles('Pipfile.lock') }} - - name: Install the dependencies - run: python -m pip install --upgrade pipenv - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 873c2c6e..7c0118ac 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ --- repos: - repo: https://github.com/seisollc/goat - rev: a8d2863396772ec95330996372dd4e48f2490438 # frozen: v2023.08.22 + rev: c887e70f7dd21f60ec5d2577dd51df2c2bdb2639 # frozen: v2023.09.02 hooks: - id: seiso-lint diff --git a/Pipfile.lock b/Pipfile.lock index 20ec0ae8..08aee7ce 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -237,11 +237,11 @@ }, "filelock": { "hashes": [ - "sha256:002740518d8aa59a26b0c76e10fb8c6e15eae825d34b6fdf670333fd7b938d81", - "sha256:cbb791cdea2a72f23da6ac5b5269ab0a0d161e9ef0100e653b69049a7706d1ec" + "sha256:0ecc1dd2ec4672a10c8550a8182f1bd0c0a5088470ecd5a125e45f49472fac3d", + "sha256:f067e40ccc40f2b48395a80fcbd4728262fab54e232e090a4063ab804179efeb" ], - "markers": "python_version >= '3.7'", - "version": "==3.12.2" + "markers": "python_version >= '3.8'", + "version": "==3.12.3" }, "gitdb": { "hashes": [ @@ -253,12 +253,12 @@ }, "gitpython": { "hashes": [ - "sha256:8d9b8cb1e80b9735e8717c9362079d3ce4c6e5ddeebedd0361b228c3a67a62f6", - "sha256:e3d59b1c2c6ebb9dfa7a184daf3b6dd4914237e7488a1730a6d8f6f5d0b4187f" + "sha256:11f22466f982211ad8f3bdb456c03be8466c71d4da8774f3a9f68344e89559cb", + "sha256:13aaa3dff88a23afec2d00eb3da3f2e040e2282e41de484c5791669b31146084" ], "index": "pypi", "markers": "python_version >= '3.7'", - "version": "==3.1.32" + "version": "==3.1.33" }, "identify": { "hashes": [ @@ -431,11 +431,11 @@ }, "pluggy": { "hashes": [ - "sha256:c2fd55a7d7a3863cba1a013e4e2414658b1d07b6bc57b3919e0c63c9abb99849", - "sha256:d12f0c4b579b15f5e054301bb226ee85eeeba08ffec228092f8defbaa3a4c4b3" + "sha256:cf61ae8f126ac6f7c451172cf30e3e43d3ca77615509771b3a984a0730651e12", + "sha256:d89c696a773f8bd377d18e5ecda92b7a3793cbe66c87060a6fb58c7b6e1061f7" ], - "markers": "python_version >= '3.7'", - "version": "==1.2.0" + "markers": "python_version >= '3.8'", + "version": "==1.3.0" }, "pre-commit": { "hashes": [ @@ -499,7 +499,9 @@ }, "pyyaml": { "hashes": [ + "sha256:04ac92ad1925b2cff1db0cfebffb6ffc43457495c9b3c39d3fcae417d7125dc5", "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc", + "sha256:0d3304d8c0adc42be59c5f8a4d9e3d7379e6955ad754aa9d6ab7a398b59dd1df", "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741", "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206", "sha256:18aeb1bf9a78867dc38b259769503436b7c72f7a1f1f4c93ff9a17de54319b27", @@ -507,7 +509,10 @@ "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62", "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98", "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696", + "sha256:326c013efe8048858a6d312ddd31d56e468118ad4cdeda36c719bf5bb6192290", + "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9", "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d", + "sha256:49a183be227561de579b4a36efbb21b3eab9651dd81b1858589f796549873dd6", "sha256:4fb147e7a67ef577a588a0e2c17b6db51dda102c71de36f8549b6816a96e1867", "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47", "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486", @@ -515,9 +520,12 @@ "sha256:596106435fa6ad000c2991a98fa58eeb8656ef2325d7e158344fb33864ed87e3", "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007", "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938", + "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0", "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c", "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735", "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d", + "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28", + "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4", "sha256:9046c58c4395dff28dd494285c82ba00b546adfc7ef001486fbf0324bc174fba", "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8", "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5", @@ -532,7 +540,9 @@ "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43", "sha256:c8098ddcc2a85b61647b2590f825f3db38891662cfc2fc776415143f599bb859", "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673", + "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54", "sha256:d858aa552c999bc8a8d57426ed01e40bef403cd8ccdd0fc5f6f04a00414cac2a", + "sha256:e7d73685e87afe9f3b36c799222440d6cf362062f78be1013661b00c5c6f678b", "sha256:f003ed9ad21d6a4713f0a9b5a7a0a79e08dd0f221aff4525a2be4c346ee60aab", "sha256:f22ac1c3cac4dbc50079e965eba2c1058622631e526bd9afd45fedd49ba781fa", "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c", @@ -618,11 +628,11 @@ }, "virtualenv": { "hashes": [ - "sha256:95a6e9398b4967fbcb5fef2acec5efaf9aa4972049d9ae41f95e0972a683fd02", - "sha256:e5c3b4ce817b0b328af041506a2a299418c98747c4b1e68cb7527e74ced23efc" + "sha256:29c70bb9b88510f6414ac3e55c8b413a1f96239b6b789ca123437d5e892190cb", + "sha256:772b05bfda7ed3b8ecd16021ca9716273ad9f4467c801f27e83ac73430246dca" ], "markers": "python_version >= '3.7'", - "version": "==20.24.3" + "version": "==20.24.4" } } } diff --git a/Taskfile.yml b/Taskfile.yml index 680ce8c1..42d10eb6 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -13,7 +13,8 @@ vars: INPUT_EXCLUDE: .*\{\{.*\}\}.* PYTHON_VERSION: 3.11 VERSION: - sh: pipenv run python -c 'from {{.PROJECT_SLUG}} import __version__; print(__version__)' + # Does not use pipenv to avoid pipenv as a project bootstrapping requirement + sh: python -c 'from {{.PROJECT_SLUG}} import __version__; print(__version__)' includes: py: @@ -33,6 +34,8 @@ tasks: internal: true sources: - Pipfile.lock + preconditions: + - which pipenv || python -m pip install --upgrade pipenv cmds: - pipenv install --deploy --ignore-pipfile --dev diff --git a/goat b/goat index a764e82d..8586ab40 160000 --- a/goat +++ b/goat @@ -1 +1 @@ -Subproject commit a764e82d4b126639829ecdd51f2e23e9d5ae43b8 +Subproject commit 8586ab402fdcd29202f835885cec5576d0f3156e diff --git a/tests/test_cookiecutter.py b/tests/test_cookiecutter.py index aca9344f..842fd076 100644 --- a/tests/test_cookiecutter.py +++ b/tests/test_cookiecutter.py @@ -176,6 +176,17 @@ def test_default_project(cookies): "task", "-v", "init", + ], + capture_output=True, + check=True, + cwd=project, + env=env, + ) + + subprocess.run( + [ + "task", + "-v", "lint", "validate", "build", diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.coveragerc" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.coveragerc" new file mode 100644 index 00000000..ef854e85 --- /dev/null +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.coveragerc" @@ -0,0 +1,2 @@ +[report] +fail_under = 75 diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/commit.yml" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/commit.yml" index 6d61cb8a..ebf1d4a3 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/commit.yml" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/commit.yml" @@ -49,15 +49,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ "{{ runner.os }}" }}-python-${{ "{{ env.python_version }}" }}-pipenv-${{ "{{ hashFiles('Pipfile.lock') }}" }} - - name: Install the dependencies - run: | - python -m pip install --upgrade pipenv - mkdir "${RUNNER_TEMP}/bin" - curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b "${RUNNER_TEMP}/bin" - chmod +x "${RUNNER_TEMP}/bin/syft" - curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b "${RUNNER_TEMP}/bin" - chmod +x "${RUNNER_TEMP}/bin/grype" - echo "${RUNNER_TEMP}/bin" >> "${GITHUB_PATH}" - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo @@ -118,8 +109,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ "{{ runner.os }}" }}-python-${{ "{{ env.python_version }}" }}-pipenv-${{ "{{ hashFiles('Pipfile.lock') }}" }} - - name: Install the dependencies - run: python -m pip install --upgrade pipenv - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo @@ -169,8 +158,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ "{{ runner.os }}" }}-python-${{ "{{ env.python_version }}" }}-pipenv-${{ "{{ hashFiles('Pipfile.lock') }}" }} - - name: Install the dependencies - run: python -m pip install --upgrade pipenv - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/release.yml" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/release.yml" index 08fe95e6..b2c12603 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/release.yml" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/release.yml" @@ -39,8 +39,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ "{{ runner.os }}" }}-python-${{ "{{ env.python_version }}" }}-pipenv-${{ "{{ hashFiles('Pipfile.lock') }}" }} - - name: Install the dependencies - run: python -m pip install --upgrade pipenv - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/security.yml" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/security.yml" index 87d6096f..3cd071ad 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/security.yml" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/security.yml" @@ -36,14 +36,12 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ "{{ runner.os }}" }}-python-${{ "{{ env.python_version }}" }}-pipenv-${{ "{{ hashFiles('Pipfile.lock') }}" }} - - name: Install the dependencies - run: | - python -m pip install --upgrade pipenv - echo "CODEQL_PYTHON=$(pipenv run which python)" >> "${GITHUB_ENV}" - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo run: task -v init + - name: Setup CodeQL + run: echo "CODEQL_PYTHON=$(pipenv run which python)" >> "${GITHUB_ENV}" - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/update.yml" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/update.yml" index f0c93d43..50f62044 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/update.yml" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.github/workflows/update.yml" @@ -30,8 +30,6 @@ jobs: with: path: ~/.local/share/virtualenvs key: ${{ "{{ runner.os }}" }}-python-${{ "{{ env.python_version }}" }}-pipenv-${{ "{{ hashFiles('Pipfile.lock') }}" }} - - name: Install the dependencies - run: python -m pip install --upgrade pipenv - name: Install Task uses: arduino/setup-task@v1 - name: Initialize the repo diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/README.md" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/README.md" index 998e09e5..04d9b9e0 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/README.md" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/README.md" @@ -4,7 +4,7 @@ Welcome to {{ cookiecutter.project_name }} ## Getting Started -First, you need to ensure you have `task`, `docker`, `git`, `pipenv`, and `python3` installed locally, and the `docker` daemon is running. +First, you need to ensure you have `task`, `docker`, `git`, and `python3` installed locally, and the `docker` daemon is running. Then, you can setup your local environment via: diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" index 94654397..4e343611 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" @@ -19,13 +19,19 @@ includes: PYTHON_VERSION: '{{ "{{.PYTHON_VERSION}}" }}' VERSION: '{{ "{{.VERSION}}" }}' + base: + taskfile: ./goat/Task/Taskfile.yml + internal: true + optional: true + vars: IMAGE_NAME: seiso/{{ cookiecutter.project_slug }} PROJECT_SLUG: {{ cookiecutter.project_slug }} PYTHON_VERSION: {{ cookiecutter.python_version }} SUPPORTED_PLATFORMS: 'linux/amd64,linux/arm64' VERSION: - sh: pipenv run python -c 'from {{ "{{" }}.PROJECT_SLUG{{ "}}" }} import __version__; print(__version__)' + # Does not use pipenv to avoid pipenv as a project bootstrapping requirement + sh: python -c 'from {{ "{{" }}.PROJECT_SLUG{{ "}}" }} import __version__; print(__version__)' LOCAL_PLATFORM: # Inspired by https://github.com/containerd/containerd/blob/e0912c068b131b33798ae45fd447a1624a6faf0a/platforms/database.go#L76 sh: | @@ -50,6 +56,9 @@ tasks: internal: true sources: - Pipfile.lock + preconditions: + - which pipenv || python3 -m pip install --upgrade pipx gitpython pyyaml && python3 -m pipx ensurepath && pipx install pipenv + cmds: - pipenv install --deploy --ignore-pipfile --dev @@ -78,12 +87,29 @@ tasks: # Don't run this in pipelines - '{{ "{{" }}if ne .GITHUB_ACTIONS "true"{{ "}}pipenv run pre-commit install{{else}}echo \"Detected a github actions pipeline; skipping the pre-commit install\"{{end}}" }}' + init-install-tools: + desc: Install required tools + internal: true + cmds: + - task: base:mac-brew-install + vars: + TOOLS: syft,grype + - task: base:runner-curl-install + vars: + INSTALL_URL: https://raw.githubusercontent.com/anchore/syft/main/install.sh + TOOL: syft + - task: base:runner-curl-install + vars: + INSTALL_URL: https://raw.githubusercontent.com/anchore/grype/main/install.sh + TOOL: grype + init: desc: Initialize the repo for local use; intended to be run after git clone cmds: - task: init-pipenv - task: init-submodules - task: init-pre-commit + - task: init-install-tools lint: desc: Run the linter(s); paved road projects use the Seiso goat 🐐