Skip to content

Commit d10c14b

Browse files
committed
Initial public commit
0 parents  commit d10c14b

21 files changed

+1764
-0
lines changed

.dockerignore

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
*
2+
!pyproject.toml
3+
!README.md
4+
!integration/testrun.py
5+
!hv4gha
6+
**/*.pyc

.github/helpers/gen-compose-env

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
#!/bin/bash
2+
set -o errexit
3+
set -o nounset
4+
5+
cat <<EOF
6+
HV4GHA_ACCOUNT=andreaso
7+
HV4GHA_APP_ID=368468
8+
HV4GHA_APP_KEY_B64=${TEST_APP_KEY_B64}
9+
HV4GHA_TEST_REPO=hv4gha
10+
EOF

.github/workflows/codeql.yaml

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
---
2+
3+
name: CodeQL
4+
5+
on:
6+
push:
7+
branches:
8+
- main
9+
pull_request:
10+
branches:
11+
- main
12+
schedule:
13+
- cron: "15 4 * * 6"
14+
15+
permissions:
16+
actions: read
17+
contents: read
18+
security-events: write
19+
20+
jobs:
21+
analyze:
22+
name: Python Analyze
23+
runs-on: ubuntu-latest
24+
25+
steps:
26+
- name: Checkout repository
27+
uses: actions/checkout@v3
28+
29+
- name: Use Python 3.11
30+
uses: actions/setup-python@v4
31+
with:
32+
python-version: "3.11"
33+
34+
- name: Initialize CodeQL
35+
uses: github/codeql-action/init@v2
36+
with:
37+
languages: python
38+
39+
- name: Perform CodeQL Analysis
40+
uses: github/codeql-action/analyze@v2

.github/workflows/linting.yaml

Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
---
2+
3+
name: Linting
4+
5+
on:
6+
push:
7+
branches:
8+
- main
9+
pull_request:
10+
branches:
11+
- main
12+
13+
permissions:
14+
contents: read
15+
statuses: write
16+
17+
jobs:
18+
python:
19+
name: Python
20+
runs-on: ubuntu-22.04
21+
22+
strategy:
23+
matrix:
24+
py_version: ["3.10", "3.11"]
25+
26+
steps:
27+
- name: Checkout
28+
uses: actions/checkout@v3
29+
30+
- name: Install Poetry
31+
run: pipx install poetry
32+
33+
- name: Enable Python ${{ matrix.py_version }}
34+
uses: actions/setup-python@v4
35+
with:
36+
python-version: ${{ matrix.py_version }}
37+
38+
- name: Use Python ${{ matrix.py_version }} with Poetry
39+
run: poetry env use python${{ matrix.py_version }}
40+
41+
- name: Install dependencies
42+
run: poetry install
43+
44+
- name: Check import order
45+
run: poetry run isort --check hv4gha/ integration/
46+
47+
- name: Check Black formating
48+
run: poetry run black --check hv4gha/ integration/
49+
50+
- name: Verify type hints
51+
run: poetry run mypy --strict hv4gha/ integration/
52+
53+
- name: Run Pylint
54+
run: poetry run pylint -rn -sn hv4gha/ integration/
55+
56+
super:
57+
name: Super-Linter
58+
runs-on: ubuntu-latest
59+
60+
steps:
61+
- name: Checkout
62+
uses: actions/checkout@v3
63+
with:
64+
fetch-depth: 0
65+
66+
- name: Lint
67+
uses: super-linter/super-linter/slim@v5
68+
env:
69+
VALIDATE_ALL_CODEBASE: true
70+
VALIDATE_JSCPD: false
71+
DEFAULT_BRANCH: main
72+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/publish.yaml

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
---
2+
3+
name: Publish
4+
5+
on:
6+
push:
7+
tags:
8+
- v*
9+
10+
permissions:
11+
contents: read
12+
id-token: write
13+
14+
jobs:
15+
pypi:
16+
name: PyPi Publish
17+
runs-on: ubuntu-22.04
18+
19+
environment:
20+
name: release
21+
url: https://pypi.org/project/hv4gha/
22+
23+
steps:
24+
- name: Checkout
25+
uses: actions/checkout@v3
26+
27+
- name: Install Poetry
28+
run: pipx install poetry
29+
30+
- name: Output expected packge version refs/tags/
31+
id: expected
32+
run: echo "tagref=refs/tags/v$(poetry version --short)" >> "$GITHUB_OUTPUT"
33+
34+
- name: Fail on mismatch between tag and package version
35+
if: github.ref != steps.expected.outputs.tagref
36+
run: echo "Mismatch between pushed tag and package version"; exit 1
37+
38+
- name: Build package
39+
run: poetry build
40+
41+
- name: Publish package
42+
uses: pypa/gh-action-pypi-publish@release/v1

.github/workflows/testing.yaml

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
---
2+
3+
name: Testing
4+
5+
on:
6+
push:
7+
branches:
8+
- main
9+
pull_request:
10+
branches:
11+
- main
12+
13+
permissions:
14+
contents: read
15+
16+
jobs:
17+
integration:
18+
name: Integration testing
19+
runs-on: ubuntu-22.04
20+
21+
steps:
22+
- name: Checkout
23+
uses: actions/checkout@v3
24+
25+
- name: Setup Docker Compose .env file
26+
run: .github/helpers/gen-compose-env > integration/.env
27+
env:
28+
TEST_APP_KEY_B64: ${{ secrets.TEST_APP_KEY_B64 }}
29+
30+
- name: Build test images
31+
run: docker compose -f integration/docker-compose.yaml build
32+
33+
- name: Bring up Vault server
34+
run: docker compose -f integration/docker-compose.yaml up --wait --detach vault-server
35+
36+
- name: Enable Vault's Transit Engine
37+
run: docker compose -f integration/docker-compose.yaml run --no-deps vault-setup
38+
39+
- name: Import App key (Python 3.10)
40+
run: docker compose -f integration/docker-compose.yaml run --no-deps testrun-py310 import
41+
42+
- name: Issue Access Token (Python 3.10)
43+
run: docker compose -f integration/docker-compose.yaml run --no-deps testrun-py310 issue
44+
45+
- name: Issue scoped Access Token (Python 3.10)
46+
run: docker compose -f integration/docker-compose.yaml run --no-deps testrun-py310 issue-scoped
47+
48+
- name: Import App key (Python 3.11)
49+
run: docker compose -f integration/docker-compose.yaml run --no-deps testrun-py311 import
50+
51+
- name: Issue Access Token (Python 3.11)
52+
run: docker compose -f integration/docker-compose.yaml run --no-deps testrun-py311 issue
53+
54+
- name: Issue scoped Access Token (Python 3.11)
55+
run: docker compose -f integration/docker-compose.yaml run --no-deps testrun-py311 issue-scoped

.gitignore

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
*~
2+
\#*#
3+
.#*
4+
5+
*.pyc
6+
/dist/
7+
8+
/integration/.env

.pre-commit-config.yaml

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
---
2+
repos:
3+
- repo: https://github.com/pre-commit/pre-commit-hooks
4+
rev: v4.4.0
5+
hooks:
6+
- id: trailing-whitespace
7+
- id: end-of-file-fixer
8+
- id: check-toml
9+
- id: check-yaml
10+
- id: check-added-large-files
11+
12+
- repo: local
13+
hooks:
14+
- id: isort
15+
name: isort
16+
entry: poetry run isort
17+
language: system
18+
types_or: [python, pyi]
19+
require_serial: true
20+
args: ["--filter-files"]
21+
22+
- id: black
23+
name: black
24+
entry: poetry run black
25+
language: system
26+
types_or: [python, pyi]
27+
require_serial: true
28+
29+
- id: mypy
30+
name: mypy
31+
entry: poetry run mypy
32+
language: system
33+
types_or: [python, pyi]
34+
exclude: '^tests/'
35+
require_serial: true
36+
args: ["--strict"]
37+
38+
- id: pylint
39+
name: pylint
40+
entry: poetry run pylint
41+
language: system
42+
types: [python]
43+
args: ["-rn", "-sn"]

LICENSE

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
MIT License
2+
3+
Copyright (c) 2023 Andreas Olsson <[email protected]>
4+
5+
Permission is hereby granted, free of charge, to any person obtaining a copy
6+
of this software and associated documentation files (the "Software"), to deal
7+
in the Software without restriction, including without limitation the rights
8+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9+
copies of the Software, and to permit persons to whom the Software is
10+
furnished to do so, subject to the following conditions:
11+
12+
The above copyright notice and this permission notice shall be included in all
13+
copies or substantial portions of the Software.
14+
15+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21+
SOFTWARE.

0 commit comments

Comments
 (0)