diff --git a/.devcontainer/apt-packages.txt b/.devcontainer/apt-packages.txt new file mode 100644 index 0000000..a962a42 --- /dev/null +++ b/.devcontainer/apt-packages.txt @@ -0,0 +1,11 @@ +coreutils +direnv +figlet +findutils +gh +git +links +mawk +sed +time +vim diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000..e6f4704 --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,54 @@ +// For format details, see https://aka.ms/devcontainer.json. For config options, see the +// README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu +{ + // "build": { + // "dockerfile": "Dockerfile", + // // Update 'VARIANT' to pick an Ubuntu version: jammy / ubuntu-22.04, focal / ubuntu-20.04, bionic /ubuntu-18.04 + // // Use ubuntu-22.04 or ubuntu-18.04 on local arm64/Apple Silicon. + // // "args": { "VARIANT": "ubuntu-22.04" } + // }, + + // Configure tool-specific properties. + // Note: Keep the list in alphabetical order. + "customizations": { + "vscode": { + "extensions": [ + "bierner.markdown-mermaid", + "DavidAnson.vscode-markdownlint", + "GitHub.copilot", + "GitHub.copilot-chat", + "GitHub.vscode-github-actions", + "vscodevim.vim", + "vsls-contrib.codetour", + "xaver.clang-format" + ] + } + }, + // Features to add to the dev container. More info: https://containers.dev/features. + "features": { + "ghcr.io/devcontainers-contrib/features/actionlint:1": {}, + "ghcr.io/devcontainers-contrib/features/node-asdf:0": {}, + "ghcr.io/devcontainers-extra/features/pipx-package:1": {}, + "ghcr.io/devcontainers/features/docker-in-docker:2": {}, + "ghcr.io/devcontainers/features/python:1": {}, + "ghcr.io/guiyomh/features/vim:0": {}, + "ghcr.io/jungaretti/features/make:1": {}, + "ghcr.io/jungaretti/features/ripgrep:1": {} + }, + + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], + + // Use 'postCreateCommand' to run commands after the container is created. + // "postCreateCommand": "uname -a", + + // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile + "image": "mcr.microsoft.com/devcontainers/base:jammy", + + "postCreateCommand": "time pip install -r .devcontainer/requirements.txt && time pipx install --include-deps --force ansible && time pipx inject ansible -r .devcontainer/requirements-ansible.txt && time pre-commit install", + + // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root. + "remoteUser": "vscode", + // Note: Python dependencies can be added in the `requirements.txt` file. + "onCreateCommand": "sudo apt update && xargs -a .devcontainer/apt-packages.txt sudo apt-get install -y" +} diff --git a/.devcontainer/requirements-ansible.txt b/.devcontainer/requirements-ansible.txt new file mode 100644 index 0000000..9fe8088 --- /dev/null +++ b/.devcontainer/requirements-ansible.txt @@ -0,0 +1,4 @@ +# Python packages injected into the pipx-managed Ansible environment. +# Keep dependencies sorted alphabetically. +docker>=7.1 +requests==2.32.5 diff --git a/.github/AGENTS.md b/.github/AGENTS.md new file mode 100644 index 0000000..b643200 --- /dev/null +++ b/.github/AGENTS.md @@ -0,0 +1,26 @@ +# .github Directory + +Use this as the entry point for agent work, and follow linked catalogs when relevant. + +## Directory-Specific Agent files + +Read these Agent files when working in corresponding dirs: + +- [`workflows/AGENTS.md`](workflows/AGENTS.md) + +## Additional key files + +- [.github/FIREWALL.md](FIREWALL.md): firewall configuration and recommended hosts for agents. + +## Hardened NEVER List + +- **NEVER create `.github/README.md`**: GitHub renders `.github/README.md` with the highest priority. Creating it will + override the main `README.md` on the repository homepage and profile page. + +## Troubleshooting + +TBA + +## Additional notes + +- Keep this Agent file up-to-date. diff --git a/.github/FIREWALL.md b/.github/FIREWALL.md new file mode 100644 index 0000000..37ae510 --- /dev/null +++ b/.github/FIREWALL.md @@ -0,0 +1,43 @@ +# Firewall Allowlist for Copilot Agents + +If your agent runs behind a restrictive firewall, allow these hosts. Always check the official guidance for updates. + +```plaintext +agents.md +aka.ms +ansible.com +api.github.com +archive.ubuntu.com +cache.nixos.org +channels.nixos.org +code.visualstudio.com +codeload.github.com +contributor-covenant.org +dl-cdn.alpinelinux.org +dl.winehq.org +freecodecamp.org +galaxy.ansible.com +gh.io +ghcr.io +github.com +guides.github.com +img.shields.io +hashicorp.com +marketplace.visualstudio.com +npm.pkg.github.com +objects.githubusercontent.com +pkg-containers.githubusercontent.com +raw.githubusercontent.com +releases.nixos.org +registry.npmjs.org +support.github.com +tldrlegal.com +uploads.github.com +user-images.githubusercontent.com +yaml-multiline.info +web.archive.org +``` + +Note: Keep the list sorted alphabetically for easier maintenance. + +Reference: diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..353c1d1 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,38 @@ +--- +name: 🐛 Bug report +description: Report a bug or regression +title: '[BUG]: ' +labels: + - bug +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report 🤗 + Please check for existing open or closed issues before submitting. + - type: textarea + id: bug-description + attributes: + label: Description + description: Describe what happened and what you expected to happen. + validations: + required: true + - type: textarea + id: steps-to-reproduce + attributes: + label: Steps to reproduce + description: List the steps needed to reproduce the behavior. + placeholder: | + 1. Go to '...' + 2. Click on '...' + 3. Scroll down to '...' + 4. See error + validations: + required: true + - type: textarea + id: additional-information + attributes: + label: Additional information + description: |- + Provide any additional context such as logs, screenshots, links, or scenarios + that can help reproduce and resolve the issue. diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..b612fd0 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,26 @@ +--- +name: ✨ Feature request +description: Request a feature or enhancement +labels: + - enhancement +title: '[FEAT]: ' +body: + - type: markdown + attributes: + value: | + Please check for existing open or closed issues before submitting this + feature request. + - type: textarea + id: description + attributes: + label: Description + description: Describe the feature or enhancement you would like to see. + validations: + required: true + - type: textarea + id: additional-information + attributes: + label: Additional information + description: |- + Share any additional context, proposed solutions, links, or screenshots + that can help us evaluate the request. diff --git a/.github/actionlint-matcher.json b/.github/actionlint-matcher.json new file mode 100644 index 0000000..4613e16 --- /dev/null +++ b/.github/actionlint-matcher.json @@ -0,0 +1,17 @@ +{ + "problemMatcher": [ + { + "owner": "actionlint", + "pattern": [ + { + "regexp": "^(?:\\x1b\\[\\d+m)?(.+?)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*: (?:\\x1b\\[\\d+m)*(.+?)(?:\\x1b\\[\\d+m)* \\[(.+?)\\]$", + "file": 1, + "line": 2, + "column": 3, + "message": 4, + "code": 5 + } + ] + } + ] +} diff --git a/.github/pre-commit-matcher.json b/.github/pre-commit-matcher.json new file mode 100644 index 0000000..89b0537 --- /dev/null +++ b/.github/pre-commit-matcher.json @@ -0,0 +1,62 @@ +{ + "problemMatcher": [ + { + "owner": "pre-commit-yamllint", + "severity": "error", + "pattern": [ + { + "regexp": "^(.+\\.ya?ml)$", + "file": 1 + }, + { + "regexp": "^\\s+(\\d+):(\\d+)\\s+(error|warning)\\s+(.+?)\\s+\\((.+?)\\)$", + "line": 1, + "column": 2, + "severity": 3, + "message": 4, + "code": 5, + "loop": true + } + ] + }, + { + "owner": "pre-commit-flake8", + "severity": "error", + "pattern": [ + { + "regexp": "^(.+?):(\\d+):(\\d+):\\s+(\\w\\d+)\\s+(.+)$", + "file": 1, + "line": 2, + "column": 3, + "code": 4, + "message": 5 + } + ] + }, + { + "owner": "pre-commit-codespell", + "severity": "warning", + "pattern": [ + { + "regexp": "^(.+?):(\\d+):\\s+(.+\\s+==>\\s+.+)$", + "file": 1, + "line": 2, + "message": 3 + } + ] + }, + { + "owner": "pre-commit-generic", + "severity": "error", + "pattern": [ + { + "regexp": "^(.+?):(\\d+)(?::(\\d+))?:\\s+(.+)$", + "file": 1, + "line": 2, + "column": 3, + "message": 4 + } + ] + } + ] +} diff --git a/.github/workflows/AGENTS.md b/.github/workflows/AGENTS.md new file mode 100644 index 0000000..934aba9 --- /dev/null +++ b/.github/workflows/AGENTS.md @@ -0,0 +1,9 @@ +# Workflows Directory + +This directory contains GitHub Actions workflows for the repository. + +## Agent Directives + +- Ensure all workflows have descriptive names. +- Use `actionlint` to validate changes to workflow files. +- Follow the established pattern for job permissions and timeouts. diff --git a/.github/workflows/README.md b/.github/workflows/README.md new file mode 100644 index 0000000..de6c196 --- /dev/null +++ b/.github/workflows/README.md @@ -0,0 +1,143 @@ +# GitHub Workflows and Actions + +This directory contains GitHub Actions workflows, agent prompts, and related configuration. + +## Workflows + +### Check Workflow + +The `check.yml` workflow runs on pull requests, pushes, and weekly schedule to +ensure code quality and correctness. + +Jobs: + +- **actionlint**: Validates GitHub Actions workflow files +- **link-checker**: Checks for broken links in Markdown files using Lychee +- **pre-commit**: Runs pre-commit hooks for code formatting and linting + +#### Link Checker + +The link checker job uses [Lychee](https://github.com/lycheeverse/lychee) to +scan all Markdown files for broken links. It includes caching to avoid rate +limits and can be configured via `.lycheeignore` at the repository root to +exclude specific URLs or patterns. + +**Local Testing**: You can test links locally with the configured +`markdown-link-check` pre-commit hook: + +```bash +# Install from requirements.txt +pip install -r .devcontainer/requirements.txt + +# Check a single file +pre-commit run markdown-link-check --files path/to/file.md + +# Check all Markdown files +pre-commit run markdown-link-check -a +``` + +The hook uses `.markdown-link-check.json` and checks both local file references +and remote URLs before you push changes. + +#### Using Check as a Reusable Workflow + +You can use the Check workflow in your repository by referencing it via +`workflow_call`. Note that the `master` branch is required as it is the default +branch for the `FX31337/.github` repository: + +```yaml +--- +name: Check +on: + pull_request: + push: + schedule: + - cron: 0 0 * * 1 # Run every Monday at 00:00 UTC + workflow_dispatch: +jobs: + check: + uses: FX31337/.github/.github/workflows/check.yml@master + with: + submodules: 'false' # Set to 'true' or 'recursive' if repository uses submodules +``` + +### Cogni AI Agent Workflow + +The `cogni-ai-agent.yml` workflow provides an integration with the Cogni AI Agent for autonomous +issue resolution and PR review. + +It triggers on issue and pull request comments, as well as `workflow_dispatch`. It utilizes the +`Cogni-AI-OU/cogni-ai-agent-action` and allows specifying various AI models to fulfill requests. + +*Note: Requires `OPENCODE_API_KEY` secret to be set in repository settings.* + +### Development Containers (CI) Workflow + +The `devcontainer-ci.yml` workflow automates the building and testing of Development Containers. + +It checks out the repository, logs into the GitHub Container Registry (GHCR), and uses the +`devcontainers/ci` action to build the container image, checking against an existing cache. +Additionally, it tests the container by verifying that required command-line tools and Python +packages are correctly installed. + +#### Using Devcontainer CI as a Reusable Workflow + +You can use the Devcontainer CI workflow in your repository by referencing it via +`workflow_call`. It accepts inputs for `required_commands` and `required_python_packages` +to customize the validation step. + +```yaml +jobs: + devcontainer: + uses: FX31337/.github/.github/workflows/devcontainer-ci.yml@master + permissions: + contents: read + packages: write # Required for pushing to GitHub Container Registry +``` + +## Problem Matchers + +GitHub Actions problem matchers automatically annotate files with errors and +warnings in pull requests, making it easier to identify and fix issues. + +### Available Matchers + +- **actionlint-matcher.json**: Captures errors from actionlint workflow linting +- **pre-commit-matcher.json**: Captures errors from pre-commit hooks + +### Pre-commit Problem Matcher + +The pre-commit problem matcher supports two output formats: + +1. **Generic format** (`file:line:col: message`): Used by flake8, actionlint, + and other tools that provide column information +2. **No-column format** (`file:line message`): Used by markdownlint and other + tools that only provide line numbers + +Note: Some hooks like yamllint and ansible-lint already output GitHub Actions +annotations directly and don't need the problem matcher. + +### Configuration + +Problem matchers are registered in the `.github/workflows/check.yml` workflow +before running the corresponding tools. + +### Using Matchers in Reusable Workflows + +When using the `check.yml` workflow as a reusable workflow (via `workflow_call`), +the matcher files are automatically provided from this repository. You don't need +to copy the matcher files to your repository. + +If you want to use custom matcher files, you can specify them using the inputs: + +```yaml +jobs: + check: + uses: FX31337/.github/.github/workflows/check.yml@master + with: + actionlint-matcher-path: .github/custom-actionlint-matcher.json + pre-commit-matcher-path: .github/custom-pre-commit-matcher.json +``` + +If these inputs are not provided, the workflow will automatically use the default +matcher files from this repository. diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml new file mode 100644 index 0000000..1b72dba --- /dev/null +++ b/.github/workflows/check.yml @@ -0,0 +1,159 @@ +--- +# Note: Keep keys and envs in alphabetical order. +name: Check +# yamllint disable-line rule:truthy +on: + pull_request: + push: + schedule: + - cron: 0 0 * * 1 # Run every Monday at 00:00 UTC + workflow_call: + inputs: + actionlint-matcher-path: + description: > + Path to actionlint problem matcher JSON file. If not specified, + uses the default from FX31337/.github repository. + required: false + type: string + default: '' + pre-commit-matcher-path: + description: > + Path to pre-commit problem matcher JSON file. If not specified, + uses the default from FX31337/.github repository. + required: false + type: string + default: '' + submodules: + default: 'false' + description: 'Whether to checkout submodules: true, false, or recursive' + required: false + type: string + workflow_dispatch: + inputs: + submodules: + default: 'false' + description: 'Whether to checkout submodules: true, false, or recursive' + options: + - 'false' + - 'true' + - recursive + required: false + type: choice +permissions: + contents: read +jobs: + actionlint: + name: actionlint + # Skip if triggered by workflow_run and the triggering workflow failed + if: github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + with: + # For workflow_run, checkout the head branch from the triggering workflow + ref: ${{ github.event.workflow_run.head_branch || github.ref }} + submodules: ${{ inputs.submodules || 'false' }} + # Checkout the .github repo to access default matcher files when workflow is called + - name: Checkout matcher files + if: github.event_name == 'workflow_call' && inputs.actionlint-matcher-path == '' + uses: actions/checkout@v4 + with: + repository: FX31337/.github + path: .github-matchers + sparse-checkout: | + .github/actionlint-matcher.json + sparse-checkout-cone-mode: false + - name: Add Problem Matcher for actionlint + run: | + if [ "${{ github.event_name }}" = "workflow_call" ]; then + if [ -n "${{ inputs.actionlint-matcher-path }}" ]; then + MATCHER_PATH="${{ inputs.actionlint-matcher-path }}" + else + MATCHER_PATH=".github-matchers/.github/actionlint-matcher.json" + fi + else + MATCHER_PATH=".github/actionlint-matcher.json" + fi + if [ -f "$MATCHER_PATH" ]; then + echo "::add-matcher::$MATCHER_PATH" + else + echo "Warning: Matcher file not found at $MATCHER_PATH" + fi + shell: bash + - uses: reviewdog/action-actionlint@v1 + link-checker: + name: Link Checker + if: github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.workflow_run.head_branch || github.ref }} + submodules: ${{ inputs.submodules || 'false' }} + - name: Restore lychee cache + uses: actions/cache@v4 + with: + key: cache-lychee-${{ github.sha }} + path: .lycheecache + restore-keys: | + cache-lychee- + - name: Link Checker + uses: lycheeverse/lychee-action@v2 + with: + args: --cache --max-cache-age 1d --verbose --no-progress './**/*.md' '.github/**/*.md' + fail: true + failIfEmpty: false + pre-commit: + name: Pre-commit + if: github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.workflow_run.head_branch || github.ref }} + submodules: ${{ inputs.submodules || 'false' }} + # Checkout the .github repo to access default matcher files when workflow is called + - name: Checkout matcher files + if: github.event_name == 'workflow_call' && inputs.pre-commit-matcher-path == '' + uses: actions/checkout@v4 + with: + repository: FX31337/.github + path: .github-matchers + sparse-checkout: | + .github/pre-commit-matcher.json + sparse-checkout-cone-mode: false + - uses: actions/cache@v4 + with: + path: ~/.cache/pre-commit + key: pre-commit|${{ hashFiles('.pre-commit-config.yaml') }} + restore-keys: | + pre-commit| + - uses: actions/setup-python@v5 + with: + python-version: '3.12' + - name: Add Problem Matcher for pre-commit + run: | + if [ "${{ github.event_name }}" = "workflow_call" ]; then + if [ -n "${{ inputs.pre-commit-matcher-path }}" ]; then + MATCHER_PATH="${{ inputs.pre-commit-matcher-path }}" + else + MATCHER_PATH=".github-matchers/.github/pre-commit-matcher.json" + fi + else + MATCHER_PATH=".github/pre-commit-matcher.json" + fi + if [ -f "$MATCHER_PATH" ]; then + echo "::add-matcher::$MATCHER_PATH" + else + echo "Warning: Matcher file not found at $MATCHER_PATH" + fi + shell: bash + - uses: pre-commit/action@v3.0.1 + with: + extra_args: --color=never diff --git a/.github/workflows/devcontainer-ci.yml b/.github/workflows/devcontainer-ci.yml new file mode 100644 index 0000000..2265bba --- /dev/null +++ b/.github/workflows/devcontainer-ci.yml @@ -0,0 +1,144 @@ +--- +# Note: Keep keys and envs in alphabetical order. +name: Development Containers (CI) +# yamllint disable-line rule:truthy +on: + pull_request: + paths: + - .devcontainer/** + - .github/workflows/devcontainer-ci.yml + push: + branches: + - master + paths: + - .devcontainer/** + - .github/workflows/devcontainer-ci.yml + schedule: + - cron: 0 0 * * 1 # Run every Monday at 00:00 UTC + workflow_call: + # IMPORTANT: When calling this reusable workflow from another repository, + # you MUST grant 'packages: write' permission in the calling workflow. + # Example: + # jobs: + # devcontainer: + # uses: FX31337/.github/.github/workflows/devcontainer-ci.yml@master + # permissions: + # contents: read + # packages: write # Required for pushing to GitHub Container Registry + inputs: + required_commands: + description: Space-separated list of required command-line tools + required: false + type: string + default: '' + required_python_packages: + description: Space-separated list of required Python packages + required: false + type: string + default: '' +env: + # Keep the commands and packages in lexicographical order. + REQUIRED_COMMANDS: >- + ${{ inputs.required_commands != '' && inputs.required_commands || 'actionlint + ansible + docker + gh + make + node + npm + pip + pre-commit + python3 + rg' }} + REQUIRED_PYTHON_PACKAGES: >- + ${{ inputs.required_python_packages != '' && inputs.required_python_packages || 'ansible + ansible-lint + docker + molecule + pre-commit + uv' }} +permissions: + contents: read + packages: write +jobs: + devcontainer-build: + name: Build & Test + permissions: + contents: read + packages: write # Enables push to GHCR + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set image name + id: image + run: | + # Transform repository name to valid Docker tag format + # 1. Convert to lowercase (Docker tags must be lowercase) + # 2. Remove leading dots from path components (Docker components must start with alphanumeric) + REPO_NAME="${{ github.repository }}" + REPO_LOWER="${REPO_NAME,,}" + # Remove /. pattern to handle repos like "org/.github" -> "org/github" + SAFE_REPO_NAME="${REPO_LOWER//\/\./\/}" + echo "name=ghcr.io/${SAFE_REPO_NAME}/devcontainer" >> "$GITHUB_OUTPUT" + - name: Check cache image existence + id: cache_check + continue-on-error: true + run: | + IMAGE_NAME="${{ steps.image.outputs.name }}" + echo "Checking if cache image exists: ${IMAGE_NAME}:latest" + if docker pull "${IMAGE_NAME}:latest" 2>/dev/null; then + echo "✓ Cache image found: ${IMAGE_NAME}:latest" + echo "exists=true" >> "$GITHUB_OUTPUT" + else + echo "⚠ Cache image not found: ${IMAGE_NAME}:latest" + echo "⚠ Build will proceed without cache (first build or image expired)" + echo "exists=false" >> "$GITHUB_OUTPUT" + fi + - name: Build and test dev container + uses: devcontainers/ci@v0.3 + with: + imageName: ${{ steps.image.outputs.name }} + cacheFrom: ${{ steps.image.outputs.name }} + push: filter + refFilterForPush: refs/heads/master + runCmd: |- + echo "Testing devcontainer build..." + + # Check all required commands are installed + echo "Checking required command-line tools..." + for cmd in $REQUIRED_COMMANDS; do + if ! command -v "$cmd" &> /dev/null; then + echo "✗ $cmd is not installed" + exit 1 + fi + echo "✓ $cmd is installed" + done + + # Check all required Python packages are installed + echo "Checking required Python packages..." + for pkg in $REQUIRED_PYTHON_PACKAGES; do + if ! python3 -m pip show "$pkg" &> /dev/null; then + echo "✗ Required Python package '$pkg' is missing" + exit 1 + fi + echo "✓ $pkg is installed" + done + echo "✓ All required Python packages are installed" + + # Verify pre-commit can run (hooks may not be installed in CI container) + if pre-commit --version &> /dev/null; then + echo "✓ pre-commit is functional" + else + echo "✗ pre-commit is not functional" + exit 1 + fi + echo "✓ All devcontainer tests passed!" diff --git a/.markdown-link-check.json b/.markdown-link-check.json new file mode 100644 index 0000000..e41845e --- /dev/null +++ b/.markdown-link-check.json @@ -0,0 +1,29 @@ +{ + "aliveStatusCodes": [200, 206], + "ignorePatterns": [ + { + "pattern": "^http://localhost" + }, + { + "pattern": "^https://localhost" + }, + { + "pattern": "^http://127.0.0.1" + }, + { + "pattern": "^https://127.0.0.1" + }, + { + "pattern": "^http://example.com" + }, + { + "pattern": "^https://example.com" + }, + { + "pattern": "^https://github.com/org/repo" + } + ], + "retryCount": 3, + "retryOn429": true, + "timeout": "10s" +} diff --git a/.markdownlint.yaml b/.markdownlint.yaml new file mode 100644 index 0000000..4aa540b --- /dev/null +++ b/.markdownlint.yaml @@ -0,0 +1,21 @@ +--- +# MD003 heading-style - Heading style +# Use 'consistent' to allow each file to use its own consistent heading style +# internally (atx or setext) rather than enforcing a repository-wide style +MD003: + style: consistent +# MD013 line-length - Line length +MD013: + line_length: 120 +# MD033 no-inline-html - Inline HTML +MD033: + allowed_elements: + - details + - plan_research + - plan_style_guide + - reasoning + - stopping_rules + - workflow +# MD046 code-block-style - Code block style +MD046: + style: consistent diff --git a/.markdownlintignore b/.markdownlintignore new file mode 100644 index 0000000..e69de29 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..b2e72fd --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,98 @@ +--- +# Notes: +# - Keep the order of the hooks in lexicographical order. +default_language_version: + python: python3 +repos: + - repo: https://github.com/adrienverge/yamllint.git + rev: v1.37.1 + hooks: + - id: yamllint + args: + - -c + - .yamllint + - -s + - repo: https://github.com/ansible-community/ansible-lint + rev: v6.22.2 + hooks: + - id: ansible-lint + language_version: python3 + additional_dependencies: + - ansible-core>=2.15,<2.16 + - repo: https://github.com/aristanetworks/j2lint.git + rev: v1.2.0 + hooks: + - id: j2lint + - repo: https://github.com/codespell-project/codespell + rev: v2.4.1 + hooks: + - id: codespell + args: + - -L + - AKS + - repo: https://github.com/gitleaks/gitleaks + rev: v8.24.2 + hooks: + - id: gitleaks + - repo: https://github.com/igorshubovych/markdownlint-cli.git + rev: v0.46.0 + hooks: + - id: markdownlint + language_version: 22.14.0 + - repo: https://github.com/jumanjihouse/pre-commit-hooks + rev: 3.0.0 + hooks: + - id: forbid-binary + - id: git-check # Configure in .gitattributes + - id: require-ascii + exclude: (\.github/|\.tours/|README\.md|SKILL\.md) + - id: script-must-have-extension + - repo: https://github.com/lyz-code/yamlfix + rev: 1.19.1 + hooks: + - id: yamlfix + # Only process .yaml and .yml files (not .md files with YAML frontmatter) + types: + - yaml + # Excluded due to https://github.com/lyz-code/yamlfix/issues/310 which breaks multiline formatting. + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v6.0.0 + hooks: + - id: check-added-large-files + - id: check-case-conflict + - id: check-executables-have-shebangs + - id: check-merge-conflict + - id: check-yaml + - id: end-of-file-fixer + - id: fix-byte-order-marker + - id: trailing-whitespace + exclude: \.ya?ml$ # yamllint handles YAML files with warning level + - repo: https://github.com/psf/black + rev: 25.1.0 + hooks: + - id: black + args: + - --line-length=120 + - repo: https://github.com/pycqa/flake8 + rev: 7.3.0 + hooks: + - id: flake8 + args: + - --max-line-length=120 + - repo: https://github.com/rhysd/actionlint + rev: v1.7.10 + hooks: + - id: actionlint + - repo: https://github.com/tcort/markdown-link-check + rev: v3.14.2 + hooks: + - id: markdown-link-check + language_version: 22.14.0 + args: + - --config + - .markdown-link-check.json + - --quiet + - repo: https://github.com/Yelp/detect-secrets + rev: v1.5.0 + hooks: + - id: detect-secrets diff --git a/.yamlfix.toml b/.yamlfix.toml new file mode 100644 index 0000000..ec83761 --- /dev/null +++ b/.yamlfix.toml @@ -0,0 +1,15 @@ +# yamlfix configuration +# Configuration options for yamlfix +# @docs: +# This file should be in the root directory of the project + +line_length = 120 +preserve_block_scalars = true +preserve_formatting = true + +excludes = [ + ".github/workflows/test.yml" +] + +# Force sequences to use block style (multi-line lists) +sequence_style = "block_style" diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..896a5d1 --- /dev/null +++ b/.yamllint @@ -0,0 +1,24 @@ +--- +extends: default +ignore: | + .cache + .git +rules: + comments: + min-spaces-from-content: 1 + comments-indentation: false + braces: + max-spaces-inside: 1 + line-length: + max: 120 + level: warning + new-line-at-end-of-file: + level: warning + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true + trailing-spaces: + level: warning + truthy: + ignore: |- + .github/workflows/*.yml diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..5ad90f0 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,131 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, caste, color, religion, or sexual +identity and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +* Focusing on what is best not just for us as individuals, but for the overall + community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or advances of + any kind +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email address, + without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement. +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series of +actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or permanent +ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within the +community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.1, available at +[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. + +Community Impact Guidelines were inspired by +[Mozilla's code of conduct enforcement ladder][Mozilla CoC]. + +For answers to common questions about this code of conduct, see the FAQ at +[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at +[https://www.contributor-covenant.org/translations][translations]. + +[homepage]: https://www.contributor-covenant.org +[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html +[Mozilla CoC]: https://github.com/mozilla/inclusion/blob/master/code-of-conduct-enforcement/consequence-ladder.md +[FAQ]: https://www.contributor-covenant.org/faq +[translations]: https://www.contributor-covenant.org/translations diff --git a/README.md b/README.md index b3236a5..78869e2 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,3 @@ # .github -A ✨special ✨ repository for GitHub to manage information on public organization profile. + +A ✨special ✨ repository for GitHub to manage information on the public organization profile.