From 7e9f4b7a0466cde885c3b487a6c993d7c09d6793 Mon Sep 17 00:00:00 2001 From: Matthew Anderson <42154938+matoszz@users.noreply.github.com> Date: Thu, 19 Sep 2024 11:23:18 -0600 Subject: [PATCH] minor updates --- .github/CONTRIBUTING.md | 25 ++++++++++++------------- .golangci.yaml | 1 + .pre-commit-config.yaml | 2 +- README.md | 24 ++---------------------- Taskfile.yaml | 7 +++++++ 5 files changed, 23 insertions(+), 36 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 48b8eca..5404b02 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -1,24 +1,23 @@ # Contributing +Please read the [contributing](.github/CONTRIBUTING.md) guide as well as the [Developer Certificate of Origin](https://developercertificate.org/). You will be required to sign all commits to the Openlane project, so if you're unfamiliar with how to set that up, see [github's documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification). + Given external users will not have write to the branches in this repository, you'll need to follow the forking process to open a PR - [here](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) is a guide from github on how to do so. -Please also read our main [contributing guide](https://github.com/theopenlane/.github/blob/main/CONTRIBUTING.md) in addition to this one; the main guide mostly says that we'd like for you to open an issue first but it's not hard-required, and that we accept all forms of proposed changes given the state of this code base (in it's infancy, still!) +## Licensing + +This repository contains open source software that comprises the Openlane stack which is open source software under [Apache 2.0](LICENSE). Openlane's SaaS / Cloud Services are products produced from this open source software exclusively by theopenlane, Inc. This product is produced under our published commercial terms (which are subject to change). Any logos or trademarks in our repositories in [theopenlane](https://github.com/theopenlane) organization are not covered under the Apache License and are trademarks of theopenlane, Inc. -## Pre-requisites to a PR +Others are allowed to make their own distribution of this software or include this software in other commercial offerings, but cannot use any of the Openlane logos, trademarks, cloud services, etc. -This repository contains a number of code generating functions / utilities which take schema modifications and scaffold out resolvers, graphql API schemas, openAPI specifications, among other things. To ensure you've generated all the necessary dependencies run `task pr`; this will run the entirety of the commands required to safely generate a PR. If for some reason one of the commands fails / encounters an error, you will need to debug the individual steps. It should be decently easy to follow the `Taskfile` in the root of this repository. +## Security -### Pre-Commit Hooks +We take the security of our software products and services seriously, including our commercial services and all of the open source code repositories managed through our Github Organizations, such as [theopenlane](https://github.com/theopenlane). If you believe you have found a security vulnerability in any of our repositories or in our SaaS offering(s), please report it to us through coordinated disclosure. -We have several `pre-commit` hooks that should be run before pushing a commit. Make sure this is installed: +**Please do NOT report security vulnerabilities through public github issues, discussions, or pull requests!** -```bash -brew install pre-commit -pre-commit install -``` +Instead, please send an email to `security@theopenlane.io` with as much information as possible to best help us understand and resolve the issues. See the security policy attached to this repository for more details. -You can optionally run against all files: +## Questions? -```bash -pre-commit run --all-files -``` +You can email us at `info@theopenlane.io`, open a github issue in this repository, or reach out to [matoszz](https://github.com/matoszz) directly. \ No newline at end of file diff --git a/.golangci.yaml b/.golangci.yaml index 4a88dae..4ad35ed 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -1,6 +1,7 @@ run: timeout: 10m allow-serial-runners: true + concurrency: 0 linters-settings: goimports: local-prefixes: github.com/theopenlane/openlane-cloud diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b6663d5..06858f6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -12,6 +12,6 @@ repos: hooks: - id: yamlfmt - repo: https://github.com/crate-ci/typos - rev: v1.24.5 + rev: v1.24.6 hooks: - id: typos diff --git a/README.md b/README.md index 0aa84a5..61a5a2d 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@ [![Build status](https://badge.buildkite.com/9d99bb1f92d9195776d9983bea1f74314fd912706244c48863.svg)](https://buildkite.com/theopenlane/theopenlane-cloud) [![Go Reference](https://pkg.go.dev/badge/github.com/theopenlane/openlane-cloud.svg)](https://pkg.go.dev/github.com/theopenlane/openlane-cloud) [![License: Apache 2.0](https://img.shields.io/badge/License-Apache2.0-brightgreen.svg)](https://opensource.org/licenses/Apache-2.0) +[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=theopenlane_openlane-cloud&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=theopenlane_openlane-cloud) # Openlane Cloud @@ -141,25 +142,4 @@ Seeded Environment Created: ## Contributing -Please read the [contributing](.github/CONTRIBUTING.md) guide as well as the [Developer Certificate of Origin](https://developercertificate.org/). You will be required to sign all commits to the Openlane project, so if you're unfamiliar with how to set that up, see [github's documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification). - -## Licensing - -This repository contains `openlane-cloud` which is open source software under [Apache 2.0](LICENSE). Openlane is a product produced from this open source software exclusively by theopenlane, Inc. This product is produced under our published commercial terms (which are subject to change), and any logos or trademarks in this repository or the broader [theopenlane](https://github.com/theopenlane) organization are not covered under the Apache License. - -Others are allowed to make their own distribution of this software or include this software in other commercial offerings, but cannot use any of the Openlane logos, trademarks, cloud services, etc. - -## Security - -We take the security of our software products and services seriously, including all of the open source code repositories managed through our Github Organizations, such as [theopenlane](https://github.com/theopenlane). If you believe you have found a security vulnerability in any of our repositories, please report it to us through coordinated disclosure. - -**Please do NOT report security vulnerabilities through public github issues, discussions, or pull requests!** - -Instead, please send an email to `security@openlane.io` with as much information as possible to best help us understand and resolve the issues. See the security policy attached to this repository for more details. - -## Questions? - -You can email us at `info@openlane.io`, open a github issue in this repository, or reach out to [matoszz](https://github.com/matoszz) directly. - - - +See the [contributing](.github/CONTRIBUTING.md) guide for more information \ No newline at end of file diff --git a/Taskfile.yaml b/Taskfile.yaml index 07570b7..0eb25aa 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -164,3 +164,10 @@ tasks: cmds: - task: setup-dev - task: run + + precommit-full: + desc: Lint the project against all files + cmds: + - pre-commit install && pre-commit install-hooks + - pre-commit autoupdate + - pre-commit run --show-diff-on-failure --color=always --all-files