linuxfoundation · emsearcy · May 6, 2024 · May 4, 2024 · May 6, 2024
diff --git a/.flake8 b/.flake8
@@ -0,0 +1,5 @@
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
+[flake8]
+max-line-length = 180
+extend-ignore = E203
diff --git a/.github/workflows/license-header-check.yml b/.github/workflows/license-header-check.yml
@@ -4,7 +4,7 @@
 
 name: License Header Check
 
-'on': [pull_request]
+"on": [pull_request]
 
 permissions:
   contents: read

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
@@ -0,0 +1,41 @@
+---
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
+
+name: MegaLinter
+
+"on":
+  pull_request: null
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  megalinter:
+    name: MegaLinter
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      statuses: write
+
+    steps:
+      # Git Checkout
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      # MegaLinter
+      - name: MegaLinter
+        id: ml
+        # Use the Python flavor.
+        uses: oxsecurity/megalinter/flavors/python@v7
+        env:
+          # All available variables are described in documentation
+          # https://megalinter.io/configuration/
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,10 @@
 # Copyright The Linux Foundation and each contributor to LFX.
 # SPDX-License-Identifier: MIT
 
+megalinter-reports
+.ruff_cache/
+__pycache__/
+
 # Normally, committing lockfiles is a best practice. But 1) this is a local
 # shell utility, run sporadically and 2) committing a lockfile means keeping it
 # up to date every time there is a security issue. In this case, we're going to

diff --git a/.license-header b/.license-header
@@ -0,0 +1,2 @@
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
diff --git a/.mega-linter.yml b/.mega-linter.yml
@@ -0,0 +1,22 @@
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
+---
+DISABLE_LINTERS:
+  # A self-contained maintaince page is not expected to conform to best
+  # practices for web site.
+  - HTML_DJLINT
+  # Pylint doesn't handle our Pipenv dependencies, and is redundant with ruff.
+  - PYTHON_PYLINT
+  # Pyright doesn't handle our pipenv dependencies, plus we aren't using
+  # static typing.
+  - PYTHON_PYRIGHT
+  # Disable dependency security scanning.
+  - REPOSITORY_GRYPE
+  - REPOSITORY_TRIVY
+  - REPOSITORY_TRIVY_SBOM
+  # cspell is laughably bad at code/comments/etc.
+  - SPELL_CSPELL
+  # Link checking more likely to cause false positives than be useful for us.
+  - SPELL_LYCHEE
+GITHUB_COMMENT_REPORTER: false
+GITHUB_STATUS_REPORTER: true
diff --git a/.ruff.toml b/.ruff.toml
@@ -0,0 +1,9 @@
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
+
+line-length = 180
+target-version = "py310"
+
+[lint]
+select = ["E", "F", "W"]
+
diff --git a/.yamllint b/.yamllint
@@ -0,0 +1,13 @@
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
+---
+extends: default
+ignore: |
+  .git
+  megalinter-reports
+  __pycache__
+  .ruff_cache
+rules:
+  line-length:
+    max: 120
+    level: warning
diff --git a/Makefile b/Makefile
@@ -0,0 +1,24 @@
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
+
+.PHONY: all clean test
+
+all: requirements.txt
+
+clean:
+	rm -Rf __pycache__ .ruff_cache megalinter-reports
+
+lint:
+	docker run --rm --platform linux/amd64 -v '$(CURDIR):/tmp/lint:rw' oxsecurity/megalinter-python:v7
+
+test:
+	@echo "No tests to run ... would you like to 'make lint'?"
+
+requirements.txt: Pipfile.lock .license-header
+	cat .license-header > requirements.txt
+	# Because we are avoiding pinning dep versions, we also prune them from the
+	# generated requirements.txt file.
+	pipenv requirements --exclude-markers | sed 's/=.*$$//' >> requirements.txt
+
+Pipfile.lock: Pipfile
+	pipenv lock
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,11 @@
+# Copyright The Linux Foundation and each contributor to LFX.
+# SPDX-License-Identifier: MIT
+-i https://pypi.org/simple
+boto3
+botocore
+jmespath
+python-dateutil
+s3transfer
+six
+trieregex
+urllib3