From e50c3480095663cdc349e4645d575f05c267fdba Mon Sep 17 00:00:00 2001 From: brais <26645694+braisvq1996@users.noreply.github.com> Date: Mon, 22 Apr 2024 14:08:46 +0200 Subject: [PATCH] release 4.4.0 (#1007) --- .github/workflows/changelog-enforcer.yml | 2 +- .../continuous-integration-workflow.yml | 20 ++++++------ CHANGELOG.md | 31 ++++++++++--------- Makefile | 6 ++-- .../files/.pre-commit-config.yaml | 5 +++ .../openshift/component-template.yml | 2 +- .../files/.pre-commit-config.yaml | 5 +++ be-golang-plain/files/.pre-commit-config.yaml | 5 +++ .../files/.pre-commit-config.yaml | 5 +++ be-python-flask/files/.pre-commit-config.yaml | 5 +++ be-scala-play/files/.pre-commit-config.yaml | 5 +++ .../files/.pre-commit-config.yaml | 5 +++ .../jenkins-agents/golang/ocp-config/bc.yml | 2 +- .../jenkins-agents/golang/ocp-config/is.yml | 2 +- common/jenkins-agents/jdk/ocp-config/bc.yml | 2 +- common/jenkins-agents/jdk/ocp-config/is.yml | 2 +- .../jenkins-agents/nodejs16/ocp-config/bc.yml | 2 +- .../jenkins-agents/nodejs16/ocp-config/is.yml | 2 +- .../jenkins-agents/nodejs18/ocp-config/bc.yml | 2 +- .../jenkins-agents/nodejs18/ocp-config/is.yml | 2 +- .../nodejs20/docker/Dockerfile.ubi8 | 2 +- .../jenkins-agents/nodejs20/ocp-config/bc.yml | 2 +- .../jenkins-agents/nodejs20/ocp-config/is.yml | 2 +- .../jenkins-agents/python/ocp-config/bc.yml | 2 +- .../jenkins-agents/python/ocp-config/is.yml | 2 +- common/jenkins-agents/rust/ocp-config/bc.yml | 4 +-- common/jenkins-agents/rust/ocp-config/is.yml | 2 +- common/jenkins-agents/scala/ocp-config/bc.yml | 2 +- common/jenkins-agents/scala/ocp-config/is.yml | 2 +- .../terraform-2306/ocp-config/bc.yml | 2 +- .../terraform-2306/ocp-config/is.yml | 2 +- .../terraform/ocp-config/bc.yml | 2 +- .../terraform/ocp-config/is.yml | 2 +- .../component-template.yml | 2 +- .../component-oauth-sidecar.yml | 4 +-- common/ocp-config/component/template.yml | 2 +- docker-plain/files/.pre-commit-config.yaml | 5 +++ .../quickstarters/pages/be-gateway-nginx.adoc | 3 ++ .../quickstarters/pages/be-golang-plain.adoc | 3 ++ .../pages/be-java-springboot.adoc | 2 ++ .../quickstarters/pages/be-python-flask.adoc | 3 ++ .../quickstarters/pages/be-scala-play.adoc | 3 ++ .../pages/be-typescript-express.adoc | 3 ++ .../quickstarters/pages/docker-plain.adoc | 3 ++ .../quickstarters/pages/ds-jupyter-lab.adoc | 3 ++ .../quickstarters/pages/ds-rshiny.adoc | 3 ++ .../quickstarters/pages/ds-streamlit.adoc | 3 ++ .../quickstarters/pages/e2e-cypress.adoc | 3 ++ .../quickstarters/pages/e2e-spock-geb.adoc | 3 ++ .../quickstarters/pages/fe-angular.adoc | 3 ++ .../modules/quickstarters/pages/fe-ionic.adoc | 3 ++ .../pages/inf-terraform-aws.adoc | 5 ++- .../pages/inf-terraform-azure.adoc | 5 ++- .../quickstarters/pages/release-manager.adoc | 3 ++ .../secret-scanning-with-gitleaks.adoc | 13 ++++++++ ds-jupyter-lab/files/.pre-commit-config.yaml | 5 +++ ds-rshiny/files/.pre-commit-config.yaml | 5 +++ ds-streamlit/files/.pre-commit-config.yaml | 5 +++ e2e-cypress/files/.pre-commit-config.yaml | 5 +++ e2e-spock-geb/files/.pre-commit-config.yaml | 5 +++ fe-angular/files/.pre-commit-config.yaml | 5 +++ fe-ionic/files/.pre-commit-config.yaml | 5 +++ .../files/.pre-commit-config.yaml | 5 ++- .../files/.pre-commit-config.yaml | 5 ++- release-manager/files/.pre-commit-config.yaml | 5 +++ release-manager/ocp-config/cd-docgen.yml | 2 +- release-manager/ocp-config/cd-pipeline.yml | 2 +- .../files/.pre-commit-config.yaml | 5 +++ 68 files changed, 218 insertions(+), 61 deletions(-) create mode 100644 be-fe-mono-repo-plain/files/.pre-commit-config.yaml create mode 100644 be-gateway-nginx/files/.pre-commit-config.yaml create mode 100644 be-golang-plain/files/.pre-commit-config.yaml create mode 100644 be-java-springboot/files/.pre-commit-config.yaml create mode 100644 be-python-flask/files/.pre-commit-config.yaml create mode 100644 be-scala-play/files/.pre-commit-config.yaml create mode 100644 be-typescript-express/files/.pre-commit-config.yaml create mode 100644 docker-plain/files/.pre-commit-config.yaml create mode 100644 docs/modules/quickstarters/partials/secret-scanning-with-gitleaks.adoc create mode 100644 ds-jupyter-lab/files/.pre-commit-config.yaml create mode 100644 ds-rshiny/files/.pre-commit-config.yaml create mode 100644 ds-streamlit/files/.pre-commit-config.yaml create mode 100644 e2e-cypress/files/.pre-commit-config.yaml create mode 100644 e2e-spock-geb/files/.pre-commit-config.yaml create mode 100644 fe-angular/files/.pre-commit-config.yaml create mode 100644 fe-ionic/files/.pre-commit-config.yaml create mode 100644 release-manager/files/.pre-commit-config.yaml create mode 100644 saas-documentation/files/.pre-commit-config.yaml diff --git a/.github/workflows/changelog-enforcer.yml b/.github/workflows/changelog-enforcer.yml index 37dec85f8..92b1c95be 100644 --- a/.github/workflows/changelog-enforcer.yml +++ b/.github/workflows/changelog-enforcer.yml @@ -8,7 +8,7 @@ jobs: changelog: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.5.3 + - uses: actions/checkout@v4.1.2 - uses: dangoslen/changelog-enforcer@v3 with: changeLogPath: 'CHANGELOG.md' diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index a083ff696..98315b035 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -8,7 +8,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/golang/docker @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/jdk/docker @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/nodejs16/docker @@ -56,7 +56,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/nodejs18/docker @@ -72,7 +72,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/nodejs20/docker @@ -88,7 +88,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/python/docker @@ -101,7 +101,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/rust/docker @@ -117,7 +117,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/terraform/docker @@ -130,7 +130,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/terraform-2306/docker @@ -143,7 +143,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.5.3 + uses: actions/checkout@v4.1.2 - name: Build docker image working-directory: common/jenkins-agents/scala/docker diff --git a/CHANGELOG.md b/CHANGELOG.md index 0be1d6d30..c058d97fb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,23 @@ ## Unreleased -- Added secret scanning in docker plain ([#963](https://github.com/opendevstack/ods-quickstarters/pull/963)) +### Fixed + +### Added + +### Changed + +## [4.4.0] - 2024-04-22 + +### Added +- Added secret scanning (gitleaks) in all quickstarters ([#963](https://github.com/opendevstack/ods-quickstarters/pull/963)) + +### Changed +- Update api version in ocp templates for image, buildconfig, route and deploymentconfig ([#1072](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1072)) +- Update Makefile adding all missing agents ([#999](https://github.com/opendevstack/ods-quickstarters/pull/999)) + +### Fixed +- jenkins agent nodejs20 can not import private keys into gpg keyring to use with helm secrets ([#1001](https://github.com/opendevstack/ods-quickstarters/issues/1001)) ## [4.3.1] - 2024-02-19 @@ -74,19 +90,6 @@ - Add Azure Quickstarter ([#788](https://github.com/opendevstack/ods-quickstarters/issues/788)) - Add Node.js 18 builder agent ([#763](https://github.com/opendevstack/ods-quickstarters/issues/794)) -- Addition of streamlit quickstarter ([#891](https://github.com/opendevstack/ods-quickstarters/issues/891)) -- Removal of Centos agents ([#1209](https://github.com/opendevstack/ods-core/issues/1209)) -- Fix oauth-proxy sidecar image ([#862](https://github.com/opendevstack/ods-quickstarters/issues/862)) -- Update of Python agent, Python, Streamlit and Jupyter quickstarters ([#902](https://github.com/opendevstack/ods-quickstarters/issues/902)) - -## [4.1] - 2022-11-17 - -### Added - -- ODS AMI build fails due to failing jacoco report generation in springboot quickstarter ([#700](https://github.com/opendevstack/ods-quickstarters/pull/700)) -- Add Node.js 16 builder agent ([#763](https://github.com/opendevstack/ods-quickstarters/issues/763)) -- Add Azure Quickstarter ([#788](https://github.com/opendevstack/ods-quickstarters/issues/788)) - ### Modified - Add JVM parameters on docgen deployment 4x ([#671](https://github.com/opendevstack/ods-quickstarters/pull/671)) diff --git a/Makefile b/Makefile index 8e905ca63..a5a34948f 100644 --- a/Makefile +++ b/Makefile @@ -8,15 +8,15 @@ ODS_NAMESPACE := $(shell grep ODS_NAMESPACE $(CURDIR)/../ods-configuration/ods-c # JENKINS AGENT ## Install or update Jenkins agent resources. -install-jenkins-agent: install-jenkins-agent-golang install-jenkins-agent-jdk install-jenkins-agent-nodejs install-jenkins-agent-python install-jenkins-agent-scala install-jenkins-agent-terraform +install-jenkins-agent: install-jenkins-agent-golang install-jenkins-agent-jdk install-jenkins-agent-nodejs install-jenkins-agent-python install-jenkins-agent-scala install-jenkins-agent-terraform install-jenkins-agent-terraform-2306 install-jenkins-agent-rust .PHONY: install-jenkins-agent ## Update OpenShift resources related Jenkins agent resources. -apply-jenkins-agent-build: apply-jenkins-agent-golang-build apply-jenkins-agent-jdk-build apply-jenkins-agent-nodejs16-build apply-jenkins-agent-nodejs18-build apply-jenkins-agent-nodejs20-build apply-jenkins-agent-python-build apply-jenkins-agent-scala-build apply-jenkins-agent-terraform-build +apply-jenkins-agent-build: apply-jenkins-agent-golang-build apply-jenkins-agent-jdk-build apply-jenkins-agent-nodejs16-build apply-jenkins-agent-nodejs18-build apply-jenkins-agent-nodejs20-build apply-jenkins-agent-python-build apply-jenkins-agent-scala-build apply-jenkins-agent-terraform-build apply-jenkins-agent-terraform-build-2306 apply-jenkins-agent-rust-build .PHONY: apply-jenkins-agent-build ## Start builds of Jenkins agents. -start-jenkins-agent-build: start-jenkins-agent-golang-build start-jenkins-agent-jdk-build start-jenkins-agent-nodejs16-build start-jenkins-agent-nodejs18-build start-jenkins-agent-nodejs20-build start-jenkins-agent-python-build start-jenkins-agent-scala-build start-jenkins-agent-terraform-build +start-jenkins-agent-build: start-jenkins-agent-golang-build start-jenkins-agent-jdk-build start-jenkins-agent-nodejs16-build start-jenkins-agent-nodejs18-build start-jenkins-agent-nodejs20-build start-jenkins-agent-python-build start-jenkins-agent-scala-build start-jenkins-agent-terraform-build start-jenkins-agent-terraform-build-2306 start-jenkins-agent-rust-build .PHONY: start-jenkins-agent-build diff --git a/be-fe-mono-repo-plain/files/.pre-commit-config.yaml b/be-fe-mono-repo-plain/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/be-fe-mono-repo-plain/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/be-fe-mono-repo-plain/openshift/component-template.yml b/be-fe-mono-repo-plain/openshift/component-template.yml index 48d6a597e..17d7caa28 100644 --- a/be-fe-mono-repo-plain/openshift/component-template.yml +++ b/be-fe-mono-repo-plain/openshift/component-template.yml @@ -68,7 +68,7 @@ objects: deploymentconfig: '${COMPONENT}' sessionAffinity: None type: ClusterIP - - apiVersion: v1 + - apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: name: '${COMPONENT}' diff --git a/be-gateway-nginx/files/.pre-commit-config.yaml b/be-gateway-nginx/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/be-gateway-nginx/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/be-golang-plain/files/.pre-commit-config.yaml b/be-golang-plain/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/be-golang-plain/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/be-java-springboot/files/.pre-commit-config.yaml b/be-java-springboot/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/be-java-springboot/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/be-python-flask/files/.pre-commit-config.yaml b/be-python-flask/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/be-python-flask/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/be-scala-play/files/.pre-commit-config.yaml b/be-scala-play/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/be-scala-play/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/be-typescript-express/files/.pre-commit-config.yaml b/be-typescript-express/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/be-typescript-express/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/common/jenkins-agents/golang/ocp-config/bc.yml b/common/jenkins-agents/golang/ocp-config/bc.yml index 8d3abe7a9..73083aef6 100644 --- a/common/jenkins-agents/golang/ocp-config/bc.yml +++ b/common/jenkins-agents/golang/ocp-config/bc.yml @@ -20,7 +20,7 @@ parameters: value: https://go.dev/dl/go1.21.3.linux-amd64.tar.gz description: URL pointing to go binary objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-golang diff --git a/common/jenkins-agents/golang/ocp-config/is.yml b/common/jenkins-agents/golang/ocp-config/is.yml index 9303e4b17..9a50c3536 100644 --- a/common/jenkins-agents/golang/ocp-config/is.yml +++ b/common/jenkins-agents/golang/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-golang objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-golang diff --git a/common/jenkins-agents/jdk/ocp-config/bc.yml b/common/jenkins-agents/jdk/ocp-config/bc.yml index 1d565775f..cfb8696f6 100644 --- a/common/jenkins-agents/jdk/ocp-config/bc.yml +++ b/common/jenkins-agents/jdk/ocp-config/bc.yml @@ -23,7 +23,7 @@ parameters: value: Dockerfile.ubi8 description: Dockerfile variant to use objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-jdk diff --git a/common/jenkins-agents/jdk/ocp-config/is.yml b/common/jenkins-agents/jdk/ocp-config/is.yml index 17344a4a4..a1e8e1ec3 100644 --- a/common/jenkins-agents/jdk/ocp-config/is.yml +++ b/common/jenkins-agents/jdk/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-jdk objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-jdk diff --git a/common/jenkins-agents/nodejs16/ocp-config/bc.yml b/common/jenkins-agents/nodejs16/ocp-config/bc.yml index 0bd022a1c..6fc62cd28 100644 --- a/common/jenkins-agents/nodejs16/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs16/ocp-config/bc.yml @@ -21,7 +21,7 @@ parameters: value: Dockerfile.ubi8 description: Dockerfile variant to use objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-nodejs16 diff --git a/common/jenkins-agents/nodejs16/ocp-config/is.yml b/common/jenkins-agents/nodejs16/ocp-config/is.yml index 7d086690d..bb88b5b8e 100644 --- a/common/jenkins-agents/nodejs16/ocp-config/is.yml +++ b/common/jenkins-agents/nodejs16/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-nodejs16 objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-nodejs16 diff --git a/common/jenkins-agents/nodejs18/ocp-config/bc.yml b/common/jenkins-agents/nodejs18/ocp-config/bc.yml index 7821d2dcc..a4c504fb6 100644 --- a/common/jenkins-agents/nodejs18/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs18/ocp-config/bc.yml @@ -21,7 +21,7 @@ parameters: value: Dockerfile.ubi8 description: Dockerfile variant to use objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-nodejs18 diff --git a/common/jenkins-agents/nodejs18/ocp-config/is.yml b/common/jenkins-agents/nodejs18/ocp-config/is.yml index 418d8c9bf..b5d7241c9 100644 --- a/common/jenkins-agents/nodejs18/ocp-config/is.yml +++ b/common/jenkins-agents/nodejs18/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-nodejs18 objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-nodejs18 diff --git a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 index 689dd8a04..5e1fb71b8 100644 --- a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 @@ -56,6 +56,6 @@ RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ echo yarn version: $(yarn --version) RUN chown -R 1001:0 $HOME && \ - chmod -R g+rw $HOME + chmod -R g+rwX $HOME USER 1001 diff --git a/common/jenkins-agents/nodejs20/ocp-config/bc.yml b/common/jenkins-agents/nodejs20/ocp-config/bc.yml index a87e1f160..1630c0289 100644 --- a/common/jenkins-agents/nodejs20/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs20/ocp-config/bc.yml @@ -21,7 +21,7 @@ parameters: value: Dockerfile.ubi8 description: Dockerfile variant to use objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-nodejs20 diff --git a/common/jenkins-agents/nodejs20/ocp-config/is.yml b/common/jenkins-agents/nodejs20/ocp-config/is.yml index 44403a7e2..642081b9e 100644 --- a/common/jenkins-agents/nodejs20/ocp-config/is.yml +++ b/common/jenkins-agents/nodejs20/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-nodejs20 objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-nodejs20 diff --git a/common/jenkins-agents/python/ocp-config/bc.yml b/common/jenkins-agents/python/ocp-config/bc.yml index 8a7f679ed..f3a7fc832 100644 --- a/common/jenkins-agents/python/ocp-config/bc.yml +++ b/common/jenkins-agents/python/ocp-config/bc.yml @@ -23,7 +23,7 @@ parameters: description: "Your Nexus Authentication credentials: username:password" required: true objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-python diff --git a/common/jenkins-agents/python/ocp-config/is.yml b/common/jenkins-agents/python/ocp-config/is.yml index 6c52f1716..3f57b609a 100644 --- a/common/jenkins-agents/python/ocp-config/is.yml +++ b/common/jenkins-agents/python/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-python objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-python diff --git a/common/jenkins-agents/rust/ocp-config/bc.yml b/common/jenkins-agents/rust/ocp-config/bc.yml index 10d888fde..782a25dcc 100644 --- a/common/jenkins-agents/rust/ocp-config/bc.yml +++ b/common/jenkins-agents/rust/ocp-config/bc.yml @@ -25,7 +25,7 @@ parameters: required: true value: "x86_64-unknown-linux-gnu" objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-rust @@ -37,7 +37,7 @@ objects: output: to: kind: ImageStreamTag - name: jenkins-agent-python:${ODS_IMAGE_TAG} + name: jenkins-agent-rust:${ODS_IMAGE_TAG} postCommit: {} resources: limits: diff --git a/common/jenkins-agents/rust/ocp-config/is.yml b/common/jenkins-agents/rust/ocp-config/is.yml index 276c57e79..fd1272cf1 100644 --- a/common/jenkins-agents/rust/ocp-config/is.yml +++ b/common/jenkins-agents/rust/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-rust objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-rust diff --git a/common/jenkins-agents/scala/ocp-config/bc.yml b/common/jenkins-agents/scala/ocp-config/bc.yml index 478457b13..0fdecfd1e 100644 --- a/common/jenkins-agents/scala/ocp-config/bc.yml +++ b/common/jenkins-agents/scala/ocp-config/bc.yml @@ -23,7 +23,7 @@ parameters: value: Dockerfile.ubi8 description: Dockerfile variant to use objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-scala diff --git a/common/jenkins-agents/scala/ocp-config/is.yml b/common/jenkins-agents/scala/ocp-config/is.yml index 4000650f0..dd2d6ec6c 100644 --- a/common/jenkins-agents/scala/ocp-config/is.yml +++ b/common/jenkins-agents/scala/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-scala objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-scala diff --git a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml index bac715bbb..3bb6a291c 100644 --- a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml @@ -17,7 +17,7 @@ parameters: value: Dockerfile.ubi8 description: Dockerfile variant to use objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-terraform-2306 diff --git a/common/jenkins-agents/terraform-2306/ocp-config/is.yml b/common/jenkins-agents/terraform-2306/ocp-config/is.yml index 41553a0d3..3ba2397df 100644 --- a/common/jenkins-agents/terraform-2306/ocp-config/is.yml +++ b/common/jenkins-agents/terraform-2306/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-terraform-2306 objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-terraform-2306 diff --git a/common/jenkins-agents/terraform/ocp-config/bc.yml b/common/jenkins-agents/terraform/ocp-config/bc.yml index 4896663d8..676843d41 100644 --- a/common/jenkins-agents/terraform/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform/ocp-config/bc.yml @@ -17,7 +17,7 @@ parameters: value: Dockerfile.ubi8 description: Dockerfile variant to use objects: -- apiVersion: v1 +- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: jenkins-agent-terraform diff --git a/common/jenkins-agents/terraform/ocp-config/is.yml b/common/jenkins-agents/terraform/ocp-config/is.yml index edcc83f57..4660b82ee 100644 --- a/common/jenkins-agents/terraform/ocp-config/is.yml +++ b/common/jenkins-agents/terraform/ocp-config/is.yml @@ -3,7 +3,7 @@ kind: Template metadata: name: jenkins-agent-terraform objects: -- apiVersion: v1 +- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: jenkins-agent-terraform diff --git a/common/ocp-config/component-environment/component-template.yml b/common/ocp-config/component-environment/component-template.yml index 39d2bddfa..6aa47ad20 100644 --- a/common/ocp-config/component-environment/component-template.yml +++ b/common/ocp-config/component-environment/component-template.yml @@ -53,7 +53,7 @@ objects: deploymentconfig: "${COMPONENT}" sessionAffinity: None type: ClusterIP - - apiVersion: v1 + - apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: name: "${COMPONENT}" diff --git a/common/ocp-config/component-oauth-sidecar/component-oauth-sidecar.yml b/common/ocp-config/component-oauth-sidecar/component-oauth-sidecar.yml index 6d1d5c4e1..7942412a1 100644 --- a/common/ocp-config/component-oauth-sidecar/component-oauth-sidecar.yml +++ b/common/ocp-config/component-oauth-sidecar/component-oauth-sidecar.yml @@ -86,7 +86,7 @@ objects: sessionAffinity: None type: ClusterIP - - apiVersion: v1 + - apiVersion: route.openshift.io/v1 kind: Route metadata: name: ${COMPONENT} @@ -106,7 +106,7 @@ objects: annotations: serviceaccounts.openshift.io/oauth-redirectreference.primary: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"${COMPONENT}"}}' - - apiVersion: v1 + - apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: creationTimestamp: null diff --git a/common/ocp-config/component/template.yml b/common/ocp-config/component/template.yml index 00a92ccac..bef074da1 100644 --- a/common/ocp-config/component/template.yml +++ b/common/ocp-config/component/template.yml @@ -80,7 +80,7 @@ objects: deploymentconfig: "${COMPONENT}" sessionAffinity: None type: ClusterIP -- apiVersion: v1 +- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: name: "${COMPONENT}" diff --git a/docker-plain/files/.pre-commit-config.yaml b/docker-plain/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/docker-plain/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/docs/modules/quickstarters/pages/be-gateway-nginx.adoc b/docs/modules/quickstarters/pages/be-gateway-nginx.adoc index f7400ccbb..1054f62e2 100644 --- a/docs/modules/quickstarters/pages/be-gateway-nginx.adoc +++ b/docs/modules/quickstarters/pages/be-gateway-nginx.adoc @@ -14,6 +14,7 @@ Use this quickstarter when you want to use https://www.nginx.org[nginx] server w │ ├── entrypoint.sh - Enables runtime configurations and runs openresty │ └── nginx.conf - The nginx configuration ├── Jenkinsfile - Contains Jenkins build configuration +├── .pre-commit-config.yaml ├── metadata.yml - Component metadata └── release-manager.yml - Configuration file for the Release Manager ---- @@ -122,6 +123,8 @@ There are two steps: * Build the container image. * Deploy. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses https://github.com/opendevstack/ods-core/tree/master/jenkins/agent-base[jenkins-agent-base] diff --git a/docs/modules/quickstarters/pages/be-golang-plain.adoc b/docs/modules/quickstarters/pages/be-golang-plain.adoc index faed333d5..aa80c40ad 100644 --- a/docs/modules/quickstarters/pages/be-golang-plain.adoc +++ b/docs/modules/quickstarters/pages/be-golang-plain.adoc @@ -9,6 +9,7 @@ suited for CLI tools, network/operational related things and microservices. ---- ├── Jenkinsfile - Contains Jenkins build configuration +├── .pre-commit-config.yaml ├── README.md ├── docker - Contains Dockerfile for the build │ └── Dockerfile @@ -56,6 +57,8 @@ There are six steps: * Build the container image. * Deploy. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses diff --git a/docs/modules/quickstarters/pages/be-java-springboot.adoc b/docs/modules/quickstarters/pages/be-java-springboot.adoc index 984d0c8ee..44b03492a 100644 --- a/docs/modules/quickstarters/pages/be-java-springboot.adoc +++ b/docs/modules/quickstarters/pages/be-java-springboot.adoc @@ -134,6 +134,8 @@ comment on line `stageUploadToNexus` in `Jenkinsfile` NOTE: The 2nd step executes `gradlew build` to compile your project and create a distribution as `jar` file. This file is copied to the `docker` folder to be included in the docker image when the image is built in step 5. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses the diff --git a/docs/modules/quickstarters/pages/be-python-flask.adoc b/docs/modules/quickstarters/pages/be-python-flask.adoc index 6b284fcbf..21b06fcc7 100644 --- a/docs/modules/quickstarters/pages/be-python-flask.adoc +++ b/docs/modules/quickstarters/pages/be-python-flask.adoc @@ -14,6 +14,7 @@ It contains the basic setup for Docker, Jenkins, SonarQube and OpenShift. ---- ├── Jenkinsfile - This file contains Jenkins build configuration settings +├── .pre-commit-config.yaml ├── README.md ├── docker - This folder contains Docker configuration settings │ ├── Dockerfile @@ -111,6 +112,8 @@ The Jenkinsfile is provisioned with this quick starter to ease CI/CD process. In * *Build* - Builds the application: copies src folder into docker/dist folder. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses https://github.com/opendevstack/ods-quickstarters/tree/master/common/jenkins-agents/python[Python] builder agent Jenkins builder agent. diff --git a/docs/modules/quickstarters/pages/be-scala-play.adoc b/docs/modules/quickstarters/pages/be-scala-play.adoc index e0ba12cf6..f53c725cc 100644 --- a/docs/modules/quickstarters/pages/be-scala-play.adoc +++ b/docs/modules/quickstarters/pages/be-scala-play.adoc @@ -13,6 +13,7 @@ An example Play Web Application is generated with a Controller and some tests. ---- . ├── Jenkinsfile +├── .pre-commit-config.yaml ├── app │   ├── controllers │   │   └── HomeController.scala @@ -83,6 +84,8 @@ In Jenkinsfile, there are various stages * stageBuild - checks source files formatting, runs the tests and builds and copies the artifacts for creating the docker image to the `docker` directory. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses the diff --git a/docs/modules/quickstarters/pages/be-typescript-express.adoc b/docs/modules/quickstarters/pages/be-typescript-express.adoc index ce42b68a2..0e731f0cf 100644 --- a/docs/modules/quickstarters/pages/be-typescript-express.adoc +++ b/docs/modules/quickstarters/pages/be-typescript-express.adoc @@ -12,6 +12,7 @@ The package json is generated by simply using `npm init -y`, while the tsconfig ---- ├── Jenkinsfile - Contains Jenkins build configuration +├── .pre-commit-config.yaml ├── LICENSE ├── README.md ├── docker - Contains Dockerfile for the build @@ -86,6 +87,8 @@ The build pipeline is defined in the `Jenkinsfile` in the project root. The main . Build : `npm run build` command is executed to build the application and then the build is copied to the `docker/dist` folder. . Unit Testing : `npm run test` command is executed for running unit tests and to generate coverage report. The results can be seen form the Jenkins console output. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses https://github.com/opendevstack/ods-quickstarters/tree/master/common/jenkins-agents/nodejs20[Node.JS 20 builder agent] for Jenkins. diff --git a/docs/modules/quickstarters/pages/docker-plain.adoc b/docs/modules/quickstarters/pages/docker-plain.adoc index 641d4fa47..6360ec65b 100644 --- a/docs/modules/quickstarters/pages/docker-plain.adoc +++ b/docs/modules/quickstarters/pages/docker-plain.adoc @@ -10,6 +10,7 @@ or that you need to "OpenShiftify", by setting an (non-root) execution user, etc ---- ├── Jenkinsfile - Contains Jenkins build configuration +├── .pre-commit-config.yaml ├── README.md ├── docker - Contains Dockerfile for the build │ └── Dockerfile @@ -75,6 +76,8 @@ Assuming your component contains source code you want to have delivered by the _ Feel free to look out for examples in our existing quickstarters, such as link:https://github.com/opendevstack/ods-quickstarters/blob/master/be-java-springboot[be-java-springboot]. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used none diff --git a/docs/modules/quickstarters/pages/ds-jupyter-lab.adoc b/docs/modules/quickstarters/pages/ds-jupyter-lab.adoc index b478965e2..1445fc65d 100644 --- a/docs/modules/quickstarters/pages/ds-jupyter-lab.adoc +++ b/docs/modules/quickstarters/pages/ds-jupyter-lab.adoc @@ -9,6 +9,7 @@ Provision a shared Jupyter Lab within OpenShift for rapid prototyping of data sc ---- . ├── Jenkinsfile +├── .pre-commit-config.yaml ├── docker │ ├── Dockerfile │ ├── jupyter_lab_config.json @@ -68,6 +69,8 @@ The build pipeline is defined in the `Jenkinsfile` in the project root. The main . Start OpenShift build . Deploy image to OpenShift +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used https://github.com/opendevstack/ods-core/tree/master/jenkins/agent-base[jenkins-agent-base] diff --git a/docs/modules/quickstarters/pages/ds-rshiny.adoc b/docs/modules/quickstarters/pages/ds-rshiny.adoc index d33fc3377..790422b7a 100644 --- a/docs/modules/quickstarters/pages/ds-rshiny.adoc +++ b/docs/modules/quickstarters/pages/ds-rshiny.adoc @@ -9,6 +9,7 @@ Provisions a R Shiny application within OpenShift using OpenShift OAuth. ---- . ├── Jenkinsfile - This file contains Jenkins build configuration settings +├── .pre-commit-config.yaml ├── docker - This folder contains Docker configuration settings and main R Shiny app │ ├── Dockerfile │ └── app.R @@ -47,6 +48,8 @@ The build pipeline is defined in the `Jenkinsfile` in the project root. The main . Start OpenShift build . Deploy image to OpenShift +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used https://github.com/opendevstack/ods-core/tree/master/jenkins/agent-base[jenkins-agent-base] diff --git a/docs/modules/quickstarters/pages/ds-streamlit.adoc b/docs/modules/quickstarters/pages/ds-streamlit.adoc index 4ca7ecf66..7f23a5ca8 100644 --- a/docs/modules/quickstarters/pages/ds-streamlit.adoc +++ b/docs/modules/quickstarters/pages/ds-streamlit.adoc @@ -9,6 +9,7 @@ Provisions a streamlit based dashboard with authentication. ---- . ├── Jenkinsfile +├── .pre-commit-config.yaml ├── docker_streamlit │ └── Dockerfile ├── docker_oauth @@ -95,6 +96,8 @@ In order to be sure that your code passes the linting stage execute or add it as * *Build* - Builds the application: copies src folder into docker_streamlit/dist folder. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses https://github.com/opendevstack/ods-quickstarters/tree/master/common/jenkins-agents/python[Python] builder agent Jenkins builder agent. diff --git a/docs/modules/quickstarters/pages/e2e-cypress.adoc b/docs/modules/quickstarters/pages/e2e-cypress.adoc index b90516e0a..c43c1e767 100644 --- a/docs/modules/quickstarters/pages/e2e-cypress.adoc +++ b/docs/modules/quickstarters/pages/e2e-cypress.adoc @@ -33,6 +33,7 @@ This is a Cypress end-to-end testing project quickstarter with basic setup for h ├── cypress.env.json.template ├── cypress.json ├── Jenkinsfile +├── .pre-commit-config.yaml ├── metadata.yml - Component metadata │── package.json ├── README.md @@ -123,6 +124,8 @@ if (context.gitBranch == 'master' || context.gitBranch.startsWith('release/')) { You can find more information about using the Cypress Cloud in the official documentation for Cypress https://docs.cypress.io/guides/cloud/introduction. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses diff --git a/docs/modules/quickstarters/pages/e2e-spock-geb.adoc b/docs/modules/quickstarters/pages/e2e-spock-geb.adoc index 006f2ee6e..f7105d322 100644 --- a/docs/modules/quickstarters/pages/e2e-spock-geb.adoc +++ b/docs/modules/quickstarters/pages/e2e-spock-geb.adoc @@ -11,6 +11,7 @@ This is a spock, geb and unirest e2e testing project quickstarter with basic set ---- . ├── Jenkinsfile +├── .pre-commit-config.yaml ├── README.md ├── sonar-project.properties ├── src @@ -133,6 +134,8 @@ In Jenkinsfile.template, there is the following stage: All the results are stashed and published through Jenkins jUnit publisher. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses the diff --git a/docs/modules/quickstarters/pages/fe-angular.adoc b/docs/modules/quickstarters/pages/fe-angular.adoc index 466e343bb..476137cd7 100644 --- a/docs/modules/quickstarters/pages/fe-angular.adoc +++ b/docs/modules/quickstarters/pages/fe-angular.adoc @@ -11,6 +11,7 @@ User this is a Angular project quickstarter if you want to build a frontend. It ---- . ├── Jenkinsfile - This file contains Jenkins build configuration settings +├── .pre-commit-config.yaml ├── README.md ├── angular.json - This file contains Angular project configuration settings ├── browserslist - This file is used by the build system to adjust CSS and JS output to support the specified browsers @@ -86,6 +87,8 @@ Please note: By default the applciation is always build as full production build Please note: The support for *TSLint* has been removed from this quickstarter. Also Angular is not shipping a linter by default anymore. Please consider adding *ESLint* support or a formatter like *Prettier*. For adding ESLint simply type `ng add @angular-eslint/schematics`. For setting up Prettier please see https://prettier.io/docs/en/install.html. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses https://github.com/opendevstack/ods-quickstarters/tree/master/common/jenkins-agents/nodejs20[Node.js 20 builder agent] for Jenkins. diff --git a/docs/modules/quickstarters/pages/fe-ionic.adoc b/docs/modules/quickstarters/pages/fe-ionic.adoc index 03ad4b6a2..a03ecbff1 100644 --- a/docs/modules/quickstarters/pages/fe-ionic.adoc +++ b/docs/modules/quickstarters/pages/fe-ionic.adoc @@ -51,6 +51,7 @@ The files are generated using https://ionicframework.com/docs/cli/[Ionic CLI]. ├── capacitor.config.xml - This file contains config settings for your mobile app, like package name and native preferences ├── ionic.config.json - This file contains Ionic project configuration ├── Jenkinsfile - This file contains Jenkins build configuration settings +├── .pre-commit-config.yaml ├── karma.conf.js ├── metadata.yml - Component metadata ├── package.json - This file contains scripts to run and node packages dependencies for project @@ -114,6 +115,8 @@ Unit Test:: Runs unit test cases by executing `npm run test` command. If any tes Lint:: Profiler that ensures code best practices by running `npm run lint` command, if linting is not passing, the build is marked as failed also. SonarQube Analysis:: Triggers a code quality analysis by transfering code and test coverage analysis data to SonarQube. By default files like `*.spec.ts`, `*.modules.ts` and `./src/environments/**` are excluded from the analysis, since they usually don't contain application logic. Please revisit `sonar-project.properties` to configure analysis inclusions and exclusions according to your project's needs. +include::partial$secret-scanning-with-gitleaks.adoc + == Builder agent used This quickstarter uses https://github.com/opendevstack/ods-quickstarters/tree/master/common/jenkins-agents/nodejs20[Node.js 20 builder agent] for Jenkins. diff --git a/docs/modules/quickstarters/pages/inf-terraform-aws.adoc b/docs/modules/quickstarters/pages/inf-terraform-aws.adoc index 6b7ebf1a2..0c57fa105 100644 --- a/docs/modules/quickstarters/pages/inf-terraform-aws.adoc +++ b/docs/modules/quickstarters/pages/inf-terraform-aws.adoc @@ -14,6 +14,7 @@ The quickstarter includes kitchen-terraform with InSpec / cinc-auditor for testi ---- ├── Jenkinsfile - This file contains Jenkins stages. +├── .pre-commit-config.yaml ├── README.md ├── environments │ ├── dev.json - This file describes parameters for the development AWS environment. @@ -42,7 +43,9 @@ Inject preferred tags into common-tags.tf, add/remove resources needed to main.t The Jenkinsfile is provisioned with this quick starter to ease CI/CD process. In Jenkinsfile, there are various stages. -== Jenkins agent used +include::partial$secret-scanning-with-gitleaks.adoc + +== Builder agent used This quickstarter uses https://github.com/opendevstack/ods-quickstarters/tree/master/common/jenkins-agents/terraform[terraform] Jenkins agent. diff --git a/docs/modules/quickstarters/pages/inf-terraform-azure.adoc b/docs/modules/quickstarters/pages/inf-terraform-azure.adoc index 8f750a279..ffb874de5 100644 --- a/docs/modules/quickstarters/pages/inf-terraform-azure.adoc +++ b/docs/modules/quickstarters/pages/inf-terraform-azure.adoc @@ -14,6 +14,7 @@ The quickstarter includes kitchen-terraform with Chef InSpec / cinc-auditor for ---- ├── Jenkinsfile - This file contains Jenkins stages. +├── .pre-commit-config.yaml ├── README.md ├── environments │ ├── dev.tfbackend.config - This file describes terraform backend parameters in the dev Azure subscription. @@ -48,7 +49,9 @@ Inject preferred tags into common-tags.tf, add/remove resources needed to main.t The Jenkinsfile is provisioned with this quickstarter to ease CI/CD process. In Jenkinsfile, there are various stages. -== Jenkins agent used +include::partial$secret-scanning-with-gitleaks.adoc + +== Builder agent used This quickstarter uses https://github.com/opendevstack/ods-quickstarters/tree/master/common/jenkins-agents/terraform[terraform] Jenkins agent. diff --git a/docs/modules/quickstarters/pages/release-manager.adoc b/docs/modules/quickstarters/pages/release-manager.adoc index 62f0f0dbe..140e2dadd 100644 --- a/docs/modules/quickstarters/pages/release-manager.adoc +++ b/docs/modules/quickstarters/pages/release-manager.adoc @@ -8,6 +8,7 @@ The release manager supports the orchestration of multiple repositories into a l . ├── docs # Fall-back document chapter templates for (LeVA) compliance reports. ├── Jenkinsfile # The release manager pipeline. +├── .pre-commit-config.yaml ├── README.md └── metadata.yml # Configuration of the release manager pipeline and its repositories. ---- @@ -133,3 +134,5 @@ In this case, the release manager will fall back to the document chapter templat === Automated Cloning of Environments If you want your _target environment_ to be created from an existing _source environment_ such as `dev` or `test` on the fly, you need to provide the `environment` and `sourceEnvironmentToClone` parameters to your pipeline, respectively. Their values will be combined with your project ID in the form `${project-id}-${environment}` to create the project (namespace) name in your OpenShift cluster. + +include::partial$secret-scanning-with-gitleaks.adoc diff --git a/docs/modules/quickstarters/partials/secret-scanning-with-gitleaks.adoc b/docs/modules/quickstarters/partials/secret-scanning-with-gitleaks.adoc new file mode 100644 index 000000000..1a19f4244 --- /dev/null +++ b/docs/modules/quickstarters/partials/secret-scanning-with-gitleaks.adoc @@ -0,0 +1,13 @@ +== Secret scanning with gitleaks + +This repository has a pre-commit hook that runs gitleaks on every commit. +To https://pre-commit.com/#install[install the hook], run: + +``` +pip install pre-commit +pre-commit +``` + +After this every commit will inform you about any secrets that are committed. + +If you want to skip this check, use the `--no-verify` flag when committing. diff --git a/ds-jupyter-lab/files/.pre-commit-config.yaml b/ds-jupyter-lab/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/ds-jupyter-lab/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/ds-rshiny/files/.pre-commit-config.yaml b/ds-rshiny/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/ds-rshiny/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/ds-streamlit/files/.pre-commit-config.yaml b/ds-streamlit/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/ds-streamlit/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/e2e-cypress/files/.pre-commit-config.yaml b/e2e-cypress/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/e2e-cypress/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/e2e-spock-geb/files/.pre-commit-config.yaml b/e2e-spock-geb/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/e2e-spock-geb/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/fe-angular/files/.pre-commit-config.yaml b/fe-angular/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/fe-angular/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/fe-ionic/files/.pre-commit-config.yaml b/fe-ionic/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/fe-ionic/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/inf-terraform-aws/files/.pre-commit-config.yaml b/inf-terraform-aws/files/.pre-commit-config.yaml index aee89823b..921ce09aa 100644 --- a/inf-terraform-aws/files/.pre-commit-config.yaml +++ b/inf-terraform-aws/files/.pre-commit-config.yaml @@ -2,6 +2,10 @@ exclude: '.terraform' fail_fast: true repos: +- repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks - repo: https://github.com/pre-commit/pre-commit-hooks.git rev: v4.4.0 hooks: @@ -80,4 +84,3 @@ repos: files: (\.tf|\.rb)$ pass_filenames: false verbose: true - diff --git a/inf-terraform-azure/files/.pre-commit-config.yaml b/inf-terraform-azure/files/.pre-commit-config.yaml index 0f0f8dd26..248faf615 100644 --- a/inf-terraform-azure/files/.pre-commit-config.yaml +++ b/inf-terraform-azure/files/.pre-commit-config.yaml @@ -1,6 +1,10 @@ exclude: .terraform fail_fast: true repos: +- repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks - repo: https://github.com/pre-commit/pre-commit-hooks.git rev: v4.4.0 hooks: @@ -77,4 +81,3 @@ repos: files: (\.tf|\.rb)$ pass_filenames: false verbose: true - diff --git a/release-manager/files/.pre-commit-config.yaml b/release-manager/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/release-manager/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/release-manager/ocp-config/cd-docgen.yml b/release-manager/ocp-config/cd-docgen.yml index fe7199e9e..287864c02 100644 --- a/release-manager/ocp-config/cd-docgen.yml +++ b/release-manager/ocp-config/cd-docgen.yml @@ -55,7 +55,7 @@ objects: deploymentconfig: docgen sessionAffinity: None type: ClusterIP - - apiVersion: v1 + - apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: labels: diff --git a/release-manager/ocp-config/cd-pipeline.yml b/release-manager/ocp-config/cd-pipeline.yml index 53db1f4a4..59234a81b 100644 --- a/release-manager/ocp-config/cd-pipeline.yml +++ b/release-manager/ocp-config/cd-pipeline.yml @@ -18,7 +18,7 @@ parameters: description: The trigger secret for the pipeline. required: true objects: - - apiVersion: v1 + - apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: labels: diff --git a/saas-documentation/files/.pre-commit-config.yaml b/saas-documentation/files/.pre-commit-config.yaml new file mode 100644 index 000000000..c9528f476 --- /dev/null +++ b/saas-documentation/files/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks