Contributing dotnet/Unity build and static code analysis steps

.github/workflows/CI.yml

@@ -4,6 +4,26 @@ on:
     branches: 
       - main
 jobs:
+  MarkdownLint:
+    runs-on: ubuntu-latest
+    if: github.repository == 'boozallen/sdp-libraries'
+    container:
+      image: davidanson/markdownlint-cli2:0.4.0
+      options: --user root
+    steps:
+      - uses: actions/checkout@v2
+      - name: markdownlint-cli2
+        run: markdownlint-cli2
+  Vale:
+    runs-on: ubuntu-latest
+    if: github.repository == 'boozallen/sdp-libraries'
+    container:
+      image: jdkato/vale:v2.18.0
+      options: --user root
+    steps:
+      - uses: actions/checkout@v2
+      - name: vale
+        run: vale docs libraries
   Unit_Test:
     runs-on: ubuntu-latest
     if: github.repository == 'boozallen/sdp-libraries'

.markdownlint-cli2.yaml

@@ -6,4 +6,10 @@ config:
   # sometimes you gotta be hacky
   no-inline-html: false
 
-fix: true
+fix: true
+
+globs:
+  - "**.md"
+ignores:
+  - docs/styles
+  - LICENSE.md

Justfile

@@ -56,14 +56,11 @@ serve: buildImage
   docker run --rm -p 8000:8000 -v $(pwd):/docs {{image}} serve -a 0.0.0.0:8000 --watch-theme
 
 # Lint the documentation
-lint-docs: lint-prose lint-libraries lint-markdown
+lint-docs: lint-prose lint-markdown
 
 # use Vale to lint the prose of the documentation
 lint-prose:
-  docker run --rm -v $(pwd):/app -w /app jdkato/vale docs
-
-lint-libraries:
-  docker run --rm -v $(pwd):/app -w /app jdkato/vale libraries
+  docker run --rm -v $(pwd):/app -w /app jdkato/vale docs libraries
 
 # use markdownlit to lint the docs
 lint-markdown: 

LICENSE.md

@@ -1,21 +1,23 @@
-## Booz Allen Public License v1.0 
-
+## Booz Allen Public License v1.0
 
 ### INTRODUCTION
-The Booz Allen Public License allows government, non-profit academic, other non-profit, and commercial entities access to distinctive, disruptive, and robust code with the goal of Empowering People to Change the World℠. Products licensed under the Booz Allen Public License are founded on the basis that collective ingenuity can make the largest impact in the community. 
+
+The Booz Allen Public License allows government, non-profit academic, other non-profit, and commercial entities access to distinctive, disruptive, and robust code with the goal of Empowering People to Change the World℠. Products licensed under the Booz Allen Public License are founded on the basis that collective ingenuity can make the largest impact in the community.
 
 ### DEFINITIONS
+
 * **Commercial Entity.** “Commercial Entity” means any individual or entity other than a government, non-profit academic, or other non-profit entity.
 * **Derivative.** “Derivative” means any work of authorship in Source Code or Object Code form that results from an addition to, deletion from, or modification of the Source Code of the Product.
 * **License.**  “License” means this Booz Allen Public License.
 * **Object Code.** “Object Code” means the form resulting from transformation or translation of Source Code into machine readable code, including but not limited to, compiled object code.
-* **Originator.** “Originator” means each individual or legal entity that creates, contributes to the creation of, or owns the Product. 
-* **Patent Claims.** “Patent Claims” means any patent claim(s) in any patent to which Originator has a right to grant a license that would be infringed by Your making, using, selling, offering for sale, having made, or importing of the Product, but for the grant of this License. 
-* **Product.** “Product” means the Source Code of the software which the initial Originator made available under this License, and any Derivative of such Source Code. 
+* **Originator.** “Originator” means each individual or legal entity that creates, contributes to the creation of, or owns the Product.
+* **Patent Claims.** “Patent Claims” means any patent claim(s) in any patent to which Originator has a right to grant a license that would be infringed by Your making, using, selling, offering for sale, having made, or importing of the Product, but for the grant of this License.
+* **Product.** “Product” means the Source Code of the software which the initial Originator made available under this License, and any Derivative of such Source Code.
 * **Source Code.** “Source Code” means software in human-readable form.
 * **You.** “You” means either an individual or an entity (if you are taking this license on behalf of an entity) that exercises the rights granted under this License.  
 
 ### LICENSE
+
 **Government/Non-Profit Academic/Other Non-Profit.**  
 This Section applies if You are not a Commercial Entity.  
 
@@ -26,24 +28,23 @@ This Section applies if You are not a Commercial Entity.
 **Commercial Entities**.  
 This Section applies if You are a Commercial Entity.
 
-* **License.** Subject to the terms and conditions of this License, each Originator hereby grants You a perpetual, worldwide, non-exclusive, royalty-free license to reproduce, display, perform, modify, distribute and otherwise use the Product and Derivatives, in Source Code and Object Code form, in accordance with the terms and conditions of this License for the sole purpose of Your internal business purposes and the provision of services to government, non-profit academic, and other non-profit entities. 
+* **License.** Subject to the terms and conditions of this License, each Originator hereby grants You a perpetual, worldwide, non-exclusive, royalty-free license to reproduce, display, perform, modify, distribute and otherwise use the Product and Derivatives, in Source Code and Object Code form, in accordance with the terms and conditions of this License for the sole purpose of Your internal business purposes and the provision of services to government, non-profit academic, and other non-profit entities.
 * **Distribution and Derivatives.** You may distribute to third parties copies of the Product, including any Derivative that You create, in Source Code or Object Code form.  If You distribute copies of the Product, including any Derivative that You create, in Source Code form, such distribution must be under the terms of this License and You must inform recipients of the Source Code that the Product is governed under this License and how they can obtain a copy of this License.  You may distribute to third parties copies of the Product, including any Derivative that You create, in Object Code form, or allow third parties to access or use the Product, including any Derivative that You create, under a license of Your choice, provided that You make available, and inform the recipient of such distribution how they can obtain, a copy of the Source Code thereof, at no charge, and inform the recipient of the Source Code that the Product is governed under this License and how they can obtain a copy of this License.
-* **Commercial Sales.** You may not distribute, or allow third parties to access or use, the Product or any Derivative for a fee, unless You first obtain permission from the Originator. If Booz Allen Hamilton, please contact Booz Allen Hamilton at <[email protected]>.   
- 
+* **Commercial Sales.** You may not distribute, or allow third parties to access or use, the Product or any Derivative for a fee, unless You first obtain permission from the Originator. If Booz Allen Hamilton, please contact Booz Allen Hamilton at <[email protected]>.
+
 **Patent Claim(s)**.  
-This Section applies regardless of whether You are a government, non-profit academic, or other non-profit entity or a Commercial Entity. 
+This Section applies regardless of whether You are a government, non-profit academic, or other non-profit entity or a Commercial Entity.
+
+* **Patent License.** Subject to the limitations in the Sections above, each Originator hereby grants You a perpetual, worldwide, non-exclusive, royalty-free license under Patent Claims of such Originator to make, use, sell, offer for sale, have made, and import the Product.  The foregoing patent license does not apply (a) to any code that an Originator has removed from the Product, or (b) for infringement caused by Your modifications of the Product or the combination of any Derivative created by You or on Your behalf with other software.
 
-* **Patent License.** Subject to the limitations in the Sections above, each Originator hereby grants You a perpetual, worldwide, non-exclusive, royalty-free license under Patent Claims of such Originator to make, use, sell, offer for sale, have made, and import the Product.  The foregoing patent license does not apply (a) to any code that an Originator has removed from the Product, or (b) for infringement caused by Your modifications of the Product or the combination of any Derivative created by You or on Your behalf with other software.      
+### GENERAL TERMS
 
-### GENERAL TERMS 
 This Section applies regardless of whether You are a government, non-profit academic, or other non-profit entity or a Commercial Entity.
 
 * **Required Notices.** If You distribute the Product or a Derivative, in Object Code or Source Code form, You shall not remove or otherwise modify any proprietary markings or notices contained within or placed upon the Product or any Derivative. Any distribution of the Product or a Derivative, in Object Code or Source Code form, shall contain a clear and conspicuous Originator copyright and license reference in accordance with the below:
-	* *Unmodified Product Notice*: “This software package is licensed under the Booz Allen Public License. Copyright © 20__ [Copyright Holder Name].  All Rights Reserved.”
-	* *Derivative Notice*: “This software package is licensed under the Booz Allen Public License. Portions of this code are Copyright © 20__ [Copyright Holder Name].  All Rights Reserved.”
+  * *Unmodified Product Notice*: “This software package is licensed under the Booz Allen Public License. Copyright © 20__ [Copyright Holder Name].  All Rights Reserved.”
+  * *Derivative Notice*: “This software package is licensed under the Booz Allen Public License. Portions of this code are Copyright © 20__ [Copyright Holder Name].  All Rights Reserved.”
 * **Compliance with Laws.** You agree that You shall not reproduce, display, perform, modify, distribute and otherwise use the Product in any way that violates applicable law or regulation or infringes or violates the rights of others, including, but not limited to, third party intellectual property, privacy, and publicity rights.
 * **Disclaimer.** You understand that the Product is licensed to You, and not sold. The Product is provided on an “As Is” basis, without any warranties, representations, and guarantees, whether oral or written, express, implied or statutory, with regard to the Product, including without limitation, warranties of merchantability, fitness for a particular purpose, title, non-infringement, non-interference, and warranties arising from course of dealing or usage of trade, to the maximum extent permitted by applicable law.  Originator does not warrant that (i) the Product will meet your needs; (ii) the Product will be error-free or accessible at all times; or (iii) the use or the results of the use of the Product will be correct, accurate, timely, or otherwise reliable. You acknowledge that the Product has not been prepared to meet Your individual requirements, whether or not such requirements have been communicated to Originator. You assume all responsibility for use of the Product.
 * **Limitation of Liability.** Under no circumstances and under no legal theory, whether tort (including negligence), contract, or otherwise, shall any Originator, or anyone who distributes the Product in accordance with this License, be liable to You for any direct, indirect, special, incidental, or consequential damages of any character including, without limitation, damages for lost profits, loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses, even if informed of the possibility of such damages.
 * **Severability.** If the application of any provision of this License to any particular facts or circumstances shall be held to be invalid or unenforceable, then the validity and enforceability of other provisions of this License shall not in any way be affected or impaired thereby.  
-
-

README.md

@@ -2,13 +2,13 @@
 
 This repository contains [Booz Allen's](https://boozallen.com) pipeline libraries that integrate with the [Jenkins Templating Engine](https://plugins.jenkins.io/templating-engine/).
 
-If you want to learn more, the best place to get started is the [documentation](https://boozallen.github.io/sdp-docs/sdp-libraries/). 
+If you want to learn more, the best place to get started is the [documentation](https://boozallen.github.io/sdp-docs/sdp-libraries/).
 
 ## Usage
 
-In order to use the different libraries in this repository, you can configure this repository as a library source, for a detailed example of how to do this you may refer to [this lab](https://boozallen.github.io/sdp-docs/learning-labs/1/jte-the-basics/3-first-libraries.html#_configure_the_library_source). 
+In order to use the different libraries in this repository, you can configure this repository as a library source, for a detailed example of how to do this you may refer to [this lab](https://boozallen.github.io/sdp-docs/learning-labs/1/jte-the-basics/3-first-libraries.html#_configure_the_library_source).
 
-It is recommended that rather than using the master branch you pin your library source to a particular github release such as: https://github.com/boozallen/sdp-libraries/tree/release/2.0/libraries [like 2.0].  This helps to ensure that you have greater control in version management. 
+It is recommended that rather than using the master branch you pin your library source to a particular github release such as: <https://github.com/boozallen/sdp-libraries/tree/release/2.0/libraries> [like 2.0].  This helps to ensure that you have greater control in version management.
 
 Also ensure that in addition to whichever library you wish to use you include the `sdp` library. This helps to resolve a number of dependency errors you may otherwise face.
 

build.gradle

@@ -11,7 +11,7 @@ repositories {
   maven { url "http://repo.maven.apache.org/maven2" }
 }
 
-version = 3.2
+version = 4.3
 
 // determine test files
 def tests = [ "resources/test" ]

catalog-info.yaml

@@ -0,0 +1,24 @@
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: sdp-libraries
+  title: Solutions Delivery Platform (SDP) Libraries
+  description: "The Solutions Delivery Platform Pipeline Libraries for the Jenkins Templating Engine (JTE)"
+  annotations:
+    github.com/project-slug: boozallen/sdp-libraries
+  tags:
+    - pipeline
+    - sdp
+    - solutions-delivery-platform
+    - jenkins
+    - sonarqube
+    - devsecops
+    - devops
+    - supply-chain-security
+  links:
+    - url: https://boozallen.github.io/sdp-docs/sdp-libraries/
+      title: Documentation Website
+spec:
+  type: docs
+  lifecycle: production
+  owner: uip/uip-studio

docs/glossary.md

@@ -14,4 +14,5 @@
 *[PR]: Pull Request
 *[JSON]: JavaScript Object Notation
 *[CVE]: Common Vulnerabilities and Exposures
-*[CLI]: Command Line Interface
+*[CLI]: Command Line Interface
+*[SBOM]: Software Bill of Materials

docs/styles/Vocab/SDP/accept.txt

@@ -40,4 +40,10 @@ Splunk
 [Rr]etag(|s|ging)
 [Dd]ockerfiles?
 Anchore
-[Pp]arsable
+[Pp]arsable
+[Ss]yft
+(SBOM|sbom)s?
+[gG]rype
+(json|JSON)
+(cli|CLI)
+snake_case

libraries/docker_compose/README.md

@@ -10,9 +10,9 @@ This library allows you to perform docker compose commands.
 
 ---
 
-| Step | Description |
-| ----------- | ----------- |
-| `up()` | Runs `docker-compose up` with values taken from the configuration. |
+| Step     | Description                                                          |
+|----------|----------------------------------------------------------------------|
+| `up()`   | Runs `docker-compose up` with values taken from the configuration.   |
 | `down()` | Runs `docker-compose down` with values taken from the configuration. |
 
 ## Example Usage
@@ -28,13 +28,13 @@ compose.down()
 
 ---
 
-The library configurations for docker_compose are as follows:
+The library configurations for `docker_compose` are as follows:
 
-| Parameter | Description |
-| ----------- | ----------- |
-| `files` | Optional list of ordered docker compose files to run. Omitting this parameter causes the command `docker-compose up` to run on a file named `docker-compose.yml`. |
-| `env` | Optional environment file to pass to the docker-compose command. |
-| `sleep` | Optional configuration that controls how long to wait after running the `up()` command before continuing the pipeline execution. This is helpful when the Docker containers need to be started before other steps, like integration tests, may run. |
+| Parameter | Description                                                                                                                                                                                                                                         |
+|-----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `files`   | Optional list of ordered docker compose files to run. Omitting this parameter causes the command `docker-compose up` to run on a file named `docker-compose.yml`.                                                                                   |
+| `env`     | Optional environment file to pass to the docker-compose command.                                                                                                                                                                                    |
+| `sleep`   | Optional configuration that controls how long to wait after running the `up()` command before continuing the pipeline execution. This is helpful when the Docker containers need to be started before other steps, like integration tests, may run. |
 
 ## Example Library Configuration