diff --git a/.github/actions/spelling/README.md b/.github/actions/spelling/README.md new file mode 100644 index 0000000..562091e --- /dev/null +++ b/.github/actions/spelling/README.md @@ -0,0 +1,15 @@ +# check-spelling/check-spelling configuration + +| File | Purpose | Format | Info | +| -------------------------------------------------- | --------------------------------------------------------------- | --------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | +| [allow.txt](allow.txt) | Add words to the dictionary | one word per line (only letters and `'`s allowed) | [allow](https://github.com/check-spelling/check-spelling/wiki/Configuration#allow) | +| [reject.txt](reject.txt) | Remove words from the dictionary (after allow) | grep pattern matching whole dictionary words | [reject](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-reject) | +| [excludes.txt](excludes.txt) | Files to ignore entirely | perl regular expression | [excludes](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-excludes) | +| [only.txt](only.txt) | Only check matching files (applied after excludes) | perl regular expression | [only](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-only) | +| [patterns.txt](patterns.txt) | Patterns to ignore from checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns) | +| [line_forbidden.patterns](line_forbidden.patterns) | Patterns to flag in checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns) | +| [expect.txt](expect.txt) | Expected words that aren't in the dictionary | one word per line (sorted, alphabetically) | [expect](https://github.com/check-spelling/check-spelling/wiki/Configuration#expect) | +| [advice.md](advice.md) | Supplement for GitHub comment when unrecognized words are found | GitHub Markdown | [advice](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-advice) | + +Note: you can replace any of these files with a directory by the same name (minus the suffix) +and then include multiple files inside that directory (with that suffix) to merge multiple files together. diff --git a/.github/actions/spelling/advice.md b/.github/actions/spelling/advice.md new file mode 100644 index 0000000..cea808b --- /dev/null +++ b/.github/actions/spelling/advice.md @@ -0,0 +1,23 @@ + +
If the flagged items are false positives + +If items relate to a ... + +- binary file (or some other file you wouldn't want to check at all). + + Please add a file path to the `excludes.txt` file matching the containing file. + + File paths are Perl 5 Regular Expressions - you can [test](https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your files. + + `^` refers to the file's path from the root of the repository, so `^README\.md$` would exclude README.md (on whichever branch you're using). + +- well-formed pattern. + + If you can write a [pattern](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns) that would match it, + try adding it to the `patterns.txt` file. + + Patterns are Perl 5 Regular Expressions - you can [test](https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your lines. + + Note that patterns can't match multiline strings. + +
diff --git a/.github/actions/spelling/allow.txt b/.github/actions/spelling/allow.txt new file mode 100644 index 0000000..e69de29 diff --git a/.github/actions/spelling/excludes.txt b/.github/actions/spelling/excludes.txt new file mode 100644 index 0000000..5977f03 --- /dev/null +++ b/.github/actions/spelling/excludes.txt @@ -0,0 +1,83 @@ +# See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-excludes +(?:^|/)(?i)COPYRIGHT +(?:^|/)(?i)LICEN[CS]E +(?:^|/)3rdparty/ +(?:^|/)go\.sum$ +(?:^|/)package(?:-lock|)\.json$ +(?:^|/)Pipfile$ +(?:^|/)pyproject.toml +(?:^|/)requirements(?:-dev|-doc|-test|)\.txt$ +(?:^|/)vendor/ +ignore$ +\.a$ +\.ai$ +\.all-contributorsrc$ +\.avi$ +\.bmp$ +\.bz2$ +\.cer$ +\.class$ +\.coveragerc$ +\.crl$ +\.crt$ +\.csr$ +\.dll$ +\.docx?$ +\.drawio$ +\.DS_Store$ +\.eot$ +\.eps$ +\.exe$ +\.gif$ +\.git-blame-ignore-revs$ +\.gitattributes$ +\.gitkeep$ +\.graffle$ +\.gz$ +\.icns$ +\.ico$ +\.ipynb$ +\.jar$ +\.jks$ +\.jpe?g$ +\.key$ +\.lib$ +\.lock$ +\.map$ +\.min\.. +\.mo$ +\.mod$ +\.mp[34]$ +\.o$ +\.ocf$ +\.otf$ +\.p12$ +\.parquet$ +\.pdf$ +\.pem$ +\.pfx$ +\.png$ +\.psd$ +\.pyc$ +\.pylintrc$ +\.qm$ +\.s$ +\.sig$ +\.so$ +\.svgz?$ +\.sys$ +\.tar$ +\.tgz$ +\.tiff?$ +\.ttf$ +\.wav$ +\.webm$ +\.webp$ +\.woff2?$ +\.xcf$ +\.xlsx?$ +\.xpm$ +\.xz$ +\.zip$ +^\.github/actions/spelling/ +^\Q.github/workflows/spelling.yml\E$ diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt new file mode 100644 index 0000000..e182c6c --- /dev/null +++ b/.github/actions/spelling/expect.txt @@ -0,0 +1,53 @@ +aaaaaaaabbbbbbbbccccccccddddeeeeee +aaaaaaaavvvvvvvvwwwwwwwwxxxxxx +ADk +appsettings +ashburn +AThq +codegen +concat +connectionstrings +Cwj +DXhjr +FIGc +Gci +Hmj +JFB +JFUz +Jhb +KBp +ljq +LQV +mrns +NCIs +nestedatt +NHar +ocid +Ooe +plainmarkdown +Plutx +prefixlines +QFKc +Qhgn +qpbi +querypack +Qwc +scim +Tcy +testacc +TEzu +tffile +tfplugingen +Tjgl +trimspace +TSIm +UZx +wescoff +WFygt +Xgf +Xkv +XQXJIK +Ykc +YPh +ZKj +Zpp diff --git a/.github/actions/spelling/line_forbidden.patterns b/.github/actions/spelling/line_forbidden.patterns new file mode 100644 index 0000000..3f6bacd --- /dev/null +++ b/.github/actions/spelling/line_forbidden.patterns @@ -0,0 +1,675 @@ +# Detect common combinations of valid words that are in fact invalid. +# Useful for brand capitalizations + +# +# Catch placeholder text +# + +\b[Ll]orem [Ii]psum\b + +# PR links left in the release notes +\bhttps:\/\/github.com\/mondoohq\/.*\/pull\/\d* + +# +# Terms to avoid +# + +# s.b. Allow list +\s[Ww]hitelist\b +\s[Ww]hitelisting\b +\s[Ww]hitelisted\b +\s[Ww]hite list\b +\s[Ww]hite listing\b +\s[Ww]hite listed\b + +# s.b. Block list +\s[Bb]lacklist\b +\s[Bb]lacklisting\b +\s[Bb]lacklisted\b +\s[Bb]lack list\b +\s[Bb]lack listing\b +\s[Bb]lack listed\b + +# +# Our Terms +# + +# s.b. Mondoo Platform +\sMondoo platform\b + +# s.b. Compliance Hub +\s[Cc]ompliance hub\b + +# +# Compliance Terms +# + +# s.b. SOC 2 +\bSOC2\b + +# s.b. ISO 270001 +\bISO270001\b + +# +# Industry Terms +# + +# s.b. Side scanning +\b[Ss]idescanning\b + +# s.b. DevOps +\bDev Ops\b +\bDevops\b + +# s.b. SaaS +\b[Ss]aas\b + +# s.b. Docker Hub +\bDocker[Hh]ub\b + +# s.b. REST API +\b[Rr]est API\b +\brest api\b + +# s.b. DevSecOps +\bDevsec[Oo]ps\b + +# s.b. on-premises +\bon-premise\b + +# s.b. email +\be-mail\b + +# s.b. APIs +\bapis\b + +# +# Product Names +# + +# s.b. Jira +\bJIRA\b + +# s.b. MariaDB +\bMaria DB\b +\bmariaDB\b +# \bmariaDb\b causes failures in MQL queries + +# s.b. PostgreSQL +\bPostgreSql\b + +# s.b. Firefox +\bFireFox\b + +# s.b. CentOS +\bCentos\b +\bCent OS\b +\bcentOS\b + +# s.b. macOS +\bOS X\b +\bMacOS\b +\bMac OS\b + +# s.b. Okta +\bOcta\b + +# s.b. Elasticsearch +\bElasticSearch\b + +# s.b. DocuSign +\bDocu Sign\b + +# s.b. DocuSign +\bDocu Sign\b + +# s.b. DocuSign +\bDocu Sign\b +\bDocusign\b + +# s.b. MongoDB +\bMongo DB\b +\bMongoDb\b + +# s.b. MySQL +\bMysql\b +\bMySql\b + +# s.b. OpenStack +\bOpen Stack\b +\bOpenstack\b + +# s.b. Red Hat +\bRedHat\b +\bRedhat\b + +# s.b. EuroLinux +\bEurolinux\b +\bEuro Linux\b + +# s.b. AlmaLinux +\bAlma Linux\b + +# s.b. openSUSE +\bOpenSUSE\b + +# s.b. openSUSE +\bopenSuse\b + +# s.b. CircleCI +\bCircleCi\b +\bCircle CI\b + +# s.b. AppArmor +\bApparmor\b +\bApp Armor\b + +# s.b. SELinux +\bSeLinux\b +\bSelinux\b + +# s.b. InSpec +\b[Ii]nspec\b + +# s.b. GitHub +\bGithub\b + +# s.b. GitLab +\bGitlab\b + +# s.b. JavaScript +\bJavascript\b + +# s.b. OpenSSL +\bOpenssl\b +\bopenSSL\b + +# s.b. CloudBees +\b[Cc]loudbees\b + +# s.b. System76 +\bSystem 76\b + +# s.b. VirtualBox +\b[Vv]irtualbox\b +\bVirtual Box\b + +# s.b. SentinelOne +\bSentinal[Oo]ne\b +\bSentinelone\b +\bSentinal One\b + +# s.b. CrowdStrike +\bCrowd Strike\b +\b[Cc]rowdstrike\b + +# +# Kubernetes Terms +# + +# s.b. DaemonSet +\bDaemonset\b + +# s.b. Dockershim +\bDockerShim\b +\bdockershim\b + +# s.b. LimitRange +\bLimitrange\b + +# s.b. Minikube +\bMiniKube\b + +# s.b. ReplicaSet +\bReplicaset\b + +# s.b. StatefulSet +\bStatefulset\b + +# +# HashiCorp Products +# + +# s.b. HashiCorp +\bHashicorp\b + +# s.b. Terraform +\bTerraForm\b + +# s.b. Vagrantfile +\bVagrant file\b +\bVagrantFile\b + +# +# Microsoft Products +# + +# s.b. Microsoft +\bMicroSoft\b + +# s.b. PowerPoint +\bPower Point\b +\bPowerpoint\b + +# s.b. OneNote +\bOne Note\b +\bOnenote\b + +# s.b. Windows Server +\bWindows server\b + +# s.b. Team Foundation Server +\bTeam foundation server\b +\bteam foundation server\b + +# s.b. Active Directory +\bActive directory\b +\bactive directory\b + +# s.b. Group Policy Object +\bGroup policy object\b +\bgroup policy object\b +\bGroup Policy object\b + +# s.b. Power BI +\bPowerBI\b + +# s.b. SharePoint +\bSharepoint\b +\bShare Point\b + +# s.b. BitLocker +\bBitlocker\b +\bbitLocker\b + +# s.b. VS Code +\bVSCode\b +\bVScode\b + +# s.b. LinkedIn +\bLinked In\b +\bLinkedin\b + +# +# VMware Products +# + +# s.b. VMware +\bVmware\b +\bVMWare\b + +# s.b. vCenter +\bVcenter\b +\bVCenter\b + +# s.b. vSphere +\bVsphere\b +\bVSphere\b + +# s.b. ESXi +\bEsxi\b + +# +# AWS Products +# + +# s.b. App2Container +\bApp2container\b + +# s.b. AppFlow +\bAppflow\b + +# s.b. AppSync +\bAppsync\b + +# s.b. CloudEnsure +\bCloudensure\b + +# s.b. CloudFormation +\bCloudformation\b +\bCloud Formation\b + +# s.b. CloudFront +\bCloudfront\b + +# s.b. CloudHSM +\bCloud[Hh]sm\b + +# s.b. CloudSearch +\bCloudsearch\b + +# s.b. CloudShell +# we can't check for Cloud Shell since that's what Azure calls it +\bCloudshell\b +# cloudshell results in false positives + +# s.b. CloudTrail +\bCloudtrail\b + +# s.b. CloudWatch +\bCloudwatch\b + +# s.b. CodeArtifact +\bCodeartifact\b + +# s.b. CodeBuild +\bCodebuild\b + +# s.b. CodeCommit +\bCodecommit\b + +# s.b. CodeDeploy +\bCodedeploy\b + +# s.b. CodeGuru +\bCodeguru\b + +# s.b. CodePipeline +\bCodepipeline\b + +# s.b. CodeStar +\bCodestar\b + +# s.b. AWS Config +\bAWS config\b + +# s.b. Copilot +\bCoPilot\b + +# s.b. DeepRacer +\bDeepracer\b + +# s.b. DocumentDB +\bDocument DB\b +\bDocumentDb\b + +# s.b. DynamoDB +\bDynamo DB\b +\bDynamoDb\b + +# s.b. ElastiCache +\bElasticache\b + +# s.b. EventBridge +\bEventbridge\b + +# s.b. Fargate +\bFarGate\b +\bFar Gate\b + +# s.b. FinSpace +\bFinSpace\b + +# s.b. FSx +\bFSX\b + +# s.b. GameLift +\bGamelift\b + +# s.b. GuardDuty +\bGuardduty\b + +# s.b. Honeycode +\bHoneyCode\b + +# s.b. Lambda +\bLamba\b + +# s.b. Lightsail +\bLightSail\b + +# s.b. MXNet +\bMxnet\b +\bMXnet\b + +# s.b. OpenSearch +\bOpensearch\b + +# s.b. OpenShift +\bOpenshift\b + +# s.b. PrivateLink +\bPrivatelink\b + +# s.b. QuickSight +\bQuicksight\b + +# s.b. Redshift +\bRedShift\b + +# s.b. RoboMaker +\bRobomaker\b + +# s.b. Route 53 +\bRoute53\b + +# s.b. SageMaker +\bSagemaker\b + +# s.b. SiteWise +\bSitewise\b + +# s.b. StackSets +\bStacksets\b + +# s.b. WorkDocs +\bWorkdocs\b + +# s.b. WorkMail +\bWorkmail\b + +# +# GCP Products +# + +# s.b. AlloyDB +\bAlloy DB\b + +# s.b. AppEngine +\bApp Engine\b + +# s.b. BigLake +\bBig Lake\b + +# s.b. BigQuery +\bBig Query\b + +# s.b. Cloud Build +\bCloudBuild\b +\bCloud build\b + +# s.b. Cloud CDN +\bCloudCDN\b + +# s.b. Cloud Functions +\bCloud functions\b + +# disabled for now in this repo due to false positives +# s.b. Cloud Run +# \bCloudRun\b +# \bCloud run\b + +# s.b. Cloud SQL +\bCloudSQL\b + +# s.b. Compute Engine +\bComputeEngine\b +\bCompute engine\b + +# s.b. Dataplex +\bDataPlex\b + +# s.b. Datastream +\bDataStream\b +\bData Stream\b + +# s.b. Dialogflow +\bDialogFlow\b + +# s.b. Firestore +\bFireStore\b + +# s.b. gVNIC +\bGVNIC\b + +# s.b. Knative +\bKNative\b + +# s.b. Memorystore +\bMemoryStore\b +\bMemory Store\b + +# s.b. Pub/Sub +\bPubSub\b + +# s.b. TensorFlow +\bTensor Flow\b + +# s.b. Vertex AI +\bVertexAI\b + +# s.b. VMware Engine +\bVMware engine\b +\bVMWare Engine\b + +# +# Azure Products +# + +# s.b. Azure Pipelines +\bAzure DevOps Pipelines\b + +# s.b. Key Vault +\bKey vault\b +# \bKeyVault\b # disabled for now in this repo due to false positives + +# s.b. Ampere +\bampere\b + +# s.b. Azure DevOps Server +\bAzure DevOps server\b + +# s.b. Synapse Analytics +\bSynapse analytics\b +\bsynapse analytics\b + +# s.b. Cognitive Services +\bCognitive services\b +\bcognitive services\b + +# s.b. Event Hubs +\bEvent hubs\b +\bevent hubs\b + +# s.b. CloudOps +\bCloud Ops\b +\bCloud ops\b +\bcloud ops\b + +# s.b. Batch Service +\bBatch service\b +\bbatch service\b + +# s.b. Service Fabric Cluster +\bservice fabric cluster\b + +# s.b. Azure Kubernetes Service +\bAzure Kubernetes service\b + +# s.b. Cosmos DB +\bCosmosDB\b +\bCosmoDB\b +\bCosmo DB\b + +# s.b. SignalR Service +\bSignalR service\b +\bSignal R Service\b + +# s.b. App Service Certificate +\bapp service certificate\b + +# s.b. Privileged Identity Management +\bprivileged identity management\b + +# s.b. BizTalk Service +\bBizTalk service\b +\bBiztalk service\b +\bBiz Talk service\b +\bBiz Talk Service\b + +# s.b. Data Box +\bdata box\b + +# s.b. Database Migration Service +\bdatabase migration service\b + +# s.b. Internet Analyzer +\bInternet analyzer\b +\binternet analyzer\b + +# s.b. Web Application Firewall +\bWeb application firewall\b +\bweb Application Firewall\b + +# s.b. SQL Vulnerability Assessment +\bSQL vulnerability assessment\b + +# s.b. StorSimple +\bStor Simple\b + +# +# Common Typos +# + +# s.b. another +\ban[- ]other\b + +# s.b. greater than +\bgreater then\b + +# s.b. less than +\bless then\b + +# s.b. otherwise +\bother[- ]wise\b + +# s.b. nonexistent +\bnon existing\b +\b[Nn]o[nt][- ]existent\b + +# s.b. preexisting +[Pp]re-existing + +# s.b. preempt +[Pp]re-empt\b + +# s.b. preemptively +[Pp]re-emptively + +# s.b. reentrancy +[Rr]e-entrancy + +# s.b. reentrant +[Rr]e-entrant + +# s.b. policies +[Pp]olices + +# s.b. ID +# \bId\b # disabled in this repo due to false positives + +# s.b. CSV +\bCVS\b + +# Reject duplicate words +\s([A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})\s\g{-1}\s + +# s.b. it's or its +\bits['’] + +# s.b. understand +\bunder stand\b + +# find spaces before a comma +# Enable this once https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Block-Ignore ships +# ( )+, diff --git a/.github/actions/spelling/only.txt b/.github/actions/spelling/only.txt new file mode 100644 index 0000000..85192dc --- /dev/null +++ b/.github/actions/spelling/only.txt @@ -0,0 +1,2 @@ +\.md$ +\.tmpl$ diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt new file mode 100644 index 0000000..caeb662 --- /dev/null +++ b/.github/actions/spelling/patterns.txt @@ -0,0 +1,118 @@ +# See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns + +# acceptable duplicates +# ls directory listings +[-bcdlpsw](?:[-r][-w][-sx]){3}\s+\d+\s+(\S+)\s+\g{-1}\s+\d+\s+ + +# Commit message -- Signed-off-by and friends +^\s*(?:(?:Based-on-patch|Co-authored|Helped|Mentored|Reported|Reviewed|Signed-off)-by|Thanks-to): (?:[^<]*<[^>]*>|[^<]*)\s*$ + +# Autogenerated revert commit message +^This reverts commit [0-9a-f]{40}\.$ + +# ignore long runs of a single character: +\b([A-Za-z])\g{-1}{3,}\b + +# ignore funky space IDs that blow up spell checking +api\.mondoo\.app\/.*\b +console\.mondoo\.com\/.*\b + +# azure subscription ID +[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12} + +# azure subscriptions URL +\/subscriptions\/\S* + +# docker container +\b[a-z,0-9]{12}\b + +# URLs in markdown links / images +]\(.*\) + +# Azure Key Vault Vault. It feels wrong, but it's technically right +Key Vault Vault + +# luna containers in scan output +\bluna/.*\b + +# this comes up in permissions and is valid +\broot root\b + +# AWS resources +(ami|subnet|vpc|sg|fs)-[0-9a-fA-F]{17} + +# http and https URLs +https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*) + +# registry key paths +HKEY_[\w\\]* + +# Container digests +\bsha256:\w* + +# mime types +\bapplication\/\S* + +# mql certificate IDs +certificate:\w* + +# ARN values +\barn:\S* + +# mac user dir path +\/Users\/\S* + +# AWS Token, ID access key, etc +aws_session_token\s+\=(\s+)?.+ +aws_access_key_id\s+\=(\s+)?.+ +aws_secret_access_key\s+\=(\s+)?.+ + +# PGP +\b(?:[0-9A-F]{4} ){9}[0-9A-F]{4}\b +# GPG keys +\b(?:[0-9A-F]{4} ){5}(?: [0-9A-F]{4}){5}\b + +# uuid +\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b + +# curl arguments +\b(?:\\n|)curl(?:\s+-[a-zA-Z]{1,2}\b)*(?:\s+-[a-zA-Z]{3,})(?:\s+-[a-zA-Z]+)* + +# set arguments +\bset(?:\s+-[abefimouxE]{1,2})*\s+-[abefimouxE]{3,}(?:\s+-[abefimouxE]+)* + +# tar arguments +\b(?:\\n|)g?tar(?:\.exe|)(?:(?:\s+--[-a-zA-Z]+|\s+-[a-zA-Z]+|\s[ABGJMOPRSUWZacdfh-pr-xz]+\b)(?:=[^ ]*|))+ + +# file permissions +['"`\s][-bcdLlpsw](?:[-r][-w][-Ssx]){2}[-r][-w][-SsTtx]\+?['"`\s] + +# score score is valid in MQL docs +score score + +# macOS temp folders +/var/folders/\w\w/[+\w]+/(?:T|-Caches-)/ + +# ssh +(?:ssh-\S+|-nistp256) [-a-zA-Z=;:\/0-9+]{12,} + +# kubernetes object suffix +-[0-9a-f]{10}-\w{5}\s + +# sed regular expressions +sed 's/(?:[^/]*?[a-zA-Z]{3,}[^/]*?/){2} + +# UNIX device paths +\/dev\/\w* + +# AWS RDS instance types +db.\w{2}.\w* + +# uuid +[<({"'>][0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[<'"})>] + +# rsa private keys +MII[BCEJ]\w* + +# UID in MQL policy +- uid: \S* diff --git a/.github/actions/spelling/reject.txt b/.github/actions/spelling/reject.txt new file mode 100644 index 0000000..78e71db --- /dev/null +++ b/.github/actions/spelling/reject.txt @@ -0,0 +1,13 @@ +ad-hoc +^attache$ +^bellow$ +benefitting +occurences? +^dependan.* +^oer$ +Sorce +^[Ss]pae.* +^untill$ +^untilling$ +^wether.* +deets diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 444a740..9c8ebd4 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,3 +1,4 @@ +--- version: 2 updates: - package-ecosystem: gomod diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml index f789a91..a9dfa13 100644 --- a/.github/workflows/cla.yaml +++ b/.github/workflows/cla.yaml @@ -1,3 +1,4 @@ +--- name: "CLA Assistant" on: issue_comment: diff --git a/.github/workflows/spell-check.yaml b/.github/workflows/spell-check.yaml new file mode 100644 index 0000000..57be00a --- /dev/null +++ b/.github/workflows/spell-check.yaml @@ -0,0 +1,53 @@ +--- +name: Spell Checking + +on: + pull_request: + types: [opened, reopened, synchronize] + +jobs: + spelling: + name: Run spell check + permissions: + contents: read + pull-requests: read + actions: read + outputs: + followup: ${{ steps.spelling.outputs.followup }} + runs-on: ubuntu-latest + if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'" + concurrency: + group: spelling-${{ github.event.pull_request.number || github.ref }} + # note: If you use only_check_changed_files, you do not want cancel-in-progress + cancel-in-progress: true + steps: + - name: check-spelling + id: spelling + uses: check-spelling/check-spelling@v0.0.22 + with: + disable_checks: noisy-file + suppress_push_for_open_pull_request: 1 + checkout: true + post_comment: 0 + dictionary_source_prefixes: '{"mondoo": "https://raw.githubusercontent.com/mondoohq/spellcheck-dictionary/main/", "cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20230509/dictionaries/"}' + extra_dictionaries: cspell:aws/aws.txt + cspell:filetypes/filetypes.txt + cspell:software-terms/src/software-terms.txt + cspell:software-terms/src/software-tools.txt + cspell:companies/src/companies.txt + mondoo:mondoo_dictionary.txt + + comment: + name: Report + runs-on: ubuntu-latest + needs: spelling + permissions: + contents: write + pull-requests: write + if: (success() || failure()) && needs.spelling.outputs.followup + steps: + - name: comment + uses: check-spelling/check-spelling@v0.0.22 + with: + checkout: true + task: ${{ needs.spelling.outputs.followup }} diff --git a/docs/resources/registration_token.md b/docs/resources/registration_token.md index ed0ef2a..c57c8a8 100644 --- a/docs/resources/registration_token.md +++ b/docs/resources/registration_token.md @@ -43,7 +43,7 @@ resource "mondoo_registration_token" "token" { description = "Get a mondoo registration token" count = length(var.space_names) space_id = mondoo_space.my_space[count.index].id - no_exipration = true + no_expiration = true # define optional expiration # expires_in = "1h" depends_on = [ @@ -67,7 +67,7 @@ output "space_registration_token" { ## Example to Create Spaces and Get Registration Tokens -This example demonstrates how to create three different Mondoo Spaces in a Mondoo Organisation and obtain a non-expiring +This example demonstrates how to create three different Mondoo Spaces in a Mondoo Organization and obtain a non-expiring Mondoo Registration Token for each Space. **Prerequisites** @@ -75,7 +75,7 @@ Mondoo Registration Token for each Space. Before proceeding, make sure you have the following: - [Mondoo Platform account](https://mondoo.com/docs/platform/start/plat-start-acct/) -- [Mondoo Organisation](https://mondoo.com/docs/platform/start/organize/overview/) +- [Mondoo Organization](https://mondoo.com/docs/platform/start/organize/overview/) - [Mondoo API Token](https://mondoo.com/docs/platform/maintain/access/api-tokens/) **Usage** @@ -84,7 +84,7 @@ Before proceeding, make sure you have the following: ```hcl space_names = ["Terraform Mondoo1", "Terraform Mondoo2", "Terraform Mondoo3"] -org_id = "love-mondoo-131514041515" +org_id = "love-mondoo-131514041515" ``` 2. Set the Mondoo Organization Service Account token @@ -123,7 +123,7 @@ rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. ``` -4. Create an execution plan to preview the changes that the Terraform plan will make to your Mondoo Organisation: +4. Create an execution plan to preview the changes that the Terraform plan will make to your Mondoo Organization: ```bash terraform plan -out plan.out @@ -138,7 +138,7 @@ Terraform will perform the following actions: + description = "Get a mondoo registration token" + expires_at = (known after apply) + mrn = (known after apply) - + no_exipration = true + + no_expiration = true + result = (sensitive value) + revoked = (known after apply) + space_id = (known after apply) @@ -149,7 +149,7 @@ Terraform will perform the following actions: + description = "Get a mondoo registration token" + expires_at = (known after apply) + mrn = (known after apply) - + no_exipration = true + + no_expiration = true + result = (sensitive value) + revoked = (known after apply) + space_id = (known after apply) @@ -160,7 +160,7 @@ Terraform will perform the following actions: + description = "Get a mondoo registration token" + expires_at = (known after apply) + mrn = (known after apply) - + no_exipration = true + + no_expiration = true + result = (sensitive value) + revoked = (known after apply) + space_id = (known after apply) @@ -247,8 +247,8 @@ terraform output -json complete_space_setup | jq ] ``` -You succesfully created Mondoo spaces and generated registration tokens for each space, which will be displayed in the -output. +You successfully created Mondoo spaces and generated registration tokens for each space, which will be displayed in the +output. ## Schema @@ -268,4 +268,4 @@ output. ### Read-Only - `mrn` (String) The Mondoo Resource Name (MRN) of the created token. -- `result` (String, Sensitive) The generated token. \ No newline at end of file +- `result` (String, Sensitive) The generated token. diff --git a/examples/resources/mondoo_registration_token/resource.tf b/examples/resources/mondoo_registration_token/resource.tf index cb3563b..aa62a1b 100644 --- a/examples/resources/mondoo_registration_token/resource.tf +++ b/examples/resources/mondoo_registration_token/resource.tf @@ -30,7 +30,7 @@ resource "mondoo_registration_token" "token" { description = "Get a mondoo registration token" count = length(var.space_names) space_id = mondoo_space.my_space[count.index].id - no_exipration = true + no_expiration = true # define optional expiration # expires_in = "1h" depends_on = [ diff --git a/templates/resources/registration_token.md.tmpl b/templates/resources/registration_token.md.tmpl index 0b4cc97..680f513 100644 --- a/templates/resources/registration_token.md.tmpl +++ b/templates/resources/registration_token.md.tmpl @@ -16,7 +16,7 @@ description: |- ## Example to Create Spaces and Get Registration Tokens -This example demonstrates how to create three different Mondoo Spaces in a Mondoo Organisation and obtain a non-expiring +This example demonstrates how to create three different Mondoo Spaces in a Mondoo Organization and obtain a non-expiring Mondoo Registration Token for each Space. **Prerequisites** @@ -24,7 +24,7 @@ Mondoo Registration Token for each Space. Before proceeding, make sure you have the following: - [Mondoo Platform account](https://mondoo.com/docs/platform/start/plat-start-acct/) -- [Mondoo Organisation](https://mondoo.com/docs/platform/start/organize/overview/) +- [Mondoo Organization](https://mondoo.com/docs/platform/start/organize/overview/) - [Mondoo API Token](https://mondoo.com/docs/platform/maintain/access/api-tokens/) **Usage** @@ -33,7 +33,7 @@ Before proceeding, make sure you have the following: ```hcl space_names = ["Terraform Mondoo1", "Terraform Mondoo2", "Terraform Mondoo3"] -org_id = "love-mondoo-131514041515" +org_id = "love-mondoo-131514041515" ``` 2. Set the Mondoo Organization Service Account token @@ -72,7 +72,7 @@ rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. ``` -4. Create an execution plan to preview the changes that the Terraform plan will make to your Mondoo Organisation: +4. Create an execution plan to preview the changes that the Terraform plan will make to your Mondoo Organization: ```bash terraform plan -out plan.out @@ -87,7 +87,7 @@ Terraform will perform the following actions: + description = "Get a mondoo registration token" + expires_at = (known after apply) + mrn = (known after apply) - + no_exipration = true + + no_expiration = true + result = (sensitive value) + revoked = (known after apply) + space_id = (known after apply) @@ -98,7 +98,7 @@ Terraform will perform the following actions: + description = "Get a mondoo registration token" + expires_at = (known after apply) + mrn = (known after apply) - + no_exipration = true + + no_expiration = true + result = (sensitive value) + revoked = (known after apply) + space_id = (known after apply) @@ -109,7 +109,7 @@ Terraform will perform the following actions: + description = "Get a mondoo registration token" + expires_at = (known after apply) + mrn = (known after apply) - + no_exipration = true + + no_expiration = true + result = (sensitive value) + revoked = (known after apply) + space_id = (known after apply) @@ -196,7 +196,7 @@ terraform output -json complete_space_setup | jq ] ``` -You succesfully created Mondoo spaces and generated registration tokens for each space, which will be displayed in the -output. +You successfully created Mondoo spaces and generated registration tokens for each space, which will be displayed in the +output. {{ .SchemaMarkdown | trimspace }} \ No newline at end of file