diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..97fb425 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @lloesche @aquamatthias @meln1k diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml new file mode 100644 index 0000000..f9ca5d3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug.yml @@ -0,0 +1,55 @@ +name: 🐛 Bug Report +description: Report a problem +labels: ['bug'] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + - type: textarea + id: description + attributes: + label: Description + description: Please provide a clear and concise description of the bug or issue. + validations: + required: true + - type: input + id: version + attributes: + label: Version + description: What version of Fix Inventory are you running? + validations: + required: true + - type: input + id: environment + attributes: + label: Environment + description: + validations: + required: false + - type: textarea + id: repro-steps + attributes: + label: Steps to Reproduce + description: Please tell us how we can reproduce the undesired behavior. + placeholder: | + 1. + 2. + 3. + validations: + required: false + - type: textarea + id: logs + attributes: + label: Logs + description: Please copy and paste any relevant log output. (This will be automatically formatted into code, so no need for backticks.) + render: shell + - type: textarea + id: additional-context + attributes: + label: Additional Context + description: Provide any additional information or screenshots that may be relevant or helpful. + - type: markdown + attributes: + value: | + By submitting this bug report, I agree to follow the [code of conduct](https://inventory.fix.security/code-of-conduct). diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..a214609 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: false +contact_links: + - name: đŸ’Ŧ Discord + url: https://discord.gg/fixsecurity + about: Chat with other users and the development team + - name: 📄 Documentation + url: https://inventory.fix.security/docs + about: Read and search documentation diff --git a/.github/ISSUE_TEMPLATE/enhancement.yml b/.github/ISSUE_TEMPLATE/enhancement.yml new file mode 100644 index 0000000..cce7b06 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/enhancement.yml @@ -0,0 +1,31 @@ +name: ✨ Feature Request +description: Suggest an idea +labels: ['enhancement'] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this feature request! + - type: textarea + id: motivation + attributes: + label: Motivation + description: Please provide a clear and concise description of the rationale behind this request. + validations: + required: true + - type: textarea + id: desired-behavior + attributes: + label: Desired Behavior + description: Provide a clear and concise description of what you want to happen. + validations: + required: true + - type: textarea + id: additional-context + attributes: + label: Additional Context + description: Provide any additional information or screenshots that may be relevant or helpful. + - type: markdown + attributes: + value: | + By submitting this feature request, I agree to follow the [code of conduct](https://inventory.fix.security/code-of-conduct). diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..07fca63 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,15 @@ +# Description + + + +# To-Dos + + + + +- [x] I have created tests for any new or updated functionality. +- [x] I ran `tox` successfully. + +# Code of Conduct + +By submitting this pull request, I agree to follow the [code of conduct](https://inventory.fix.security/code-of-conduct). diff --git a/.github/workflows/check_pr_plugin_onprem.yml b/.github/workflows/check_pr_plugin_onprem.yml new file mode 100644 index 0000000..2715e47 --- /dev/null +++ b/.github/workflows/check_pr_plugin_onprem.yml @@ -0,0 +1,75 @@ +# Note: this workflow is automatically generated via the `create_pr` script in the same folder. +# Please do not change the file, but the script! + +name: Check PR (Plugin onprem) +on: + push: + tags: + - "*.*.*" + branches: + - main + pull_request: + paths: + - 'fixlib/**' + - 'plugins/onprem/**' + - '.github/**' + - 'requirements-all.txt' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} + cancel-in-progress: true + +jobs: + onprem: + name: "onprem" + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: '3.12' + architecture: 'x64' + + - name: Restore dependency cache + uses: actions/cache@v4 + with: + path: ~/.cache/pip + key: ${{runner.os}}-pip-${{hashFiles('./plugins/onprem/pyproject.toml')}} + restore-keys: | + ${{runner.os}}-pip- + + - name: Install Dependencies + run: | + python -m pip install --upgrade pip + pip install --upgrade --editable fixlib/ + pip install tox wheel flake8 build + + - name: Run tests + working-directory: ./plugins/onprem + run: tox + + - name: Archive code coverage results + uses: actions/upload-artifact@v4 + with: + name: plugin-onprem-code-coverage-report + path: ./plugins/onprem/htmlcov/ + + - name: Build a binary wheel and a source tarball + working-directory: ./plugins/onprem + run: >- + python -m + build + --sdist + --wheel + --outdir dist/ + + - name: Publish distribution to PyPI + if: github.ref_type == 'tag' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + user: __token__ + password: ${{ secrets.PYPI_FIXINVENTORY_PLUGIN_ONPREM }} + packages_dir: ./plugins/onprem/dist/ diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..23148ad --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,60 @@ +name: "CodeQL" + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + schedule: + - cron: '26 0 * * 1' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} + cancel-in-progress: true + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'python' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d9f2b93 --- /dev/null +++ b/.gitignore @@ -0,0 +1,35 @@ +__pycache__ +this +.idea/ +tmp/ +runner.env +artifacts/ +*~ +*backups +.cache +docker-tag +.tox/ +.*.swp +*.egg-info +wheelhouse/ +test/build/* +PASSED +FAILED +test/.vagrant/* +.pytest_cache +.eggs/ +venv* +/config/ +*.code-workspace +*/build/ +docs/_build/ +.DS_Store +.coverage +.dccache +fixshell/backup_* +fixcore/tools/Assets +out/ +*.iml +**/.hypothesis/ +.sandbox/* +.env