diff --git a/.coderabbit.yaml b/.coderabbit.yaml index 35ca66f..a86da85 100644 --- a/.coderabbit.yaml +++ b/.coderabbit.yaml @@ -7,6 +7,7 @@ language: en tone_instructions: | Provide feedback in a professional, friendly, constructive, and concise tone. Offer clear, specific suggestions and best practices to help enhance the code quality and promote learning. + Only comment on significant issues. early_access: true @@ -26,6 +27,8 @@ knowledge_base: reviews: profile: chill auto_review: + # Disable incremental code review on each push + auto_incremental_review: false # Ignore reviewing if the title of the pull request contains any of these keywords (case-insensitive) ignore_title_keywords: - wip @@ -42,6 +45,10 @@ reviews: Provide recommendations for clarity, maintainability, and adherence to Taskfile best practices, including usage of variables, environment blocks, and includes. These configurations may also contain embedded Bash scripts or commands. Demonstrate bash scripting best practices such as error handling, secure variable expansions, and clear documentation. + changed_files_summary: false + poem: false + # Don't post review details on each review. + sequence_diagrams: false tools: # By default, all tools are enabled. # Masterpoint uses Trunk (https://trunk.io) so we do not need a lot of this feedback due to overlap. diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..51080ca --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,7 @@ +# Use this file to define individuals or teams that are responsible for code in a repository. +# Read more: +# +# Order is important: the last matching pattern takes the most precedence + +# These owners will be the default owners for everything +* @masterpointio/masterpoint-open-source \ No newline at end of file diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..c713685 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,15 @@ +## what + +- Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?) +- Use bullet points to be concise and to the point. + +## why + +- Provide the justifications for the changes (e.g. business case). +- Describe why these changes were made (e.g. why do these commits fix the problem?) +- Use bullet points to be concise and to the point. + +## references + +- Link to any supporting GitHub issues or helpful documentation to add some context (e.g. Stackoverflow). +- Use `closes #123`, if this PR closes a GitHub issue `#123` diff --git a/.trunk/configs/.markdownlint.yaml b/.trunk/configs/.markdownlint.yaml index fb94039..33a98b8 100644 --- a/.trunk/configs/.markdownlint.yaml +++ b/.trunk/configs/.markdownlint.yaml @@ -8,3 +8,12 @@ line_length: false spaces: false url: false whitespace: false + +# Ignore MD041/first-line-heading/first-line-h1 +# Error: First line in a file should be a top-level heading +MD041: false + +# Ignore MD013/line-length +MD013: + strict: false + line_length: 350 diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index beef535..a90f63f 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -1,24 +1,24 @@ version: 0.1 cli: - version: 1.19.0 + version: 1.22.12 plugins: sources: - id: trunk - ref: v1.4.2 + ref: v1.6.8 uri: https://github.com/trunk-io/plugins lint: enabled: - - actionlint@1.6.26 - - checkov@3.2.19 - - trivy@0.49.1 - - yamllint@1.34.0 + - actionlint@1.7.7 + - checkov@3.2.408 + - trivy@0.61.1 + - yamllint@1.37.0 - git-diff-check - - markdownlint@0.39.0 - - prettier@3.2.5 - - trufflehog@3.67.5 + - markdownlint@0.44.0 + - prettier@3.5.3 + - trufflehog@3.88.25 runtimes: enabled: - - node@18.12.1 + - node@18.20.5 - python@3.10.8 actions: disabled: diff --git a/README.md b/README.md index 08ce0aa..853e012 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,16 @@ +[![Banner][banner-image]](https://masterpoint.io/) + # Taskit +[![Release][release-badge]][latest-release] + +πŸ’‘ Learn more about Masterpoint [below](#who-we-are-𐦂𖨆π€ͺπ– ‹). + +## Purpose and Functionality + Taskit (said task-kit or TK for short) is the Masterpoint [Taskfile](https://taskfile.dev/) Kit. We utilize this set of Taskfiles across clients as a means by which to share repeatable tasks like repo setup, tool automation, and similar shared scripting. -## Using Taskit +## Usage Taskit is built around the idea of being consumed by downstream repos. It is pulled through a standard Taskfile that you can find in [`exports/Taskfile.dist.yaml`](./exports/Taskfile.dist.yaml). @@ -25,3 +33,66 @@ The procedure to add it to a project is to do the following: - [x] Upstream various tasks from our distributed usage - [ ] Create a test harness + tests around tasks - [ ] Publish versions + +## Built By + +Powered by the [Masterpoint team](https://masterpoint.io/who-we-are/) and driven forward by contributions from the community ❀️ + +[![Contributors][contributors-image]][contributors-url] + +## Contribution Guidelines + +Contributions are welcome and appreciated! + +Found an issue or want to request a feature? [Open an issue][issues-url] + +Want to fix a bug you found or add some functionality? Fork, clone, commit, push, and PR β€” we'll check it out. + +## Who We Are 𐦂𖨆π€ͺπ– ‹ + +Established in 2016, Masterpoint is a team of experienced software and platform engineers specializing in Infrastructure as Code (IaC). We provide expert guidance to organizations of all sizes, helping them leverage the latest IaC practices to accelerate their engineering teams. + +### Our Mission + +Our mission is to simplify cloud infrastructure so developers can innovate faster, safer, and with greater confidence. By open-sourcing tools and modules that we use internally, we aim to contribute back to the community, promoting consistency, quality, and security. + +### Our Commitments + +- 🌟 **Open Source**: We live and breathe open source, contributing to and maintaining hundreds of projects across multiple organizations. +- 🌎 **1% for the Planet**: Demonstrating our commitment to environmental sustainability, we are proud members of [1% for the Planet](https://www.onepercentfortheplanet.org), pledging to donate 1% of our annual sales to environmental nonprofits. +- πŸ‡ΊπŸ‡¦ **1% Towards Ukraine**: With team members and friends affected by the ongoing [Russo-Ukrainian war](https://en.wikipedia.org/wiki/Russo-Ukrainian_War), we donate 1% of our annual revenue to invasion relief efforts, supporting organizations providing aid to those in need. [Here's how you can help Ukraine with just a few clicks](https://masterpoint.io/updates/supporting-ukraine/). + +## Connect With Us + +We're active members of the community and are always publishing content, giving talks, and sharing our hard earned expertise. Here are a few ways you can see what we're up to: + +[![LinkedIn][linkedin-badge]][linkedin-url] [![Newsletter][newsletter-badge]][newsletter-url] [![Blog][blog-badge]][blog-url] [![YouTube][youtube-badge]][youtube-url] + +... and be sure to connect with our founder, [Matt Gowie](https://www.linkedin.com/in/gowiem/). + +## License + +[Apache License, Version 2.0][license-url]. + +[![Open Source Initiative][osi-image]][license-url] + +Copyright Β© 2016-2025 [Masterpoint Consulting LLC](https://masterpoint.io/) + + + +[banner-image]: https://masterpoint-public.s3.us-west-2.amazonaws.com/v2/standard-long-fullcolor.png +[license-url]: https://opensource.org/license/apache-2-0 +[osi-image]: https://i0.wp.com/opensource.org/wp-content/uploads/2023/03/cropped-OSI-horizontal-large.png?fit=250%2C229&ssl=1 +[linkedin-badge]: https://img.shields.io/badge/LinkedIn-Follow-0A66C2?style=for-the-badge&logoColor=white +[linkedin-url]: https://www.linkedin.com/company/masterpoint-consulting +[blog-badge]: https://img.shields.io/badge/Blog-IaC_Insights-55C1B4?style=for-the-badge&logoColor=white +[blog-url]: https://masterpoint.io/updates/ +[newsletter-badge]: https://img.shields.io/badge/Newsletter-Subscribe-ECE295?style=for-the-badge&logoColor=222222 +[newsletter-url]: https://newsletter.masterpoint.io/ +[youtube-badge]: https://img.shields.io/badge/YouTube-Subscribe-D191BF?style=for-the-badge&logo=youtube&logoColor=white +[youtube-url]: https://www.youtube.com/channel/UCeeDaO2NREVlPy9Plqx-9JQ +[release-badge]: https://img.shields.io/github/v/release/masterpointio/taskit?color=0E383A&label=Release&style=for-the-badge&logo=github&logoColor=white +[latest-release]: https://github.com/masterpointio/taskit/releases/latest +[contributors-image]: https://contrib.rocks/image?repo=masterpointio/taskit +[contributors-url]: https://github.com/masterpointio/taskit/graphs/contributors +[issues-url]: https://github.com/masterpointio/taskit/issues diff --git a/Taskfile.yaml b/Taskfile.yaml index 142c6c7..a078965 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -5,6 +5,7 @@ includes: aws: lib/aws components: lib/components mixins: lib/mixins + os: lib/os-modules snaplet: lib/snaplet terraform: taskfile: lib/terraform diff --git a/lib/os-modules/Taskfile.yaml b/lib/os-modules/Taskfile.yaml new file mode 100644 index 0000000..72c19ad --- /dev/null +++ b/lib/os-modules/Taskfile.yaml @@ -0,0 +1,124 @@ +version: "3" + +vars: + DEFAULT_MODULES: | + terraform-aws-ssm-agent \ + terraform-aws-tailscale \ + terraform-datadog-users \ + terraform-github-teams \ + terraform-github-organization \ + terraform-postgres-automation \ + terraform-secrets-helper \ + terraform-spacelift-automation \ + terraform-spacelift-aws-integrations \ + terraform-spacelift-events-collector-audit-trail \ + terraform-spacelift-policies + SYNC_BRANCH: chore/sync-with-template +tasks: + sync: + desc: | + Sync files from `terraform-module-template` to specified Terraform open-source module repos. + Example: `task os:sync -- terraform-spacelift-automation` + summary: | + This will sync the specified list of files and directories from the remote template repository + to each of the default Terraform module repositories listed in DEFAULT_MODULES. + The task will synchronize the hardoded list of common files and directories. + To sync to a specific repository (or a custom list of repositories), pass their names as arguments: + `task os:sync -- terraform-custom-module` + or for multiple modules: `task os:sync -- "terraform-custom-module terraform-another-module"` + + vars: + MODULES: "{{if .CLI_ARGS}}{{.CLI_ARGS}}{{else}}{{.DEFAULT_MODULES}}{{end}}" + FILES: >- + .github + .trunk + .coderabbit.yaml + .editorconfig + .gitignore + .terraform-docs.yaml + LICENSE + aqua.yaml + TMP_DIR: .tmp-template-sync + cmds: + - rm -rf {{.TMP_DIR}} + - git clone --depth 1 https://github.com/masterpointio/terraform-module-template.git {{.TMP_DIR}} + - | + for module in {{.MODULES}}; do + echo "Syncing files to ../$module..." + for file in {{.FILES}}; do + echo " Syncing $file" + rsync -av --delete {{.TMP_DIR}}/$file ../$module/ + done + done + - rm -rf {{.TMP_DIR}} + + pull-and-branch: + desc: | + Pull main branch and create a sync branch for specified Terraform open-source module repos. + Example: `task os:pull-and-branch -- terraform-spacelift-automation` + summary: | + This will pull the main branch and create a new branch named 'chore/sync-with-template' + for each of the default Terraform module repositories listed in DEFAULT_MODULES. + To sync to a specific repository (or a custom list of repositories), pass their names as arguments: + `task os:pull-and-branch -- terraform-custom-module` + or for multiple modules: `task os:pull-and-branch -- "terraform-custom-module terraform-another-module"` + + vars: + MODULES: "{{if .CLI_ARGS}}{{.CLI_ARGS}}{{else}}{{.DEFAULT_MODULES}}{{end}}" + cmds: + - | + for module in {{.MODULES}}; do + echo "πŸš€ Processing ../$module..." + cd ../$module + echo "⬇️ Pulling main branch..." + git checkout main + git pull origin main + echo "πŸ”„ Creating sync branch..." + git checkout -b {{.SYNC_BRANCH}} + cd - + done + + push: + desc: | + Commit and push changes with the specified commit message. + Example: `task os:push -- terraform-spacelift-automation` + summary: | + This will commit and push changes with the message "chore: update with the latest template state" + for each of the specified Terraform module repositories. + To push to a specific repository (or a custom list of repositories), pass their names as arguments: + `task os:push -- terraform-custom-module` + or for multiple modules: `task os:push -- "terraform-custom-module terraform-another-module"` + + vars: + MODULES: "{{if .CLI_ARGS}}{{.CLI_ARGS}}{{else}}{{.DEFAULT_MODULES}}{{end}}" + cmds: + - | + for module in {{.MODULES}}; do + echo "πŸš€ Processing ../$module..." + cd ../$module + echo "πŸ“ Committing changes..." + git add . + git commit -m "chore: update with the latest template state" + echo "⬆️ Pushing changes..." + git push origin {{.SYNC_BRANCH}} + cd - + done + + sync-all: + desc: | + Pull main branch, create a sync branch, and sync with template for specified Terraform open-source module repos. + Example: `task os:sync-all -- terraform-spacelift-automation` + summary: | + This will: + 1. Pull the main branch and create a new branch named 'chore/sync-with-template' + 2. Sync files from the template repository + for each of the default Terraform module repositories listed in DEFAULT_MODULES. + To sync to a specific repository (or a custom list of repositories), pass their names as arguments: + `task os:sync-all -- terraform-custom-module` + or for multiple modules: `task os:sync-all -- "terraform-custom-module terraform-another-module"` + + vars: + MODULES: "{{if .CLI_ARGS}}{{.CLI_ARGS}}{{else}}{{.DEFAULT_MODULES}}{{end}}" + cmds: + - task: pull-and-branch + - task: sync