diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index a57d195..f793a32 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -7,10 +7,10 @@ jobs: api_deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /api/deploy with: set-safe-directory: /github/workspace @@ -22,10 +22,10 @@ jobs: formatBash: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /formatBash with: set-safe-directory: /github/workspace @@ -34,8 +34,8 @@ jobs: formatMarkdown: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /formatMarkdown with: set-safe-directory: /github/workspace @@ -44,30 +44,30 @@ jobs: formatNix: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /formatNix with: set-safe-directory: /github/workspace args: m . /formatNix - formatPython: + formatPython_default: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 - name: /formatPython + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest + name: /formatPython/default with: set-safe-directory: /github/workspace - args: m . /formatPython + args: m . /formatPython/default lintBash: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintBash with: set-safe-directory: /github/workspace @@ -76,10 +76,10 @@ jobs: lintGitCommitMsg: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintGitCommitMsg with: set-safe-directory: /github/workspace @@ -88,10 +88,10 @@ jobs: lintGitMailMap: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintGitMailMap with: set-safe-directory: /github/workspace @@ -100,8 +100,8 @@ jobs: lintMarkdown_readme: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintMarkdown/readme with: set-safe-directory: /github/workspace @@ -110,8 +110,8 @@ jobs: lintNix: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintNix with: set-safe-directory: /github/workspace @@ -120,8 +120,8 @@ jobs: lintPython_module_api: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintPython/module/api with: set-safe-directory: /github/workspace @@ -130,8 +130,8 @@ jobs: lintWithLizard_api: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintWithLizard/api with: set-safe-directory: /github/workspace @@ -140,8 +140,8 @@ jobs: securePythonWithBandit_api: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /securePythonWithBandit/api with: set-safe-directory: /github/workspace diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml index ec4c8e2..58ab88e 100644 --- a/.github/workflows/prod.yml +++ b/.github/workflows/prod.yml @@ -7,10 +7,10 @@ jobs: api_deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /api/deploy with: set-safe-directory: /github/workspace @@ -23,10 +23,10 @@ jobs: formatBash: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /formatBash with: set-safe-directory: /github/workspace @@ -37,8 +37,8 @@ jobs: formatMarkdown: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /formatMarkdown with: set-safe-directory: /github/workspace @@ -49,8 +49,8 @@ jobs: formatNix: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /formatNix with: set-safe-directory: /github/workspace @@ -58,25 +58,25 @@ jobs: env: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - formatPython: + formatPython_default: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 - name: /formatPython + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest + name: /formatPython/default with: set-safe-directory: /github/workspace - args: m . /formatPython + args: m . /formatPython/default env: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} lintBash: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintBash with: set-safe-directory: /github/workspace @@ -87,10 +87,10 @@ jobs: lintGitCommitMsg: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintGitCommitMsg with: set-safe-directory: /github/workspace @@ -101,10 +101,10 @@ jobs: lintGitMailMap: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 with: fetch-depth: 0 - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintGitMailMap with: set-safe-directory: /github/workspace @@ -115,8 +115,8 @@ jobs: lintMarkdown_readme: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintMarkdown/readme with: set-safe-directory: /github/workspace @@ -127,8 +127,8 @@ jobs: lintNix: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintNix with: set-safe-directory: /github/workspace @@ -139,8 +139,8 @@ jobs: lintPython_module_api: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintPython/module/api with: set-safe-directory: /github/workspace @@ -151,8 +151,8 @@ jobs: lintWithLizard_api: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /lintWithLizard/api with: set-safe-directory: /github/workspace @@ -163,8 +163,8 @@ jobs: securePythonWithBandit_api: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /securePythonWithBandit/api with: set-safe-directory: /github/workspace diff --git a/.lint-markdown/config.rb b/.lint-markdown/config.rb index 77bbdd4..ad3d943 100644 --- a/.lint-markdown/config.rb +++ b/.lint-markdown/config.rb @@ -12,7 +12,7 @@ rule 'MD010' rule 'MD011' rule 'MD012' -rule 'MD013', :tables => false, :code_blocks => false +rule 'MD013', :tables => false, :ignore_code_blocks => true rule 'MD014' rule 'MD018' rule 'MD019' diff --git a/README.md b/README.md index da5283d..ab9194d 100644 --- a/README.md +++ b/README.md @@ -192,7 +192,7 @@ m github:fluidattacks/makes-example@main Using [Docker][docker]: ```bash -docker run ghcr.io/fluidattacks/makes:22.11 m github:fluidattacks/makes-example@main +docker run ghcr.io/fluidattacks/makes/amd64:latest m github:fluidattacks/makes-example@main ``` # Running Makes on containers @@ -222,8 +222,8 @@ Let's take a look at this job in `.github/workflows/dev.yml`: formatNix: runs-on: ubuntu-latest steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - uses: docker://ghcr.io/fluidattacks/makes:22.11 + - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 + - uses: docker://ghcr.io/fluidattacks/makes/amd64:latest name: /formatNix with: set-safe-directory: "/github/workspace" @@ -367,10 +367,16 @@ can be configured as follows: ```nix { cache = { - readAndWrite = { - enable = true; - name = "makes"; - pubKey = "makes.cachix.org-1:zO7UjWLTRR8Vfzkgsu1PESjmb6ymy1e4OE9YfMmCQR4="; + readNixos = true; + extra = { + makes = { + enable = true; + pubKey = "makes.cachix.org-1:zO7UjWLTRR8Vfzkgsu1PESjmb6ymy1e4OE9YfMmCQR4="; + token = "CACHIX_AUTH_TOKEN"; + type = "cachix"; + url = "https://makes.cachix.org"; + write = true; + }; }; }; } diff --git a/api/deploy/compose.yaml b/api/deploy/compose.yaml index 85a2b1b..c083bee 100644 --- a/api/deploy/compose.yaml +++ b/api/deploy/compose.yaml @@ -6,7 +6,7 @@ networks: external: true services: app: - image: ghcr.io/fluidattacks/makes:22.11 + image: ghcr.io/fluidattacks/makes/amd64:latest hostname: makes-example-${BRANCH} container_name: makes-example-${BRANCH} networks: [app] diff --git a/api/deploy/entrypoint.sh b/api/deploy/entrypoint.sh index a7e35ae..737f745 100644 --- a/api/deploy/entrypoint.sh +++ b/api/deploy/entrypoint.sh @@ -53,7 +53,7 @@ function stackhero_deploy { } function main { - local env="${1:-}" + local env="${1-}" export BRANCH export PATH_PREFIX diff --git a/api/entrypoint.sh b/api/entrypoint.sh index f642420..f601834 100644 --- a/api/entrypoint.sh +++ b/api/entrypoint.sh @@ -5,7 +5,7 @@ function main { "--reload" "--host" "0.0.0.0" "--port" "8080" - "--root-path" "${1:-}" + "--root-path" "${1-}" ) pushd "__argApiSrc__" \ diff --git a/api/env/pypi-deps.yaml b/api/env/pypi-deps.yaml index 20fd17e..d8c8f4f 100644 --- a/api/env/pypi-deps.yaml +++ b/api/env/pypi-deps.yaml @@ -1,3 +1,2 @@ ---- fastapi: 0.78.0 uvicorn: 0.18.2 diff --git a/api/env/pypi-sources.yaml b/api/env/pypi-sources.yaml index d97da97..3f97167 100644 --- a/api/env/pypi-sources.yaml +++ b/api/env/pypi-sources.yaml @@ -1,4 +1,3 @@ ---- closure: anyio: 3.6.1 click: 8.1.3 diff --git a/makes.lock.nix b/makes.lock.nix index be3feb0..7f07ed4 100644 --- a/makes.lock.nix +++ b/makes.lock.nix @@ -1,6 +1,6 @@ { makesSrc = builtins.fetchGit { url = "https://github.com/fluidattacks/makes"; - ref = "refs/tags/22.11"; + ref = "refs/heads/main"; }; } diff --git a/makes.nix b/makes.nix index a52c5f2..189870e 100644 --- a/makes.nix +++ b/makes.nix @@ -1,9 +1,15 @@ {fetchNixpkgs, ...}: { cache = { - readAndWrite = { - enable = true; - name = "makes"; - pubKey = "makes.cachix.org-1:zO7UjWLTRR8Vfzkgsu1PESjmb6ymy1e4OE9YfMmCQR4="; + readNixos = true; + extra = { + makes = { + enable = true; + pubKey = "makes.cachix.org-1:zO7UjWLTRR8Vfzkgsu1PESjmb6ymy1e4OE9YfMmCQR4="; + token = "CACHIX_AUTH_TOKEN"; + type = "cachix"; + url = "https://makes.cachix.org"; + write = true; + }; }; }; formatBash = { @@ -20,8 +26,9 @@ targets = ["/"]; }; formatPython = { - enable = true; - targets = ["/"]; + default = { + targets = ["/"]; + }; }; formatYaml = { enable = true;