feature/review trigger security (#88)

tcarmet · web-flow · commit 84d3cf97635f · 2023-01-31T16:00:19.000-08:00
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -8,6 +8,6 @@ FROM mcr.microsoft.com/vscode/devcontainers/python:0-${VARIANT}
 ARG NODE_VERSION="none"
 RUN if [ "${NODE_VERSION}" != "none" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi
 
-COPY requirements.txt constraints.txt /tmp/pip-tmp/
+COPY requirements.txt /tmp/pip-tmp/
 RUN pip3 --disable-pip-version-check --no-cache-dir install -r /tmp/pip-tmp/requirements.txt \
-   && pip3 install tox && rm -rf /tmp/pip-tmp
+   && pip3 install tox && rm -rf /tmp/pip-tmp
diff --git a/.dockerignore b/.dockerignore
@@ -1,3 +1,8 @@
 venv
 *.pyc
 *~
+.git
+*.egg-info
+__pycache__
+.eggs
+.tox
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -1,7 +1,16 @@
 ---
 name: build
 
-on: push
+on:
+  push:
+    branches:
+    - '**'
+  schedule:
+  # Run once a week at 00:00 on Sunday
+  - cron: '0 0 * * 0'
+  release:
+    types:
+    - created
 
 permissions:
   contents: read
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -39,6 +39,8 @@ jobs:
           context: .
           file: ./Dockerfile
           push: true
+          build-args: |
+            VERSION=${{ github.event.inputs.tag }}
           tags: |
             ghcr.io/scality/bert-e:${{ inputs.tag }}
             registry.scality.com/bert-e/bert-e:${{ inputs.tag }}
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -3,9 +3,6 @@
 name: trivy
 
 on:
-  schedule:
-  # Every day at noon
-  - cron: '0 12 * * *'
   workflow_call:
     inputs:
       image:
diff --git a/MANIFEST.in b/MANIFEST.in
@@ -1,2 +1,3 @@
 recursive-include bert_e/templates *
 recursive-include bert_e/docs *
+include requirements.txt
diff --git a/requirements.txt b/requirements.txt
@@ -18,4 +18,3 @@ requests==2.28.2
 requests-mock==1.10.0
 werkzeug==2.2.2
 WTForms==3.0.1
-setuptools-scm==1.9.0
diff --git a/setup.py b/setup.py
@@ -1,6 +1,7 @@
 #!/usr/bin/env python3
 
 from os.path import abspath, dirname, join
+import os
 import pip
 
 from setuptools import setup
@@ -36,14 +37,11 @@ def requires():
 
 setup(
     name='bert-e',
-    use_scm_version={
-        'local_scheme': 'dirty-tag'
-    },
-    setup_requires=[
-        'setuptools_scm'
-    ],
+    version=os.getenv('VERSION', '1.0-dev'),
+    python_requires=">=3.10",
+    platforms=['any'],
     description='Scality\'s automated branch merging tool',
-    url='https://bitbucket.org/scality/bert-e',
+    url='https://github.com/scality/bert-e',
     license='Apache',
     include_package_data=True,
     packages=[

-Original file line number
+Diff line change
@@ @@ -1,3 +1,8 @@ @@
 venv
 *.pyc
 *~
 +.git
 +*.egg-info
 +__pycache__
 +.eggs
 +.tox
Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
`1`	`1`	`recursive-include bert_e/templates *`
`2`	`2`	`recursive-include bert_e/docs *`
	`3`	`+include requirements.txt`