Merge pull request #5 from mhitza/repo-ansible

repo-ansible execution and configuration

.devcontainer/Dockerfile

@@ -0,0 +1,35 @@
+# Managed by https://github.com/linkorb/repo-ansible. Manual changes will be overwritten.
+
+FROM ghcr.io/linkorb/php-docker-base:php8-review
+EXPOSE 80
+
+USER root
+
+ENV APP_ENV=dev
+
+ARG USERNAME=vscode
+ARG USER_UID=1000
+ARG USER_GID=$USER_UID
+
+ENV APACHE_RUN_USER    $USERNAME
+ENV APACHE_RUN_GROUP   $USERNAME
+ENV APACHE_LOCK_DIR    /var/lock/apache2
+ENV APACHE_LOG_DIR     /var/log/apache2
+ENV APACHE_PID_FILE    /var/run/apache2/apache2.pid
+
+# Create a non-root user with the specified UID and GID
+RUN groupadd --gid $USER_GID $USERNAME \
+    && useradd --uid $USER_UID --gid $USER_GID -m $USERNAME \
+    && apt-get update \
+    && apt-get install -y sudo \
+    && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
+    && chmod 0440 /etc/sudoers.d/$USERNAME \
+    && sudo chsh -s /bin/bash vscode
+
+COPY --chown=vscode:vscode ../. /app
+RUN chown vscode:vscode -R /app /var/log/apache2
+
+RUN echo "xdebug.mode=off" | tee '/usr/local/etc/php/conf.d/xdebug.ini'
+
+WORKDIR /app
+USER root

.devcontainer/devcontainer.json

@@ -0,0 +1,56 @@
+// Managed by https://github.com/linkorb/repo-ansible. Manual changes will be overwritten.
+{
+  "dockerComposeFile": "docker-compose.yml",
+  "service": "app",
+  "workspaceFolder": "/app",
+
+  "hostRequirements": {
+      "cpus": 2,
+      "memory": "8gb",
+      "storage": "32gb"
+  },
+
+  "features": {
+      "ghcr.io/devcontainers/features/github-cli:1": {},
+      "ghcr.io/devcontainers/features/docker-in-docker:1": {}
+  },
+
+  // Configure tool-specific properties.
+  "customizations": {
+      // Configure properties specific to VS Code.
+      "vscode": {
+          // Set *default* container specific settings.json values on container create.
+          "settings": {
+              "php.validate.executablePath": "/usr/local/bin/php",
+              "yaml.schemas": {
+                "https://raw.githubusercontent.com/linkorb/repo-ansible/main/repo.schema.yaml": ["repo.yaml"]
+              },
+              // YAML extension by RedHat that prompts on each new devcontainer to enable telemetry
+              "redhat.telemetry.enabled": false
+          },
+          // Add the IDs of extensions you want installed when the container is created.
+          "extensions": [
+              "xdebug.php-debug",
+              "bmewburn.vscode-intelephense-client",
+              "mrmlnc.vscode-apache",
+              "74th.json-yaml-schema-selector"
+          ]
+      }
+  },
+  "forwardPorts": [80, 3306],
+  "remoteUser": "vscode",
+
+  "secrets": {
+    "CR_PAT": {
+      "description": "GitHub Personal Access Token (classic) with package read access, required for docker base image",
+      "documentationUrl": "https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-with-a-personal-access-token-classic"
+    }
+    ,"PACKAGIST_TOKEN": {
+      "description": "Packagist access token, required for installation of composer packages from private packagist",
+      "documentationUrl": "https://packagist.com/orgs/linkorb"
+    }
+  },
+
+  "initializeCommand": "echo $CR_PAT | docker login ghcr.io -u $GITHUB_USER --password-stdin",
+  "postCreateCommand": ".devcontainer/postCreate.sh"
+}

.devcontainer/docker-compose.yml

@@ -0,0 +1,40 @@
+# Managed by https://github.com/linkorb/repo-ansible. Manual changes will be overwritten.
+version: '3.8'
+
+services:
+  app:
+    build:
+      context: ../.
+      dockerfile: .devcontainer/Dockerfile
+      args:
+        # Optional Node.js version
+        NODE_VERSION: "lts/*"
+
+    volumes:
+      - ..:/workspace:cached
+
+    # Runs app on the same network as the database container, allows "forwardPorts" in devcontainer.json function.
+    network_mode: service:db
+
+    # Uncomment the next line to use a non-root user for all processes.
+    # user: vscode
+
+    # Use "forwardPorts" in **devcontainer.json** to forward an app port locally.
+    # (Adding the "ports" property to this file will not forward from a Codespace.)
+
+  db:
+    image: mariadb:10.4
+    restart: unless-stopped
+    volumes:
+      - mariadb-data:/var/lib/mysql
+    environment:
+      MYSQL_ROOT_PASSWORD: mariadb
+      MYSQL_DATABASE: mariadb
+      MYSQL_USER: mariadb
+      MYSQL_PASSWORD: mariadb
+
+    # Add "forwardPorts": ["3306"] to **devcontainer.json** to forward MariaDB locally.
+    # (Adding the "ports" property to this file will not forward from a Codespace.)
+
+volumes:
+  mariadb-data:

.devcontainer/git/hooks/pre-push

@@ -0,0 +1,8 @@
+#!/usr/bin/bash
+
+temporary_file=$(mktemp)
+composer-unused --no-progress --output-format=github > $temporary_file
+exit_code=$?
+
+cat $temporary_file | grep -v 'ignored'
+exit $exit_code

.devcontainer/git/linkorb_commit.template

@@ -0,0 +1,17 @@
+# See https://engineering.linkorb.com/topics/github-codespaces/articles/commit-standards for more information
+#
+# Write a 50-character or less commit header below
+# It should take the form: <type>[scope]: <description> #<cardNumber>
+# -----------------------50 characters ends here:#
+
+
+# [optional body]
+# Summarize changes and the motivation for such changes below:
+# Keep lines short (72 characters or less) ----72 characters ends here:#
+# Ending a commit header with a card number is preferred, it is also acceptable in the commit body
+
+
+# [optional footer]
+# Summarize supplemental information such as breaking changes, work item identifiers, co-authors, etc
+# Keep lines short (72 characters or less) ----72 characters ends here:#
+

.devcontainer/postCreate.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+# Managed by https://github.com/linkorb/repo-ansible. Manual changes will be overwritten.
+
+git config commit.template .devcontainer/git/linkorb_commit.template
+
+cp .devcontainer/git/hooks/pre-push .git/hooks/pre-push
+chmod +x .git/hooks/pre-push
+
+composer config --global --auth http-basic.repo.packagist.com "$GITHUB_USER" "$PACKAGIST_TOKEN"
+
+composer install
+

.dockerignore

@@ -0,0 +1,5 @@
+# Managed by https://github.com/linkorb/repo-ansible. Manual changes will be overwritten.
+
+node_modules/
+vendor/
+var/

.editorconfig

@@ -0,0 +1,14 @@
+# Managed by https://github.com/linkorb/repo-ansible. Manual changes will be overwritten.
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_style = space
+indent_size = 2
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.php]
+indent_size = 4

.github/pull_request_template.md

@@ -0,0 +1,38 @@
+## Proposed changes
+
+Describe the big picture of your changes here to communicate to the maintainers why we should accept this pull request.
+
+If this relates to a card, please include a link to the card here. Additionally, please terminate the PR title with `#` and the card number, such as `Fix doomsday bug #1234`
+
+## Types of changes
+
+What types of changes does your code introduce?
+_Put an `x` in the boxes that apply_
+
+- [ ] feat: non-breaking change which adds new functionality
+- [ ] fix: non-breaking change which fixes a bug or an issue
+- [ ] chore(deps): changes to dependencies
+- [ ] test: adds or modifies a test
+- [ ] docs: creates or updates documentation
+- [ ] style: changes that do not affect the meaning or function of code (e.g. formatting, whitespace, missing semi-colons etc.)
+- [ ] perf: code change that improves performance
+- [ ] revert: reverts a commit
+- [ ] refactor: code change that neither fix a bug nor add a new feature
+- [ ] ci: changes to continuous integration or continuous delivery scripts or configuration files
+- [ ] chore: general tasks or anything that doesn't fit the other commit types
+
+Please indicate if your PR introduces a breaking change
+- [ ] Breaking change: fix or feature that would cause existing functionality to not work as expected
+
+## Checklist
+
+_Put an `x` in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code._
+
+- [ ] I have read the [Contributing](https://github.com/linkorb/.github/blob/master/CONTRIBUTING.md) doc
+- [ ] I have read the [Creating and reviewing pull requests at LinkORB guide](https://engineering.linkorb.com/topics/git/articles/reviewing-pr/) doc
+- [ ] Lint and unit tests pass locally with my changes
+- [ ] I have added/updated necessary documentation in the README.md or doc/ directories (if appropriate)
+
+## Further comments
+
+If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did and what alternatives you considered, etc...

.github/settings.yml

@@ -0,0 +1,74 @@
+# Managed by https://github.com/linkorb/repo-ansible. Manual changes will be overwritten.
+# These settings are synced to GitHub by https://probot.github.io/apps/settings/
+# See https://docs.github.com/en/rest/reference/repos#update-a-repository for all available settings.
+
+repository:
+
+  # The name of the repository. Changing this will rename the repository
+  name:  connector
+
+  # A short description of the repository that will show up on GitHub
+  description: "Connector: Database connection resolver"
+
+    # A URL with more information about the repository
+  homepage: https://engineering.linkorb.com
+
+
+  # Either `true` to make the repository private, or `false` to make it public.
+  private: false
+
+  has_issues: true
+
+  # Either `true` to enable projects for this repository, or `false` to disable them.
+  # If projects are disabled for the organization, passing `true` will cause an API error.
+  has_projects: false
+
+  has_wiki: false
+
+  # Either `true` to enable downloads for this repository, `false` to disable them.
+  has_downloads: true
+
+  # Updates the default branch for this repository.
+  default_branch: master
+
+  # Either `true` to allow squash-merging pull requests, or `false` to prevent
+  # squash-merging.
+  allow_squash_merge: true
+
+  # Either `true` to allow merging pull requests with a merge commit, or `false`
+  # to prevent merging pull requests with merge commits.
+  allow_merge_commit: true
+
+  # Either `true` to allow rebase-merging pull requests, or `false` to prevent
+  # rebase-merging.
+  allow_rebase_merge: true
+
+  # Either `true` to enable automatic deletion of branches on merge, or `false` to disable
+  delete_branch_on_merge: true
+
+  # Either `true` to enable automated security fixes, or `false` to disable
+  # automated security fixes.
+  enable_automated_security_fixes: true
+
+  # Either `true` to enable vulnerability alerts, or `false` to disable
+  # vulnerability alerts.
+  enable_vulnerability_alerts: true
+
+# Labels: define labels for Issues and Pull Requests
+labels:
+  - name: fix
+    color: CC0000
+    description: An issue with the system.
+
+  - name: feat
+    # If including a `#`, make sure to wrap it with quotes!
+    color: '#336699'
+    description: New feature.
+
+  - name: chore
+    color: CC0000
+    description: A repository chore.
+
+
+# Milestones: define milestones for Issues and Pull Requests
+

.github/workflows/dependabot-auto-merge.yaml

@@ -0,0 +1,22 @@
+name: Dependabot auto-merge
+on: pull_request_target
+
+permissions:
+  pull-requests: write # required for the action to read metadata
+  contents: write # required for the gh client to read/merge commits
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1
+
+      - name: Enable auto-merge for Dependabot PRs
+        if: steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GH_TOKEN: ${{ github.token }}