Merge branch 'develop' into feature/pathItems

Author: makeev-pavel

.editorconfig

@@ -1 +1 @@
-@alagishev 
+@b41ex

.github/CODEOWNERS

@@ -0,0 +1,23 @@
+---
+conventional-commits:
+  - type: 'fix'
+    nouns: ['FIX', 'Fix', 'fix', 'FIXED', 'Fixed', 'fixed']
+    labels: ['bug']
+  - type: 'feature'
+    nouns: ['FEATURE', 'Feature', 'feature', 'FEAT', 'Feat', 'feat']
+    labels: ['enhancement']
+  - type: 'breaking_change'
+    nouns: ['BREAKING CHANGE', 'BREAKING', 'MAJOR']
+    labels: ['breaking-change']
+  - type: 'refactor'
+    nouns: ['refactor', 'Refactor']
+    labels: ['refactor']
+  - type: 'documentation'
+    nouns: ['docs', 'doc', 'document', 'documentation']
+    labels: ['documentation']
+  - type: 'build'
+    nouns: ['build', 'rebuild']
+    labels: ['build']
+  - type: 'config'
+    nouns: ['config', 'conf', 'configuration', 'configure']
+    labels: ['config']

.github/auto-labeler-config.yaml

@@ -0,0 +1,27 @@
+---
+
+quiet: true
+
+skip-check:
+# https://www.checkov.io/5.Policy%20Index/kubernetes.html
+- CKV_K8S_15 # Image Pull Policy should be Always
+- CKV_K8S_21 # The default namespace should not be used
+- CKV_K8S_22 # Use read-only filesystem for containers where possible
+- CKV_K8S_35 # Prefer using secrets as files over secrets as environment variables
+- CKV_K8S_38 # Ensure that Service Account Tokens are only mounted where necessary
+- CKV_K8S_40 # Containers should run as a high UID to avoid host conflict
+- CKV_K8S_43 # Image should use digest
+- CKV2_K8S_5 # No ServiceAccount/Node should be able to read all secrets
+- CKV2_K8S_6 # Minimize the admission of pods which lack an associated NetworkPolicy
+# https://www.checkov.io/5.Policy%20Index/dockerfile.html
+- CKV_DOCKER_2 # Ensure that HEALTHCHECK instructions have been added to container images
+# https://www.checkov.io/5.Policy%20Index/secrets.html
+- CKV_SECRET_6 # Base64 High Entropy String
+# https://www.checkov.io/5.Policy%20Index/github_actions.html
+- CKV2_GHA_1 # Ensure top-level permissions are not set to write-all
+- CKV_GHA_7 # The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty.
+- CKV_K8S_29 # Apply security context to your pods and containers
+- CKV_K8S_14 # Image Tag should be fixed - not latest or blank
+- CKV_OPENAPI_21 #Ensure that arrays have a maximum number of items
+- CKV_OPENAPI_4 #Ensure that the global security field has rules defined
+- CKV_OPENAPI_5 # Ensure that security operations is not empty

.github/linters/.checkov.yaml

@@ -0,0 +1,17 @@
+---
+env:
+  es6: true
+
+extends:
+- "eslint:recommended"
+
+parser: "@typescript-eslint/parser"
+
+plugins:
+- "@typescript-eslint"
+
+rules:
+  no-undef: 'warn'
+
+globals:
+  module: "writable"

.github/linters/.eslintrc.yml

@@ -0,0 +1,2 @@
+[flake8]
+max-line-length = 120

.github/linters/.flake8

@@ -0,0 +1,2 @@
+run:
+  timeout: 10m

.github/linters/.golangci.yml

@@ -0,0 +1,9 @@
+{
+    "threshold": 2,
+    "ignore": [
+        "**/.git/**",
+        "**/charts/*/templates/*/*.yaml",
+        "**/charts/*/templates/*/*/*.yaml",
+        "**/docs/examples/**"
+    ]
+}

.github/linters/.jscpd.json

@@ -0,0 +1,66 @@
+---
+#### Config file for yamllint
+# Rules: https://yamllint.readthedocs.io/en/stable/rules.html
+
+# Exclude not required files
+# ignore-from-file:
+# - .gitignore
+# - .yamlignore
+
+rules:
+  braces:
+    min-spaces-inside: 1
+    max-spaces-inside: 1
+    min-spaces-inside-empty: 0
+    max-spaces-inside-empty: 0
+  brackets:
+    min-spaces-inside: 0
+    max-spaces-inside: 1
+    min-spaces-inside-empty: -1
+    max-spaces-inside-empty: -1
+  colons:
+    max-spaces-before: 0
+    max-spaces-after: -1
+  commas:
+    max-spaces-before: 0
+    min-spaces-after: 1
+    max-spaces-after: 1
+  comments:
+    level: warning
+    require-starting-space: true
+    min-spaces-from-content: 1
+  comments-indentation:
+    level: warning
+  document-end: disable
+  document-start: disable
+  # level: warning
+  # present: false
+  empty-lines:
+    level: warning
+    max: 2
+    max-start: 0
+    max-end: 2
+  empty-values:
+    forbid-in-block-mappings: false
+    forbid-in-flow-mappings: true
+  hyphens:
+    max-spaces-after: 1
+  indentation:
+    level: warning
+    spaces: 2
+    indent-sequences: true
+    check-multi-line-strings: false
+  key-duplicates: enable
+  key-ordering: disable
+  line-length: disable
+  # max: 100
+  # allow-non-breakable-words: true
+  # allow-non-breakable-inline-mappings: true
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  octal-values:
+    forbid-implicit-octal: false
+    forbid-explicit-octal: false
+  trailing-spaces: enable
+  truthy: disable

.github/linters/.yaml-lint.yml

@@ -0,0 +1,13 @@
+paths:
+  .github/workflows/**/*.{yml,yaml}:
+    ignore:
+      - 'shellcheck reported issue in this script: SC2086:info.+'
+      - 'shellcheck reported issue in this script: SC2002:style.+'
+  workflows-templates/**/*.{yml,yaml}:
+    ignore:
+      - 'shellcheck reported issue in this script: SC2086:info.+'
+      - 'shellcheck reported issue in this script: SC2002:style.+'
+  actions/**/*.{yml,yaml}:
+    ignore:
+      - 'shellcheck reported issue in this script: SC2086:info.+'
+      - 'shellcheck reported issue in this script: SC2002:style.+'