Merge pull request #1 from mozilla/init_jbi

Building out some of the structure for the configuration and action logic.

Author: bsieber-mozilla

.github/CODEOWNERS

@@ -0,0 +1 @@
+**/*.py @mozilla/jbi-reviewers

.github/workflows/build-image.yaml

@@ -0,0 +1,78 @@
+name: Build Docker image
+
+on: [ push, pull_request ]
+
+jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    outputs:
+      FULL_IMAGE_TAG: ${{ steps.tag.outputs.tag }}
+    steps:
+      - name: Set Tag
+        id: tag
+        run: |
+          export CI_COMMIT_SHORT_SHA=$(echo $GITHUB_SHA | cut -c1-8)
+          echo $CI_COMMIT_SHORT_SHA;
+          echo ${GITHUB_REF##*/};
+          echo $version_pattern;
+          if [[ ${GITHUB_REF} =~ $version_pattern ]]; then
+            echo "::set-output name=tag::${GITHUB_REF##*/}"
+          elif [ ${GITHUB_REF##*/} = "main" ]; then
+            echo "::set-output name=tag::stg-$CI_COMMIT_SHORT_SHA"
+          else
+            echo "::set-output name=tag::$CI_COMMIT_SHORT_SHA"
+          fi
+        env:
+          version_pattern: "tags\\/v[0-9]+\\.[0-9]+\\.[0-9]+"
+
+
+  build-image:
+    runs-on: ubuntu-latest
+    needs: prepare
+
+    steps:
+      - name: Echo tag
+        id: echotag
+        env:
+          IMAGE_TAG: ${{ needs.prepare.outputs.FULL_IMAGE_TAG }}
+        run: |
+          echo "Building an image with the following tag:"
+          echo $IMAGE_TAG
+      - name: Checkout
+        uses: actions/checkout@v2
+
+#      - name: Configure AWS Credentials
+#        uses: aws-actions/configure-aws-credentials@v1
+#        id: configure-aws-creds
+#        env:
+#          AWS_REGION: us-west-2
+#        with:
+#          aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }}
+#          aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }}
+#          aws-region: ${{ env.AWS_REGION }}
+#
+#      - name: Login to Amazon ECR
+#        id: login-ecr
+#        uses: aws-actions/amazon-ecr-login@v1
+#
+#      - name: Build and push to ECR
+#        id: build-push
+#        env:
+#          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+#          ECR_REPOSITORY: jira-bugzilla-integration
+#          IMAGE_TAG: ${{ needs.prepare.outputs.FULL_IMAGE_TAG }}
+#        run: |
+#          printf '{\n    "commit": "%s",\n    "version": "%s",\n    "image_tag": "%s",\n    "source": "%s",\n    "build": "%s"\n}\n' \
+#            "$GITHUB_SHA" \
+#            "$GITHUB_REF" \
+#            "$IMAGE_TAG" \
+#            "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
+#            "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" > ./version.json
+#          docker build --file infra/Dockerfile -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+#          docker image tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:latest
+#          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+#          docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
+#      - name: Logut of Amazon ECR
+#        if: always()
+#        run: |
+#          docker logout ${{ steps.login-ecr.outputs.registry }}

.github/workflows/test-build.yaml

@@ -0,0 +1,32 @@
+name: Run tests
+
+on: pull_request
+
+jobs:
+  run_test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Build test image
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: infra/Dockerfile
+          push: false
+          target: "test"
+          tags: ghcr.io/${{ github.repository }}:${{ github.sha }}
+
+      - name: Run tests
+        run: |-
+          docker run --rm \
+          -e JIRA_USERNAME \
+          -e JIRA_PASSWORD \
+          -e BUGZILLA_API_KEY \
+          ghcr.io/${{ github.repository }}:${{ github.sha }}
+        env:
+          JIRA_USERNAME: "fake_username"
+          JIRA_PASSWORD: "fake_password"
+          BUGZILLA_API_KEY: "fake_api_key"

.gitignore

@@ -127,3 +127,6 @@ dmypy.json
 
 # Pyre type checker
 .pyre/
+
+# iSort - Pre-Commit
+.isort.cfg

.pre-commit-config.yaml

@@ -0,0 +1,72 @@
+repos:
+  - repo: local
+    hooks:
+      - id: pylint
+        name: pylint
+        entry: poetry run pylint
+        language: system
+        exclude: ^migrations/
+        types: [python]
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v2.1.0
+    hooks:
+      - id: check-added-large-files
+      - id: check-json
+      - id: detect-private-key
+      - id: end-of-file-fixer
+      - id: pretty-format-json
+        args: [
+          '--autofix',
+          '--indent', '4',
+          '--no-sort-keys',
+        ]
+      - id: trailing-whitespace
+  - repo: local
+    hooks:
+      - id: mypy
+        name: mypy
+        entry: poetry run mypy
+        language: system
+        types: [python]
+  - repo: local
+    hooks:
+      - id: bandit
+        name: bandit
+        entry: poetry run bandit
+        args: [-lll, --recursive]
+        language: system
+  - repo: local
+    hooks:
+      - id: detect-secrets
+        name: detect-secrets
+        entry: poetry run detect-secrets-hook
+        args: ['--baseline', '.secrets.baseline']
+        exclude: "poetry.lock"
+        language: system
+  - repo: https://github.com/asottile/seed-isort-config
+    rev: v1.9.3
+    hooks:
+      - id: seed-isort-config
+  - repo: local
+    hooks:
+      - id: isort
+        name: isort
+        entry: poetry run isort
+        args: ["--recursive", "--settings-path", "./pyproject.toml", "."]
+        language: system
+        types: [python]
+  - repo: local
+    hooks:
+      - id: black
+        name: black
+        entry: poetry run black
+        types: [python]
+        language: system
+  - repo: local
+    hooks:
+      - id: yamllint
+        name: yamllint
+        entry: poetry run yamllint
+        args: ["-c", ".yamllint", 'config/']
+        types: [file, yaml]
+        language: system

.secrets.baseline

@@ -0,0 +1,76 @@
+{
+  "custom_plugin_paths": [],
+  "exclude": {
+    "files": null,
+    "lines": null
+  },
+  "generated_at": "2022-02-04T19:26:47Z",
+  "plugins_used": [
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "base64_limit": 4.5,
+      "name": "Base64HighEntropyString"
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "hex_limit": 3,
+      "name": "HexHighEntropyString"
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "keyword_exclude": null,
+      "name": "KeywordDetector"
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "results": {
+    "poetry.lock": [
+      {
+        "hashed_secret": "a3c8e175e20ee103a0aafa92378200de0583c54b",
+        "is_verified": false,
+        "line_number": 542,
+        "type": "Hex High Entropy String"
+      }
+    ]
+  },
+  "version": "0.14.3",
+  "word_list": {
+    "file": null,
+    "hash": null
+  }
+}

.yamllint

@@ -0,0 +1,21 @@
+---
+
+extends: default
+
+ignore: |
+  src/
+  tests/
+  infra/
+  .github/
+  docker-compose.yaml
+  .pre-commit-config.yaml
+
+
+rules:
+  key-duplicates: enable
+  key-ordering: enable
+
+
+yaml-files:
+  - 'config/*.yaml'
+  - '.yamllint'

Makefile

@@ -0,0 +1,56 @@
+# Set these in the environment to override them. This is helpful for
+# development if you have file ownership problems because the user
+# in the container doesn't match the user on your host.
+_UID ?= 10001
+_GID ?= 10001
+
+.PHONY: help
+help:
+	@echo "Usage: make RULE"
+	@echo ""
+	@echo "JBI make rules:"
+	@echo ""
+	@echo "  build   - build docker containers"
+	@echo "  lint    - lint check for code"
+	@echo "  start   - run the API service"
+	@echo ""
+	@echo "  test        - run test suite"
+	@echo "  shell       - open a shell in the web container"
+	@echo "  test-shell  - open a shell in test environment"
+	@echo ""
+	@echo "  generate    - create json file from TEMPLATE"
+	@echo ""
+	@echo "  help    - see this text"
+
+
+.PHONY: build
+build:
+	docker-compose -f ./docker-compose.yaml -f ./tests/infra/docker-compose.test.yaml build \
+		--build-arg userid=${_UID} --build-arg groupid=${_GID}
+
+.PHONY: lint
+lint:
+	docker-compose -f ./docker-compose.yaml -f ./tests/infra/docker-compose.lint.yaml build \
+		--build-arg userid=${_UID} --build-arg groupid=${_GID} lint
+
+
+.PHONY: shell
+shell:
+	docker-compose -f ./docker-compose.yaml run web
+
+.PHONY: start
+start:
+	docker-compose up
+
+.PHONY: test
+test:
+	docker-compose -f ./docker-compose.yaml -f ./tests/infra/docker-compose.test.yaml run tests
+ifneq (1, ${MK_KEEP_DOCKER_UP})
+	# Due to https://github.com/docker/compose/issues/2791 we have to explicitly
+	# rm all running containers
+	docker-compose down
+endif
+
+.PHONY: test-shell
+test-shell:
+	docker-compose -f ./docker-compose.yaml -f ./tests/infra/docker-compose.test.yaml run web

README.md

@@ -1,2 +1,12 @@
 # Jira Bugzilla Integration (JBI)
 System to sync bugs and issues
+
+## Self-Service
+
+If you're interested in using the default action;
+the process is simple to enabling a new downstream
+project. [...read more here.](src/jbi/whiteboard_tags/README.md)
+
+If you're looking for a unique capability for your
+team's data flow; you can add your own python methods
+and functionality. [...read more here.](src/jbi/whiteboard_actions/README.md)

config/config.dev.yaml

@@ -0,0 +1,10 @@
+---
+
+# Action Config
+actions:
+  devtest:
+    contact: tbd
+    description: DevTest whiteboard tag
+    parameters:
+      jira_project_key: OSS
+      whiteboard_tag: devtest