-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTaskfile.dist.yaml
More file actions
364 lines (313 loc) · 9.68 KB
/
Taskfile.dist.yaml
File metadata and controls
364 lines (313 loc) · 9.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
version: '3'
env:
#ENV: dev
#ENV: testing
#ENV: staging
ENV: production
dotenv: ['.env', '{{ .taskEnv }}']
vars:
project: Hello World
homepage: https://example.com
forums: https://example.com/forums
chat: https://chat.example.com
ircserver: irc.libera.chat
ircroom: help
homepage: https://example.com
author: Acme Inc.
version: 0.0.1
build:
sh: "[ -d .git ] && git rev-parse --short HEAD || echo dev"
date:
sh: date -Ins
license: MIT
user:
sh: id -u -n
hostname:
sh: hostname
taskEnv: .task.env
tasks:
default:
cmds:
- task: hello
hello:
desc: "Display project welcome message"
summary: |
Display project information and welcome message
This is space for a longer description.
cmds:
- cmd: echo " Hello {{ .fullname }}!"
silent: true
- cmd: echo -e "\nRun 'just help' to get started."
silent: true
- cmd: just help
silent: true
help:
desc: "Display help"
cmds:
- cmd: task --help
silent: true
build:
desc: Build
deps: ['build:templates']
env:
RUSTFLAGS: "--cfg tokio_unstable"
cmds:
- cargo auditable build --release
- defer: { task: cleanup }
build:templates:
desc: "Compile templates"
sources:
- '**/*.j2'
cmds:
- for: sources
cmd: minijinja-cli --strict --format toml --output $(basename {{ .ITEM }} .j2) {{ .ITEM }} variables.toml
test:
desc: Run tests
deps: ['test:code', 'test:scripts', 'test:apis']
test:code:
desc: Test code
cmds:
- task: test:code:rust
test:code:rust:
desc: "Test Rust code"
sources:
- '**/*.rs'
cmds:
- cargo nextest run --workspace --all-features --all-targets --verbose --no-tests=warn
test:scripts:
desc: Test using scripts
cmds:
- task: run:venom
test:apis:
desc: Test APIs
cmds:
- task: run:hurl
run:venom:
desc: Run venom scripted tests
sources:
- '**/*.venom.yaml'
run: always
cmds:
- for: sources
cmd: task run:venom:test -- {{ .ITEM }}
run:venom:test:
desc: Run a venom test
cmds:
- if [ ! -f build/tests/venom/variables.yaml ]; then echo '---' > build/tests/venom/variables.yaml ; fi
- venom run --output-dir build/tests/venom/results --html-report --var-from-file build/tests/venom/variables.yaml {{ .CLI_ARGS }}
- mv build/tests/venom/results/test_results.html build/tests/venom/results/index.html
- cat build/tests/venom/results/test_results_venom.json | jq
- echo www --port 4001 build/tests/venom/results
run:hurl:
desc: Run hurl API tests
sources:
- '**/*.hurl.yaml'
run: always
cmds:
- for: sources
cmd: task run:hurl:test -- {{ .ITEM }}
run:hurl:test:
desc: Run a hurl test
cmds:
- hurl --test --parallel --glob {{ .CLI_ARGS }} --report-html build/tests/hurl --report-json build/tests/hurl
- cat build/tests/hurl/report.json | jq
- echo www --port 4002 build/tests/hurl
clean:
desc: "Clean up"
deps: ["run:cargo-clean", "run:mise-clean"]
run:cargo-clean:
desc: "Run cargo clean"
cmds:
- cargo clean
run:mise-clean:
desc: "Run mise clean"
status:
- test ! -f .mise.toml
cmds:
- mise prune
- mise cache clear
lint:
desc: Lint code
deps: ['run:lychee', 'run:cargo-outdated', 'run:todos']
run:lychee:
desc: Run lychee link checker
sources:
- '**/*.md'
cmds:
- for: sources
cmd: if ! test "$PWD" != "${PWD%node_modules*}" ; echo lychee {{ .ITEM }} ; fi
run:cargo-outdated:
desc: Run cargo outdated
sources:
- '**/Cargo.toml'
cmds:
- for: sources
cmd: cd $(dirname {{ .ITEM }}) ; cargo outdated
run:todos:
desc: Run todo checker
cmds:
- todo-tree
format:
desc: Format code
deps: ['run:treefmt']
run:treefmt:
desc: Run treefmt
cmds:
- treefmt
# for v2: treefmt --on-unmatched=info
docs:
desc: Build documentation pages
deps: ['run:rustdoc', 'run:doctave', 'run:mdbook', 'run:zola']
run:rustdoc:
desc: "Build rustdoc technical notes"
generates:
- "./docs/technical/rustdoc"
preconditions:
- test -f Cargo.toml
vars:
PKG_NAME:
sh: cargo get package.name
build_dir: ../../../build/output/docs/technical/rustdoc
cmds:
- echo Building rustdoc...
- cargo doc
- mkdir -p {{.build_dir}} ; mv target/doc/{{.PKG_NAME}}/* {{.build_dir}}/ ; rmdir target/doc/{{.PKG_NAME}} ; mv target/doc/* {{.build_dir}}/
- "echo Start server: www --root {{.build_dir}} --port 4000"
run:mdbook:
desc: Build mdbook technical notes
generates:
- './docs/technical/mdbook'
cmds:
- echo Building mdbook...
- if [ ! -d mdbook ]; then mkdir -p docs/technical ; cd docs/technical ; mdbook init mdbook --title "Technical Documentation" --ignore git; fi
- cd docs/technical/mdbook ; mkdir -p ../../../build/docs/technical/mdbook ; mdbook build --dest-dir ../../../build/docs/technical/mdbook
- 'echo Start server: mdbook serve --dest-dir ../../../build/docs/technical/mdbook --port 4001'
run:doctave:
desc: Build doctave user guides notes
generates:
- "./docs/user-guides/doctave"
vars:
build_dir: ../../../build/output/docs/user-guides/doctave
cmds:
- echo Building doctave...
- |
cat > doctave.yaml <<EOL
name: {{.project}}
version: {{.version}}
build_dir: {{.build_dir}}
EOL
- cd docs/user-guides/doctave ; doctave build --release
- 'echo Start server: doctave serve --port 4002'
#run:docusourus:
#desc: Build docusourus user guides
#vars:
#GIT_OWNER:
#sh: git remote get-url origin | grep owner
#GIT_PROJECT:
#sh: git remote get-url origin | grep owner
#generates:
#- './docs/user-guides/docusourus'
#cmds:
#- echo Building docusourus...
#- if [ ! -d docusourus ]; then npx --yes create-docusaurus@latest --typescript --git-strategy shallow --package-manager yarn docusourus classic ; fi
#- cd docusourus
#- 'sd --fixed-strings "facebook/docusourus" "{{.GIT_OWNER}}/{{.GIT_PROJECT}}" docusaurus.config.ts'
#- 'sd "organizationName: .facebook." "{{.GIT_OWNER}}" docusaurus.config.ts'
#- yarn build
#- 'echo Start server: www --port 4003 build'
run:zola:
desc: Build zola blog and release notes
generates:
- './docs/blog/zola'
cmds:
- echo Building zola...
- if [ ! -d zola ]; then mkdir -p docs/blog ; cd docs/blog ; zola init zola ; fi
- cd docs/blog/zola ; mkdir -p ../../../build/docs/blog/zola ; zola build --force --base-url https://localhost:4004 --output-dir ../../../build/docs/blog/zola
- 'echo Start server: www --port 4004 ../../../build/docs/blog/zola'
audit:
desc: Perform a security audit
deps: ['audit:secrets', 'audit:vulnerabilities', 'audit:code-quality', 'audit:code-coverage', 'audit:licenses', 'audit:project-health']
audit:secrets:
desc: Scan for secrets
cmds:
- task: run:trufflehog
run:trufflehog:
desc: Run trufflehog
summary: |
Scan for:
- 700 credential detectors that support active verification against their respective APIs.
- GitHub, GitLab, Docker, filesystems, S3, GCS, Circle CI and Travis CI.
- Instantly verify private keys against millions of GitHub users and billions of TLS certificates
- Scan binaries and documents
cmds:
- trufflehog git file://. --since-commit HEAD --only-verified --no-update --fail
audit:vulnerabilities:
desc: Scan for vulnerabilities
cmds:
- task: run:trivy
run:trivy:
desc: Run trivy
summary: |
Scan for:
OS packages and software dependencies in use (SBOM)
Known vulnerabilities (CVEs)
IaC issues and misconfigurations
Sensitive information and secrets
Software licenses
cmds:
- trivy --config trivy.yaml fs .
audit:code-quality:
desc: Look for code smells
cmds:
- task: run:sonarcube
run:sonarcube:
desc: Run sonarcube
cmds:
- echo sonarcube run
audit:code-coverage:
desc: Calculate code coverage
cmds:
- task: run:llvm-cov
run:llvm-cov:
desc: Run LLVM cov
env:
LLVM_COV: /usr/local/bin/llvm-cov19
LLVM_PROFDATA: /usr/local/bin/llvm-profdata19
cmds:
- cargo llvm-cov nextest
- cargo llvm-cov --manifest-path backpack/cli/Cargo.toml --fail-under-lines 90 --fail-under-functions 90
- cargo llvm-cov --manifest-path backpack/lib/Cargo.toml --fail-under-lines 90 --fail-under-functions 90
audit:licenses:
desc: Look for incompatible licenses
cmds:
- task: run:feluda
- task: run:cargo-deny
- task: run:cargo-license
audit:project-health:
desc: Overall health of this project
cmds:
- 'echo Missing docs :: website'
- 'echo Missing docs :: comments'
- 'echo Missing code :: tests'
- 'echo Missing code :: test coverage'
- 'echo Missing benchmarks :: tests'
- 'echo Missing benchmarks :: reports'
- 'echo Missing git :: license'
- 'echo Missing git :: readme'
- 'echo Missing security :: sbom'
- 'echo Missing security :: checksums'
- 'echo Missing security :: signatures :: minisign'
- 'echo Missing security :: signatures :: cosign'
- 'echo Missing security :: rust :: cargo-audible'
run:feluda:
desc: Run feluda
cmds:
- feluda
run:cargo-deny:
desc: Run cargo deny
cmds:
- cargo deny check licenses bans
run:cargo-license:
desc: Run cargo license
cmds:
- cargo license --authors --do-not-bundle