From 0a0d380cd0b44ad637d9edd5222f83f0c3b8b4b8 Mon Sep 17 00:00:00 2001
From: Matthew Baggett <matthew@baggett.me>
Date: Wed, 31 Jul 2024 11:30:50 +0200
Subject: [PATCH] Initial restructured project + trunk + pipelines

---
 .actrc                            | 13 +++++++++++
 .github/workflows/scad.yml        | 34 ++++++++++++++++++++++++++++
 .gitignore                        |  4 ++++
 .gitmodules                       |  3 +++
 .trunk/.gitignore                 |  9 ++++++++
 .trunk/configs/.checkov.yaml      |  3 +++
 .trunk/configs/.gitleaks.toml     | 12 ++++++++++
 .trunk/configs/.hadolint.yaml     |  7 ++++++
 .trunk/configs/.markdownlint.yaml | 10 +++++++++
 .trunk/configs/.shellcheck        |  0
 .trunk/configs/.shellcheckrc      |  7 ++++++
 .trunk/configs/.tflint.hcl        | 16 +++++++++++++
 .trunk/configs/.yamllint.yaml     | 15 +++++++++++++
 .trunk/configs/svgo.config.js     | 14 ++++++++++++
 .trunk/configs/trivy-secret.yaml  |  2 ++
 .trunk/trunk.yaml                 | 37 +++++++++++++++++++++++++++++++
 lib/openscad-parametric-boxes     |  1 +
 17 files changed, 187 insertions(+)
 create mode 100644 .actrc
 create mode 100644 .github/workflows/scad.yml
 create mode 100644 .gitignore
 create mode 100644 .gitmodules
 create mode 100644 .trunk/.gitignore
 create mode 100644 .trunk/configs/.checkov.yaml
 create mode 100644 .trunk/configs/.gitleaks.toml
 create mode 100644 .trunk/configs/.hadolint.yaml
 create mode 100644 .trunk/configs/.markdownlint.yaml
 create mode 100644 .trunk/configs/.shellcheck
 create mode 100644 .trunk/configs/.shellcheckrc
 create mode 100644 .trunk/configs/.tflint.hcl
 create mode 100644 .trunk/configs/.yamllint.yaml
 create mode 100644 .trunk/configs/svgo.config.js
 create mode 100644 .trunk/configs/trivy-secret.yaml
 create mode 100644 .trunk/trunk.yaml
 create mode 160000 lib/openscad-parametric-boxes

diff --git a/.actrc b/.actrc
new file mode 100644
index 0000000..ae7dfce
--- /dev/null
+++ b/.actrc
@@ -0,0 +1,13 @@
+--action-cache-path .github/cache/act/actions
+--artifact-server-path .github/cache/act/artifacts
+--artifact-server-port 22002
+--cache-server-path .github/cache/act/cache
+--use-new-action-cache
+--var-file .act.vars
+--secret-file .act.secrets
+--pull=false
+--platform self-hosted=ghcr.io/catthehacker/ubuntu:act-latest
+--platform ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
+--platform ubuntu-22.04=ghcr.io/catthehacker/ubuntu:act-22.04
+--platform ubuntu-20.04=ghcr.io/catthehacker/ubuntu:act-20.04
+--platform ubuntu-18.04=ghcr.io/catthehacker/ubuntu:act-18.04
diff --git a/.github/workflows/scad.yml b/.github/workflows/scad.yml
new file mode 100644
index 0000000..c277d34
--- /dev/null
+++ b/.github/workflows/scad.yml
@@ -0,0 +1,34 @@
+name: Deploy To Production
+on:
+  push:
+    branches:
+      - main
+
+permissions: read-all
+
+jobs:
+  render:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        part:
+          - Lid
+          - Bottom
+          - Latch
+          - Seal
+    steps:
+      - name: Setup
+        uses: actions/checkout@v4
+      - name: Render
+        run: |
+          docker run \
+            -v ${{ github.workspace }}:/workspace/ \
+            openscad/openscad \
+              -D View=\"${{ matrix.part }}\" \
+              -o /workspace/${{ matrix.part }}.stl \
+              /workspace/smokebox.scad
+      - name: Upload
+        uses: actions/upload-artifact@v4
+        with:
+          name: smokebox-${{ matrix.part }}.stl
+          path: ${{ github.workspace }}/${{ matrix.part }}.stl
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..44eb7c8
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+/.idea
+/out
+/.act.secrets
+/.github/cache
\ No newline at end of file
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..76faacc
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "lib/openscad-parametric-boxes"]
+	path = lib/openscad-parametric-boxes
+	url = https://code.techinc.nl/grey/openscad-parametric-boxes.git
diff --git a/.trunk/.gitignore b/.trunk/.gitignore
new file mode 100644
index 0000000..15966d0
--- /dev/null
+++ b/.trunk/.gitignore
@@ -0,0 +1,9 @@
+*out
+*logs
+*actions
+*notifications
+*tools
+plugins
+user_trunk.yaml
+user.yaml
+tmp
diff --git a/.trunk/configs/.checkov.yaml b/.trunk/configs/.checkov.yaml
new file mode 100644
index 0000000..8331ca9
--- /dev/null
+++ b/.trunk/configs/.checkov.yaml
@@ -0,0 +1,3 @@
+---
+skip-check:
+  - CKV_SECRET_* # Skip all checks that start with CKV_SECRET, we already have gitleaks doing this.
diff --git a/.trunk/configs/.gitleaks.toml b/.trunk/configs/.gitleaks.toml
new file mode 100644
index 0000000..bc874da
--- /dev/null
+++ b/.trunk/configs/.gitleaks.toml
@@ -0,0 +1,12 @@
+title = "Gitleaks config"
+[extend]
+useDefault = true
+
+[allowlist]
+paths = [
+  '''helix/tests/Cassettes/(.*?).cassette''',
+  '''helix/tests/Integration/(.*?).http''',
+  '''helix/tests/Integration/(.*?).env.json''',
+  '''helix/tests/*''',
+  '''.docker/base-image/php/self-signed-certificates/example.key''',
+]
diff --git a/.trunk/configs/.hadolint.yaml b/.trunk/configs/.hadolint.yaml
new file mode 100644
index 0000000..be3433f
--- /dev/null
+++ b/.trunk/configs/.hadolint.yaml
@@ -0,0 +1,7 @@
+ignored:
+  - DL3006
+  - DL3008
+  - SC1090
+  - SC1091
+  - SC2043
+  - SC2312
diff --git a/.trunk/configs/.markdownlint.yaml b/.trunk/configs/.markdownlint.yaml
new file mode 100644
index 0000000..fb94039
--- /dev/null
+++ b/.trunk/configs/.markdownlint.yaml
@@ -0,0 +1,10 @@
+# Autoformatter friendly markdownlint config (all formatting rules disabled)
+default: true
+blank_lines: false
+bullet: false
+html: false
+indentation: false
+line_length: false
+spaces: false
+url: false
+whitespace: false
diff --git a/.trunk/configs/.shellcheck b/.trunk/configs/.shellcheck
new file mode 100644
index 0000000..e69de29
diff --git a/.trunk/configs/.shellcheckrc b/.trunk/configs/.shellcheckrc
new file mode 100644
index 0000000..8c7b1ad
--- /dev/null
+++ b/.trunk/configs/.shellcheckrc
@@ -0,0 +1,7 @@
+enable=all
+source-path=SCRIPTDIR
+disable=SC2154
+
+# If you're having issues with shellcheck following source, disable the errors via:
+# disable=SC1090
+# disable=SC1091
diff --git a/.trunk/configs/.tflint.hcl b/.trunk/configs/.tflint.hcl
new file mode 100644
index 0000000..7488b8c
--- /dev/null
+++ b/.trunk/configs/.tflint.hcl
@@ -0,0 +1,16 @@
+config {
+    format = "compact"
+    module = true
+    plugin_dir = "~/.tflint.d/plugins"
+}
+
+plugin "terraform" {
+    enabled = true
+    preset  = "recommended"
+}
+
+plugin "aws" {
+    enabled = true
+    version = "0.27.0"
+    source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
diff --git a/.trunk/configs/.yamllint.yaml b/.trunk/configs/.yamllint.yaml
new file mode 100644
index 0000000..984573e
--- /dev/null
+++ b/.trunk/configs/.yamllint.yaml
@@ -0,0 +1,15 @@
+extends: relaxed
+rules:
+  quoted-strings:
+    required: only-when-needed
+    extra-allowed: ["{|*}"]
+  empty-values:
+    forbid-in-block-mappings: false
+    forbid-in-flow-mappings: false
+    ignore:
+      - .github/workflows/*.yml
+  key-duplicates: {}
+  octal-values:
+    forbid-implicit-octal: true
+  document-start: disable
+  line-length: disable
diff --git a/.trunk/configs/svgo.config.js b/.trunk/configs/svgo.config.js
new file mode 100644
index 0000000..b257d13
--- /dev/null
+++ b/.trunk/configs/svgo.config.js
@@ -0,0 +1,14 @@
+module.exports = {
+  plugins: [
+    {
+      name: "preset-default",
+      params: {
+        overrides: {
+          removeViewBox: false, // https://github.com/svg/svgo/issues/1128
+          sortAttrs: true,
+          removeOffCanvasPaths: true,
+        },
+      },
+    },
+  ],
+};
diff --git a/.trunk/configs/trivy-secret.yaml b/.trunk/configs/trivy-secret.yaml
new file mode 100644
index 0000000..715c97f
--- /dev/null
+++ b/.trunk/configs/trivy-secret.yaml
@@ -0,0 +1,2 @@
+disable-rules:
+  - DS002
diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
new file mode 100644
index 0000000..51dc4f7
--- /dev/null
+++ b/.trunk/trunk.yaml
@@ -0,0 +1,37 @@
+# This file controls the behavior of Trunk: https://docs.trunk.io/cli
+# To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml
+version: 0.1
+cli:
+  version: 1.22.2
+# Trunk provides extensibility via plugins. (https://docs.trunk.io/plugins)
+plugins:
+  sources:
+    - id: trunk
+      ref: v1.6.1
+      uri: https://github.com/trunk-io/plugins
+# Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes)
+runtimes:
+  enabled:
+    - node@18.12.1
+    - python@3.10.8
+# This is the section where you manage your linters. (https://docs.trunk.io/check/configuration)
+lint:
+  enabled:
+    - actionlint@1.7.1
+    - checkov@3.2.216
+    - git-diff-check
+    - prettier@3.3.3
+    - trivy@0.54.0
+    - trufflehog@3.80.3
+    - yamllint@1.35.1
+actions:
+  enabled:
+    - trunk-announce
+    - trunk-check-pre-push
+    - trunk-fmt-pre-commit
+    - trunk-upgrade-available
+tools:
+  enabled:
+    - act@0.2.64
+  disabled:
+    - trufflehog
diff --git a/lib/openscad-parametric-boxes b/lib/openscad-parametric-boxes
new file mode 160000
index 0000000..6cdf0fa
--- /dev/null
+++ b/lib/openscad-parametric-boxes
@@ -0,0 +1 @@
+Subproject commit 6cdf0fafc385e8426998954ebd47613ddc8a69d2