Merge branch 'main' into user-guide

Author: Gary-H9

.devcontainer/devcontainer.json

@@ -1,10 +1,11 @@
 {
   "name": "devcontainer-community",
-  "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+  "image": "mcr.microsoft.com/devcontainers/base:ubuntu-24.04",
   "features": {
     "ghcr.io/devcontainers/features/docker-in-docker:2": {},
     "ghcr.io/devcontainers/features/node:1": {}
   },
+  "postCreateCommand": "npm install --global @devcontainers/cli",
   "customizations": {
     "vscode": {
       "extensions": [
@@ -18,6 +19,5 @@
         }
       }
     }
-  },
-  "postCreateCommand": "npm install --global @devcontainers/cli"
+  }
 }

.github/workflows/dependency-review.yml

@@ -22,10 +22,10 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Dependency Review
         id: dependency_review
-        uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2
+        uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3
         with:
           fail-on-severity: critical

.github/workflows/features.yml

@@ -26,7 +26,7 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Build path-filters file
         id: build_path_filters
@@ -54,7 +54,7 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Check Version
         id: check_version
@@ -142,15 +142,15 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Install @devcontainers/cli
         id: install_devcontainers_cli
         run: npm install --global @devcontainers/cli@latest
 
       - name: Build Image
         id: build_image
-        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
         with:
           file: images/base/Dockerfile
           context: images/base
@@ -187,7 +187,7 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Validate
         uses: devcontainers/action@528049dce833673f136ddfc09c2720d450029a6b # v1.4.2
@@ -211,11 +211,11 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Log in to GitHub Container Registry
         id: login_ghcr
-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}

.github/workflows/images.yml

@@ -26,7 +26,7 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Build path-filters file
         id: build_path_filters
@@ -54,7 +54,7 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Check Version
         id: check_version
@@ -143,11 +143,11 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Set Up Container Structure Test
         id: setup_container_structure_test
-        uses: ministryofjustice/github-actions/setup-container-structure-test@11e78e36ac2cab791b02824fc528885199bf88a1 # v18.0.0
+        uses: ministryofjustice/github-actions/setup-container-structure-test@c9cb317b93b19d1c28b7a42b0c982bdff8106bbb # v18.0.1
 
       - name: Set Up QEMU
         id: setup_qemu
@@ -158,7 +158,7 @@ jobs:
         uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
 
       - name: Build Image
-        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
         with:
           file: images/${{ matrix.image }}/Dockerfile
           context: images/${{ matrix.image }}
@@ -176,7 +176,7 @@ jobs:
 
       - name: Scan Image
         id: scan_image
-        uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
+        uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # 0.22.0
         with:
           scan-type: image
           image-ref: ghcr.io/ministryofjustice/devcontainer-${{ matrix.image }}:${{ github.sha }}
@@ -201,7 +201,7 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Set Up QEMU
         id: setup_qemu
@@ -213,7 +213,7 @@ jobs:
 
       - name: Log in to GitHub Container Registry
         id: login_ghcr
-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -226,7 +226,7 @@ jobs:
           echo "version=${version}" >>"${GITHUB_ENV}"
 
       - name: Publish Image
-        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
         with:
           file: images/${{ matrix.image }}/Dockerfile
           context: images/${{ matrix.image }}

.github/workflows/super-linter.yml

@@ -23,13 +23,13 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           fetch-depth: 0
 
       - name: Super-Linter
         id: super_linter
-        uses: super-linter/super-linter/slim@56576d491db07c7236b445ab09991ca49d12b0c6 # v6.5.0
+        uses: super-linter/super-linter/slim@88ea3923a7e1f89dd485d079f6eb5f5e8f937589 # v6.6.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           DEFAULT_BRANCH: main

.gitignore

@@ -4,7 +4,6 @@ coverage/
 venv/
 env/
 .DS_STORE
-.vscode
 *.code-workspace
 *.sha256
 terraform.tfstate

.vscode/launch.json

@@ -0,0 +1,35 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "Feature Test",
+      "type": "node",
+      "request": "launch",
+      "runtimeExecutable": "bash",
+      "runtimeArgs": ["${workspaceFolder}/scripts/features/test.sh", "${input:feature}"],
+      "console": "integratedTerminal"
+    },
+    {
+      "name": "Image Test",
+      "type": "node",
+      "request": "launch",
+      "runtimeExecutable": "bash",
+      "runtimeArgs": ["${workspaceFolder}/scripts/images/build-and-test.sh", "${input:image}"],
+      "console": "integratedTerminal"
+    }
+  ],
+  "inputs": [
+    {
+      "id": "feature",
+      "type": "pickString",
+      "description": "Select the feature to test",
+      "options": ["aws", "cloud-platform", "container-structure-test", "kubernetes", "static-analysis", "terraform"]
+    },
+    {
+      "id": "image",
+      "type": "pickString",
+      "description": "Select the image to test",
+      "options": ["base"]
+    }
+  ]
+}

features/src/aws/CHANGELOG.md

@@ -8,6 +8,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.0.0] - 2024-05-13
+
+- Promoting to 1.0.0
+
+- Added AWS SSO CLI completion
+
+### Changed
+
 ## [0.0.3] - 2024-04-08
 
 ### Changed

features/src/aws/devcontainer-feature.json

@@ -1,18 +1,31 @@
 {
   "id": "aws",
-  "version": "0.0.3",
+  "version": "1.0.0",
   "name": "AWS",
+  "documentationURL": "https://github.com/ministryofjustice/.devcontainer/tree/main/features/src/aws",
   "description": "Installs the AWS CLI and AWS SSO CLI",
   "options": {
     "awsCliVersion": {
       "type": "string",
       "description": "Version of the AWS CLI to install",
+      "proposals": ["latest"],
       "default": "latest"
     },
     "awsSsoCliVersion": {
       "type": "string",
-      "description": "Version of AWS SSO CLI to install",
+      "description": "Version of the AWS SSO CLI to install",
+      "proposals": ["latest"],
       "default": "latest"
+    },
+    "installAwsSsoCliPrompt": {
+      "type": "boolean",
+      "description": "Whether to install the AWS SSO CLI prompt",
+      "default": true
+    }
+  },
+  "customizations": {
+    "vscode": {
+      "extensions": ["AmazonWebServices.aws-toolkit-vscode"]
     }
   }
 }

features/src/aws/install-aws-cli.sh

@@ -23,6 +23,6 @@ unzip "${ARTEFACT}"
 
 bash ./aws/install
 
-rm --recursive --force aws "${ARTEFACT}"
+install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.devcontainer/featurerc.d/aws-cli.sh /home/vscode/.devcontainer/featurerc.d/aws-cli.sh
 
-install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.devcontainer/featurerc.d/aws.sh /home/vscode/.devcontainer/featurerc.d/aws.sh
+rm --recursive --force aws "${ARTEFACT}"

features/src/aws/install-aws-sso-cli.sh

@@ -10,6 +10,7 @@ get_system_architecture
 
 GITHUB_REPOSITORY="synfinatic/aws-sso-cli"
 VERSION="${AWSVAULTVERSION:-"latest"}"
+INSTALL_PROMPT="${INSTALLAWSSSOCLIPROMPT:-"true"}"
 
 if [[ "${VERSION}" == "latest" ]]; then
   get_github_latest_tag "${GITHUB_REPOSITORY}"
@@ -29,11 +30,17 @@ install --directory --owner=vscode --group=vscode /home/vscode/.aws-sso
 
 install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.aws-sso/config.yaml /home/vscode/.aws-sso/config.yaml
 
-install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.devcontainer/featurerc.d/aws-sso.sh /home/vscode/.devcontainer/featurerc.d/aws-sso.sh
+install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.devcontainer/featurerc.d/aws-sso-cli.sh /home/vscode/.devcontainer/featurerc.d/aws-sso-cli.sh
 
-install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.devcontainer/promptrc.d/aws-sso.sh /home/vscode/.devcontainer/promptrc.d/aws-sso.sh
+if [[ "${INSTALL_PROMPT}" == "true" ]]; then
+  install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.devcontainer/promptrc.d/aws-sso-cli.sh /home/vscode/.devcontainer/promptrc.d/aws-sso-cli.sh
+fi
 
-awsSsoFilePassword=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c -32)
+awsSsoFilePassword=$(openssl rand -hex 32)
 export awsSsoFilePassword
 
-sed --in-place "s/REPLACE_ME/${awsSsoFilePassword}/g" /home/vscode/.devcontainer/featurerc.d/aws-sso.sh
+sed --in-place "s/REPLACE_ME/${awsSsoFilePassword}/g" /home/vscode/.devcontainer/featurerc.d/aws-sso-cli.sh
+
+aws-sso --config /home/vscode/.aws-sso/config.yaml completions --source --shell=zsh >>/home/vscode/.devcontainer/featurerc.d/aws-sso-cli.sh
+
+rm --force aws-sso

features/src/aws/src/home/vscode/.devcontainer/featurerc.d/aws.sh features/src/aws/src/home/vscode/.devcontainer/featurerc.d/aws-cli.sh

@@ -1,4 +1,4 @@
-<!-- markdownlint-disable MD003 -->
+<!-- markdownlint-disable MD003 MD024 -->
 # Changelog
 
 All notable changes to this project will be documented in this file.
@@ -8,6 +8,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.0.0] - 2024-05-13
+
+### Changed
+
+- Promoting to 1.0.0
+
 ## [0.0.2] - 2024-04-05
 
 ## Changed

features/src/aws/src/home/vscode/.devcontainer/featurerc.d/aws-sso.sh features/src/aws/src/home/vscode/.devcontainer/featurerc.d/aws-sso-cli.sh

@@ -1,12 +1,13 @@
 {
   "id": "container-structure-test",
-  "version": "0.0.2",
+  "version": "1.0.0",
   "name": "Container Structure Test",
-  "description": "Installs Container Structure Test",
+  "description": "Installs the Container Structure Test CLI",
   "options": {
-    "containerStructureTestVersion": {
+    "containerStructureTestCliVersion": {
       "type": "string",
-      "description": "Version of Container Structure Test to install",
+      "description": "Version of Container Structure Test CLI to install",
+      "proposals": ["latest"],
       "default": "latest"
     }
   },

features/src/aws/src/home/vscode/.devcontainer/promptrc.d/aws-sso.sh features/src/aws/src/home/vscode/.devcontainer/promptrc.d/aws-sso-cli.sh

@@ -9,7 +9,7 @@ source /usr/local/bin/devcontainer-utils
 get_system_architecture
 
 GITHUB_REPOSITORY="GoogleContainerTools/container-structure-test"
-VERSION="${CONTAINERSTRUCTURETESTVERSION:-"latest"}"
+VERSION="${CONTAINERSTRUCTURETESTCLIVERSION:-"latest"}"
 
 if [[ "${VERSION}" == "latest" ]]; then
   get_github_latest_tag "${GITHUB_REPOSITORY}"
@@ -25,4 +25,6 @@ curl --fail-with-body --location "https://github.com/${GITHUB_REPOSITORY}/releas
 
 install --owner=vscode --group=vscode --mode=775 container-structure-test /usr/local/bin/container-structure-test
 
+container-structure-test completion zsh >>/home/vscode/.devcontainer/featurerc.d/container-structure-test-cli.sh
+
 rm --force container-structure-test

features/src/container-structure-test/CHANGELOG.md

@@ -4,5 +4,5 @@
 # file not accessible until being built
 source /usr/local/bin/devcontainer-utils
 
-logger "info" "Installing Container Structure Test (version: ${CONTAINERSTRUCTURETESTVERSION})"
-bash "$(dirname "${0}")"/install-container-structure-test.sh
+logger "info" "Installing Container Structure Test CLI (version: ${CONTAINERSTRUCTURETESTCLIVERSION})"
+bash "$(dirname "${0}")"/install-container-structure-test-cli.sh