From f5e64df27b7796efecb54660cf0d14f4010f1e0b Mon Sep 17 00:00:00 2001
From: jayadeep kinavoor madam
 <156662663+jayadeep-km-sonarsource@users.noreply.github.com>
Date: Wed, 15 May 2024 13:37:04 +0200
Subject: [PATCH] BUILD-4976: add pre-commit and renovate (#2)

Signed-off-by: Jayadeep Kinavoor Madam <jayadeep.kinavoormadam@sonarsource.com>
---
 .github/renovate.json            |  6 ++++++
 .github/workflows/pre-commit.yml | 11 +++++++++++
 .markdownlint.yaml               |  7 +++++++
 .pre-commit-config.yaml          | 25 +++++++++++++++++++++++++
 README.md                        | 23 +++++++++++++++++++++--
 scripts/updatevbranch.sh         | 16 ++++++++++++++++
 6 files changed, 86 insertions(+), 2 deletions(-)
 create mode 100644 .github/renovate.json
 create mode 100644 .github/workflows/pre-commit.yml
 create mode 100644 .markdownlint.yaml
 create mode 100644 .pre-commit-config.yaml
 create mode 100755 scripts/updatevbranch.sh

diff --git a/.github/renovate.json b/.github/renovate.json
new file mode 100644
index 0000000..f89182c
--- /dev/null
+++ b/.github/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>SonarSource/renovate-config:re-team"
+  ]
+}
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
new file mode 100644
index 0000000..0cfce15
--- /dev/null
+++ b/.github/workflows/pre-commit.yml
@@ -0,0 +1,11 @@
+on:
+  pull_request:
+
+jobs:
+  pre-commit:
+    name: "pre-commit"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: SonarSource/gh-action_pre-commit@b2e8932c879cc5ad443fc8310b84665fdc6016d5 # 0.0.5
+        with:
+          extra-args: --from-ref=origin/${{ github.event.pull_request.base.ref }} --to-ref=${{ github.event.pull_request.head.sha }}
diff --git a/.markdownlint.yaml b/.markdownlint.yaml
new file mode 100644
index 0000000..1ef9768
--- /dev/null
+++ b/.markdownlint.yaml
@@ -0,0 +1,7 @@
+# Default state for all rules
+default: true
+
+# MD013/line-length - Line length
+MD013:
+  line_length: 120
+  tables: false
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..de9685f
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,25 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: f71fa2c1f9cf5cb705f73dffe4b21f7c61470ba9  # frozen: v4.4.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+  - repo: https://github.com/python-jsonschema/check-jsonschema
+    rev: 20447075e31543a8b125f2df18d75f3b5e7d4d2e  # frozen: 0.22.0
+    hooks:
+      - id: check-github-actions
+        files: .*/action.ya?ml
+      - id: check-github-workflows
+  - repo: https://github.com/gruntwork-io/pre-commit
+    rev: 5341f388c2a962d3bc66e075f00b80ab45b15f24 # v0.1.20
+    hooks:
+      - id: shellcheck
+  - repo: https://github.com/igorshubovych/markdownlint-cli
+    rev: c9ea83146232fb263effdfe6f222d87f5395b27a # v0.39.0
+    hooks:
+      - id: markdownlint
+  - repo: https://github.com/renovatebot/pre-commit-hooks
+    rev: 32ee411cf36142e6082f10870ae62172ce9af133  # frozen: 35.32.0
+    hooks:
+      - id: renovate-config-validator
diff --git a/README.md b/README.md
index 4a9cb00..43cbeaa 100644
--- a/README.md
+++ b/README.md
@@ -5,14 +5,16 @@
 
 Get notified for CircleCI/SonarCloud/SonarQube build failures on Slack.
 
-### Supported platforms
+## Supported platforms
+
 Notifications will be triggered upon build failures in any of the following platforms
 
 * SonarCloud
 * SonarQube-Next
 * CirrusCI
 
-### Enabled branches
+## Enabled branches
+
 Slack notifications will be enabled only for builds in the following branches
 
 * master
@@ -20,6 +22,16 @@ Slack notifications will be enabled only for builds in the following branches
 * dogfood-*
 * branch-*
 
+## Requirements
+
+The repository needs to be onboarded to [Vault](https://xtranet-sonarsource.atlassian.net/wiki/spaces/RE/pages/2466316312/HashiCorp+Vault#Onboarding-a-Repository-on-Vault).
+
+### Required permissions
+
+```yaml
+development/kv/data/slack
+```
+
 ## Usage
 
 Create a new GitHub workflow:
@@ -55,3 +67,10 @@ This project is using [Semantic Versioning](https://semver.org/).
 Branches prefixed with a `v` are pointers to the last major versions, ie: [`v1`](https://github.com/SonarSource/gh-action_build-notify/tree/v1).
 
 > Note: the `master` branch is used for development and can not be referenced directly. Use a `v` branch or a tag instead.
+
+## Releases
+
+To create a new release,
+
+1. Draft a new release from Github releases page with the next semantic version.
+2. Run `scripts/updatevbranch.sh <tag>` with the release version tag to update the v* branch with the new tag.
diff --git a/scripts/updatevbranch.sh b/scripts/updatevbranch.sh
new file mode 100755
index 0000000..d227475
--- /dev/null
+++ b/scripts/updatevbranch.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Update the v* branch to the tag version
+# Usage: scripts/updatevbranch.sh <version>
+set -xeuo pipefail
+
+version=$1
+vbranch="v${version%%.*}"
+git fetch --tags --all
+git checkout "$vbranch"
+git update-ref -m "reset: update branch $vbranch to tag $version" "refs/heads/$vbranch" "$version"
+git push --force origin "$vbranch:refs/heads/$vbranch" || (
+  git show -s --pretty=format:'%h%d' "$vbranch" "origin/$vbranch" "$version"
+  git log --graph --pretty=format:'%h -%d %s' --abbrev-commit "$vbranch" "origin/${vbranch}" "$version" -20
+  echo "Push failed, please check the output above" >&2
+  exit 1
+)