diff --git a/ISSUE_TEMPLATE.md b/.github/templates/ISSUE_TEMPLATE.md similarity index 100% rename from ISSUE_TEMPLATE.md rename to .github/templates/ISSUE_TEMPLATE.md diff --git a/ISSUE_TEMPLATE_ROTATION.md b/.github/templates/ISSUE_TEMPLATE_ROTATION.md similarity index 100% rename from ISSUE_TEMPLATE_ROTATION.md rename to .github/templates/ISSUE_TEMPLATE_ROTATION.md diff --git a/PULL_REQUEST_TEMPLATE.md b/.github/templates/PULL_REQUEST_TEMPLATE.md similarity index 100% rename from PULL_REQUEST_TEMPLATE.md rename to .github/templates/PULL_REQUEST_TEMPLATE.md diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml new file mode 100644 index 0000000..5b1b8e7 --- /dev/null +++ b/.github/workflows/checks.yml @@ -0,0 +1,71 @@ +name: "run-linting-checks" +on: + pull_request: + branches: [main, dev] + + +jobs: + resolve-repolinter-json: + uses: DSACMS/repo-scaffolder/.github/workflows/extendJSONFile.yml@add-repolinter-workflows + with: + url_to_json: 'https://raw.githubusercontent.com/DSACMS/repo-scaffolder/main/tier3/%7B%7Bcookiecutter.project_slug%7D%7D/repolinter.json' + + repolinter-checks: + name: Tier 3 Checks + needs: resolve-repolinter-json + runs-on: ubuntu-latest + env: + {% raw %} + RAW_JSON: ${{ needs.resolve-repolinter-json.outputs.raw-json }} + {% endraw %} + steps: + - uses: actions/checkout@v4 + - run: echo $RAW_JSON > repolinter.json + - uses: newrelic/repolinter-action@v1 + with: + # A path to the JSON/YAML Repolinter ruleset to use, relative to the workflow + # working directory (i.e. under `$GITHUB_WORKSPACE`). + # + # This option is mutually exclusive with config_url. If this option and + # config_url are not specified, Repolinter's default ruleset will be used. + config_file: 'repolinter.json' + + # Where repolinter-action should put the linting results. There are two + # options available: + # * "exit-code": repolinter-action will print the lint output to the console + # and set the exit code to result.passed. This output type is most useful for + # PR status checks. + # * "issue": repolinter-action will create a GitHub issue on the current + # repository with the repolinter output and always exit 0. See the README for + # more details on issue outputting behavior. This output type is ideal for + # non-intrusive notification. + # + # Default: "exit-code" + output_type: 'issue' + + # The title to use for the issue created by repolinter-action. This title + # should indicate the purpose of the issue, as well as that it was created by + # a bot. + # + # This option will be ignored if output_type != "issue". + # + # Default: "[Repolinter] Open Source Policy Issues" + output_name: '[Repolinter] Tier 3 Repository Hygiene Issue' + + # The name to use for the issue label created by repolinter-action. This name + # should be unique to repolinter-action (i.e. not used by any other issue) to + # prevent repolinter-action from getting confused. + # + # This option will be ignored if output_type != "issue". + # + # Default: "repolinter" + label_name: 'cms-oss-tier3' + + # The color to use for the issue label created by repolinter-action. The value + # for this option should be an unprefixed RRGGBB hex string (ex. ff568a). + # The default value is a shade of yellow. + # + # This option will be ignored if output_type != "issue". + # + # Default: "fbca04" + label_color: 'ff69b4' \ No newline at end of file diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml new file mode 100644 index 0000000..3ab38c5 --- /dev/null +++ b/.github/workflows/contributors.yml @@ -0,0 +1,68 @@ +on: + push: + branches: + - main + workflow_dispatch: + +jobs: + update-contributors: + runs-on: ubuntu-latest + name: Update contributors info in MAINTAINERS.md + permissions: + contents: write + pull-requests: write + steps: + # Update contributor list + - name: Contribute List + uses: akhilmhdh/contributors-readme-action@v2.3.10 + env: + {% raw %} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + {% endraw %} + with: + # https://github.com/marketplace/actions/contribute-list#optional-parameters + readme_path: MAINTAINERS.md + use_username: false + commit_message: "BOT: Update contributors info in MAINTAINERS.md" + + # Update contributor count + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Pull changes from contributors-readme-action + run: | + git pull + + - name: Get repository contributors count + id: get_contributors + # https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#list-repository-contributors + # https://docs.github.com/en/graphql/reference/objects#repositorycollaboratorconnection + # https://docs.github.com/en/graphql/guides/forming-calls-with-graphql#communicating-with-graphql + # CANNOT have newlines! + run: | + {% raw %} + OWNER=$(echo $GITHUB_REPOSITORY | cut -d'/' -f1) + REPO=$(echo $GITHUB_REPOSITORY | cut -d'/' -f2) + QUERY='query { repository(owner: \"'"$OWNER"'\", name: \"'"$REPO"'\") { collaborators { totalCount } } }' + CONTRIBUTORS=$(curl -s -X POST -H "Authorization: bearer ${{ secrets.GITHUB_TOKEN }}" -H "Content-Type: application/json" -d "{\"query\": \"$QUERY\"}" https://api.github.com/graphql | jq -r '.data.repository.collaborators.totalCount') + echo "Total contributors: $CONTRIBUTORS" + echo "contributors=$CONTRIBUTORS" >> $GITHUB_OUTPUT + {% endraw %} + + - name: Replace slug in MAINTAINERS.md with number of contributors + # https://stackoverflow.com/questions/10613643/replace-a-unknown-string-between-two-known-strings-with-sed + run: | + {% raw %} + CONTRIBUTORS=${{ steps.get_contributors.outputs.contributors }} + sed -i 's/.*/ '"$CONTRIBUTORS"' /g' MAINTAINERS.md + {% endraw %} + + - name: Commit and push changes + # https://github.com/orgs/community/discussions/26560#discussioncomment-3531273 + # commit changes, but if no changes exist, then exit cleanly + run: | + git config user.name 'github-actions[bot]' + git config user.email 'github-actions[bot]@users.noreply.github.com' + git add MAINTAINERS.md + git commit -m "BOT: Update contributors info in MAINTAINERS.md" || exit 0 + git push diff --git a/.github/workflows/repoStructure.yml b/.github/workflows/repoStructure.yml new file mode 100644 index 0000000..78e4e17 --- /dev/null +++ b/.github/workflows/repoStructure.yml @@ -0,0 +1,37 @@ +on: + push: + branches: + - main + workflow_dispatch: + +jobs: + populate-repo-structure: + runs-on: ubuntu-latest + name: Update repo structure in README.md + permissions: + contents: write + pull-requests: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Populate repository structure with tree command + # https://stackoverflow.com/questions/29613304/is-it-possible-to-escape-regex-metacharacters-reliably-with-sed + # https://stackoverflow.com/questions/407523/escape-a-string-for-a-sed-replace-pattern + run: | + quoteSubst() { + IFS= read -d '' -r < <(sed -e ':a' -e '$!{N;ba' -e '}' -e 's/[&/\]/\\&/g; s/\n/\\&/g' <<<"$1") + printf %s "${REPLY%$'\n'}" + } + TREE_OUTPUT=$(tree -d) + sed -i 's//\n```plaintext\n'"$(quoteSubst $TREE_OUTPUT)"'\n```\n/g' README.md + + - name: Commit and push changes + # https://github.com/orgs/community/discussions/26560#discussioncomment-3531273 + # commit changes, but if no changes exist, then exit cleanly + run: | + git config user.name 'github-actions[bot]' + git config user.email 'github-actions[bot]@users.noreply.github.com' + git add README.md + git commit -m "BOT: Update repo structure in README.md" || exit 0 + git push diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 0c704bf..0000000 --- a/.gitignore +++ /dev/null @@ -1,6 +0,0 @@ -# Files ignored because they're binary/unnecessary -.DS_STORE -# Files/Dirs ignored because they're secret/internal only -id_rsa -secrets_repo/ -internal_only_repo/ diff --git a/CODEOWNERS.md b/CODEOWNERS.md new file mode 100644 index 0000000..eea9070 --- /dev/null +++ b/CODEOWNERS.md @@ -0,0 +1,32 @@ +# Code Owners + +{% set code_owners = cookiecutter.code_owners.split(',') %} +{% for item in code_owners %}- {{ item }} +{% endfor %} + +## Repo Domains + + + +/docs/ {Git usernames of documentation owners} +/frontend/ {Git usernames of frontend owners} diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..f0a6d49 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,17 @@ +# Contributor Code of Conduct + +As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities. + +We are committed to making participation in this project a harassment-free experience for everyone, regardless of the level of experience, gender, gender identity, expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, or religion. + +Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned with this Code of Conduct. + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an issue or contacting one or more of the project maintainers at opensource@cms.hhs.gov. + +This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/) + +## Acknowledgements + +This CODE_OF_CONDUCT.md was originally forked from the [United States Digital Service](https://usds.gov) [Justice40](https://thejustice40.com) open source [repository](https://github.com/usds/justice40-tool), and we would like to acknowledge and thank the community for their contributions. \ No newline at end of file diff --git a/COMMUNITY_GUIDELINES.md b/COMMUNITY_GUIDELINES.md new file mode 100644 index 0000000..aa1a8d9 --- /dev/null +++ b/COMMUNITY_GUIDELINES.md @@ -0,0 +1,37 @@ +# {{ cookiecutter.project_name }} Open Source Community Guidelines + +This document contains principles and guidelines for participating in the {{ cookiecutter.project_name }} open source community. + +## Principles + +These principles guide our data, product, and process decisions, architecture, and approach. + +- Open means transparent and participatory. +- We take a modular and modern approach to software development. +- We build open-source software and open-source process. +- We value ease of implementation. +- Fostering community includes building capacity and making our software and processes accessible to participants with diverse backgrounds and skillsets. +- Data (and data science) is as important as software and process. We build open data sets where possible. +- We strive for transparency for algorithms and places we might be introducing bias. + +## Community Guidelines + +All community members are expected to adhere to our [Code of Conduct](CODE_OF_CONDUCT.md). + +Information on contributing to this repository is available in our [Contributing file](CONTRIBUTING.md). + +When participating in {{ cookiecutter.project_name }} open source community conversations and spaces, we ask individuals to follow the following guidelines: + +- When joining a conversation for the first time, please introduce yourself by providing a brief intro that includes: + - your related organization (if applicable) + - your pronouns + - your superpower, and how you hope to use it for {{ cookiecutter.project_name }} +- Embrace a culture of learning, and educate each other. We are all entering this conversation from different starting points and with different backgrounds. There are no dumb questions. +- Take space and give space. We strive to create an equitable environment in which all are welcome and able to participate. We hope individuals feel comfortable voicing their opinions and providing contributions and will do our best to recognize and make space for individuals who may be struggling to find space here. Likewise, we expect individuals to recognize when they are taking up significant space and take a step back to allow room for others. + +- Be respectful. +- Default to positive. Assume others' contributions are legitimate and valuable and that they are made with good intention. + +## Acknowledgements + +This COMMUNITY_GUIDELINES.md was originally forked from the [United States Digital Service](https://usds.gov) [Justice40](https://thejustice40.com) open source [repository](https://github.com/usds/justice40-tool), and we would like to acknowledge and thank the community for their contributions. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 7743f11..49ce9b5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,9 @@ - + # How to Contribute + + We're so thankful you're considering contributing to an [open source project of the U.S. government](https://code.gov/)! If you're unsure about anything, just ask -- or submit the issue or pull request anyway. The worst that can happen is @@ -12,53 +14,54 @@ We encourage you to read this project's CONTRIBUTING policy (you are here), its [LICENSE](LICENSE.md), and its [README](README.md). ## Getting Started - + + ### Team Specific Guidelines + + ### Building dependencies - + ### Building the Project - + ### Workflow and Branching - ### Testing Conventions - + ### Coding Style and Linters - -### Issues +### Writing Issues - -### Pull Requests +### Writing Pull Requests - -## Code Review +## Reviewing Pull Requests - + + ## Documentation - ## Policies @@ -166,29 +174,13 @@ questions, just [shoot us an email](mailto:opensource@cms.hhs.gov). ### Security and Responsible Disclosure Policy -The Centers for Medicare & Medicaid Services is committed to ensuring the -security of the American public by protecting their information from -unwarranted disclosure. We want security researchers to feel comfortable -reporting vulnerabilities they have discovered so we can fix them and keep our -users safe. We developed our disclosure policy to reflect our values and uphold -our sense of responsibility to security researchers who share their expertise -with us in good faith. - *Submit a vulnerability:* Unfortunately, we cannot accept secure submissions via email or via GitHub Issues. Please use our website to submit vulnerabilities at [https://hhs.responsibledisclosure.com](https://hhs.responsibledisclosure.com). HHS maintains an acknowledgements page to recognize your efforts on behalf of the American public, but you are also welcome to submit anonymously. -Review the HHS Disclosure Policy and websites in scope: -[https://www.hhs.gov/vulnerability-disclosure-policy/index.html](https://www.hhs.gov/vulnerability-disclosure-policy/index.html). - -This policy describes *what systems and types of research* are covered under this -policy, *how to send* us vulnerability reports, and *how long* we ask security -researchers to wait before publicly disclosing vulnerabilities. - -If you have other cybersecurity related questions, please contact us at -[csirc@hhs.gov](mailto:csirc@hhs.gov). +For more information about our Security, Vulnerability, and Responsible Disclosure Policies, see [SECURITY.md](SECURITY.md). ## Public domain diff --git a/GOVERNANCE.md b/GOVERNANCE.md new file mode 100644 index 0000000..27f7baf --- /dev/null +++ b/GOVERNANCE.md @@ -0,0 +1,5 @@ +# Governance + + +This project is governed by our [Community Guidelines](COMMUNITY_GUIDELINES.md) and [Code of Conduct](CODE_OF_CONDUCT.md). diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..1625c17 --- /dev/null +++ b/LICENSE @@ -0,0 +1,121 @@ +Creative Commons Legal Code + +CC0 1.0 Universal + + CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE + LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN + ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS + INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES + REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS + PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM + THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED + HEREUNDER. + +Statement of Purpose + +The laws of most jurisdictions throughout the world automatically confer +exclusive Copyright and Related Rights (defined below) upon the creator +and subsequent owner(s) (each and all, an "owner") of an original work of +authorship and/or a database (each, a "Work"). + +Certain owners wish to permanently relinquish those rights to a Work for +the purpose of contributing to a commons of creative, cultural and +scientific works ("Commons") that the public can reliably and without fear +of later claims of infringement build upon, modify, incorporate in other +works, reuse and redistribute as freely as possible in any form whatsoever +and for any purposes, including without limitation commercial purposes. +These owners may contribute to the Commons to promote the ideal of a free +culture and the further production of creative, cultural and scientific +works, or to gain reputation or greater distribution for their Work in +part through the use and efforts of others. + +For these and/or other purposes and motivations, and without any +expectation of additional consideration or compensation, the person +associating CC0 with a Work (the "Affirmer"), to the extent that he or she +is an owner of Copyright and Related Rights in the Work, voluntarily +elects to apply CC0 to the Work and publicly distribute the Work under its +terms, with knowledge of his or her Copyright and Related Rights in the +Work and the meaning and intended legal effect of CC0 on those rights. + +1. Copyright and Related Rights. A Work made available under CC0 may be +protected by copyright and related or neighboring rights ("Copyright and +Related Rights"). Copyright and Related Rights include, but are not +limited to, the following: + + i. the right to reproduce, adapt, distribute, perform, display, + communicate, and translate a Work; + ii. moral rights retained by the original author(s) and/or performer(s); +iii. publicity and privacy rights pertaining to a person's image or + likeness depicted in a Work; + iv. rights protecting against unfair competition in regards to a Work, + subject to the limitations in paragraph 4(a), below; + v. rights protecting the extraction, dissemination, use and reuse of data + in a Work; + vi. database rights (such as those arising under Directive 96/9/EC of the + European Parliament and of the Council of 11 March 1996 on the legal + protection of databases, and under any national implementation + thereof, including any amended or successor version of such + directive); and +vii. other similar, equivalent or corresponding rights throughout the + world based on applicable law or treaty, and any national + implementations thereof. + +2. Waiver. To the greatest extent permitted by, but not in contravention +of, applicable law, Affirmer hereby overtly, fully, permanently, +irrevocably and unconditionally waives, abandons, and surrenders all of +Affirmer's Copyright and Related Rights and associated claims and causes +of action, whether now known or unknown (including existing as well as +future claims and causes of action), in the Work (i) in all territories +worldwide, (ii) for the maximum duration provided by applicable law or +treaty (including future time extensions), (iii) in any current or future +medium and for any number of copies, and (iv) for any purpose whatsoever, +including without limitation commercial, advertising or promotional +purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each +member of the public at large and to the detriment of Affirmer's heirs and +successors, fully intending that such Waiver shall not be subject to +revocation, rescission, cancellation, termination, or any other legal or +equitable action to disrupt the quiet enjoyment of the Work by the public +as contemplated by Affirmer's express Statement of Purpose. + +3. Public License Fallback. Should any part of the Waiver for any reason +be judged legally invalid or ineffective under applicable law, then the +Waiver shall be preserved to the maximum extent permitted taking into +account Affirmer's express Statement of Purpose. In addition, to the +extent the Waiver is so judged Affirmer hereby grants to each affected +person a royalty-free, non transferable, non sublicensable, non exclusive, +irrevocable and unconditional license to exercise Affirmer's Copyright and +Related Rights in the Work (i) in all territories worldwide, (ii) for the +maximum duration provided by applicable law or treaty (including future +time extensions), (iii) in any current or future medium and for any number +of copies, and (iv) for any purpose whatsoever, including without +limitation commercial, advertising or promotional purposes (the +"License"). The License shall be deemed effective as of the date CC0 was +applied by Affirmer to the Work. Should any part of the License for any +reason be judged legally invalid or ineffective under applicable law, such +partial invalidity or ineffectiveness shall not invalidate the remainder +of the License, and in such case Affirmer hereby affirms that he or she +will not (i) exercise any of his or her remaining Copyright and Related +Rights in the Work or (ii) assert any associated claims and causes of +action with respect to the Work, in either case contrary to Affirmer's +express Statement of Purpose. + +4. Limitations and Disclaimers. + + a. No trademark or patent rights held by Affirmer are waived, abandoned, + surrendered, licensed or otherwise affected by this document. + b. Affirmer offers the Work as-is and makes no representations or + warranties of any kind concerning the Work, express, implied, + statutory or otherwise, including without limitation warranties of + title, merchantability, fitness for a particular purpose, non + infringement, or the absence of latent or other defects, accuracy, or + the present or absence of errors, whether or not discoverable, all to + the greatest extent permissible under applicable law. + c. Affirmer disclaims responsibility for clearing rights of other persons + that may apply to the Work or any use thereof, including without + limitation any person's Copyright and Related Rights in the Work. + Further, Affirmer disclaims responsibility for obtaining any necessary + consents, permissions or other rights required for any use of the + Work. + d. Affirmer understands and acknowledges that Creative Commons is not a + party to this document and has no duty or obligation with respect to + this CC0 or use of the Work. \ No newline at end of file diff --git a/LICENSE.md b/LICENSE.md deleted file mode 100644 index f2a0872..0000000 --- a/LICENSE.md +++ /dev/null @@ -1,34 +0,0 @@ -# License - -As a work of the [United States government](https://www.usa.gov/), this project -is in the public domain within the United States of America. - -Additionally, we waive copyright and related rights in the work worldwide -through the CC0 1.0 Universal public domain dedication. - -## CC0 1.0 Universal Summary - -This is a human-readable summary of the [Legal Code (read the full -text)](https://creativecommons.org/publicdomain/zero/1.0/legalcode). - -### No Copyright - -The person who associated a work with this deed has dedicated the work to the -public domain by waiving all of their rights to the work worldwide under -copyright law, including all related and neighboring rights, to the extent -allowed by law. - -You can copy, modify, distribute, and perform the work, even for commercial -purposes, all without asking permission. - -### Other Information - -In no way are the patent or trademark rights of any person affected by CC0, nor -are the rights that other persons may have in the work or in how the work is -used, such as publicity or privacy rights. - -Unless expressly stated otherwise, the person who associated a work with this -deed makes no warranties about the work, and disclaims liability for all uses -of the work, to the fullest extent permitted by applicable law. When using or -citing the work, you should not imply endorsement by the author or the -affirmer. diff --git a/MAINTAINERS.md b/MAINTAINERS.md index ef07729..db8132d 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -1,26 +1,27 @@ # Maintainers + +This is a list of maintainers for this project. See [CODEOWNERS.md](./CODEOWNERS.md) for list of reviewers for different parts of the codebase. Team members include: -MAINTAINERS: +## Maintainers: + +- -- GITHUB_ID -- GITHUB_ID -- GITHUB_ID +## Approvers: +- -approvers: - -- GITHUB_ID -- GITHUB_ID -- GITHUB_ID - -reviewers: - -- GITHUB_ID -- GITHUB_ID -- GITHUB_ID +## Reviewers: +- | Roles | Responsibilities| Requirements | Defined by| | -------------|:---------------|:-------------|:-------------| | member | active contributor in the community | multiple contributions to the project. | PROJECT GitHub org Committer Team| -| reviewer | review contributions from other members | history of review and authorship in a subproject | MAINTAINERS file reviewer entry, and GitHub Org Triage Team| -| approver | approve accepting contributions | highly experienced and active reviewer + contributor to a subproject | MAINTAINERS file approver entry and GitHub Triage Team | -| lead | set direction and priorities for a subproject | demonstrated responsibility and excellent technical judgement for the subproject | MAINTAINERS file owner entry and GitHub Org Admin Team| +| reviewer | review contributions from other members | history of review and authorship in a sub-project | MAINTAINERS file reviewer entry, and GitHub Org Triage Team| +| approver | approve accepting contributions | highly experienced and active reviewer + contributor to a sub-project | MAINTAINERS file approver entry and GitHub Triage Team | +| lead | set direction and priorities for a sub-project | demonstrated responsibility and excellent technical judgement for the sub-project | MAINTAINERS file owner entry and GitHub Org Admin Team| + +## Contributors + +Total number of contributors: + + + diff --git a/README.md b/README.md index fc7e8bb..619b9c5 100644 --- a/README.md +++ b/README.md @@ -1,51 +1,109 @@ -# Digital Service at CMS (DSACMS) -We're a group of civic-minded technologists transforming how the federal government delivers healthcare to the American people. The Digital Service at CMS (DSAC) consists of engineers, designers, and product managers—serving our country by building and maintaining the technology underpinning our national health care programs. +# {{ cookiecutter.project_name }} +{{ cookiecutter.project_description }} -# Centers for Medicare and Medicaid Services (CMS) -Every day, millions of people in this country interact with the healthcare system. We believe these interactions should be straightforward, transparent and seamless. Whether it's looking for health insurance, making sense of medical bills, or researching nursing homes, we are working to unlock medical information and empower people with health data. +## About the Project +**{project statement}** -- 76M people on Medicaid & CHIP (2024) -- 67M people on Medicare (2024) -- 21M found insurance in ACA marketplace (2024) + -# What does the Digital Service at CMS do? -We work to transform the U.S. healthcare system by: + -- Modernizing systems -- Improving the design of healthcare experiences -- Participating in policy development -- Delivering value to the government, healthcare providers, and patients - -We accomplish these goals by bringing the best and brightest talent from industry and government to CMS for a "tour of duty." By collaborating closely with dedicated CMS career civil servants, our work includes everything from creating public websites to implementing new legislation in back-office systems. Learn more about our work [here.](https://www.cms.gov/digital-service) + -# What does the Open Source Program Office (OSPO) at CMS do? -Establish and maintain guidance, policies, practices, and talent pipelines that advance equity, build trust, and amplify impact across CMS, HHS, and Federal Open Source Ecosystems by working and sharing openly. + -## CMS OSPO in the News -- [Open Source and the Digital Service at CMS.gov - All Things Open 2022](https://www.youtube.com/watch?v=Q0EJIevZS0I) -- Whitehouse Open Source Software Security Initiative (OS3I) Supply Chain RFI -- [Innersource Summit 2023: Innersource to Open Source Journey in Government](https://innersourcecommons.org/events/isc-2023/) -- [Inside CMS’ Groundbreaking Open Source Program Office](https://www.youtube.com/watch?v=34LQnyB3ydQ) -- [Repodiving into Open Source at CMS.gov](https://www.youtube.com/watch?v=AypgQch2Qpk) -- [OSPOs in Highly Regulated Environments Panel Discussion @ Open Source Summit EU 2023](https://osseu2023.sched.com/event/1OGeo/panel-discussion-ospos-transition-paths-for-regulated-environments-ana-jimenez-santamaria-linux-foundation-maurice-hendriks-city-of-amsterdam-nico-rikken-alliander-clare-dillon-innersourcecommons-thomas-steenbergen-epam?iframe=no&w=100%&sidebar=yes&bg=no) -- TODOGroup OSPOlogy September 2023 Meeting -- OSPOs for Good Summit 2023 @ United Nations Headquarters NYC -- PyCon May 2024 -- Code for America May 2024 -- Open Source Summit North America (OSSNA) 2024 +## Core Team +An up-to-date list of core team members can be found in [MAINTAINERS.md](MAINTAINERS.md). At this time, the project is still building the core team and defining roles and responsibilities. We are eagerly seeking individuals who would like to join the community and help us define and fill these roles. -## Acknowlegements -Our work is developed as a collaboration between the United States Digital -Service ([USDS.gov](https://usds.gov)), The Department of Health and Human -Services ([HHS.gov](https://hhs.gov)), The Digital Service at the Centers for -Medicare & Medicaid Services ([CMS.gov](https://cms.gov)), The -[USDigitalResponse.org](https://usdigitalresponse.org), and other Federal Open Source Community Members. +## Documentation Index -Thank you all for your support and contributions. + +**{list of .md at top directory and descriptions}** -### Policies +## Repository Structure + + + + +**{list directories and descriptions}** + +# Development and Software Delivery Lifecycle + +The following guide is for members of the project team who have access to the repository as well as code contributors. The main difference between internal and external contributions is that external contributors will need to fork the project and will not be able to merge their own pull requests. For more information on contributing, see: [CONTRIBUTING.md](./CONTRIBUTING.md). + +## Local Development + + + +## Coding Style and Linters + + + +Each application has its own linting and testing guidelines. Lint and code tests are run on each commit, so linters and tests should be run locally before committing. + +## Branching Model + + + +## Contributing + +Thank you for considering contributing to an Open Source project of the US Government! For more information about our contribution guidelines, see [CONTRIBUTING.md](CONTRIBUTING.md). + +## Codeowners + +The contents of this repository are managed by **{responsible organization(s)}**. Those responsible for the code and documentation in this repository can be found in [CODEOWNERS.md](CODEOWNERS.md). + +## Community + +The {{ cookiecutter.project_name }} team is taking a community-first and open source approach to the product development of this tool. We believe government software should be made in the open and be built and licensed such that anyone can download the code, run it themselves without paying money to third parties or using proprietary software, and use it as they will. + +We know that we can learn from a wide variety of communities, including those who will use or will be impacted by the tool, who are experts in technology, or who have experience with similar technologies deployed in other spaces. We are dedicated to creating forums for continuous conversation and feedback to help shape the design and development of the tool. + +We also recognize capacity building as a key part of involving a diverse open source community. We are doing our best to use accessible language, provide technical and process documents, and offer support to community members with a wide variety of backgrounds and skillsets. + +### Community Guidelines + +Principles and guidelines for participating in our open source community are can be found in [COMMUNITY_GUIDELINES.md](COMMUNITY_GUIDELINES.md). Please read them before joining or starting a conversation in this repo or one of the channels listed below. All community members and participants are expected to adhere to the community guidelines and code of conduct when participating in community spaces including: code repositories, communication channels and venues, and events. + + + +## Feedback + +If you have ideas for how we can improve or add to our capacity building efforts and methods for welcoming people into our community, please let us know at **{contact email}**. If you would like to comment on the tool itself, please let us know by filing an **issue on our GitHub repository.** + + + +## Policies ### Open Source Policy @@ -63,13 +121,16 @@ the American public, but you are also welcome to submit anonymously. For more information about our Security, Vulnerability, and Responsible Disclosure Policies, see [SECURITY.md](SECURITY.md). -### Public domain +### Software Bill of Materials (SBOM) + +A Software Bill of Materials (SBOM) is a formal record containing the details and supply chain relationships of various components used in building software. + +In the spirit of [Executive Order 14028 - Improving the Nation’s Cyber Security](https://www.gsa.gov/technology/it-contract-vehicles-and-purchasing-programs/information-technology-category/it-security/executive-order-14028), a SBOM for this repository is provided here: https://github.com/{{ cookiecutter.project_org }}/{{ cookiecutter.project_repo_name }}/network/dependencies. + +For more information and resources about SBOMs, visit: https://www.cisa.gov/sbom. + +## Public domain -This project is in the public domain within the United States, and copyright -and related rights in the work worldwide are waived through the [CC0 1.0 -Universal public domain -dedication](https://creativecommons.org/publicdomain/zero/1.0/) as indicated in [LICENSE](LICENSE). +This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/) as indicated in [LICENSE](LICENSE). -All contributions to this project will be released under the CC0 dedication. By -submitting a pull request or issue, you are agreeing to comply with this waiver -of copyright interest. +All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. diff --git a/README_template.md b/README_template.md deleted file mode 100644 index a8acc48..0000000 --- a/README_template.md +++ /dev/null @@ -1,92 +0,0 @@ - - -# TODO Project Name - -TODO: Project Description (could match GitHub.com Repo Description) - -## Getting Started - -TODO: Example Sections - -### Agency Mission - -### Team Mission - -### Project Vision - -### Project Information - - - - -### Installation - - - -### Testing - -## Contributing - -Thank you for considering contributing to an Open Source project of the US -Government! For more information about our contribution guidelines, see -[CONTRIBUTING.md](CONTRIBUTING.md) - -## Security - -For more information about our Security, Vulnerability, and Responsible -Disclosure Policies, see [SECURITY.md](SECURITY.md). - -## Authors and Maintainers - -For more information about our Authors and maintainers, see [MAINTAINERS.md](MAINTAINERS.md). -A full list of contributors can be found on [https://github.cms.gov/$USERNAME/$REPONAME/graphs/contributors](https://github.cms.gov/$USERNAME/$REPONAME/graphs/contributors). - -## Public domain - -This project is licensed within in the public domain within the United States, -and copyright and related rights in the work worldwide are waived through the -[CC0 1.0 Universal public domain -dedication](https://creativecommons.org/publicdomain/zero/1.0/). - -All contributions to this project will be released under the CC0 dedication. By -submitting a pull request or issue, you are agreeing to comply with this waiver -of copyright interest. diff --git a/SECURITY.md b/SECURITY.md index 90e23aa..0230f3c 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,5 +1,7 @@ # Security and Responsible Disclosure Policy +The Centers for Medicare & Medicaid Services is committed to ensuring the security of the American public by protecting their information from unwarranted disclosure. We want security researchers to feel comfortable reporting vulnerabilities they have discovered so we can fix them and keep our users safe. We developed our disclosure policy to reflect our values and uphold our sense of responsibility to security researchers who share their expertise with us in good faith. + *Submit a vulnerability:* Unfortunately, we cannot accept secure submissions via email or via GitHub Issues. Please use our website to submit vulnerabilities at [https://hhs.responsibledisclosure.com](https://hhs.responsibledisclosure.com). @@ -14,4 +16,4 @@ policy, *how to send* us vulnerability reports, and *how long* we ask security researchers to wait before publicly disclosing vulnerabilities. If you have other cybersecurity related questions, please contact us at -[csirc@hhs.gov.](mailto:csirc@hhs.gov). +[csirc@hhs.gov](mailto:csirc@hhs.gov). \ No newline at end of file diff --git a/example-spdx-headers.md b/example-spdx-headers.md index 1d842ae..0644598 100644 --- a/example-spdx-headers.md +++ b/example-spdx-headers.md @@ -78,4 +78,4 @@ ## Rust -`// SPDX-License-Identifier: CC0-1.0` +`// SPDX-License-Identifier: CC0-1.0` \ No newline at end of file diff --git a/insert_license_headers.sh b/insert_license_headers.sh old mode 100755 new mode 100644 index f0083af..7c237df --- a/insert_license_headers.sh +++ b/insert_license_headers.sh @@ -15,4 +15,4 @@ for file in $(git ls-files); do (echo $LICENSE_HEADER; cat $file) > /tmp/file mv /tmp/file $file fi -done +done \ No newline at end of file diff --git a/repolinter.json b/repolinter.json index b13ae61..7ca42b4 100644 --- a/repolinter.json +++ b/repolinter.json @@ -1,367 +1,85 @@ { - "$schema": "./schema.json", - "version": 2, - "axioms": { - "linguist": "language", - "licensee": "license", - "packagers": "packager" - }, - "rules": { - "license-file-exists": { - "level": "error", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "LICENSE*", - "COPYING*" - ], - "nocase": true - } - } - }, - "readme-file-exists": { - "level": "error", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "README*" - ], - "nocase": true - } - } - }, - "contributing-file-exists": { - "level": "error", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "{docs/,.github/,}CONTRIB*" - ], - "nocase": true - } - } - }, - "code-of-conduct-file-exists": { - "level": "off", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "{docs/,.github/,}CODEOFCONDUCT*", - "{docs/,.github/,}CODE-OF-CONDUCT*", - "{docs/,.github/,}CODE_OF_CONDUCT*" - ], - "nocase": true - } - } - }, - "changelog-file-exists": { - "level": "warning", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "CHANGELOG*" - ], - "nocase": true - } - } - }, - "security-file-exists": { - "level": "error", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "{docs/,.github/,}SECURITY.md" - ] - } - } - }, - "support-file-exists": { - "level": "warning", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "{docs/,.github/,}SUPPORT*" - ], - "nocase": true - } - } - }, - "readme-references-license": { - "level": "error", - "rule": { - "type": "file-contents", - "options": { - "globsAll": [ - "README*" - ], - "content": "license", - "flags": "i" - } - } - }, - "binaries-not-present": { - "level": "error", - "rule": { - "type": "file-type-exclusion", - "options": { - "type": [ - "**/*.exe", - "**/*.dll", - "!node_modules/**" - ] - } - } - }, - "test-directory-exists": { - "level": "error", - "rule": { - "type": "directory-existence", - "options": { - "globsAny": [ - "**/test*", - "**/specs" - ], - "nocase": true - } - } - }, - "integrates-with-ci": { - "level": "warning", - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - ".gitlab-ci.yml", - ".travis.yml", - "appveyor.yml", - ".appveyor.yml", - "circle.yml", - ".circleci/config.yml", - "Jenkinsfile", - ".drone.yml", - ".github/workflows/*", - "azure-pipelines.yml" - ] - } - } - }, - "code-of-conduct-file-contains-email": { - "level": "off", - "rule": { - "type": "file-contents", - "options": { - "globsAll": [ - "CODEOFCONDUCT*", - "CODE-OF-CONDUCT*", - "CODE_OF_CONDUCT*", - ".github/CODEOFCONDUCT*", - ".github/CODE-OF-CONDUCT*", - ".github/CODE_OF_CONDUCT*" - ], - "content": ".+@.+\\..+", - "flags": "i", - "human-readable-content": "email address" - } - } - }, - "source-license-headers-exist": { - "level": "off", - "rule": { - "type": "file-starts-with", - "options": { - "globsAll": [ - "**/*.js", - "!node_modules/**" - ], - "lineCount": 5, - "patterns": [ - "Copyright", - "License" - ], - "flags": "i" - } - } - }, - "github-issue-template-exists": { - "level": "error", - "rule": { - "type": "file-existence", - "options": { - "dirs": true, - "globsAny": [ - "ISSUE_TEMPLATE*", - ".github/ISSUE_TEMPLATE*" - ] - } - } - }, - "github-pull-request-template-exists": { - "level": "error", - "rule": { - "type": "file-existence", - "options": { - "dirs": true, - "globsAny": [ - "PULL_REQUEST_TEMPLATE*", - ".github/PULL_REQUEST_TEMPLATE*" - ] - } - } - }, - "javascript-package-metadata-exists": { - "level": "error", - "where": [ - "language=javascript" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "package.json" - ] - } - } - }, - "ruby-package-metadata-exists": { - "level": "error", - "where": [ - "language=ruby" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "Gemfile" - ] - } - } - }, - "java-package-metadata-exists": { - "level": "error", - "where": [ - "language=java" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "pom.xml", - "build.xml", - "build.gradle" - ] - } - } - }, - "python-package-metadata-exists": { - "level": "error", - "where": [ - "language=python" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "setup.py", - "requirements.txt" - ] - } - } - }, - "objective-c-package-metadata-exists": { - "level": "error", - "where": [ - "language=objective-c" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "Cartfile", - "Podfile", - "*.podspec" - ] - } - } - }, - "swift-package-metadata-exists": { - "level": "error", - "where": [ - "language=swift" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "Package.swift" - ] - } - } - }, - "erlang-package-metadata-exists": { - "level": "error", - "where": [ - "language=erlang" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "rebar.config" - ] - } - } - }, - "elixir-package-metadata-exists": { - "level": "error", - "where": [ - "language=elixir" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "mix.exs" - ] - } - } - }, - "license-detectable-by-licensee": { - "level": "off", - "where": [ - "license=*" - ], - "rule": { - "type": "license-detectable-by-licensee", - "options": {} - } - }, - "notice-file-exists": { - "level": "off", - "where": [ - "license=Apache-2.0" - ], - "rule": { - "type": "file-existence", - "options": { - "globsAny": [ - "NOTICE*" - ], - "fail-message": "The NOTICE file is described in section 4.4 of the Apache License version 2.0. Its presence is not mandated by the license itself, but by ASF policy." - } - } - }, - "best-practices-badge-present": { - "level": "off", - "rule": { - "type": "best-practices-badge-present" + "extends": "https://raw.githubusercontent.com/DSACMS/repo-scaffolder/main/tier2/%7B%7Bcookiecutter.project_slug%7D%7D/repolinter.json", + "$schema": "https://raw.githubusercontent.com/todogroup/repolinter/master/rulesets/schema.json", + "version": 2, + "axioms": { + "linguist": "language", + "licensee": "license", + "packagers": "packager" + }, + "rules": { + "maintainers-file-exists": { + "level": "error" + }, + "governance-file-exists": { + "level": "warning" + }, + "codeowners-file-exists": { + "level": "error" + }, + "readme-contains-project-vision": { + "level": "warning" + }, + "readme-contains-project-mission": { + "level": "warning" + }, + "readme-contains-agency-mission": { + "level": "warning" + }, + "readme-contains-team-mission": { + "level": "warning" + }, + "readme-contains-documentation-index": { + "level": "error" + }, + "readme-contains-repository-structure": { + "level": "error" + }, + "readme-contains-development-and-software-delivery-lifecycle": { + "level": "error" + }, + "readme-contains-branching-model": { + "level": "error" + }, + "readme-contains-feedback": { + "level": "error" + }, + + "contributing-contains-team-specific-guidelines": { + "level": "error" + }, + "contributing-contains-testing-conventions": { + "level": "error" + }, + "contributing-contains-writing-pull-requests": { + "level": "error" + }, + "contributing-contains-reviewing-pull-requests": { + "level": "error" + }, + "contributing-contains-documentation": { + "level": "error" + }, + "maintainers-contains-maintainers": { + "level": "error" + }, + "maintainers-contains-maintainers-list": { + "level": "error" + }, + "maintainers-contains-approvers-list": { + "level": "error" + }, + "maintainers-contains-reviewers-list": { + "level": "error" + }, + "governance-contains-governance": { + "level": "warning" + }, + "code-owners-contains-list-of-users": { + "level": "error" + }, + "code-owners-contains-repo-domains": { + "level": "error" } } } -} \ No newline at end of file diff --git a/repometrics/cookiecutter.json b/repometrics/cookiecutter.json new file mode 100644 index 0000000..162b0a8 --- /dev/null +++ b/repometrics/cookiecutter.json @@ -0,0 +1,18 @@ +{ + "project_type" : ["Package", "Website", "Standards", "Libraries", "Data", "Apps", "Tools", "APIs"], + "user_input": ["Yes", "No"], + "project_fisma_level": ["Low", "Moderate", "High"], + "group": "CMS/OA/DSAC", + "subset_in_healthcare": "Policy, Operational", + "user_type": "Providers, Patients, Government", + "repository_host": ["Github.com", "GitHub ENT", "GitHub Cloud", "GitLab.com", "GitLab ENT", "GitLab ENT CCSQ"], + "maturity_model_tier": ["1", "2", "3", "4"], + "__prompts__": { + "group": "Which group is the project part of?", + "subset_in_healthcare": "Which subset of healthcare does the project belong to?", + "user_type": "Who are the intended users?", + "user_input": "Does the project accept user input? (e.g. allows user to query a database, allows login by users, etc.)", + "repository_host": "Where is the repository hosted?", + "maturity_model_tier": "What maturity model tier is your project classified as?" + } +} \ No newline at end of file diff --git a/repometrics/hooks/post_gen_project.sh b/repometrics/hooks/post_gen_project.sh new file mode 100644 index 0000000..7946bf2 --- /dev/null +++ b/repometrics/hooks/post_gen_project.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# Change to the parent directory +cd .. + +# Define the repometrics directory to remove +dir_name="repometrics" + +# Check if repometrics directory exists and remove it +if [ -d "$dir_name" ]; then + rm -rf "$dir_name" +fi + +project_type="{{cookiecutter.project_type}}" +sub_project_dir="${project_type}" +repometrics_file="code.json" +parent_dir="./" + +if [ -f "${sub_project_dir}/${repometrics_file}" ]; then + # Move code.json file to parent directory + mv "${sub_project_dir}/${repometrics_file}" "${parent_dir}" + + # Check if the move was successful + if [ $? -eq 0 ]; then + # Remove the source directory + rm -rf "${sub_project_dir}" + + # Check if the deletion was successful + if [ $? -eq 0 ]; then + echo "Successfully generated code.json file." + fi + fi +fi \ No newline at end of file diff --git a/repometrics/{{cookiecutter.project_type}}/code.json b/repometrics/{{cookiecutter.project_type}}/code.json new file mode 100644 index 0000000..0841645 --- /dev/null +++ b/repometrics/{{cookiecutter.project_type}}/code.json @@ -0,0 +1,10 @@ +{ + "project_type": "{{ cookiecutter.project_type }}", + "user_input": "{{ cookiecutter.user_input }}", + "project_fisma_level": "{{ cookiecutter.project_fisma_level }}", + "group": "{{ cookiecutter.group }}", + "subset_in_healthcare": "{{ cookiecutter.subset_in_healthcare }}", + "user_type": "{{ cookiecutter.user_type }}", + "repository_host": "{{ cookiecutter.repository_host }}", + "maturity_model_tier": "{{ cookiecutter.maturity_model_tier }}" +} \ No newline at end of file