Add commit signing

[wesley-dean-gsa]

This will add commit signing with a GPG key. Documentation on the commit action may be found here:

https://github.com/stefanzweifel/git-auto-commit-action#signing-commits

..and importing the GPG key may be found here:

https://github.com/crazy-max/ghaction-import-gpg

security considerations

This will help us maintain the "force signed commits" option.

[github-actions[bot]]

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	4		0	0.1s
⚠️ CSS	scss-lint	2		1	3.44s
✅ JAVASCRIPT	prettier	6	0	0	1.09s
✅ JSON	jsonlint	7		0	0.37s
✅ JSON	npm-package-json-lint	yes		no	0.66s
✅ JSON	prettier	7	0	0	1.4s
✅ JSON	v8r	7		0	11.23s
✅ MARKDOWN	markdownlint	20	0	0	1.98s
✅ MARKDOWN	markdown-link-check	20		0	10.24s
✅ MARKDOWN	markdown-table-formatter	20	0	0	0.45s
✅ REPOSITORY	checkov	yes		no	14.75s
✅ REPOSITORY	gitleaks	yes		no	0.2s
✅ REPOSITORY	git_diff	yes		no	0.24s
⚠️ REPOSITORY	grype	yes		3	14.3s
✅ REPOSITORY	secretlint	yes		no	2.59s
⚠️ REPOSITORY	trivy	yes		1	9.1s
✅ REPOSITORY	trivy-sbom	yes		no	1.45s
✅ REPOSITORY	trufflehog	yes		no	4.94s
⚠️ SPELL	cspell	20		1	2.7s
✅ YAML	prettier	14	0	0	1.47s
✅ YAML	v8r	11		0	13.23s
✅ YAML	yamllint	14		0	0.61s

See detailed report in MegaLinter reports

_MegaLinter is graciously provided by _

[github-actions[bot]]

Pa11y testing results

``` Welcome to Pa11y > Running Pa11y on URL https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ Results for URL: https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ • Error: This element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.68:1. Recommendation: change background to #63686c. ├── WCAG2AA.Principle1.Guideline1_4.1_4_3.G18.Fail ├── #main-content > section:nth-child(3) > div > div > div:nth-child(2) > p └──

For over 50 years, GSA has been...

• Error: Duplicate id attribute value "svg-bedding" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-bedding └── <... • Error: Duplicate id attribute value "svg-snow" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-snow └──

github-actions[bot] commented 3 weeks ago

Pa11y testing results

``` Welcome to Pa11y > Running Pa11y on URL https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ Results for URL: https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ • Error: This element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.68:1. Recommendation: change background to #63686c. ├── WCAG2AA.Principle1.Guideline1_4.1_4_3.G18.Fail ├── #main-content > section:nth-child(3) > div > div > div:nth-child(2) > p └──

For over 50 years, GSA has been...

• Error: Duplicate id attribute value "svg-bedding" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-bedding └── <... • Error: Duplicate id attribute value "svg-snow" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-snow └──

wesley-dean-gsa commented 2 weeks ago

~We have opted not to enable script integrity hashes at this time. Accepting this poses minimal risk given that of the three libraries being imported, two are TTS-supported (DAP and Search). The decision will be further documented in an ADR.~

This comment was for a different PR

wesley-dean-gsa commented 2 weeks ago

I closed the wrong PR. Oopsies.

github-actions[bot] commented 2 weeks ago

Pa11y testing results

``` Welcome to Pa11y > Running Pa11y on URL https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ Results for URL: https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ • Error: This element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.68:1. Recommendation: change background to #63686c. ├── WCAG2AA.Principle1.Guideline1_4.1_4_3.G18.Fail ├── #main-content > section:nth-child(3) > div > div > div:nth-child(2) > p └──

For over 50 years, GSA has been...

1 Errors ```

wesley-dean-gsa commented 2 weeks ago

The repo is configured to require that commits must be signed. Without signing, branches can't be merged:

Those unsigned commits are coming from MegaLinter:

• © Githubissues.
• Githubissues is a development platform for aggregating issues.

[wesley-dean-gsa]

I closed the wrong PR. Oopsies.

[github-actions[bot]]

Pa11y testing results

``` Welcome to Pa11y > Running Pa11y on URL https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ Results for URL: https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//sign_megalinter_keys/ • Error: This element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.68:1. Recommendation: change background to #63686c. ├── WCAG2AA.Principle1.Guideline1_4.1_4_3.G18.Fail ├── #main-content > section:nth-child(3) > div > div > div:nth-child(2) > p └──

For over 50 years, GSA has been...

1 Errors ```

[wesley-dean-gsa]

The repo is configured to require that commits must be signed. Without signing, branches can't be merged:

Those unsigned commits are coming from MegaLinter: