Initial commit

.github/ISSUE_TEMPLATE/issue.md

@@ -0,0 +1,18 @@
+---
+name: Issue
+about: Suggest a new issue for this project
+title: "[short phrase distinguishing this from other Issues]"
+labels: ''
+assignees: ''
+
+---
+Short description explaining the high-level reason for the new issue.
+
+## Notes
+
+- Additional details, technical information, resource links, and implementation notes
+- Excerpt and link to any relevant slack discussions
+
+## Acceptance Criteria
+
+- [ ] Determine next steps and acceptance criteria

.github/ISSUE_TEMPLATE/story.md

@@ -0,0 +1,28 @@
+---
+name: Story
+about: Suggest a new story for this project
+title: "[short phrase distinguishing this from other Stories]"
+labels: ''
+assignees: ''
+
+---
+
+In order to [reason/outcome/goal], [someone or "we"] want [a specific change in product implementation/behavior]
+
+## Acceptance Criteria
+* [ ] GIVEN [a precondition] \
+  AND [another precondition]
+  WHEN [test step] \
+  AND [test step] \
+  THEN [verification step] \
+  AND [verification step]
+
+--- 
+
+## Security considerations
+[note any potential changes to security boundaries, practices, documentation, risk that arise directly from this story]
+
+## Implementation sketch
+[links to background notes, sketches, and/or relevant documentation
+* [ ] [first thing to do]
+* [ ] [another thing to do]

.github/pull_request_template.md

@@ -0,0 +1,14 @@
+## Changes proposed in this pull request:
+
+-
+-
+-
+
+## Things to check
+
+- For any logging statements, is there any chance that they could be logging sensitive data?
+- Are log statements using a logging library with a logging level set? Setting a logging level means that log statements "below" that level will not be written to the output. For example, if the logging level is set to `INFO` and debugging statements are written with `log.debug` or similar, then they won't be written to the otput, which can prevent unintentional leaks of sensitive data.
+
+## Security considerations
+
+[Note the any security considerations here, or make note of why there are none]

.github/stale.yml

@@ -0,0 +1,20 @@
+## Org-wide stale.yml file
+# NOTE: This can be overridden by putting a different .github/stale.yml at the repo level
+
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 60
+# Issues with these labels will never be considered stale
+# exemptLabels:
+#   - compliance
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs in the next 60 days. 
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: >
+  This issue has been automatically closed because it has not had activity 
+  in the last 120 days.

.github/workflows/security-considerations.properties.json

@@ -0,0 +1,8 @@
+{
+  "name": "Security Considerations Workflow",
+  "description": "Checks for security considerations within a pull request description.",
+  "iconName": "cg-logo",
+  "categories": [
+      "Compliance"
+  ]
+}

.github/workflows/security-considerations.yml

@@ -0,0 +1,11 @@
+name: Security Considerations Workflow
+
+on:
+  pull_request:
+    types: [opened, edited, reopened]
+
+jobs:
+  security-considerations:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: cloud-gov/security-considerations-action@main

CONTRIBUTING.md

@@ -0,0 +1,17 @@
+# Welcome
+
+We're so glad you're thinking about contributing to a [open source project of the U.S. government](https://code.gov/)! If you're unsure about anything, just ask -- or submit the issue or pull request anyway. The worst that can happen is you'll be politely asked to change something. We love all friendly contributions.
+
+We encourage you to read this project's CONTRIBUTING policy (you are here), its [LICENSE](LICENSE.md), and its [README](README.md).
+
+## Policies
+
+We want to ensure a welcoming environment for all of our projects. Our staff follow the [TTS Code of Conduct](https://18f.gsa.gov/code-of-conduct/) and all contributors should do the same.
+
+We adhere to the [18F Open Source Policy](https://github.com/18f/open-source-policy). If you have any questions, just [shoot us an email](mailto:[email protected]).
+
+As part of a U.S. government agency, the General Services Administration (GSA)’s Technology Transformation Services (TTS) takes seriously our responsibility to protect the public’s information, including financial and personal information, from unwarranted disclosure. For more information about security and vulnerability disclosure for our projects, please read our [18F Vulnerability Disclosure Policy](https://18f.gsa.gov/vulnerability-disclosure-policy/).
+
+## Public domain
+
+This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/).

LICENSE.md

@@ -0,0 +1,21 @@
+# License
+
+As a work of the [United States government](https://www.usa.gov/), this project is in the public domain within the United States of America.
+
+Additionally, we waive copyright and related rights in the work worldwide through the CC0 1.0 Universal public domain dedication.
+
+## CC0 1.0 Universal Summary
+
+This is a human-readable summary of the [Legal Code (read the full text)](https://creativecommons.org/publicdomain/zero/1.0/legalcode).
+
+### No Copyright
+
+The person who associated a work with this deed has dedicated the work to the public domain by waiving all of their rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
+
+You can copy, modify, distribute, and perform the work, even for commercial purposes, all without asking permission.
+
+### Other Information
+
+In no way are the patent or trademark rights of any person affected by CC0, nor are the rights that other persons may have in the work or in how the work is used, such as publicity or privacy rights.
+
+Unless expressly stated otherwise, the person who associated a work with this deed makes no warranties about the work, and disclaims liability for all uses of the work, to the fullest extent permitted by applicable law. When using or citing the work, you should not imply endorsement by the author or the affirmer.

README.md

@@ -0,0 +1,3 @@
+# Github templates
+
+This repo contains Github templates (pull request, issue, etc) for the cloud-gov organization.