From 1f77bb910aa35d56c1f19a5d9587a09bfc1fdae5 Mon Sep 17 00:00:00 2001 From: Scotte Zinn Date: Wed, 5 Jun 2024 12:56:23 -0400 Subject: [PATCH] Workflow tuning --- .ci/actionlint/actionlint.yml | 4 ++ .ci/flake8/.flake8 | 2 + {.github/linters => .ci}/jscpd/jscpd.json | 0 .../markdownlint/.markdownlint.yaml | 9 ++- .ci/markdownlint/markdownlint.config.yaml | 14 ++++ .ci/prettier/.prettierignore | 6 ++ .../linters => .ci}/prettier/.prettierrc.yaml | 0 .../secretlint/.secretlintrc.json | 0 .../linters => .ci}/yamllint/.yamllint.yaml | 0 .github/labeler.yaml | 2 +- .github/workflows/create-blacklist.yaml | 16 ++--- .github/workflows/flux-diff.yaml | 19 ++++-- .github/workflows/link-checker.yaml | 2 +- .github/workflows/lint.yaml | 67 +++++++++++++++++++ .github/workflows/schemas.yaml | 10 +-- .pre-commit-config.yaml | 19 +++++- .prettierignore | 5 -- .taskfiles/format/Taskfile.yaml | 4 +- .vscode/settings.json | 11 ++- 19 files changed, 152 insertions(+), 38 deletions(-) create mode 100644 .ci/actionlint/actionlint.yml create mode 100644 .ci/flake8/.flake8 rename {.github/linters => .ci}/jscpd/jscpd.json (100%) rename {.github/linters => .ci}/markdownlint/.markdownlint.yaml (81%) create mode 100644 .ci/markdownlint/markdownlint.config.yaml create mode 100644 .ci/prettier/.prettierignore rename {.github/linters => .ci}/prettier/.prettierrc.yaml (100%) rename {.github/linters => .ci}/secretlint/.secretlintrc.json (100%) rename {.github/linters => .ci}/yamllint/.yamllint.yaml (100%) create mode 100644 .github/workflows/lint.yaml delete mode 100644 .prettierignore diff --git a/.ci/actionlint/actionlint.yml b/.ci/actionlint/actionlint.yml new file mode 100644 index 0000000000..c34e9f49d3 --- /dev/null +++ b/.ci/actionlint/actionlint.yml @@ -0,0 +1,4 @@ +--- +self-hosted-runner: + labels: + - k8s-homelab diff --git a/.ci/flake8/.flake8 b/.ci/flake8/.flake8 new file mode 100644 index 0000000000..6deafc2617 --- /dev/null +++ b/.ci/flake8/.flake8 @@ -0,0 +1,2 @@ +[flake8] +max-line-length = 120 diff --git a/.github/linters/jscpd/jscpd.json b/.ci/jscpd/jscpd.json similarity index 100% rename from .github/linters/jscpd/jscpd.json rename to .ci/jscpd/jscpd.json diff --git a/.github/linters/markdownlint/.markdownlint.yaml b/.ci/markdownlint/.markdownlint.yaml similarity index 81% rename from .github/linters/markdownlint/.markdownlint.yaml rename to .ci/markdownlint/.markdownlint.yaml index 00c5cf7009..d2bed79784 100644 --- a/.github/linters/markdownlint/.markdownlint.yaml +++ b/.ci/markdownlint/.markdownlint.yaml @@ -1,6 +1,11 @@ --- default: true -"no-inline-html": {"allowed_elements": ["h1", "div", "img"]} + +MD033: + allowed_elements: + - h1 + - div + - img # MD013/line-length - Line length MD013: @@ -16,8 +21,6 @@ MD013: tables: true # Include headings headings: true - # Include headings - headers: true # Strict length checking strict: false # Stern length checking diff --git a/.ci/markdownlint/markdownlint.config.yaml b/.ci/markdownlint/markdownlint.config.yaml new file mode 100644 index 0000000000..997cf57bbc --- /dev/null +++ b/.ci/markdownlint/markdownlint.config.yaml @@ -0,0 +1,14 @@ +--- +# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml +# MD013/line-length - Line length +MD013: false + +# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content +MD024: + # Only check sibling headings + allow_different_nesting: true + # Only check sibling headings + siblings_only: true + +# MD033/no-inline-html - Inline HTML +MD033: false diff --git a/.ci/prettier/.prettierignore b/.ci/prettier/.prettierignore new file mode 100644 index 0000000000..6da1713586 --- /dev/null +++ b/.ci/prettier/.prettierignore @@ -0,0 +1,6 @@ +.direnv +.private +.vscode +*.sops.* +ansible/roles/xanmanning.k3s/ +gotk-components.yaml diff --git a/.github/linters/prettier/.prettierrc.yaml b/.ci/prettier/.prettierrc.yaml similarity index 100% rename from .github/linters/prettier/.prettierrc.yaml rename to .ci/prettier/.prettierrc.yaml diff --git a/.github/linters/secretlint/.secretlintrc.json b/.ci/secretlint/.secretlintrc.json similarity index 100% rename from .github/linters/secretlint/.secretlintrc.json rename to .ci/secretlint/.secretlintrc.json diff --git a/.github/linters/yamllint/.yamllint.yaml b/.ci/yamllint/.yamllint.yaml similarity index 100% rename from .github/linters/yamllint/.yamllint.yaml rename to .ci/yamllint/.yamllint.yaml diff --git a/.github/labeler.yaml b/.github/labeler.yaml index 8870723f1f..a67ffde731 100644 --- a/.github/labeler.yaml +++ b/.github/labeler.yaml @@ -7,7 +7,7 @@ area/hack: - any-glob-to-any-file: "hack/**/*" area/infrastructure: - changed-files: - - any-glob-to-any-file: "infrastructure/**/*" + - any-glob-to-any-file: "terraform/**/*" area/taskfile: - changed-files: - any-glob-to-any-file: diff --git a/.github/workflows/create-blacklist.yaml b/.github/workflows/create-blacklist.yaml index 17aae091fe..0e64f560d6 100644 --- a/.github/workflows/create-blacklist.yaml +++ b/.github/workflows/create-blacklist.yaml @@ -24,15 +24,15 @@ jobs: HOSTS_FILE="/tmp/hosts.blacklist" destination="hosts.blacklist" destination_adguard="hosts-adguard.blacklist" - HOSTS_FILES="$HOSTS_FILE.d" + HOSTS_FILES="${HOSTS_FILE}.d" mkdir -p "${HOSTS_FILES}" download() { - echo "download($1)" - curl \ - --location --max-redirs 3 \ - --max-time 20 --retry 3 --retry-delay 0 --retry-max-time 60 \ - "$1" > "$(mktemp "${HOSTS_FILES}"/XXXXXX)" + echo "download($1)" + curl \ + --location --max-redirs 3 \ + --max-time 20 --retry 3 --retry-delay 0 --retry-max-time 60 \ + "$1" > "$(mktemp "${HOSTS_FILES}"/XXXXXX)" } # https://firebog.net/ @@ -88,8 +88,8 @@ jobs: -e '/^$/d' | \ awk '!a[$0]++' | sort -u > "${HOSTS_FILE}" - cat "${HOSTS_FILE}" | sed -e 's/^/0.0.0.0 /g' > "${destination}" - cat "${HOSTS_FILE}" | sed -e 's/^/||/g' -e 's/$/^/g' > "${destination_adguard}" + sed -e 's/^/0.0.0.0 /g' <"${HOSTS_FILE}" >"${destination}" + sed -e 's/^/||/g' -e 's/$/^/g' <"${HOSTS_FILE}" >"${destination_adguard}" rm -rf "${HOSTS_FILES}" diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index b5bc9e9f99..a4a5ab41d9 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -93,13 +93,18 @@ jobs: - name: Generate Diff id: diff run: | - echo "diff<> $GITHUB_OUTPUT - cat diff.patch >> $GITHUB_OUTPUT - echo "EOF" >> $GITHUB_OUTPUT - echo "### Diff" >> $GITHUB_STEP_SUMMARY - echo '```diff' >> $GITHUB_STEP_SUMMARY - cat diff.patch >> $GITHUB_STEP_SUMMARY - echo '```' >> $GITHUB_STEP_SUMMARY + cat diff.patch; + { + echo 'diff<> "$GITHUB_OUTPUT"; + { + echo "### Diff" + echo '```diff' + cat diff.patch + echo '```' + } >> "$GITHUB_STEP_SUMMARY" - if: ${{ steps.diff.outputs.diff != '' }} name: Add comment diff --git a/.github/workflows/link-checker.yaml b/.github/workflows/link-checker.yaml index ac44fdcfde..96ab430de6 100644 --- a/.github/workflows/link-checker.yaml +++ b/.github/workflows/link-checker.yaml @@ -62,7 +62,7 @@ jobs: --json number \ | jq --raw-output '.[0].number' \ ) - echo "issue-number=${issue_number}" >> $GITHUB_OUTPUT + echo "issue-number=${issue_number}" >> "${GITHUB_OUTPUT}" echo "${issue_number}" - name: Create or Update Issue diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 0000000000..be972dea2d --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,67 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: Lint + +on: + workflow_dispatch: + pull_request: + branches: + - main + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +jobs: + build: + name: Lint + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Generate Token + uses: actions/create-github-app-token@v1 + if: ${{ github.event.pull_request.head.repo.full_name == github.repository }} + id: app-token + with: + app-id: ${{ secrets.BOT_APP_ID }} + private-key: ${{ secrets.BOT_APP_PRIVATE_KEY }} + + - name: MegaLinter + uses: oxsecurity/megalinter/flavors/terraform@v7.12.0 + env: + GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" + PRINT_ALPACA: false + VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'workflow_dispatch' }} + ENABLE_LINTERS: |- + ${{ + join( + fromJSON(' + [ + "ACTION_ACTIONLINT", + "ANSIBLE_ANSIBLE_LINT", + "COPYPASTE_JSCPD", + "MARKDOWN_MARKDOWNLINT", + "PYTHON_FLAKE8", + "PYTHON_PYLINT", + "REPOSITORY_GIT_DIFF", + "REPOSITORY_SECRETLINT", + "TERRAFORM_TERRAFORM_FMT", + "YAML_PRETTIER", + "YAML_YAMLLINT" + ] + '), + ',' + ) + }} + ACTION_ACTIONLINT_CONFIG_FILE: .ci/actionlint/actionlint.yml + COPYPASTE_JSCPD_CONFIG_FILE: .ci/jscpd/jscpd.json + MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .ci/markdownlint/markdownlint.config.yaml + MARKDOWN_MARKDOWNLINT_RULES_PATH: .ci/markdownlint/ + PYTHON_FLAKE8_CONFIG_FILE: .ci/flake8/.flake8 + YAML_YAMLLINT_CONFIG_FILE: .ci/yamllint/.yamllint.yaml + YAML_PRETTIER_CONFIG_FILE: .ci/prettier/.prettierrc.yaml + YAML_PRETTIER_ARGUMENTS: --ignore-path .ci/prettier/.prettierignore diff --git a/.github/workflows/schemas.yaml b/.github/workflows/schemas.yaml index ac41d3f2d5..dc3c1d33d0 100644 --- a/.github/workflows/schemas.yaml +++ b/.github/workflows/schemas.yaml @@ -70,10 +70,10 @@ jobs: KUBECONFIG: "${{ steps.kubeconfig.outputs.filePath }}" shell: bash run: | - curl -fsSL -o $GITHUB_WORKSPACE/crd-extractor.sh \ + curl -fsSL -o "${GITHUB_WORKSPACE}/crd-extractor.sh" \ https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/Utilities/crd-extractor.sh - chmod +x $GITHUB_WORKSPACE/crd-extractor.sh - bash $GITHUB_WORKSPACE/crd-extractor.sh + chmod +x "${GITHUB_WORKSPACE}/crd-extractor.sh" + bash "${GITHUB_WORKSPACE}/crd-extractor.sh" - name: Login to GHCR uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3 @@ -84,7 +84,7 @@ jobs: - name: Publish schemas as OCI run: | - flux push artifact $OCI_REPO:$(git rev-parse --short HEAD) \ + flux push artifact "${OCI_REPO}:$(git rev-parse --short HEAD)" \ --path="/home/runner/.datree/crdSchemas" \ --source="${{ github.repositoryUrl }}" \ --revision="main" @@ -127,7 +127,7 @@ jobs: - name: Pull schemas as OCI run: | mkdir -p /home/runner/crdSchemas - flux pull artifact $OCI_REPO:$(git rev-parse --short HEAD) --output /home/runner/crdSchemas + flux pull artifact "${OCI_REPO}:$(git rev-parse --short HEAD)" --output /home/runner/crdSchemas - name: Write nginx-unprivileged Dockerfile run: | diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2ea7c51459..bfa1a66aeb 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,14 +2,22 @@ # See https://pre-commit.com for more information # See https://pre-commit.com/hooks.html for more hooks fail_fast: false + +exclude: | + (?x)^( + docs/_assets/.* + | .*\.sops\.toml + )$ + repos: - - repo: https://github.com/adrienverge/yamllint.git + - repo: https://github.com/adrienverge/yamllint rev: v1.35.1 hooks: - id: yamllint args: - --config-file - - .github/linters/yamllint/.yamllint.yaml + - .ci/yamllint/.yamllint.yaml + - repo: https://github.com/pre-commit/pre-commit-hooks rev: v4.6.0 hooks: @@ -21,26 +29,31 @@ repos: args: [--maxkb=2048] - id: check-merge-conflict - id: check-executables-have-shebangs + - repo: https://github.com/Lucas-C/pre-commit-hooks rev: v1.5.5 hooks: - id: forbid-crlf - id: forbid-tabs + - repo: https://github.com/sirosen/fix-smartquotes rev: 0.2.0 hooks: - id: fix-smartquotes + - repo: https://github.com/k8s-at-home/sops-pre-commit rev: v2.1.1 hooks: - id: forbid-secrets + - repo: https://github.com/igorshubovych/markdownlint-cli rev: v0.41.0 hooks: - id: markdownlint args: - --config - - ".github/linters/markdownlint/.markdownlint.yaml" + - ".ci/markdownlint/.markdownlint.yaml" + - repo: https://github.com/jumanjihouse/pre-commit-hooks rev: 3.0.0 hooks: diff --git a/.prettierignore b/.prettierignore deleted file mode 100644 index 57dfe8a307..0000000000 --- a/.prettierignore +++ /dev/null @@ -1,5 +0,0 @@ -.vscode -**/*.sops.* -archive/ -**/.terraform/* -infrastructure/talos/**/charts diff --git a/.taskfiles/format/Taskfile.yaml b/.taskfiles/format/Taskfile.yaml index 2ed2b9e734..f0d2985e90 100644 --- a/.taskfiles/format/Taskfile.yaml +++ b/.taskfiles/format/Taskfile.yaml @@ -13,7 +13,7 @@ tasks: cmds: - >- prettier - --config '.github/linters/prettier/.prettierrc.yaml' + --config '.ci/prettier/.prettierrc.yaml' --list-different --ignore-unknown --parser=markdown @@ -25,7 +25,7 @@ tasks: cmds: - >- prettier - --config '.github/linters/prettier/.prettierrc.yaml' + --config '.ci/prettier/.prettierrc.yaml' --list-different --ignore-unknown --parser=yaml diff --git a/.vscode/settings.json b/.vscode/settings.json index e678ef566a..505ec6e8a0 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -33,12 +33,17 @@ "setup": "import", "config": "environment" }, - "prettier.configPath": ".github/linters/prettier/.prettierrc.yaml", - "prettier.ignorePath": ".prettierignore", + "prettier.configPath": ".ci/prettier/.prettierrc.yaml", + "prettier.ignorePath": ".ci/prettier/.prettierignore", "yaml.schemas": { "Kubernetes": "kubernetes/*.yaml", "https://json.schemastore.org/kustomization.json": "file:///Users/scotte/Development/k8s-homelab/kubernetes/apps/tekton/tasks/kustomization.yaml" }, "yaml.customTags": ["!env_var"], - "explorer.autoReveal": false + "explorer.autoReveal": false, + "markdownlint.config": { + "MD033": false, + "MD041": false, + "MD045": false + } }