From a4a1caec60e6b4d654a453fa1332c1e0e839eda0 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Sun, 15 Sep 2024 22:43:38 +0000 Subject: [PATCH 01/10] remove unused dockerfile --- .devcontainer/Dockerfile | 148 --------------------------------------- requirements.txt | 3 - 2 files changed, 151 deletions(-) delete mode 100644 .devcontainer/Dockerfile delete mode 100644 requirements.txt diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile deleted file mode 100644 index 99e162418..000000000 --- a/.devcontainer/Dockerfile +++ /dev/null @@ -1,148 +0,0 @@ -## ================================================================================================ -# Utility versions -## ================================================================================================ -ARG TERRAFORM_VERSION=1.9.5 -ARG FLUX_VERSION=v2.3.0 -ARG KUBECTL_VERSION=1.31.0 -ARG SOPS_VERSION=v3.9.0-alpine -ARG K9S_VERSION=v0.32.4 -ARG TALOSCTL_VERSION=v1.7.6 -ARG HELM_VERSION=v3.13.3 -ARG AGE_VERSION=v1.1.1 -ARG TASKFILE_VERSION=v3.32.0 -ARG KUSTOMIZE_VERSION=v5.4.3 -ARG TALHELPER_VERSION=v3.0.5 -ARG STERN_VERSION=1.30.0 -ARG CILIUM_VERSION=v0.15.19 -ARG KUBESWITCHER_VERSION=v1.0.2 -ARG TALSWITCHER_VERSION=v1.1.0 - - -## ================================================================================================ -# "Build" stage for utilities with docker images already present -## ================================================================================================ -FROM registry.k8s.io/kustomize/kustomize:${KUSTOMIZE_VERSION} AS kustomize -FROM bitnami/kubectl:${KUBECTL_VERSION} AS kubectl -FROM ghcr.io/stern/stern:${STERN_VERSION} AS stern -FROM fluxcd/flux-cli:${FLUX_VERSION} AS flux -FROM derailed/k9s:${K9S_VERSION} AS k9s -FROM ghcr.io/getsops/sops:${SOPS_VERSION} AS sops -FROM hashicorp/terraform:${TERRAFORM_VERSION} AS terraform -FROM ghcr.io/siderolabs/talosctl:${TALOSCTL_VERSION} AS talosctl -FROM ghcr.io/budimanjojo/talhelper:${TALHELPER_VERSION} AS talhelper -FROM ghcr.io/mirceanton/kube-switcher:${KUBESWITCHER_VERSION} AS kubeswitcher -FROM ghcr.io/mirceanton/talswitcher:${TALSWITCHER_VERSION} AS talswitcher - - -## ================================================================================================ -# Build stages for other utilities -## ================================================================================================ -FROM alpine AS taskfile -ARG TASKFILE_VERSION -RUN wget https://github.com/go-task/task/releases/download/${TASKFILE_VERSION}/task_linux_amd64.tar.gz && tar xvf task_linux_amd64.tar.gz && mv task /bin/task -RUN wget https://raw.githubusercontent.com/go-task/task/${TASKFILE_VERSION}/completion/bash/task.bash -O /task_completion.bash - -FROM alpine AS age -ARG AGE_VERSION -RUN wget https://github.com/FiloSottile/age/releases/download/${AGE_VERSION}/age-${AGE_VERSION}-linux-amd64.tar.gz -O age.tar.gz && tar xvf age.tar.gz && mv age/age /bin/age && mv age/age-keygen /bin/age-keygen - -FROM alpine AS helm -ARG HELM_VERSION -RUN wget https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz && tar xvf helm-${HELM_VERSION}-linux-amd64.tar.gz && mv linux-amd64/helm /bin/helm - -FROM alpine AS cilium -ARG CILIUM_VERSION -RUN wget https://github.com/cilium/cilium-cli/releases/download/${CILIUM_VERSION}/cilium-linux-amd64.tar.gz -O cilium.tar.gz && tar xvf cilium.tar.gz && mv cilium /bin/cilium - - -## ================================================================================================ -## Main image -## ================================================================================================ -FROM mcr.microsoft.com/devcontainers/python:3.12-bullseye AS workspace -ENV EDITOR=vim - -RUN DEBIAN_FRONTEND=noninteractive \ - apt-get update && apt-get upgrade -y && \ - apt-get install -y \ - sudo \ - git \ - bash-completion \ - vim \ - curl \ - wget \ - unzip \ - htop \ - net-tools \ - iputils-ping \ - dnsutils && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -COPY requirements.txt /tmp/requirements.txt -RUN pip install --upgrade pip && \ - pip install -r /tmp/requirements.txt - -# Enable passwordless sudo :kek: -RUN echo 'vscode ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers - -# Install tools with no bash completion -COPY --from=k9s /bin/k9s /usr/local/bin/k9s -COPY --from=sops /usr/local/bin/sops /usr/local/bin/sops -COPY --from=age /bin/age /usr/local/bin/age -COPY --from=age /bin/age-keygen /usr/local/bin/age-keygen - -# Install kustomize and set up bash completion -COPY --from=kustomize /app/kustomize /usr/local/bin/kustomize -RUN kustomize completion bash | sudo tee /etc/bash_completion.d/kustomize.bash > /dev/null - -# Install cilium and set up bash completion -COPY --from=cilium /bin/cilium /usr/local/bin/cilium -RUN cilium completion bash | sudo tee /etc/bash_completion.d/cilium.bash > /dev/null - -# Install stern and set up bash completion -COPY --from=stern /usr/local/bin/stern /usr/local/bin/stern -RUN stern --completion=bash | sudo tee /etc/bash_completion.d/stern.bash > /dev/null - -# Install terraform and set up bash completion -COPY --from=terraform /bin/terraform /usr/local/bin/terraform -RUN terraform -install-autocomplete - -# Install talosctl and set up bash completion -COPY --from=talosctl /talosctl /usr/local/bin/talosctl -RUN talosctl completion bash | sudo tee /etc/bash_completion.d/talosctl.bash > /dev/null - -# Install talhelper and set up bash completion -COPY --from=talhelper /usr/local/bin/talhelper /usr/local/bin/talhelper -RUN talhelper completion bash | sudo tee /etc/bash_completion.d/talhelper.bash > /dev/null - -# Install talswitcher and set up bash completion -COPY --from=talswitcher /talswitcher /usr/local/bin/talswitcher -RUN talswitcher completion bash | sudo tee /etc/bash_completion.d/talswitcher.bash > /dev/null - -# Install taskfile and set up bash completion -COPY --from=taskfile /bin/task /usr/local/bin/task -COPY --from=taskfile /task_completion.bash /etc/bash_completion.d/task.bash - -# Install kubectl and set up bash completion -COPY --from=kubectl /opt/bitnami/kubectl/bin/kubectl /usr/local/bin/kubectl -RUN kubectl completion bash | sudo tee /etc/bash_completion.d/kubectl.bash > /dev/null - -# Install kubeswitcher as a kubectl plugin -COPY --from=kubeswitcher /kube-switcher /usr/local/bin/kubectl-switch -RUN kubectl switch completion bash | sudo tee /etc/bash_completion.d/kubectl-switch.bash > /dev/null - -# Install helm and set up bash completion -COPY --from=helm /bin/helm /usr/local/bin/helm -RUN helm completion bash | sudo tee /etc/bash_completion.d/helm.bash > /dev/null - -# Install flux and set up bash completion -COPY --from=flux /usr/local/bin/flux /usr/local/bin/flux -RUN flux completion bash | sudo tee /etc/bash_completion.d/flux.bash > /dev/null - -# Install Docker -COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker -COPY --from=docker /usr/local/bin/docker-compose /usr/local/bin/docker-compose - -USER vscode -WORKDIR /workspace -ENTRYPOINT [ "/bin/bash", "-l", "-c" ] diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index d3b2746c2..000000000 --- a/requirements.txt +++ /dev/null @@ -1,3 +0,0 @@ -yamllint==1.35.1 -jq==1.8.0 -yq==3.4.3 From 9549e490559d4c646e6d8678fbb971c309f66dd3 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Sun, 15 Sep 2024 22:50:44 +0000 Subject: [PATCH 02/10] update --- .commitlintrc.yaml | 13 ++ .config/.tflint.hcl | 4 + {.github/configs => .config}/labeler.yaml | 0 {.github/configs => .config}/labels.yaml | 0 .config/renovate.json5 | 14 +++ {.github/configs => .config}/yamllint.yaml | 0 .github/workflows/devcontainer-release.yaml | 30 ----- .github/workflows/label-sync.yaml | 38 ++++++ .github/workflows/labeler.yaml | 14 +++ .github/workflows/lint-job.yaml | 131 +++----------------- .github/workflows/meta-label-sync.yaml | 27 ---- .github/workflows/meta-labeler.yaml | 14 --- .github/workflows/renovate.yaml | 23 +++- 13 files changed, 118 insertions(+), 190 deletions(-) create mode 100644 .commitlintrc.yaml create mode 100644 .config/.tflint.hcl rename {.github/configs => .config}/labeler.yaml (100%) rename {.github/configs => .config}/labels.yaml (100%) create mode 100644 .config/renovate.json5 rename {.github/configs => .config}/yamllint.yaml (100%) delete mode 100644 .github/workflows/devcontainer-release.yaml create mode 100644 .github/workflows/label-sync.yaml create mode 100644 .github/workflows/labeler.yaml delete mode 100644 .github/workflows/meta-label-sync.yaml delete mode 100644 .github/workflows/meta-labeler.yaml diff --git a/.commitlintrc.yaml b/.commitlintrc.yaml new file mode 100644 index 000000000..18c6d7c56 --- /dev/null +++ b/.commitlintrc.yaml @@ -0,0 +1,13 @@ +--- +# Inherit configuration of a package +include: package:commitlint_cli/commitlint.yaml + +# Custom rules +rules: + type-case: + - 2 + - always + - "lower-case" + +# Whether commitlint uses the default ignore rules. +defaultIgnores: true diff --git a/.config/.tflint.hcl b/.config/.tflint.hcl new file mode 100644 index 000000000..39ec52b41 --- /dev/null +++ b/.config/.tflint.hcl @@ -0,0 +1,4 @@ +plugin "terraform" { + enabled = true + preset = "recommended" +} \ No newline at end of file diff --git a/.github/configs/labeler.yaml b/.config/labeler.yaml similarity index 100% rename from .github/configs/labeler.yaml rename to .config/labeler.yaml diff --git a/.github/configs/labels.yaml b/.config/labels.yaml similarity index 100% rename from .github/configs/labels.yaml rename to .config/labels.yaml diff --git a/.config/renovate.json5 b/.config/renovate.json5 new file mode 100644 index 000000000..4621c827f --- /dev/null +++ b/.config/renovate.json5 @@ -0,0 +1,14 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "dependencyDashboardTitle": "Renovate Dashboard 🤖", + "onboarding": false, + "extends": [ + ":dependencyDashboard", + "config:best-practices", + ":disableRateLimiting", + ":semanticCommits", + "github>mirceanton/reusable-workflows//.renovate/autoMerge.json5", + "github>mirceanton/reusable-workflows//.renovate/labels.json5", + "github>mirceanton/reusable-workflows//.renovate/semanticCommits.json5" + ] +} \ No newline at end of file diff --git a/.github/configs/yamllint.yaml b/.config/yamllint.yaml similarity index 100% rename from .github/configs/yamllint.yaml rename to .config/yamllint.yaml diff --git a/.github/workflows/devcontainer-release.yaml b/.github/workflows/devcontainer-release.yaml deleted file mode 100644 index e6ae6eaab..000000000 --- a/.github/workflows/devcontainer-release.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: Devcontainer Release - -on: - workflow_dispatch: - inputs: - custom-tag: - type: string - description: Additional custom tags for the image. - required: false - pull_request: - paths: - - .devcontainer/Dockerfile - - .github/workflows/devcontainer-release.yaml - push: - branches: [main] - paths: - - .devcontainer/Dockerfile - - .github/workflows/devcontainer-release.yaml - -jobs: - release: - uses: mirceanton/reusable-workflows/.github/workflows/docker-release.yaml@main - secrets: inherit - with: - image-name: ghcr.io/${{ github.repository_owner }}/gitops-toolkit - dockerfile: .devcontainer/Dockerfile - custom-tag: ${{ inputs.custom-tag }} - platforms: linux/amd64 diff --git a/.github/workflows/label-sync.yaml b/.github/workflows/label-sync.yaml new file mode 100644 index 000000000..da245faf4 --- /dev/null +++ b/.github/workflows/label-sync.yaml @@ -0,0 +1,38 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: Label Sync + +on: + # Manual trigger + workflow_dispatch: + inputs: + dry-run: + description: "Dry Run" + default: true + required: false + type: boolean + + # Dry run on pull requests + pull_request: + paths: + - .github/workflows/label-sync.yaml + - .github/labels/base.yaml + + # Run when the configs changed on the main branch + push: + branches: ["main"] + paths: + - .github/workflows/label-sync.yaml + - .github/labels/base.yaml + + # Scheduled daily + schedule: + - cron: "0 0 * * *" + +jobs: + label-sync: + uses: mirceanton/reusable-workflows/.github/workflows/reusable-label-sync.yaml + secrets: inherit + with: + dry-run: ${{ inputs.dry-run || github.event_name == 'pull_request' }} + config-file: .config/labels.yaml diff --git a/.github/workflows/labeler.yaml b/.github/workflows/labeler.yaml new file mode 100644 index 000000000..31628c3f0 --- /dev/null +++ b/.github/workflows/labeler.yaml @@ -0,0 +1,14 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: Labeler + +on: + # When a pull request is opened, reopened, or synchronized + pull_request_target: {} + +jobs: + pr-labeler: + uses: mirceanton/reusable-workflows/.github/workflows/reusable-labeler.yaml + secrets: inherit + with: + config-file: .config/labeler.yaml diff --git a/.github/workflows/lint-job.yaml b/.github/workflows/lint-job.yaml index 1c6075fe3..e9a07aeab 100644 --- a/.github/workflows/lint-job.yaml +++ b/.github/workflows/lint-job.yaml @@ -3,127 +3,32 @@ name: Lint Job on: + workflow_dispatch: {} pull_request: {} - workflow_dispatch: - inputs: - run-all: - description: "Whether to run all linters or only the ones that have changes" - required: false - default: false - type: boolean - -concurrency: - group: ${{ github.workflow }}-${{ github.event.number || github.ref }} - cancel-in-progress: true jobs: - paths-filter: - runs-on: ubuntu-latest - if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && !github.event.pull_request.draft) - outputs: - yaml: ${{ steps.filter.outputs.yaml }} - bash: ${{ steps.filter.outputs.bash }} - markdown: ${{ steps.filter.outputs.markdown }} - terraform: ${{ steps.filter.outputs.terraform }} - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Scan Paths - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 - id: filter - with: - filters: | - yaml: - - '**/*.yml' - - '**/*.yaml' - bash: - - '**/*.sh' - - '**/*.bash' - markdown: - - '**/*.md' - - '**/*.markdown' - terraform: - - '**/*.tf' - - '**/*.tfvars' - - - name: Show Paths - run: | - echo "yaml=${{ steps.filter.outputs.yaml }}" - echo "bash=${{ steps.filter.outputs.bash }}" - echo "markdown=${{ steps.filter.outputs.markdown }}" - echo "terraform=${{ steps.filter.outputs.terraform }}" - yamllint: - runs-on: ubuntu-latest - needs: [paths-filter] - if: needs.paths-filter.outputs.yaml == 'true' || github.event.inputs.run-all == true - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: mirceanton/reusable-workflows/.github/workflows/reusable-yamllint.yaml@v3.4.1 + secrets: inherit + with: + yamllint-args: "--config-file=.config/yamllint.yaml" - - name: Set up Python - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 - with: - python-version: "3.12" - - - name: Install yamllint - run: pip install yamllint - - - name: Run yamllint - run: yamllint -c .github/configs/yamllint.yaml . + actionlint: + uses: mirceanton/reusable-workflows/.github/workflows/reusable-actionlint.yaml@v3.4.1 + secrets: inherit shellcheck: - runs-on: ubuntu-latest - needs: [paths-filter] - if: needs.paths-filter.outputs.bash == 'true' || github.event.inputs.run-all == true - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Install ShellCheck - run: sudo apt-get install -y shellcheck - - - name: Run ShellCheck - run: find . -name "*.sh" -exec shellcheck {} + + uses: mirceanton/reusable-workflows/.github/workflows/reusable-shellcheck.yaml@v3.4.1 + secrets: inherit markdownlint: - runs-on: ubuntu-latest - needs: [paths-filter] - if: needs.paths-filter.outputs.markdown == 'true' || github.event.inputs.run-all == true - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Install Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 - with: - node-version: "20" - - - name: Install markdownlint-cli - run: npm install -g markdownlint-cli - - - name: Run markdownlint - run: markdownlint '**/*.md' - - tflint: - runs-on: ubuntu-latest - needs: [paths-filter] - if: needs.paths-filter.outputs.terraform == 'true' || github.event.inputs.run-all == true - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - uses: terraform-linters/setup-tflint@19a52fbac37dacb22a09518e4ef6ee234f2d4987 # v4 - name: Setup TFLint - with: - tflint_version: v0.53.0 - - - name: Show TFLint version - run: tflint --version + uses: mirceanton/reusable-workflows/.github/workflows/reusable-markdownlint.yaml@v3.4.1 + secrets: inherit - - name: Init TFLint - run: tflint --init + commitlint: + uses: mirceanton/reusable-workflows/.github/workflows/reusable-commitlint.yaml@v3.4.1 + secrets: inherit - - name: Run TFLint - run: tflint --format=compact --recursive + terraform: + uses: mirceanton/reusable-workflows/.github/workflows/reusable-terraform-ci.yaml@feat/terraform-lint + secrets: inherit diff --git a/.github/workflows/meta-label-sync.yaml b/.github/workflows/meta-label-sync.yaml deleted file mode 100644 index 3a17ada67..000000000 --- a/.github/workflows/meta-label-sync.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: Label Sync - -on: - workflow_dispatch: {} # Manual Trigger - push: - branches: ["main"] - paths: - - ".github/configs/labels.yaml" - - ".github/workflows/meta-label-sync.yaml" - schedule: - - cron: "0 0 * * *" # Every day at midnight - -permissions: - issues: write - -concurrency: - group: ${{ github.workflow }}-${{ github.event.number || github.ref }} - cancel-in-progress: true - -jobs: - label-sync: - uses: mirceanton/reusable-workflows/.github/workflows/meta-label-sync.yaml@main - secrets: inherit - with: - config-file: .github/configs/labels.yaml diff --git a/.github/workflows/meta-labeler.yaml b/.github/workflows/meta-labeler.yaml deleted file mode 100644 index 8498a068d..000000000 --- a/.github/workflows/meta-labeler.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: Labeler - -on: - workflow_dispatch: {} # Manual Trigger - pull_request_target: {} - -jobs: - labeler: - uses: mirceanton/reusable-workflows/.github/workflows/meta-labeler.yaml@main - secrets: inherit - with: - config-file: .github/configs/labeler.yaml diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index fe976b27f..88b3e4bf3 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -3,18 +3,28 @@ name: Renovate on: + # Manual trigger workflow_dispatch: inputs: - dryRun: + dry-run: description: Dry Run default: "false" required: false - logLevel: + log-level: description: Log Level default: debug required: false + + # Dry run on pull requests + pull_request: + paths: + - ".github/workflows/renovate.yaml" + - ".renovate/*.json5" + - "renovate.json5" + + # Scheduled hourly schedule: - - cron: "0 * * * *" # hourly + - cron: "0 * * * *" concurrency: group: ${{ github.workflow }}-${{ github.event.number || github.ref }} @@ -22,8 +32,9 @@ concurrency: jobs: renovate: - uses: mirceanton/reusable-workflows/.github/workflows/renovate.yaml@main + uses: mirceanton/reusable-workflows/.github/workflows/reusable-renovate.yaml@v3.4.1 secrets: inherit with: - dryRun: "${{ inputs.dryRun == true }}" - logLevel: "${{ inputs.logLevel || 'debug' }}" + dry-run: "${{ inputs.dry-run == true || github.event_name == 'pull_request' }}" + log-level: "${{ inputs.log-level || 'debug' }}" + config-file: .config/renovate.json5 From 774af74ec7da1a9b763840b42c7beea117702ac6 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Sun, 15 Sep 2024 22:51:30 +0000 Subject: [PATCH 03/10] Trigger CI From c6762f185126f528b72f7a8c312383dc7272d4ed Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Sun, 15 Sep 2024 22:53:00 +0000 Subject: [PATCH 04/10] fix --- .github/workflows/label-sync.yaml | 2 +- .github/workflows/labeler.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/label-sync.yaml b/.github/workflows/label-sync.yaml index da245faf4..4dc4cb3a2 100644 --- a/.github/workflows/label-sync.yaml +++ b/.github/workflows/label-sync.yaml @@ -31,7 +31,7 @@ on: jobs: label-sync: - uses: mirceanton/reusable-workflows/.github/workflows/reusable-label-sync.yaml + uses: mirceanton/reusable-workflows/.github/workflows/reusable-label-sync.yaml@v3.4.1 secrets: inherit with: dry-run: ${{ inputs.dry-run || github.event_name == 'pull_request' }} diff --git a/.github/workflows/labeler.yaml b/.github/workflows/labeler.yaml index 31628c3f0..d59f1d70b 100644 --- a/.github/workflows/labeler.yaml +++ b/.github/workflows/labeler.yaml @@ -8,7 +8,7 @@ on: jobs: pr-labeler: - uses: mirceanton/reusable-workflows/.github/workflows/reusable-labeler.yaml + uses: mirceanton/reusable-workflows/.github/workflows/reusable-labeler.yaml@v3.4.1 secrets: inherit with: config-file: .config/labeler.yaml From 6d8f8980078b40861558c66cec247c74c06961f1 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Mon, 16 Sep 2024 16:02:04 +0000 Subject: [PATCH 05/10] fix lint --- .github/PULL_REQUEST_TEMPLATE.md | 13 ------------- README.md | 14 +++++++------- 2 files changed, 7 insertions(+), 20 deletions(-) delete mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index 8e7cf25fc..000000000 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,13 +0,0 @@ -## Describe your changes - - - -## Checklist - -- [ ] Code has been reviewd -- [ ] Documentation is up to date -- [ ] All deployments are passing diff --git a/README.md b/README.md index af7a2df12..d75d6cf97 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,10 @@ +
- - - -

My home operations repository

- -managed with Flux, Renovate and GitHub Actions 🤖 - + +

My home operations repository

+ managed with Flux, Renovate and GitHub Actions 🤖
+ --- @@ -25,11 +23,13 @@ This is a monorepo for my homelab infrastructure automation. I try to adhere (as ## ⭐ Stargazers + + ## 🤝 Gratitude and Thanks From 8f6c114efbf0155d7c0c2f7edb7406b807e22ae5 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Mon, 16 Sep 2024 16:30:30 +0000 Subject: [PATCH 06/10] remove unused scripts --- scripts/delete-stuck-ns.sh | 4 +- scripts/kubernetes-wait-api.sh | 11 ---- scripts/kubernetes-wait-node-joined.sh | 11 ---- scripts/talos-wait-node-kubelet-healthy.sh | 16 ----- scripts/terraform-lint.sh | 72 ---------------------- 5 files changed, 2 insertions(+), 112 deletions(-) delete mode 100644 scripts/kubernetes-wait-api.sh delete mode 100644 scripts/kubernetes-wait-node-joined.sh delete mode 100644 scripts/talos-wait-node-kubelet-healthy.sh delete mode 100644 scripts/terraform-lint.sh diff --git a/scripts/delete-stuck-ns.sh b/scripts/delete-stuck-ns.sh index 34e75b39a..97a32e705 100644 --- a/scripts/delete-stuck-ns.sh +++ b/scripts/delete-stuck-ns.sh @@ -2,7 +2,7 @@ function delete_namespace() { echo "Deleting namespace $1" - kubectl get namespace $1 -o json >tmp.json + kubectl get namespace "$1" -o json >tmp.json sed -i 's/"kubernetes"//g' tmp.json kubectl replace --raw "/api/v1/namespaces/$1/finalize" -f ./tmp.json rm ./tmp.json @@ -11,5 +11,5 @@ function delete_namespace() { TERMINATING_NS=$(kubectl get ns | awk '$2=="Terminating" {print $1}') for ns in $TERMINATING_NS; do - delete_namespace $ns + delete_namespace "$ns" done diff --git a/scripts/kubernetes-wait-api.sh b/scripts/kubernetes-wait-api.sh deleted file mode 100644 index 20277e29a..000000000 --- a/scripts/kubernetes-wait-api.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -printf "Waiting for the Kubernetes API to become available " - -while ! kubectl get nodes >/dev/null 2>/dev/null; do - printf "." - sleep 1 -done - -echo "" -echo "OK" diff --git a/scripts/kubernetes-wait-node-joined.sh b/scripts/kubernetes-wait-node-joined.sh deleted file mode 100644 index ea5cb9f95..000000000 --- a/scripts/kubernetes-wait-node-joined.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -printf "Waiting for node $NODE_IP to join the cluster " - -while ! kubectl get nodes -o wide 2>/dev/null | grep $NODE_IP | grep -q $NODE_ROLE >/dev/null 2>/dev/null; do - printf "." - sleep 1 -done - -echo "" -echo "OK" diff --git a/scripts/talos-wait-node-kubelet-healthy.sh b/scripts/talos-wait-node-kubelet-healthy.sh deleted file mode 100644 index 4c02c0624..000000000 --- a/scripts/talos-wait-node-kubelet-healthy.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -printf "Waiting for the kubelet to become healthy on Talos node $NODE_IP " - -while true; do - output=$(talosctl dmesg -n $NODE_IP 2>&1) - - if echo "$output" | grep -Fq "service[kubelet](Running): Health check successful"; then - echo "" - echo "Kubelet is Healthy on node $NODE_IP!" - break - else - printf "." - sleep 1 - fi -done diff --git a/scripts/terraform-lint.sh b/scripts/terraform-lint.sh deleted file mode 100644 index 5ac582f9a..000000000 --- a/scripts/terraform-lint.sh +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/bash - -TF_DIR=terraform - -# Color codes for pretty output -RED="\e[31m" -GREEN="\e[32m" -GREY="\e[90m" -RESET="\e[0m" - -# Initialize variables to track formatting status and verbosity -formatted=1 -quiet=false -verbose=false - -# Process command line options -while [[ $# -gt 0 ]]; do - case "$1" in - -q | --quiet) - quiet=true - shift - ;; - -v | --verbose) - verbose=true - shift - ;; - *) - echo "Unknown option: $1" - exit 1 - ;; - esac -done - -# Loop through all directories in $DIR -for d in "$TF_DIR"/*; do - if [ -d "$d" ]; then - # Check if there are any terraform files inside the subdirectory - if ls "$d"/*.tf* 1>/dev/null 2>&1; then - pushd "$d" >/dev/null - - # Check if terraform files are properly formatted - if terraform fmt -check 1>/dev/null 2>&1; then - if [ "$verbose" = true ]; then - echo -e "${GREEN}Terraform files in '$d' are properly formatted.${RESET}" - fi - else - if [ "$quiet" = false ]; then - echo -e "${RED}Terraform files in '$d' are not properly formatted.${RESET}" - fi - formatted=0 # update flag - fi - - popd >/dev/null - else - if [ "$verbose" = true ]; then - echo -e "${GREY}No Terraform files found in '$d'. Skipping...${RESET}" - fi - fi - fi -done - -if [ "$formatted" -eq 0 ]; then - if [ "$quiet" = false ]; then - echo -e "${RED}Some directories have unformatted Terraform files.${RESET}" - fi - exit 1 -else - if [ "$verbose" = true ]; then - echo -e "${GREEN}All Terraform directories checked and formatted properly.${RESET}" - fi - exit 0 -fi From f648bc1e4095db51308e9e4c73039561b6781e64 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Mon, 16 Sep 2024 16:43:16 +0000 Subject: [PATCH 07/10] fix lint --- .config/.tflint.hcl | 4 ---- .github/workflows/lint-job.yaml | 5 +---- .markdownlint.yaml | 25 +++++++++++++++++++++++++ scripts/sops-encrypt-all.sh | 2 +- 4 files changed, 27 insertions(+), 9 deletions(-) delete mode 100644 .config/.tflint.hcl create mode 100644 .markdownlint.yaml diff --git a/.config/.tflint.hcl b/.config/.tflint.hcl deleted file mode 100644 index 39ec52b41..000000000 --- a/.config/.tflint.hcl +++ /dev/null @@ -1,4 +0,0 @@ -plugin "terraform" { - enabled = true - preset = "recommended" -} \ No newline at end of file diff --git a/.github/workflows/lint-job.yaml b/.github/workflows/lint-job.yaml index e9a07aeab..56d2e0113 100644 --- a/.github/workflows/lint-job.yaml +++ b/.github/workflows/lint-job.yaml @@ -24,11 +24,8 @@ jobs: markdownlint: uses: mirceanton/reusable-workflows/.github/workflows/reusable-markdownlint.yaml@v3.4.1 secrets: inherit + commitlint: uses: mirceanton/reusable-workflows/.github/workflows/reusable-commitlint.yaml@v3.4.1 secrets: inherit - - terraform: - uses: mirceanton/reusable-workflows/.github/workflows/reusable-terraform-ci.yaml@feat/terraform-lint - secrets: inherit diff --git a/.markdownlint.yaml b/.markdownlint.yaml new file mode 100644 index 000000000..ab37d7649 --- /dev/null +++ b/.markdownlint.yaml @@ -0,0 +1,25 @@ +{ + "blanks-around-fences": false, + "blanks-around-headings": false, + "blanks-around-lists": false, + "code-fence-style": false, + "emphasis-style": false, + "heading-start-left": false, + "heading-style": false, + "hr-style": false, + "line-length": false, + "list-indent": false, + "list-marker-space": false, + "no-blanks-blockquote": false, + "no-hard-tabs": false, + "no-missing-space-atx": false, + "no-missing-space-closed-atx": false, + "no-multiple-blanks": false, + "no-multiple-space-atx": false, + "no-multiple-space-blockquote": false, + "no-multiple-space-closed-atx": false, + "no-trailing-spaces": false, + "ol-prefix": false, + "strong-style": false, + "ul-indent": false, +} diff --git a/scripts/sops-encrypt-all.sh b/scripts/sops-encrypt-all.sh index 0a2ef698f..d263533f5 100644 --- a/scripts/sops-encrypt-all.sh +++ b/scripts/sops-encrypt-all.sh @@ -5,7 +5,7 @@ RED='\033[0;31m' NC='\033[0m' while IFS= read -r path; do - path=$(echo "$path" | sed 's/\(\.sops\)/ /g') + path=${path/.sops/ } find . -regextype egrep -regex ".*/$path" -type f | while IFS= read -r file; do encrypted_file="${file%.yaml}.sops.yaml" From a9182ff2eb8ba0466b0e5a0b519fa5c278d0b748 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Mon, 16 Sep 2024 16:46:38 +0000 Subject: [PATCH 08/10] fix lint --- .github/workflows/lint-job.yaml | 1 - .markdownlint.yaml | 53 +++++++++++++++++---------------- 2 files changed, 28 insertions(+), 26 deletions(-) diff --git a/.github/workflows/lint-job.yaml b/.github/workflows/lint-job.yaml index 56d2e0113..4b22a7380 100644 --- a/.github/workflows/lint-job.yaml +++ b/.github/workflows/lint-job.yaml @@ -24,7 +24,6 @@ jobs: markdownlint: uses: mirceanton/reusable-workflows/.github/workflows/reusable-markdownlint.yaml@v3.4.1 secrets: inherit - commitlint: uses: mirceanton/reusable-workflows/.github/workflows/reusable-commitlint.yaml@v3.4.1 diff --git a/.markdownlint.yaml b/.markdownlint.yaml index ab37d7649..673089f09 100644 --- a/.markdownlint.yaml +++ b/.markdownlint.yaml @@ -1,25 +1,28 @@ -{ - "blanks-around-fences": false, - "blanks-around-headings": false, - "blanks-around-lists": false, - "code-fence-style": false, - "emphasis-style": false, - "heading-start-left": false, - "heading-style": false, - "hr-style": false, - "line-length": false, - "list-indent": false, - "list-marker-space": false, - "no-blanks-blockquote": false, - "no-hard-tabs": false, - "no-missing-space-atx": false, - "no-missing-space-closed-atx": false, - "no-multiple-blanks": false, - "no-multiple-space-atx": false, - "no-multiple-space-blockquote": false, - "no-multiple-space-closed-atx": false, - "no-trailing-spaces": false, - "ol-prefix": false, - "strong-style": false, - "ul-indent": false, -} +--- +default: true + +blanks-around-fences: false +blanks-around-headings: false +blanks-around-lists: false +code-fence-style: false +emphasis-style: false +first-line-h1: false +heading-start-left: false +heading-style: false +hr-style: false +line-length: false +list-indent: false +list-marker-space: false +no-alt-text: false +no-blanks-blockquote: false +no-hard-tabs: false +no-missing-space-atx: false +no-missing-space-closed-atx: false +no-multiple-blanks: false +no-multiple-space-atx: false +no-multiple-space-blockquote: false +no-multiple-space-closed-atx: false +no-trailing-spaces: false +ol-prefix: false +strong-style: false +ul-indent: false From 8b6e3fc3b706687b903261349f5f74f7353f6952 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Mon, 16 Sep 2024 16:52:22 +0000 Subject: [PATCH 09/10] restructure --- {.config => .github}/labeler.yaml | 0 {.config => .github}/labels.yaml | 0 .github/renovate.json5 | 16 ---------------- .github/workflows/label-sync.yaml | 6 +++--- .github/workflows/labeler.yaml | 2 +- .github/workflows/lint-job.yaml | 2 +- .github/workflows/renovate.yaml | 2 +- .markdownlint.yaml | 1 + .config/renovate.json5 => .renovate.json5 | 0 .config/yamllint.yaml => .yamllint.yaml | 0 README.md | 4 ---- 11 files changed, 7 insertions(+), 26 deletions(-) rename {.config => .github}/labeler.yaml (100%) rename {.config => .github}/labels.yaml (100%) delete mode 100644 .github/renovate.json5 rename .config/renovate.json5 => .renovate.json5 (100%) rename .config/yamllint.yaml => .yamllint.yaml (100%) diff --git a/.config/labeler.yaml b/.github/labeler.yaml similarity index 100% rename from .config/labeler.yaml rename to .github/labeler.yaml diff --git a/.config/labels.yaml b/.github/labels.yaml similarity index 100% rename from .config/labels.yaml rename to .github/labels.yaml diff --git a/.github/renovate.json5 b/.github/renovate.json5 deleted file mode 100644 index 021dd5cd9..000000000 --- a/.github/renovate.json5 +++ /dev/null @@ -1,16 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "dependencyDashboardTitle": "Renovate Dashboard 🤖", - "extends": [ - ":dependencyDashboard", - ":timezone(Europe/Bucharest)", - "config:best-practices", - "docker:enableMajor", - ":disableRateLimiting", - ":semanticCommits", - "github>mirceanton/centralized-workflows//.github/configs/renovate/devcontainerNoDigest.json5", - "github>mirceanton/centralized-workflows//.github/configs/renovate/autoMerge.json5", - "github>mirceanton/centralized-workflows//.github/configs/renovate/semanticCommits.json5", - "github>mirceanton/centralized-workflows//.github/configs/renovate/labels.json5" - ] -} \ No newline at end of file diff --git a/.github/workflows/label-sync.yaml b/.github/workflows/label-sync.yaml index 4dc4cb3a2..9939e5578 100644 --- a/.github/workflows/label-sync.yaml +++ b/.github/workflows/label-sync.yaml @@ -16,14 +16,14 @@ on: pull_request: paths: - .github/workflows/label-sync.yaml - - .github/labels/base.yaml + - .github/labels.yaml # Run when the configs changed on the main branch push: branches: ["main"] paths: - .github/workflows/label-sync.yaml - - .github/labels/base.yaml + - .github/labels.yaml # Scheduled daily schedule: @@ -35,4 +35,4 @@ jobs: secrets: inherit with: dry-run: ${{ inputs.dry-run || github.event_name == 'pull_request' }} - config-file: .config/labels.yaml + config-file: .github/labels.yaml diff --git a/.github/workflows/labeler.yaml b/.github/workflows/labeler.yaml index d59f1d70b..aa54e0257 100644 --- a/.github/workflows/labeler.yaml +++ b/.github/workflows/labeler.yaml @@ -11,4 +11,4 @@ jobs: uses: mirceanton/reusable-workflows/.github/workflows/reusable-labeler.yaml@v3.4.1 secrets: inherit with: - config-file: .config/labeler.yaml + config-file: .github/labeler.yaml diff --git a/.github/workflows/lint-job.yaml b/.github/workflows/lint-job.yaml index 4b22a7380..254749701 100644 --- a/.github/workflows/lint-job.yaml +++ b/.github/workflows/lint-job.yaml @@ -11,7 +11,7 @@ jobs: uses: mirceanton/reusable-workflows/.github/workflows/reusable-yamllint.yaml@v3.4.1 secrets: inherit with: - yamllint-args: "--config-file=.config/yamllint.yaml" + yamllint-args: "--config-file=.yamllint.yaml" actionlint: uses: mirceanton/reusable-workflows/.github/workflows/reusable-actionlint.yaml@v3.4.1 diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 88b3e4bf3..786db12cf 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -37,4 +37,4 @@ jobs: with: dry-run: "${{ inputs.dry-run == true || github.event_name == 'pull_request' }}" log-level: "${{ inputs.log-level || 'debug' }}" - config-file: .config/renovate.json5 + config-file: .renovate.json5 diff --git a/.markdownlint.yaml b/.markdownlint.yaml index 673089f09..220a489c3 100644 --- a/.markdownlint.yaml +++ b/.markdownlint.yaml @@ -16,6 +16,7 @@ list-marker-space: false no-alt-text: false no-blanks-blockquote: false no-hard-tabs: false +no-inline-html: false no-missing-space-atx: false no-missing-space-closed-atx: false no-multiple-blanks: false diff --git a/.config/renovate.json5 b/.renovate.json5 similarity index 100% rename from .config/renovate.json5 rename to .renovate.json5 diff --git a/.config/yamllint.yaml b/.yamllint.yaml similarity index 100% rename from .config/yamllint.yaml rename to .yamllint.yaml diff --git a/README.md b/README.md index d75d6cf97..d4ad12c8d 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,8 @@ -

My home operations repository

managed with Flux, Renovate and GitHub Actions 🤖
- --- @@ -23,13 +21,11 @@ This is a monorepo for my homelab infrastructure automation. I try to adhere (as ## ⭐ Stargazers - - ## 🤝 Gratitude and Thanks From bad19566ae1fdff33840ad5aa1d42591eeac8690 Mon Sep 17 00:00:00 2001 From: Mircea-Pavel ANTON Date: Mon, 16 Sep 2024 16:56:19 +0000 Subject: [PATCH 10/10] update readme --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d4ad12c8d..6dd8ef597 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ This is a monorepo for my homelab infrastructure automation. I try to adhere (as 📁 .github # CI workflows and various tool configurations 📁 .taskfiles # Holds all of the "modules" for my Taskfile automation 📁 scripts # Various scripts used for automation, generally called within tasks +📁 terraform # Terraform configuration for managing infrastructure outside of K8S ``` ## ⭐ Stargazers