Use re-usable linting workflow (#376)

as part of kairos-io/kairos#1234 --------- Signed-off-by: Dimitris Karakasilis <[email protected]>
kairos-io · May 19, 2023 · c633dbd · c633dbd
1 parent 80cec50
commit c633dbd
Show file tree

Hide file tree

Showing 13 changed files with 96 additions and 82 deletions.
diff --git a/.github/bump_k3s_versions.sh b/.github/bump_k3s_versions.sh
@@ -6,13 +6,14 @@ verlte() {
     [  "$1" = "$(echo -e "$1\n$2" | sort -V | head -n1)" ]
 }
 
-versions=($(curl https://update.k3s.io/v1-release/channels | jq -rc '[ .data[] | select(.type == "channel") | select(.name | test("testing") | not) | .latest ] | unique | .[]'))
+# https://www.shellcheck.net/wiki/SC2207
+mapfile -t versionsArray < <(curl https://update.k3s.io/v1-release/channels | jq -rc '[ .data[] | select(.type == "channel") | select(.name | test("testing") | not) | .latest ] | unique | .[]')
 
 # Filter only versions above v1.20.0 (https://stackoverflow.com/a/40375567)
-for index in "${!versions[@]}" ; do
-    (verlte ${versions[$index]} v1.20.0) && unset -v 'versions[$index]'
+for index in "${!versionsArray[@]}" ; do
+    (verlte "${versionsArray[$index]}" v1.20.0) && unset -v 'versionsArray[$index]'
 done
-versions="${versions[@]}"
+versions="${versionsArray[*]}"
 
 amd64_flavor=("opensuse-leap" "opensuse-tumbleweed" "alpine-ubuntu" "alpine-opensuse-leap" "ubuntu" "ubuntu-20-lts" "ubuntu-22-lts" "fedora" "debian")
 arm64_flavor=("opensuse-leap-arm-rpi" "opensuse-tumbleweed-arm-rpi" "alpine-arm-rpi")
@@ -21,15 +22,15 @@ releases="[]"
 releases_arm="[]"
 
 for row in $versions; do
-    for flavor in "${amd64_flavor[@]}"; do
-    	releases=$(echo $releases | jq ". += [{ \"flavor\": \"$flavor\", \"k3s_version\": \"$row\" }]" )
-    done
-    for flavor in "${arm64_flavor[@]}"; do
-        for model in "${arm64_models[@]}"; do
-    		releases_arm=$(echo $releases_arm | jq ". += [{ \"flavor\": \"$flavor\", \"model\": \"$model\", \"k3s_version\": \"$row\" }]" )
-    	done
+  for flavor in "${amd64_flavor[@]}"; do
+    releases=$(echo "$releases" | jq ". += [{ \"flavor\": \"$flavor\", \"k3s_version\": \"$row\" }]" )
+  done
+  for flavor in "${arm64_flavor[@]}"; do
+    for model in "${arm64_models[@]}"; do
+      releases_arm=$(echo "$releases_arm" | jq ". += [{ \"flavor\": \"$flavor\", \"model\": \"$model\", \"k3s_version\": \"$row\" }]" )
     done
+  done
 done
 
-echo $releases_arm | jq  > releases-arm.json
-echo $releases | jq > releases.json
+echo "$releases_arm" | jq  > releases-arm.json
+echo "$releases" | jq > releases.json
diff --git a/.github/bump_repositories.sh b/.github/bump_repositories.sh
@@ -1,8 +1,6 @@
 #!/bin/bash
 set -e
 
-root_dir=$(git rev-parse --show-toplevel)
-
 reference() {
     nr=$1
     tag=$2
@@ -14,13 +12,13 @@ YQ=${YQ:-docker run --rm -v "${PWD}":/workdir mikefarah/yq}
 set -x
 
 last_commit_snapshot() {
-    echo $(docker run --rm quay.io/skopeo/stable list-tags docker://$1 | jq -rc '.Tags | map(select( (. | contains("-repository.yaml")) )) | sort_by(. | sub("v";"") | sub("-repository.yaml";"") | sub("-";"") | split(".") | map(tonumber) ) | .[-1]' | sed "s/-repository.yaml//g")
+    docker run --rm quay.io/skopeo/stable list-tags "docker://$1" | jq -rc '.Tags | map(select( (. | contains("-repository.yaml")) )) | sort_by(. | sub("v";"") | sub("-repository.yaml";"") | sub("-";"") | split(".") | map(tonumber) ) | .[-1]' | sed "s/-repository.yaml//g"
 }
 
 latest_tag=$(last_commit_snapshot quay.io/kairos/packages)
 latest_tag_arm64=$(last_commit_snapshot quay.io/kairos/packages-arm64)
 
-$YQ eval "$(reference 0 $latest_tag)" -i repository.yaml
-$YQ eval "$(reference 1 $latest_tag_arm64)" -i repository.yaml
+$YQ eval "$(reference 0 "$latest_tag")" -i repository.yaml
+$YQ eval "$(reference 1 "$latest_tag_arm64")" -i repository.yaml
 
 
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -5,17 +5,7 @@ on:
     branches:
       - main
 jobs:
-  lint:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - name: Install Go
-        uses: actions/setup-go@v4
-        with:
-          go-version: '^1.18'
-      - name: Run Lint checks
-        run: |
-          ./earthly.sh +lint
+  call-workflow:
+    uses: kairos-io/linting-composite-action/.github/workflows/reusable-linting.yaml@main
+    with:
+      yamldirs: "."
diff --git a/.github/workflows/release-arm.yaml b/.github/workflows/release-arm.yaml
@@ -114,7 +114,8 @@ jobs:
         uses: docker/setup-buildx-action@master
       - name: Build  🔧
         run: |
-          K3S_LATEST=$(curl -s https://update.k3s.io/v1-release/channels | jq -rc '[ .data[] | select(.type == "channel") | select(.name | test("testing") | not) | .latest ] | unique | .[-1]')
+          K3S_LATEST=$(curl -s https://update.k3s.io/v1-release/channels | \
+            jq -rc '[ .data[] | select(.type == "channel") | select(.name | test("testing") | not) | .latest ] | unique | .[-1]')
           earthly -P +all-arm-generic --FLAVOR=${{ matrix.flavor }} --K3S_VERSION=$K3S_LATEST
           sudo mv build release
       - name: Push to quay

diff --git a/.yamllint b/.yamllint
@@ -5,6 +5,7 @@ rules:
   line-length:
     max: 150
     level: warning
+    ignore: "tests/assets/qrcode.yaml" # tokens are big
 
   # accept both     key:
   #                   - item
@@ -18,4 +19,8 @@ rules:
     check-keys: false
 
   document-start:
-    present: false
+    present: false
+    ignore: "*" # There are multiple yamls in the same file, we need this sometimes
+
+  comments:
+    ignore: "tests/assets/*" # our #cloud-config header doesn't take a space after the "#"
diff --git a/Earthfile b/Earthfile
@@ -24,7 +24,9 @@ ARG OSBUILDER_IMAGE=quay.io/kairos/osbuilder-tools:v0.6.0
 
 ## External deps pinned versions
 ARG LUET_VERSION=0.33.0
-ARG GOLINT_VERSION=1.52.2
+ARG GOLANGCILINT_VERSION=v1.52-alpine
+ARG HADOLINT_VERSION=2.12.0-alpine
+ARG SHELLCHECK_VERSION=v0.9.0
 ARG GO_VERSION=1.20
 
 ARG OS_ID=kairos
@@ -136,7 +138,7 @@ docker:
     ELSE
         ENV INSTALL_K3S_VERSION=${K3S_VERSION}
     END
-    
+
     COPY repository.yaml /etc/luet/luet.yaml
 
     IF [ "$FLAVOR" = "opensuse-leap" ] || [ "$FLAVOR" = "opensuse-leap-arm-rpi" ]
@@ -166,10 +168,10 @@ docker:
     ARG KAIROS_VERSION
     IF [ "$KAIROS_VERSION" = "" ]
         ARG OS_VERSION=${VERSION}
-    ELSE 
+    ELSE
         ARG OS_VERSION=${KAIROS_VERSION}
     END
-    
+
     ARG OS_ID
     ARG OS_NAME=${OS_ID}-${FLAVOR}
     ARG OS_REPO=quay.io/kairos/${VARIANT}-${FLAVOR}
@@ -318,7 +320,7 @@ linux-bench:
     RUN cd /linux-bench-src && CGO_ENABLED=0 go build -o linux-bench . && mv linux-bench /
     SAVE ARTIFACT /linux-bench /linux-bench
 
-# The target below should run on a live host instead. 
+# The target below should run on a live host instead.
 # However, some checks are relevant as well at container level.
 # It is good enough for a quick assessment.
 linux-bench-scan:
@@ -383,7 +385,7 @@ edgevpn:
     FROM quay.io/mudler/edgevpn:$EDGEVPN_VERSION
     SAVE ARTIFACT /usr/bin/edgevpn /edgevpn
 
-# usage e.g. 
+# usage e.g.
 # ./earthly.sh +run-proxmox-tests --PROXMOX_USER=root@pam --PROXMOX_PASS=xxx --PROXMOX_ENDPOINT=https://192.168.1.72:8006/api2/json --PROXMOX_ISO=/test/build/kairos-opensuse-v0.0.0-79fd363-k3s.iso --PROXMOX_NODE=proxmox
 run-proxmox-tests:
     FROM golang:alpine
@@ -407,19 +409,39 @@ run-proxmox-tests:
     RUN PATH=$PATH:$GOPATH/bin ginkgo --label-filter "$TEST_SUITE" --fail-fast -r ./tests/e2e/
 
 lint:
-    BUILD +golint
+    BUILD +hadolint
+    BUILD +renovate-validator
+    BUILD +shellcheck-lint
+    BUILD +golangci-lint
     BUILD +yamllint
 
-golint:
-    ARG GO_VERSION
-    FROM golang:$GO_VERSION
-    ARG GOLINT_VERSION
-    RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v$GOLINT_VERSION
-    WORKDIR /build
-    COPY . .
-    RUN golangci-lint run --timeout 360s
+hadolint:
+  FROM hadolint/hadolint:${HADOLINT_VERSION}
+  COPY . /work
+  WORKDIR /work
+  RUN find . -name "Dockerfile*" -print  | xargs -r -n1 hadolint
+
+renovate-validator:
+  FROM renovate/renovate
+  COPY . /work
+  WORKDIR /work
+  ENV RENOVATE_VERSION="35"
+  RUN renovate-config-validator
+
+shellcheck-lint:
+  FROM koalaman/shellcheck-alpine:${SHELLCHECK_VERSION}
+  COPY . /work
+  WORKDIR /work
+  RUN find . -name "*.sh" -print  | xargs -r -n1 shellcheck
+
+golangci-lint:
+  FROM golangci/golangci-lint:${GOLANGCILINT_VERSION}
+  COPY . /work
+  WORKDIR /work
+  RUN golangci-lint run --timeout 360s
 
 yamllint:
-    FROM cytopia/yamllint
-    COPY . .
-    RUN yamllint .github/workflows/
+  FROM cytopia/yamllint
+  COPY . /work
+  WORKDIR /work
+  RUN find . -name "*.yml" -or -name "*.yaml" -print  | xargs -r -n1
diff --git a/earthly.sh b/earthly.sh
@@ -1,3 +1,3 @@
 #!/bin/bash
 
-docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm -t -v $(pwd):/workspace -v earthly-tmp:/tmp/earthly:rw earthly/earthly:v0.6.21 --allow-privileged $@
+docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm -t -v "$(pwd):/workspace" -v earthly-tmp:/tmp/earthly:rw earthly/earthly:v0.6.21 --allow-privileged "$@"
diff --git a/internal/assets/static/kube_vip_rbac.yaml b/internal/assets/static/kube_vip_rbac.yaml
@@ -13,7 +13,7 @@ metadata:
 rules:
   - apiGroups: [""]
     resources: ["services", "services/status", "nodes", "endpoints"]
-    verbs: ["list","get","watch", "update"]
+    verbs: ["list", "get", "watch", "update"]
   - apiGroups: ["coordination.k8s.io"]
     resources: ["leases"]
     verbs: ["list", "get", "watch", "update", "create"]
@@ -29,4 +29,4 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: kube-vip
-  namespace: kube-system
+  namespace: kube-system
diff --git a/tests/assets/autoinstall.yaml b/tests/assets/autoinstall.yaml
@@ -5,9 +5,9 @@ install:
   device: /dev/vda
 
 stages:
-   initramfs:
-     - name: "Set user and password"
-       users:
+  initramfs:
+    - name: "Set user and password"
+      users:
         kairos:
           passwd: "kairos"
-       hostname: kairos-{{ trunc 4 .Random }}
+      hostname: kairos-{{ trunc 4 .Random }}
diff --git a/tests/assets/config.yaml b/tests/assets/config.yaml
@@ -4,9 +4,9 @@ install:
   reboot: true
 
 stages:
-   initramfs:
-     - name: "Set user and password"
-       users:
+  initramfs:
+    - name: "Set user and password"
+      users:
         kairos:
           passwd: "kairos"
-       hostname: kairos-{{ trunc 4 .Random }}
+      hostname: kairos-{{ trunc 4 .Random }}
diff --git a/tests/assets/kubernetes_logs.sh b/tests/assets/kubernetes_logs.sh
@@ -1,11 +1,10 @@
 #!/bin/sh
 
 for n in $(k3s kubectl  get namespace -A | tr -s ' ' | cut -f1 -d' ' | tail -n +2); do
-    for p in $(k3s kubectl get pods -n $n | tr -s ' ' | cut -f1 -d' ' | tail -n +2); do 
-        echo --------------------------- 
-        echo $n - $p 
-        echo --------------------------- 
-        k3s kubectl logs $p -n $n
+    for p in $(k3s kubectl get pods -n "$n" | tr -s ' ' | cut -f1 -d' ' | tail -n +2); do
+        echo ---------------------------
+        echo "$n" - "$p"
+        echo ---------------------------
+        k3s kubectl logs "$p" -n "$n"
     done
 done
-
diff --git a/tests/assets/qrcode.yaml b/tests/assets/qrcode.yaml
@@ -1,9 +1,9 @@
 stages:
- initramfs:
- - name: "Set user and password"
-   users:
-    kairos:
-     passwd: "kairos"
-   hostname: kairos-{{ trunc 4 .Random }}
+  initramfs:
+  - name: "Set user and password"
+    users:
+      kairos:
+      passwd: "kairos"
+    hostname: kairos-{{ trunc 4 .Random }}
 kairos:
- network_token: "b3RwOgogIGRodDoKICAgIGludGVydmFsOiA5MDAwCiAgICBrZXk6IDI0SUpPS1pGS0g1R0tYUTNSNkdaQkNaS0lPTTNSWU9OT0pNRjIyRFFTM0VNT1BUWEdTTFEKICAgIGxlbmd0aDogMzIKICBjcnlwdG86CiAgICBpbnRlcnZhbDogOTAwMAogICAga2V5OiBQNklPMllEMzZaVFZRTkdUNk5ZREJNS0s0V09aQjJJN0RQMkRUQzRLVVU1UEhaTjRYSzVBCiAgICBsZW5ndGg6IDMyCnJvb206IEdPMkNRVDVYN080VFM3VEpFUVEyTDRXSTJZNURHNzZHUlNGU05FUVVZN1FBSjZSRzVUUFEKcmVuZGV6dm91czoga0taUE1pQU9TZWN6R1lDRXdTSEV0V21XUGZUaGxOa3QKbWRuczogT0FWY25LZXlPT3ZJQlhtQ0ZBYmhNSkxlbndJTEFxY2sKbWF4X21lc3NhZ2Vfc2l6ZTogMjA5NzE1MjAK"
+  network_token: "b3RwOgogIGRodDoKICAgIGludGVydmFsOiA5MDAwCiAgICBrZXk6IDI0SUpPS1pGS0g1R0tYUTNSNkdaQkNaS0lPTTNSWU9OT0pNRjIyRFFTM0VNT1BUWEdTTFEKICAgIGxlbmd0aDogMzIKICBjcnlwdG86CiAgICBpbnRlcnZhbDogOTAwMAogICAga2V5OiBQNklPMllEMzZaVFZRTkdUNk5ZREJNS0s0V09aQjJJN0RQMkRUQzRLVVU1UEhaTjRYSzVBCiAgICBsZW5ndGg6IDMyCnJvb206IEdPMkNRVDVYN080VFM3VEpFUVEyTDRXSTJZNURHNzZHUlNGU05FUVVZN1FBSjZSRzVUUFEKcmVuZGV6dm91czoga0taUE1pQU9TZWN6R1lDRXdTSEV0V21XUGZUaGxOa3QKbWRuczogT0FWY25LZXlPT3ZJQlhtQ0ZBYmhNSkxlbndJTEFxY2sKbWF4X21lc3NhZ2Vfc2l6ZTogMjA5NzE1MjAK"
diff --git a/tests/assets/single.yaml b/tests/assets/single.yaml
@@ -1,15 +1,13 @@
 #cloud-config
 
 stages:
-   initramfs:
-     - name: "Set user and password"
-       users:
+  initramfs:
+    - name: Set user and password
+      users:
         kairos:
-          passwd: "kairos"
-
+          passwd: kairos
 k3s:
   enabled: true
-
 write_files:
 - path: /var/lib/rancher/k3s/server/manifests/suc.yaml
   permissions: "0644"