Skip to content

Commit

Permalink
meta: dev: add devenv docker and pre-commit sample
Browse files Browse the repository at this point in the history
  • Loading branch information
speed47 committed Oct 3, 2023
1 parent 213bd28 commit 325e064
Show file tree
Hide file tree
Showing 6 changed files with 210 additions and 4 deletions.
2 changes: 1 addition & 1 deletion bin/dev/perl-tidy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ params="$params \
if [ -z "${2:-}" ]; then
# run on all perl files
# shellcheck disable=SC2086
find . -type f ! -name "*.tdy" ! -name "*.ERR" ! -name "$(basename "$0")" -print0 | \
find . -type f ! -name "*.tdy" ! -name "*.ERR" ! -name ".tidybak" ! -name "$(basename "$0")" -print0 | \
xargs -r0 grep -l 'set filetype=perl' -- | \
xargs -r perltidy $params
else
Expand Down
145 changes: 145 additions & 0 deletions contrib/git/pre-commit
Original file line number Diff line number Diff line change
@@ -0,0 +1,145 @@
#!/bin/bash
#
# You may use this pre-commit file if you want to develop for The Bastion,
# more information available on the online documentation https://ovh.github.io/the-bastion
#

if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
fi

# Redirect output to stderr.
exec 1>&2

# Cross platform projects tend to avoid non-ASCII filenames; prevent
# them from being added to the repository. We exploit the fact that the
# printable range starts at the space character and ends with tilde.
# Note that the use of brackets around a tr range is ok here, (it's
# even required, for portability to Solaris 10's /usr/bin/tr), since
# the square bracket bytes happen to fall in the designated range.
if [ $(git diff --cached --name-only --diff-filter=A -z $against | LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0 ]; then
echo "Error: Attempted to add a non-ASCII file name."
exit 1
fi

# If there are whitespace errors, print the offending file names
git diff-index --check --cached $against --

isbad=0

# If we find IPs in the doc, it must only be documentation range IPs
if git diff-index --cached -p $against | grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | grep -vE \
-e '192\.0\.2\.' \
-e '198\.51\.100\.' \
-e '203\.0\.113\.' \
-e '127\.' \
-e '0\.0\.0\.0' \
-e '172\.1[67]\.' | grep .; then
echo
echo "\\-> Error: found IPs that are not part of the doc range RFC"
isbad=1
fi

# Common mistype
if git diff-index --cached -p $against | grep -5 --color 'syslog_(warn|info)'; then
echo
echo "\\-> Error: you meant (warn|info)_syslog. Aborting commit."
isbad=1
fi

# These files are modified during the doc generation, but should never be committed as is
if ! grep -qF "version = '__VERSION__'" doc/sphinx/conf.py; then
echo "__VERSION__ was replaced in conf.py! git reset HEAD doc/sphinx/conf.py && git checkout -f doc/sphinx/conf.py"
isbad=1
elif ! grep -qF "release = '__VERSION__'" doc/sphinx/conf.py; then
echo "__VERSION__ was replaced in conf.py! git reset HEAD doc/sphinx/conf.py && git checkout -f doc/sphinx/conf.py"
isbad=1
elif ! grep -qF "v__VERSION__.tar.gz" doc/sphinx/installation/basic.rst; then
echo "__VERSION__.tar.gz was replaced in doc/sphinx/installation/basic.rst! git reset HEAD doc/sphinx/installation/basic.rst && git checkout -f doc/sphinx/installation/basic.rst"
isbad=1
fi

# Don't use HEXIT anywhere else that in helpers
if [ -n "$(git -C bin/plugin grep HEXIT)" ] || [ -n "$(git -C lib/perl grep HEXIT | grep -v Helper.pm:)" ]; then
git -C bin/plugin grep -w HEXIT
git -C lib/perl grep -w HEXIT | grep -v Helper.pm:
echo
echo "\\-> ERROR: we shouldn't have HEXIT above."
isbad=1
fi

# Don't use osh_exit anywhere else that in plugins
filter='grep -v -e :# -e pragma:hookignore -e Plugin.pm:'
if [ -n "$(git -C bin/helper grep -w osh_exit)" ] || [ -n "$(git -C lib/perl grep -w osh_exit | $filter)" ]; then
git -C bin/helper grep -w osh_exit
git -C lib/perl grep -w osh_exit | $filter | grep --color -w osh_exit
echo
echo "\\-> ERROR: we shouldn't have osh_exit above."
isbad=1
fi

# Do we have a new FIXME/XXX/TODO ?
if git diff-index --cached -p $against | grep -- ^+ | grep -5 --color -F -e FIXME -e XXX -e TODO; then
echo
echo "\\-> WARN: we got at least a new FIXME/XXX/TODO, use -n to commit nevertheless."
isbad=1
fi

# Now execute shellcheck in every changed .sh file
for f in $(git diff --cached --name-only --diff-filter=ACM $against); do
if echo "$f" | grep -q -e "lib/shell" -e "bin/" -e "docker/devenv" && head -1 "$f" | grep -Eq '/env (ba)?sh|/bin/(ba)?sh'; then
if ! ./docker/devenv/run-checks.sh shellcheck "$f"; then
echo
echo "ERROR: shell-check failed on $f"
isbad=1
fi
fi

if echo "$f" | grep -q -e "lib/perl" -e "bin/" && head -20 "$f" | grep -Eq '/env perl|/bin/perl|package OVH::|use common::|use strict|use warnings'; then
if ! ./docker/devenv/run-checks.sh checktidy "$f"; then
echo
echo "ERROR: perl tidy failed on $f"
isbad=1
fi
fi
done

# check versions and docs
ver=$(grep -F 'our $VERSION =' lib/perl/OVH/Bastion.pm | cut -d"'" -f2)
if ! grep -Eq "^## v$ver - 202./[01][0-9]/.." doc/CHANGELOG.md; then
echo
echo "ERROR: detected version '$ver', but no matching entry in doc/CHANGELOG.md"
isbad=1
else
reldate=$(grep -E "^## v$ver - 202./[01][0-9]/.." doc/CHANGELOG.md | awk '{print $4}')
fi
if ! grep -Eq "^v$ver - 202./../.." doc/sphinx/installation/upgrading.rst; then
echo
echo "ERROR: detected version '$ver', but no matching entry in doc/sphinx/installation/upgrading.rst"
isbad=1
fi
if [ -n "$reldate" ] && ! grep -Eq "^v$ver - $reldate" doc/sphinx/installation/upgrading.rst; then
echo
echo "ERROR: version '$ver' was not released at $reldate as said in doc/CHANGELOG.md (not seen in upgrading.rst)"
isbad=1
fi

# Is this file up to date?
if ! cmp "$0" contrib/git/pre-commit >/dev/null; then
echo
echo "NOTICE: Your pre-commit file is different from contrib/git/pre-commit, maybe you need to update it? (non-fatal)"
echo
fi

# If there's a pre-commit.local in the same directory as ours, execute it first,
# it can set isbad=1 to make us exit
if [ -e "$(dirname "$0")"/pre-commit.local ]; then
source "$(dirname "$0")"/pre-commit.local
fi

[ $isbad != 0 ] && printf "%b" "\n!!! COMMIT ABORTED !!!\nIf you want to commit nevertheless, use -n.\n"
exit $isbad
17 changes: 17 additions & 0 deletions docker/devenv/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
FROM ubuntu:20.04
LABEL maintainer="[email protected]"

# temporarily copy code, just to be able to install packages
COPY . /tmp/bastion

# install packages including dev-required packages ('-d')
RUN ["/tmp/bastion/bin/admin/packages-check.sh", "-i", "-d"]

# get rid of the code now
RUN ["/usr/bin/rm", "-rf", "/tmp/bastion"]

# create empty dir for volume mount
RUN ["/usr/bin/mkdir", "/opt/bastion"]

# just sleep
ENTRYPOINT /bin/sleep 9999d
44 changes: 44 additions & 0 deletions docker/devenv/run-checks.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
#! /usr/bin/env bash
# vim: set filetype=sh ts=4 sw=4 sts=4 et:
set -eo pipefail

NAME=the-bastion-devenv
BASEDIR=$(readlink -f "$(dirname "$0")/../..")

docker_run() {
echo "The Bastion devenv docker wasn't running, starting it..."
docker run -d --name $NAME -v "$BASEDIR:/opt/bastion" $NAME
}

docker_build() {
echo "The Bastion devenv docker image has never been built, building it..."
docker build -t $NAME:latest -f "$(dirname "$0")/Dockerfile" "$BASEDIR"
}

if ! docker container inspect $NAME >/dev/null 2>&1; then
# devenv docker is not running, is the image already built?
if docker image history $NAME >/dev/null 2>&1; then
# yes: just run it, then
docker_run
else
# no: build it first
docker_build
# then run it
docker_run
fi
fi

cmd="$1"
shift

if [ "$cmd" = tidy ]; then
docker exec $NAME /opt/bastion/bin/dev/perl-tidy.sh tidy "$@"
elif [ "$cmd" = checktidy ]; then
docker exec $NAME /opt/bastion/bin/dev/perl-tidy.sh test "$@"
elif [ "$cmd" = perlcritic ]; then
docker exec $NAME /opt/bastion/bin/dev/perl-critic.sh
elif [ "$cmd" = shellcheck ]; then
docker exec $NAME /opt/bastion/bin/dev/shell-check.sh system "$@"
else
echo "Usage: $0 <tidy|checktidy|perlcritic|shellcheck> [FILES...]"
fi
4 changes: 2 additions & 2 deletions lib/perl/OVH/Bastion.pm
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ use OVH::Result;

use parent qw( Exporter );
our @EXPORT = ## no critic (AutomaticExportation)
qw( osh_header osh_footer osh_exit osh_debug osh_info osh_warn osh_crit osh_ok warn_syslog info_syslog );
qw( osh_header osh_footer osh_exit osh_debug osh_info osh_warn osh_crit osh_ok warn_syslog info_syslog ); # pragma:hookignore

our $AUTOLOAD;

Expand Down Expand Up @@ -515,7 +515,7 @@ sub osh_footer {
# Or with 1 value, that will be taken as the R->err: osh_exit('OK')
# Or with 2 values, that will be taken as err, msg: osh_exit('ERR_UNKNOWN', 'Unexpected error')
# With more values, they'll be used as constructor for an R object
sub osh_exit { ## no critic (ArgUnpacking)
sub osh_exit { ## no critic (ArgUnpacking) # pragma:hookignore
my $R;
if (@_ == 1) {
$R = ref $_[0] eq 'OVH::Result' ? $_[0] : R($_[0]);
Expand Down
2 changes: 1 addition & 1 deletion lib/perl/OVH/Bastion/allowkeeper.inc
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ sub is_group_existing {
);
}

# build a user-compatible error message if asked to, as it can make its way through osh_exit()
# build a user-compatible error message if asked to, as it can make its way through osh_exit() # pragma:hookignore
if ($user_friendly_error) {
$group =~ s/^key//;
return R('KO_GROUP_NOT_FOUND',
Expand Down

0 comments on commit 325e064

Please sign in to comment.