From b786578ce01099426e04d512847179063bf8a455 Mon Sep 17 00:00:00 2001 From: Caspian Baska Date: Mon, 21 Feb 2022 11:35:54 +1100 Subject: [PATCH 1/2] ci: add lints for ansible and helm --- .github/workflows/ci.yml | 99 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..2cbb8bf --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,99 @@ +name: CI + +on: + push: + +jobs: + chart-directories: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: kanga333/json-array-builder@main + id: array + with: + cmd: find charts/placeos/charts -mindepth 1 -type d -not -name tests -not -name templates + outputs: + directories: ${{ steps.array.outputs.build }} + + kube-lint: + needs: chart-directories + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + directory: ${{ fromJson(needs.chart-directories.outputs.directories) }} + steps: + - uses: actions/checkout@v2 + + # This prepares directory where github/codeql-action/upload-sarif@v1 looks up report files by default. + - name: Create ../results directory for SARIF report files + shell: bash + run: mkdir -p ../results + + - name: Scan yaml files with kube-linter + continue-on-error: true + uses: stackrox/kube-linter-action@v1.0.4 + id: kube-linter-action-scan + with: + directory: ${{ matrix.directory }} + format: sarif + output-file: ../results/kube-linter.sarif + + - name: Upload SARIF report files to GitHub + uses: github/codeql-action/upload-sarif@v1 + + # Ensure the workflow eventually fails if files did not pass kube-linter checks. + - name: Verify kube-linter-action succeeded + shell: bash + run: | + echo "If this step fails, kube-linter found issues. Check the output of the scan step above." + [[ "${{ steps.kube-linter-action-scan.outcome }}" == "success" ]] + + ansible-lint: + runs-on: ubuntu-latest + steps: + # Important: This sets up your GITHUB_WORKSPACE environment variable + - uses: actions/checkout@v2 + + - name: Lint Ansible Playbook + # replace "master" with any valid ref + uses: ansible/ansible-lint-action@master + with: + # [required] + # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) + # or valid Ansible directories according to the Ansible role + # directory structure. + # If you want to lint multiple ansible files, use the following syntax + # targets: | + # playbook_1.yml + # playbook_2.yml + targets: ansible + # [optional] + # Arguments to override a package and its version to be set explicitly. + # Must follow the example syntax. + # override-deps: | + # ansible==2.9 + # ansible-lint==4.2.0 + # [optional] + # Arguments to be passed to the ansible-lint + + # Options: + # -q quieter, although not silent output + # -p parseable output in the format of pep8 + # --parseable-severity parseable output including severity of rule + # -r RULESDIR specify one or more rules directories using one or + # more -r arguments. Any -r flags override the default + # rules in ansiblelint/rules, unless -R is also used. + # -R Use default rules in ansiblelint/rules in addition to + # any extra + # rules directories specified with -r. There is no need + # to specify this if no -r flags are used + # -t TAGS only check rules whose id/tags match these values + # -x SKIP_LIST only check rules whose id/tags do not match these + # values + # --nocolor disable colored output + # --exclude=EXCLUDE_PATHS + # path to directories or files to skip. This option is + # repeatable. + # -c C Specify configuration file to use. Defaults to ".ansible-lint" + # args: "" From 15bd362f4275810d118779b35fe20322ffd9ce40 Mon Sep 17 00:00:00 2001 From: Caspian Baska Date: Mon, 21 Feb 2022 14:53:13 +1100 Subject: [PATCH 2/2] ci: fix ansible action --- .github/workflows/ci.yml | 42 ++-------------------------------------- 1 file changed, 2 insertions(+), 40 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2cbb8bf..0a4a1be 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -52,48 +52,10 @@ jobs: ansible-lint: runs-on: ubuntu-latest steps: - # Important: This sets up your GITHUB_WORKSPACE environment variable - uses: actions/checkout@v2 - - name: Lint Ansible Playbook - # replace "master" with any valid ref uses: ansible/ansible-lint-action@master with: - # [required] - # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) - # or valid Ansible directories according to the Ansible role - # directory structure. - # If you want to lint multiple ansible files, use the following syntax - # targets: | - # playbook_1.yml - # playbook_2.yml targets: ansible - # [optional] - # Arguments to override a package and its version to be set explicitly. - # Must follow the example syntax. - # override-deps: | - # ansible==2.9 - # ansible-lint==4.2.0 - # [optional] - # Arguments to be passed to the ansible-lint - - # Options: - # -q quieter, although not silent output - # -p parseable output in the format of pep8 - # --parseable-severity parseable output including severity of rule - # -r RULESDIR specify one or more rules directories using one or - # more -r arguments. Any -r flags override the default - # rules in ansiblelint/rules, unless -R is also used. - # -R Use default rules in ansiblelint/rules in addition to - # any extra - # rules directories specified with -r. There is no need - # to specify this if no -r flags are used - # -t TAGS only check rules whose id/tags match these values - # -x SKIP_LIST only check rules whose id/tags do not match these - # values - # --nocolor disable colored output - # --exclude=EXCLUDE_PATHS - # path to directories or files to skip. This option is - # repeatable. - # -c C Specify configuration file to use. Defaults to ".ansible-lint" - # args: "" + override-deps: | + rich>=10.0.0,<11.0.0