Add pre-commit hooks, workflow, and instructions

.github/workflows/build_push_image.yml

@@ -79,7 +79,7 @@ jobs:
       - name: Create builder context
         run: |
           ansible-builder create --file ${{ inputs.PROFILE }}/execution-environment.yml
-      
+
       - name: Build image from builder context
         uses: redhat-actions/buildah-build@v2
         with:

.github/workflows/label_pr.yml

@@ -66,4 +66,4 @@ jobs:
         uses: actions-ecosystem/action-add-labels@v1
         with:
           labels: validated
-          number: ${{ steps.read.outputs.pr_number }}
+          number: ${{ steps.read.outputs.pr_number }}

.github/workflows/pre-commit.yml

@@ -0,0 +1,28 @@
+# Copyright 2024 Cloudera, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: Execute Precommit Linting and Checks
+
+on:
+  pull_request:
+  push:
+    branches: [main, devel]
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-python@v5
+    - uses: pre-commit/[email protected]

.github/workflows/publish_single_image.yml

@@ -46,4 +46,4 @@ jobs:
     needs: publish-base
     uses: ./.github/workflows/build_push_image.yml
     with:
-      PROFILE: ${{ inputs.PROFILE }}
+      PROFILE: ${{ inputs.PROFILE }}

.github/workflows/reset_pr.yml

@@ -37,4 +37,4 @@ jobs:
       - name: Reset the PR label
         uses: actions-ecosystem/action-remove-labels@v1
         with:
-          labels: validated
+          labels: validated

.github/workflows/validate_image.yml

@@ -39,7 +39,7 @@ jobs:
 
       - name: Install latest ansible-builder
         run: pip install ansible-builder
-    
+
       - name: Construct image metadata
         id: meta
         uses: docker/metadata-action@v5
@@ -75,7 +75,7 @@ jobs:
         with:
           name: ${{ inputs.PROFILE }}-Containerfile
           path: ./context/Containerfile
-      
+
       - name: Download the base image
         if: ${{ inputs.PROFILE != 'base' }}
         uses: actions/download-artifact@v4

.github/workflows/validate_pr.yml

@@ -22,7 +22,7 @@ on:
       - 'release/**'
       - 'devel'
   workflow_dispatch:
-    
+
 jobs:
 
   validate-base:
@@ -51,7 +51,7 @@ jobs:
         run: |
           mkdir -p ./pr
           echo $PR_NUMBER > ./pr/pr_number
-      
+
       - name: Upload the PR number
         uses: actions/upload-artifact@v4
         with:

.pre-commit-config.yaml

@@ -0,0 +1,26 @@
+# Copyright 2024 Cloudera, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v3.2.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-added-large-files
+  - repo: https://github.com/psf/black
+    rev: 22.10.0
+    hooks:
+      - id: black

CONTRIBUTING.md

@@ -4,7 +4,7 @@ Thank you for considering contributions to the `cldr-runner` project!
 
 # Submitting a pull request
 
-You can start work on issues that are not yet part of a [Milestone](https://github.com/cloudera-labs/cldr-runner/milestones) -- anything in our issue tracker that isn't assigned to a Milestone is considered the [backlog](https://github.com/cloudera-labs/cldr-runner/issues?q=is%3Aopen+is%3Aissue+no%3Amilestone). 
+You can start work on issues that are not yet part of a [Milestone](https://github.com/cloudera-labs/cldr-runner/milestones) -- anything in our issue tracker that isn't assigned to a Milestone is considered the [backlog](https://github.com/cloudera-labs/cldr-runner/issues?q=is%3Aopen+is%3Aissue+no%3Amilestone).
 
 Before you start working, please announce that you want to do so by commenting on the issue. _([Create an issue](https://github.com/cloudera-labs/cldr-runner/issues/new?labels=enhancement) if there isn't one yet, and you can also check out our [Discussions](https://github.com/cloudera-labs/cldr-runner/discussions) for ideas.)_ We try to ensure that all active work is assigned to a Milestone in order to keep our backlog accurate.
 
@@ -21,6 +21,16 @@ As a _best practice_, you can prefix your branches with:
 > [!NOTE]
 > :fire_extinguisher: A **hotfix** should branch from `main`. It will then be committed to both the `main` and `devel` branches.
 
+## Running pre-commit
+
+We use [pre-commit](https://pre-commit.com/) to lint and validate submissions.
+
+Setting up `pre-commit` is straightforward; see the [Installation](https://pre-commit.com/#installation) documentation on the `pre-commit` site for details.
+
+We highly suggest you install the local `git` hook scripts as well; run `pre-commit install` within the root of the project.
+
+Lastly, you can run the hooks prior to committing changes (and PR submission) by executing `pre-commit run -a`.
+
 # Signing your commits
 
 Note that we require signed commits inline with [Developer Certificate of Origin](https://developercertificate.org/) best-practices for open source collaboration.

FAQ.md

@@ -1,18 +1,18 @@
 # Frequently Asked Questions
 
-Be sure to check out the [Discussions > Help](https://github.com/cloudera-labs/cldr-runner/discussions/categories/help) category for the latest answers. 
+Be sure to check out the [Discussions > Help](https://github.com/cloudera-labs/cldr-runner/discussions/categories/help) category for the latest answers.
 
 # `ansible-navigator` FAQ
 
 ## How do I add _extra variables_ and tags to `ansible-navigator`?
 
-If you want to run a playbook with a given tag, e.g. `-t infra`, then simply add it as a parameter to the `ansible-navigator` commandline. For example, `ansible-navigator run playbook.yml -t infra`. 
+If you want to run a playbook with a given tag, e.g. `-t infra`, then simply add it as a parameter to the `ansible-navigator` commandline. For example, `ansible-navigator run playbook.yml -t infra`.
 
 Like tags, so you can pass _extra variables_ to `ansible-navigator` and the underlying Ansible command. For example, `ansible-navigator run playbook.yml -e @some_config.yml -e some_var=yes`.
 
 ## How do I tell `ansible-navigator` where to find collections and roles?
 
-By default, `cloudera-deploy` expects to use the collections, roles, and libraries within the _execution environment_ container, that is, the `cldr-runner` image. Make sure you do _not_ have `ANSIBLE_COLLECTIONS_PATH` or `ANSIBLE_ROLES_PATH` set or `ansible-navigator` will pick up these environment variables and pass them to the running container. The underlying `ansible` application, like `ansible-playbook` will then pick up these environment variables and attempt to use them if set! 
+By default, `cloudera-deploy` expects to use the collections, roles, and libraries within the _execution environment_ container, that is, the `cldr-runner` image. Make sure you do _not_ have `ANSIBLE_COLLECTIONS_PATH` or `ANSIBLE_ROLES_PATH` set or `ansible-navigator` will pick up these environment variables and pass them to the running container. The underlying `ansible` application, like `ansible-playbook` will then pick up these environment variables and attempt to use them if set!
 
 This behavior is great if you want to use host-based collections, e.g. local development, but you need to ensure that you update the `ansible-navigator.yml` configuration file to mount the host collection and/or role directories into the execution environment container. See [Advanced Usage: Execution Modes](NAVIGATOR.md#advanced-usage-execution-modes) to learn more about these execution modes.
 

LICENSE

@@ -198,4 +198,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.

NAVIGATOR.md

@@ -86,7 +86,7 @@ Typically, this collections directory is a mix of Git-cloned and downloaded coll
 
 See the [Placement of Ansible collections](https://ansible.readthedocs.io/projects/navigator/faq/#placement-of-ansible-collections) section for further details.
 
-The [local development](README.md#local-development) instructions are designed to support this mode. 
+The [local development](README.md#local-development) instructions are designed to support this mode.
 
 ## Platform Mode
 

README.md

@@ -45,7 +45,7 @@ For more information on how to get involved with the `cldr-runner` project, head
 
 You can run Ansible within `cldr-runner` Execution Environments a couple of different ways. Here are the most common:
 
-## `ansible-navigator` 
+## `ansible-navigator`
 
 Using a `cldr-runner` image in the [`ansible-navigator` application](https://ansible.readthedocs.io/projects/navigator/) as the designated [Execution Environment](https://docs.ansible.com/ansible/devel/getting_started_ee/index.html) is straightforward. Update your `ansible-navigator.yml` configuration file to enable the image:
 
@@ -62,7 +62,7 @@ ansible-navigator:
 Once defined, you can run your Ansible activities within the resulting `cldr-runner` container, e.g. `ansible-navigator run your_playbook.yml`. (You can specify the image via the `ansible-navigator` CLI; set `--eei` or `--execution-environment-image`.)
 
 > [!NOTE]
-> If you want to "drop into" the container directly, i.e. run a shell within the container, run `ansible-navigator exec -- /bin/bash` and all the mounts, environment variables, etc. are handled for you!! Now from the shell, you can still run `ansible-playbook` and all other Ansible applications. 
+> If you want to "drop into" the container directly, i.e. run a shell within the container, run `ansible-navigator exec -- /bin/bash` and all the mounts, environment variables, etc. are handled for you!! Now from the shell, you can still run `ansible-playbook` and all other Ansible applications.
 
 ## AWX/AAP
 
@@ -99,7 +99,7 @@ python -m venv ~/location/of/venv; source ~/location/of/venv/bin/activate; pip i
 Then change into the directory of the `cldr-runner` variation you need to build and run:
 
 ```bash
-ansible-builder build --prune-images --squash all --build-arg BUILD_VER=<your version> --build-arg BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") --tag <your tag> 
+ansible-builder build --prune-images --squash all --build-arg BUILD_VER=<your version> --build-arg BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") --tag <your tag>
 ```
 
 You may want to update the variation's `execution-environment.yml` configuration file to use a different base image, say a local image, or build the `base` image before constructing CSP or `full` image. You can make this change in the following section of the configuration file:
@@ -162,7 +162,7 @@ ansible-navigator:
 
 # Local Development
 
-The `cldr-runner` project can also be used to bootstrap a local development environment on the native host environment (as opposed to an Execution Environment image).  This option is more involved, but can avoid issues with Docker, such as mount latencies and SSH agent forwarding, and improve overall Ansible collection development. 
+The `cldr-runner` project can also be used to bootstrap a local development environment on the native host environment (as opposed to an Execution Environment image).  This option is more involved, but can avoid issues with Docker, such as mount latencies and SSH agent forwarding, and improve overall Ansible collection development.
 
 The `local_development.yml` playbook sets up a `cldr-runner`-like workspace for OSX and Ubuntu.  The playbook will clone the Cloudera collections and `cdpy` for local work, install the external Ansible dependencies, update the Python `venv`, and create a convenient setup script for future work.
 

azure/execution-environment.yml

@@ -26,7 +26,7 @@ dependencies:
   galaxy: requirements.yml
   python: requirements.txt
   system: bindep.txt
-      
+
 additional_build_steps:
   prepend_final:
     - ARG BUILD_VER="latest"
@@ -46,4 +46,4 @@ additional_build_steps:
       dnf install -y https://packages.microsoft.com/config/rhel/8/packages-microsoft-prod.rpm && \
       dnf install -y azure-cli && \
       dnf clean all -y && \
-      rm -rf /var/cache/yum /var/cache/dnf /tmp/src 
+      rm -rf /var/cache/yum /var/cache/dnf /tmp/src

base/bashrc

@@ -17,4 +17,4 @@ if [ -f /etc/bashrc ]; then
 . /etc/bashrc
 fi
 
-PS1="\[\e[1;38;5;202m\]cldr ${BUILD_VER} \[\e[0m\]\\$> "
+PS1="\[\e[1;38;5;202m\]cldr ${BUILD_VER} \[\e[0m\]\\$> "

base/bindep.txt

@@ -14,4 +14,4 @@
 
 # System dependencies for base cldr-runner
 
-terraform
+terraform

base/execution-environment.yml

@@ -68,4 +68,4 @@ additional_build_steps:
   append_final:
     - ADD _build/assets/bashrc /runner/.bashrc
     - RUN /usr/bin/python3 -m pip cache purge || echo "No Pip cache to purge"
-    - RUN dnf clean all -y && rm -rf /var/cache/yum /var/cache/dnf /tmp/src    
+    - RUN dnf clean all -y && rm -rf /var/cache/yum /var/cache/dnf /tmp/src

full/bindep.txt

@@ -23,4 +23,4 @@ tree
 unzip
 
 # GCP
-google-cloud-cli
+google-cloud-cli

full/execution-environment.yml

@@ -64,4 +64,4 @@ additional_build_steps:
         dnf install -y https://packages.microsoft.com/config/rhel/8/packages-microsoft-prod.rpm && \
         dnf install -y azure-cli && \
         dnf clean all -y && \
-        rm -rf /var/cache/yum /var/cache/dnf /tmp/src   
+        rm -rf /var/cache/yum /var/cache/dnf /tmp/src

full/kubernetes.repo

@@ -18,4 +18,4 @@ baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
 enabled=1
 gpgcheck=1
 repo_gpgcheck=0
-gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
+gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

gcp/execution-environment.yml

@@ -49,4 +49,3 @@ additional_build_steps:
       org.opencontainers.image.revision="${BUILD_REVISION}"
     - ADD _build/assets/google-cloud-cli.repo /etc/yum.repos.d/google-cloud-cli.repo
     - RUN yum install -y yum-utils && yum-config-manager --enable google-cloud-cli
-

gcp/google-cloud-cli.repo

@@ -18,4 +18,4 @@ baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el8-x86_64
 enabled=1
 gpgcheck=1
 repo_gpgcheck=0
-gpgkey=https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
+gpgkey=https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

local_development.yml

@@ -57,7 +57,7 @@
             - https://apt.releases.hashicorp.com/gpg # for terraform
             - https://packages.cloud.google.com/apt/doc/apt-key.gpg # for kubectl & google-cloud-sdk
             - https://packages.microsoft.com/keys/microsoft.asc # for azure-cli
-        
+
         - name: Add package repositories
           become: yes
           ansible.builtin.apt_repository:
@@ -89,8 +89,8 @@
               - google-cloud-sdk
               - azure-cli
             state: present
-        
-        - name: Install commands via download 
+
+        - name: Install commands via download
           block:
             # Determine if the executable already exists in path
             - name: Check if commands are already available
@@ -201,7 +201,7 @@
       ansible.builtin.pip:
         requirements: /tmp/final_python.txt
         state: present
-      tags: python  
+      tags: python
 
     - name: Fix the azure-cli-core mismatch for ADAL-to-MSAL fiasco
       ansible.builtin.pip:

rhel9-init-base.sh

@@ -1,13 +1,13 @@
 #!/bin/bash
 
 # Copyright 2024 Cloudera, Inc.
-# 
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
-# 
+#
 #     http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

ubuntu-init-base.sh

@@ -1,13 +1,13 @@
 #!/bin/bash
 
 # Copyright 2024 Cloudera, Inc.
-# 
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
-# 
+#
 #     http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.