feat: add yaml and tf lint, publish kustomizations via OCI. Will stil…

…l need to refactor at a future date
pelotech · Jan 11, 2024 · faa3556 · faa3556
1 parent c30a53d
commit faa3556
Show file tree

Hide file tree

Showing 12 changed files with 124 additions and 6 deletions.
diff --git a/.github/workflows/lint-tf.yaml b/.github/workflows/lint-tf.yaml
@@ -0,0 +1,17 @@
+name: Lint TF files
+on:
+  pull_request:
+    paths:
+      - '**.tf'
+    branches:
+      - main
+
+jobs:
+  lint-tf:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: terraform-linters/[email protected]
+        with:
+          tflint_version: v0.45.0
+      - run: make lint-tf
diff --git a/.github/workflows/lint-yaml.yaml b/.github/workflows/lint-yaml.yaml
@@ -0,0 +1,16 @@
+name: Lint YAML files
+on:
+  pull_request:
+    paths:
+      - '**.yaml'
+      - '**.yml'
+    branches:
+      - main
+
+jobs:
+  lint-yaml:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - run: sudo apt-get install -y yamllint
+      - run: make lint-yaml
diff --git a/.github/workflows/publish-kustomizations.yaml b/.github/workflows/publish-kustomizations.yaml
@@ -0,0 +1,26 @@
+name: publish-kustomizations
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - gitops/**
+      - '!**/*.md'
+jobs:
+  publish-kustomizations:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+    env:
+      IMAGE: "ghcr.io/pelotech/kustomizations/foundation:0.0.1"
+      GITHUB_ACTOR: ${{ github.actor }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - uses: actions/checkout@v2
+      - uses: oras-project/setup-oras@v1
+      - name: publish
+        run: |
+          tar -cf foundation.tar gitops/
+          oras login ghcr.io -u $GITHUB_ACTOR -p $GITHUB_TOKEN
+          oras push ${IMAGE} foundation.tar
diff --git a/.tflint.hcl b/.tflint.hcl
@@ -0,0 +1,5 @@
+plugin "aws" {
+    enabled = true
+    version = "0.22.1"
+    source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
diff --git a/.yamllint b/.yamllint
@@ -0,0 +1,12 @@
+extends: relaxed
+
+rules:
+  line-length: disable
+  commas: disable
+  indentation:
+    spaces: 2
+    indent-sequences: whatever
+
+ignore: |
+  *.terraform/
+  gitops/base-install/cert-manager/create-issuer/templates/create-issuer.yaml
diff --git a/Makefile b/Makefile
@@ -0,0 +1,17 @@
+.PHONY: lint
+lint: lint-tf lint-yaml
+
+# TODO: fail on exit 1 but not 2
+.PHONY: lint-tf
+lint-tf:
+	tflint --init
+	tflint --recursive || echo "Temp bypass and need to figure out warnings"
+
+
+.PHONY: lint-yaml
+lint-yaml:
+	yamllint -c .yamllint .
+
+.PHONY: format
+format:
+	terraform fmt -recursive
diff --git a/catalog-info.yaml b/catalog-info.yaml
@@ -0,0 +1,17 @@
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: foundation
+  description: Foundation is the opinionated approach to k8s cluster setup
+  tags:
+    - kustomize
+    - helm
+    - terraform
+    - k8s
+  annotations:
+    github.com/project-slug: pelotech/foundation
+    backstage.io/techdocs-ref: dir:.
+spec:
+  type: infrastructure
+  lifecycle: production
+  owner: leads
diff --git a/README.md → docs/README.md b/README.md → docs/README.md
@@ -1,3 +1,8 @@
+![TF Lint](https://github.com/pelotech/foundation/actions/workflows/lint-tf.yaml/badge.svg)
+![YAML Lint](https://github.com/pelotech/foundation/actions/workflows/lint-yaml.yaml/badge.svg)
+![Publish-Kustomizations](https://github.com/pelotech/foundation/actions/workflows/publish-kustomizations.yaml/badge.svg)
+
+
 # Foundation - Pelotech's GitOps K8s Cluster
 Foundation is our repository of base, reusable manifests for setting up GitOps k8s clusters, currently targeted for AWS EKS. ArgoCD is installed as the GitOps agent in a self-managed fashion and also includes Pelotech's set of opinionated components to solve everything that K8s doesn't out of the box (DNS/TLS, storage, logs/metrics etc.)
 

diff --git a/gitops/components/multus/kustomization.yaml b/gitops/components/multus/kustomization.yaml
@@ -16,4 +16,3 @@ patches:
         value:
           namespace: nidhogg-system
           server: https://kubernetes.default.svc
-
diff --git a/gitops/components/multus/kustomize/nidhogg/resources.yaml b/gitops/components/multus/kustomize/nidhogg/resources.yaml
@@ -49,10 +49,10 @@ spec:
         imagePullPolicy: Always
         name: manager
         args:
-         - --config-file=/config/config.json
-         - --leader-election
-         - --leader-namespace=nidhogg-system
-         - --leader-configmap=nidhogg-election
+          - --config-file=/config/config.json
+          - --leader-election
+          - --leader-namespace=nidhogg-system
+          - --leader-configmap=nidhogg-election
         env:
           - name: POD_NAMESPACE
             valueFrom:

diff --git a/gitops/components/multus/kustomize/overlays/multus-daemonset-readiness.yaml b/gitops/components/multus/kustomize/overlays/multus-daemonset-readiness.yaml
@@ -12,4 +12,3 @@ spec:
               command:
                 - cat
                 - /host/etc/cni/net.d/10-aws.conflist
-
diff --git a/mkdocs.yaml b/mkdocs.yaml
@@ -0,0 +1,5 @@
+site_name: foundation
+site_description: foundation project documentation
+
+plugins:
+  - techdocs-core
Original file line number	Diff line number	Diff line change
Expand Up		@@ -16,4 +16,3 @@ patches:
		value:
		namespace: nidhogg-system
		server: https://kubernetes.default.svc
Original file line number	Diff line number	Diff line change
Expand Up		@@ -12,4 +12,3 @@ spec:
		command:
		- cat
		- /host/etc/cni/net.d/10-aws.conflist