diff --git a/.github/linters/.dockerfilelintrc b/.github/linters/.dockerfilelintrc deleted file mode 100644 index dbab99f..0000000 --- a/.github/linters/.dockerfilelintrc +++ /dev/null @@ -1,2 +0,0 @@ -rules: - missing_tag: off \ No newline at end of file diff --git a/.github/linters/.hadolint.yaml b/.github/linters/.hadolint.yaml index 362b1aa..889d551 100644 --- a/.github/linters/.hadolint.yaml +++ b/.github/linters/.hadolint.yaml @@ -1,3 +1,11 @@ +# README: https://github.com/hadolint/hadolint + +# Often it's a good idea to do inline disables rather that repo-wide in this file. +# Example of inline Dockerfile rules: +# hadolint ignore=DL3018 +#RUN apk add --no-cache git + +# or just ignore rules repo-wide ignored: - DL3003 #ignore that we use cd sometimes - DL3006 #image pin versions @@ -7,4 +15,28 @@ ignored: - DL3028 #gem install pin versions - DL3059 #multiple consecutive runs - DL4006 #we don't need pipefail in this - - SC2016 #we want single quotes sometimes \ No newline at end of file + - SC2016 #we want single quotes sometimes + + +# FULL TEMPLATE +# failure-threshold: string # name of threshold level (error | warning | info | style | ignore | none) +# format: string # Output format (tty | json | checkstyle | codeclimate | gitlab_codeclimate | gnu | codacy) +# ignored: [string] # list of rules +# label-schema: # See Linting Labels below for specific label-schema details +# author: string # Your name +# contact: string # email address +# created: timestamp # rfc3339 datetime +# version: string # semver +# documentation: string # url +# git-revision: string # hash +# license: string # spdx +# no-color: boolean # true | false +# no-fail: boolean # true | false +# override: +# error: [string] # list of rules +# warning: [string] # list of rules +# info: [string] # list of rules +# style: [string] # list of rules +# strict-labels: boolean # true | false +# disable-ignore-pragma: boolean # true | false +# trustedRegistries: string | [string] # registry or list of registries \ No newline at end of file diff --git a/.github/linters/.markdown-lint.yml b/.github/linters/.markdown-lint.yml index aef4e33..b1f767d 100644 --- a/.github/linters/.markdown-lint.yml +++ b/.github/linters/.markdown-lint.yml @@ -1,7 +1,9 @@ # MD013/line-length - Line length MD013: - # Number of characters - line_length: 150 + # Number of characters, default is 80 + # I'm OK with long lines. All editors now have wordwrap + line_length: 9999 # Number of characters for headings heading_line_length: 100 - code_blocks: false \ No newline at end of file + # check code blocks? + code_blocks: false diff --git a/.github/linters/.yaml-lint.yml b/.github/linters/.yaml-lint.yml new file mode 100644 index 0000000..030c37f --- /dev/null +++ b/.github/linters/.yaml-lint.yml @@ -0,0 +1,53 @@ +--- +########################################### +# These are the rules used for # +# linting all the yaml files in the stack # +# NOTE: # +# You can disable line with: # +# # yamllint disable-line # +########################################### +rules: + braces: + level: warning + min-spaces-inside: 0 + max-spaces-inside: 0 + min-spaces-inside-empty: 1 + max-spaces-inside-empty: 5 + brackets: + level: warning + min-spaces-inside: 0 + max-spaces-inside: 0 + min-spaces-inside-empty: 1 + max-spaces-inside-empty: 5 + colons: + level: warning + max-spaces-before: 0 + max-spaces-after: 1 + commas: + level: warning + max-spaces-before: 0 + min-spaces-after: 1 + max-spaces-after: 1 + comments: disable + comments-indentation: disable + document-end: disable + document-start: disable + empty-lines: + level: warning + max: 2 + max-start: 0 + max-end: 0 + hyphens: + level: warning + max-spaces-after: 1 + indentation: + level: warning + spaces: consistent + indent-sequences: true + check-multi-line-strings: false + key-duplicates: enable + line-length: disable + new-line-at-end-of-file: disable + new-lines: + type: unix + trailing-spaces: disable \ No newline at end of file diff --git a/.github/workflows/call-docker-build.yaml b/.github/workflows/call-docker-build.yaml new file mode 100644 index 0000000..662d0b3 --- /dev/null +++ b/.github/workflows/call-docker-build.yaml @@ -0,0 +1,81 @@ +--- +# template source: https://github.com/bretfisher/docker-build-workflow/blob/main/templates/call-docker-build.yaml +name: Docker Build + +on: + push: + branches: + - main + # don't rebuild image if someone only edited unrelated files + paths-ignore: + - 'README.md' + - '.github/linters/**' + pull_request: + # don't rebuild image if someone only edited unrelated files + paths-ignore: + - 'README.md' + - '.github/linters/**' + +jobs: + call-docker-build: + + name: Call Docker Build + + uses: bretfisher/docker-build-workflow/.github/workflows/reusable-docker-build.yaml@main + + permissions: + contents: read + packages: write # needed to push docker image to ghcr.io + pull-requests: write # needed to create and update comments in PRs + + secrets: + + # Only needed if with:dockerhub-enable is true below + dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }} + + # Only needed if with:dockerhub-enable is true below + # https://hub.docker.com/settings/security + dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }} + + with: + + ### REQUIRED + ### ENABLE ONE OR BOTH REGISTRIES + ### tell docker where to push. + ### NOTE if Docker Hub is set to true, you must set secrets above and also add account/repo/tags below + dockerhub-enable: true + ghcr-enable: true + + ### REQUIRED + ### A list of the account/repo names for docker build. List should match what's enabled above + ### defaults to: + image-names: | + bretfisher/shpod + ghcr.io/${{ github.repository }} + + ### REQUIRED set rules for tagging images, based on special action syntax: + ### https://github.com/docker/metadata-action#tags-input + ### defaults to: + # tag-rules: | + # type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} + # type=ref,event=pr + # type=ref,event=branch + # type=semver,pattern={{version}} + + ### path to where docker should copy files into image + ### defaults to root of repository (.) + # context: . + + ### Dockerfile alternate name. Default is Dockerfile (relative to context path) + # file: Containerfile + + ### build stage to target, defaults to empty, which builds to last stage in Dockerfile + # target: + + ### platforms to build for, defaults to linux/amd64 + ### other options: linux/amd64,linux/arm64,linux/arm/v7 + # platforms: linux/amd64 + + ### Create a PR comment with image tags and labels + ### defaults to false + # comment-enable: false \ No newline at end of file diff --git a/.github/workflows/call-super-linter.yaml b/.github/workflows/call-super-linter.yaml new file mode 100644 index 0000000..9f0e3c3 --- /dev/null +++ b/.github/workflows/call-super-linter.yaml @@ -0,0 +1,36 @@ +--- +# template source: https://github.com/bretfisher/super-linter-workflow/blob/main/templates/call-super-linter.yaml +name: Lint Code Base + +on: + + push: + branches: [main] + + pull_request: + +jobs: + call-super-linter: + + name: Call Super-Linter + + permissions: + contents: read # clone the repo to lint + statuses: write #read/write to repo custom statuses + + ### use Reusable Workflows to call my workflow remotely + ### https://docs.github.com/en/actions/learn-github-actions/reusing-workflows + ### you can also call workflows from inside the same repo via file path + + uses: bretfisher/super-linter-workflow/.github/workflows/reusable-super-linter.yaml@main + + ### Optional settings examples + + # with: + ### For a DevOps-focused repository. Prevents some code-language linters from running + ### defaults to false + # devops-only: false + + ### A regex to exclude files from linting + ### defaults to empty + # filter-regex-exclude: src/.* diff --git a/.github/workflows/docker-build-and-push.yml b/.github/workflows/docker-build-and-push.yml deleted file mode 100644 index 9c36f86..0000000 --- a/.github/workflows/docker-build-and-push.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -name: Build and Push Image - -on: - # we want pull requests so we can build(test) but not push to image registry - pull_request: - branches: - - 'main' - # only build when important files change - paths-ignore: - - 'README.md' - - '.github/workflows/linter.yml' - - '.github/linters/**' - push: - branches: - - 'main' - # only build when important files change - paths-ignore: - - 'README.md' - - '.github/workflows/linter.yml' - - '.github/linters/**' - schedule: - # re-run montly to keep image fesh with upstream base images - - cron: '0 12 15 * *' - workflow_dispatch: - # run whenever we want! - -jobs: - call-docker-workflow: - # use Reusable Workflows - # https://docs.github.com/en/actions/learn-github-actions/reusing-workflows - uses: bretfisher/github-actions-templates/.github/workflows/docker-build-and-push.yaml@main - secrets: - dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml deleted file mode 100644 index 8c31256..0000000 --- a/.github/workflows/linter.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -name: Lint Code Base - -on: - push: - branches: [main] - pull_request: - branches: [main] - -jobs: - call-super-linter: - # use Reusable Workflows to call my linter config remotely - # https://docs.github.com/en/actions/learn-github-actions/reusing-workflows - uses: bretfisher/super-linter-workflow/.github/workflows/super-linter.yaml@main