From b73ec1db7ddb9fa6cad65e1f3a99fd2c25b0bdb1 Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Wed, 28 Jul 2021 03:11:06 +0200 Subject: [PATCH] ci: update github workflows --- .github/lint/.markdownlint.yaml | 35 +++++ .github/lint/.prettierignore | 6 + .github/lint/.prettierrc.yaml | 5 + .../.yamllint.yaml} | 19 ++- .github/workflows/flux-schedule.yaml | 44 +++++++ .github/workflows/helmrelease-pr.yaml | 124 ++++++++++++++++++ .github/workflows/lint.yaml | 32 +++++ ...nnotations.yaml => renovate-schedule.yaml} | 15 ++- .github/workflows/update-flux.yaml | 43 ------ .pre-commit-config.yaml | 30 ++--- .taskfiles/ansible.yml | 35 ----- .taskfiles/linux/deps.yml | 8 -- README.md | 33 +++-- commitlint.config.js | 1 - 14 files changed, 303 insertions(+), 127 deletions(-) create mode 100644 .github/lint/.markdownlint.yaml create mode 100644 .github/lint/.prettierignore create mode 100644 .github/lint/.prettierrc.yaml rename .github/{yamllint.config.yaml => lint/.yamllint.yaml} (54%) create mode 100644 .github/workflows/flux-schedule.yaml create mode 100644 .github/workflows/helmrelease-pr.yaml create mode 100644 .github/workflows/lint.yaml rename .github/workflows/{renovate-annotations.yaml => renovate-schedule.yaml} (70%) delete mode 100644 .github/workflows/update-flux.yaml delete mode 100644 .taskfiles/ansible.yml delete mode 100644 .taskfiles/linux/deps.yml delete mode 100644 commitlint.config.js diff --git a/.github/lint/.markdownlint.yaml b/.github/lint/.markdownlint.yaml new file mode 100644 index 000000000..3b94b79bb --- /dev/null +++ b/.github/lint/.markdownlint.yaml @@ -0,0 +1,35 @@ +--- +default: true + +# MD013/line-length - Line length +MD013: + # Number of characters + line_length: 120 + # Number of characters for headings + heading_line_length: 80 + # Number of characters for code blocks + code_block_line_length: 80 + # Include code blocks + code_blocks: true + # Include tables + tables: true + # Include headings + headings: true + # Include headers + headers: true + # Strict length checking + strict: false + # Stern length checking + stern: false + +# MD026/no-trailing-punctuation - Trailing punctuation in heading +MD026: + # Punctuation characters + punctuation: ":" + +# MD033/no-inline-html - Inline HTML +MD033: + # Allowed elements + allowed_elements: + - br + - img diff --git a/.github/lint/.prettierignore b/.github/lint/.prettierignore new file mode 100644 index 000000000..4ebac77b4 --- /dev/null +++ b/.github/lint/.prettierignore @@ -0,0 +1,6 @@ +.private +.vscode +ansible +*.enc.yaml +*.sops.yml +gotk-components.yaml diff --git a/.github/lint/.prettierrc.yaml b/.github/lint/.prettierrc.yaml new file mode 100644 index 000000000..e30d9f99a --- /dev/null +++ b/.github/lint/.prettierrc.yaml @@ -0,0 +1,5 @@ +--- +trailingComma: "es5" +tabWidth: 2 +semi: false +singleQuote: false diff --git a/.github/yamllint.config.yaml b/.github/lint/.yamllint.yaml similarity index 54% rename from .github/yamllint.config.yaml rename to .github/lint/.yamllint.yaml index 1d18a25fd..0e002f15f 100644 --- a/.github/yamllint.config.yaml +++ b/.github/lint/.yamllint.yaml @@ -1,14 +1,15 @@ +--- ignore: | - .yamllint.yml - .github/ - server/ansible - ignore/ - secrets/ - *-crds.yaml + .private/ + .vscode/ + ansible/ + *.enc.yaml + *.sops.yml + gotk-components.yaml extends: default rules: truthy: - allowed-values: ['true', 'false', 'on', 'yes'] + allowed-values: ["true", "false", "on"] comments: min-spaces-from-content: 1 line-length: disable @@ -18,6 +19,4 @@ rules: brackets: min-spaces-inside: 0 max-spaces-inside: 0 - indentation: - spaces: 2 - indent-sequences: consistent \ No newline at end of file + indentation: enable diff --git a/.github/workflows/flux-schedule.yaml b/.github/workflows/flux-schedule.yaml new file mode 100644 index 000000000..055c33504 --- /dev/null +++ b/.github/workflows/flux-schedule.yaml @@ -0,0 +1,44 @@ +--- +name: Schedule - Update Flux + +on: # yamllint disable-line rule:truthy + workflow_dispatch: + schedule: + - cron: "0 */12 * * *" + +jobs: + flux-upgrade: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 1 + + - name: Setup Flux CLI + uses: fluxcd/flux2/action@main + + - name: Upgrade Flux + id: upgrade + run: | + UGLY_VERSION="$(flux -v)" + VERSION="v${UGLY_VERSION#*flux version }" + flux install --version="${VERSION}" \ + --network-policy=false \ + --export > ./cluster/base/flux-system/gotk-components.yaml + echo "::set-output name=flux_version::$VERSION" + + - name: Create pull request for Flux upgrade + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + branch: "flux/upgrade-${{ steps.upgrade.outputs.flux_version }}" + delete-branch: true + title: "chore(deps): upgrade flux components to ${{ steps.upgrade.outputs.flux_version }}" + signoff: true + committer: "auricom <27022259+auricom@users.noreply.github.com>" + author: "auricom <27022259+auricom@users.noreply.github.com>" + assignees: "auricom" + commit-message: "chore(deps): upgrade flux components to ${{ steps.upgrade.outputs.flux_version }}" + body: | + Release notes: https://github.com/fluxcd/flux2/releases/tag/${{ steps.upgrade.outputs.flux_version }} + labels: flux/upgrade diff --git a/.github/workflows/helmrelease-pr.yaml b/.github/workflows/helmrelease-pr.yaml new file mode 100644 index 000000000..08ecd432e --- /dev/null +++ b/.github/workflows/helmrelease-pr.yaml @@ -0,0 +1,124 @@ +--- +name: Create diff on updated Helm Releases + +on: # yamllint disable-line rule:truthy + pull_request: + branches: + - main + paths: + - "cluster/**.yaml" + +env: + conf_live_branch: main + conf_ignore_known_labels_containing_versions: true + +jobs: + changes: + name: Detect changes + runs-on: ubuntu-20.04 + outputs: + files: "${{ steps.extract.outputs.files }}" + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Get changes + uses: dorny/paths-filter@v2 + id: filter + with: + list-files: shell + filters: | + changed: + - '**' + - name: Keep HelmReleases only + id: extract + run: | + filtered=$(grep -zl "kind: HelmRelease.*registryUrl=" ${{ steps.filter.outputs.changed_files }} \ + | jq -nR '[inputs | select(length>0)]') + echo ::set-output name=files::${filtered} + + helm: + name: Template HelmReleases + runs-on: ubuntu-20.04 + if: ${{ needs.changes.outputs.files != '[]' }} + needs: + - changes + strategy: + matrix: + file: ${{ fromJson(needs.changes.outputs.files) }} + fail-fast: false + steps: + - name: Setup Kubernetes Tools + uses: yokawasa/action-setup-kube-tools@v0.7.1 + with: + setup-tools: | + helmv3 + yq + - name: Checkout live branch + uses: actions/checkout@v2 + with: + ref: ${{ env.conf_live_branch }} + path: live + - name: Checkout PR branch + uses: actions/checkout@v2 + with: + path: pr + - name: Create diff + id: diff + run: | + hr_live_url=$(sed -nr 's|.*registryUrl=(.+)$|\1|p' live/${{ matrix.file }}) + hr_live_chart=$(yq e .spec.chart.spec.chart live/${{ matrix.file }}) + hr_live_version=$(yq e .spec.chart.spec.version live/${{ matrix.file }}) + hr_live_values=$(yq e .spec.values live/${{ matrix.file }}) + hr_pr_url=$(sed -nr 's|.*registryUrl=(.+)$|\1|p' pr/${{ matrix.file }}) + hr_pr_chart=$(yq e .spec.chart.spec.chart pr/${{ matrix.file }}) + hr_pr_version=$(yq e .spec.chart.spec.version pr/${{ matrix.file }}) + hr_pr_values=$(yq e .spec.values pr/${{ matrix.file }}) + helm repo add live "$hr_live_url" + helm repo add pr "$hr_pr_url" + resources_live=$(echo "$hr_live_values" | \ + helm template "$hr_live_chart" \ + live/"$hr_live_chart" \ + --version "$hr_live_version" -f - || true) + echo "$resources_live" + echo "#####################################################" + resources_pr=$(echo "$hr_pr_values" | \ + helm template "$hr_pr_chart" \ + pr/"$hr_pr_chart" \ + --version "$hr_pr_version" -f -) + echo "$resources_pr" + echo "#####################################################" + if [ "$conf_ignore_known_labels_containing_versions" = "true" ]; then + labels='.metadata.labels."helm.sh/chart"' + labels+=',.metadata.labels.chart' + labels+=',.metadata.labels."app.kubernetes.io/version"' + labels+=',.spec.template.metadata.labels."helm.sh/chart"' + labels+=',.spec.template.metadata.labels.chart' + labels+=',.spec.template.metadata.labels."app.kubernetes.io/version"' + resources_live=$(echo "$resources_live" | yq e "del($labels)" -) + resources_pr=$(echo "$resources_pr" | yq e "del($labels)" -) + fi + diff=$((diff -u <(echo "$resources_live") <(echo "$resources_pr") || true) | tail +3) + echo "$diff" + message="Path: \`${{ matrix.file }}\`" + if [ "$hr_live_chart" != "$hr_pr_chart" ]; then + message="$message"$'\n'"Chart: \`$hr_live_chart\` -> \`$hr_pr_chart\`" + fi + if [ "$hr_live_version" != "$hr_pr_version" ]; then + message="$message"$'\n'"Version: \`$hr_live_version\` -> \`$hr_pr_version\`" + fi + if [ "$hr_live_url" != "$hr_pr_url" ]; then + message="$message"$'\n'"Repo: \`$hr_live_url\` -> \`$hr_pr_url\`" + fi + message="$message"$'\n'$'\n' + if [ -z "$diff" ]; then + message="$message"'```'$'\n'"No changes in detected in resources"$'\n''```' + else + message="$message"'```diff'$'\n'"$diff"$'\n''```' + fi + echo "::set-output name=message::$(echo "$message" | jq --raw-input --slurp)" + + - name: Create comment + uses: peter-evans/create-or-update-comment@v1 + with: + issue-number: ${{ github.event.pull_request.number }} + body: "${{ fromJSON(steps.diff.outputs.message) }}" diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 000000000..46bfc7144 --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,32 @@ +--- +name: Lint + +on: # yamllint disable-line rule:truthy + pull_request: + +jobs: + yamllint: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + - name: yamllint + uses: reviewdog/action-yamllint@v1 + with: + yamllint_flags: "-c .github/lint/.yamllint.yaml ./cluster" + shellcheck: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + # - name: shellcheck + # uses: reviewdog/action-shellcheck@v1 + # with: + # path: "./hack" + # level: "error" + markdownlint: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + - name: markdownlint + uses: reviewdog/action-markdownlint@v0.2 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/renovate-annotations.yaml b/.github/workflows/renovate-schedule.yaml similarity index 70% rename from .github/workflows/renovate-annotations.yaml rename to .github/workflows/renovate-schedule.yaml index 7f44372b2..08f5dce3f 100644 --- a/.github/workflows/renovate-annotations.yaml +++ b/.github/workflows/renovate-schedule.yaml @@ -1,12 +1,13 @@ -name: renovate-annotations +--- +name: Schedule - Renovate Helm Releases -on: +on: # yamllint disable-line rule:truthy workflow_dispatch: schedule: - - cron: "15 * * * *" + - cron: "0 */12 * * *" jobs: - renovate-helmrelease: + renovate-helm-releases: runs-on: ubuntu-20.04 steps: - uses: actions/checkout@v2 @@ -19,7 +20,7 @@ jobs: with: cluster-path: "./cluster" - - name: Create pull request for HelmRelease annotations + - name: Create pull request for renovatebot helm-release annotations uses: peter-evans/create-pull-request@v3 with: token: ${{ secrets.GITHUB_TOKEN }} @@ -27,8 +28,8 @@ jobs: delete-branch: true title: "chore(deps): update renovate annotations" signoff: true - committer: "Auricom " - author: "Auricom " + committer: "auricom <27022259+auricom@users.noreply.github.com>" + author: "auricom <27022259+auricom@users.noreply.github.com>" assignees: "auricom" commit-message: "chore(deps): update renovate annotations" body: | diff --git a/.github/workflows/update-flux.yaml b/.github/workflows/update-flux.yaml deleted file mode 100644 index 66b63785e..000000000 --- a/.github/workflows/update-flux.yaml +++ /dev/null @@ -1,43 +0,0 @@ -name: update-flux - -on: - workflow_dispatch: - schedule: - - cron: "0 12 * * *" - -jobs: - flux-update: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 1 - - - name: Setup Flux CLI - uses: fluxcd/flux2/action@main - - - name: Update Flux components - id: update - run: | - CLI_VERSION="$(flux -v)" - VERSION="v${CLI_VERSION#*flux version }" - flux install --version="${VERSION}" \ - --network-policy=false \ - --export > ./cluster/base/flux-system/gotk-components.yaml - echo "::set-output name=flux_version::$VERSION" - - - name: Create pull request for Flux update - uses: peter-evans/create-pull-request@v3 - with: - token: ${{ secrets.GITHUB_TOKEN }} - branch: "flux/update-${{ steps.update.outputs.flux_version }}" - delete-branch: true - title: "chore(deps): update flux components to ${{ steps.update.outputs.flux_version }} [ci-skip]" - signoff: true - committer: "Auricom " - author: "Auricom " - assignees: "auricom" - commit-message: "chore(deps): update flux components to ${{ steps.update.outputs.flux_version }} [ci-skip]" - body: | - Release notes: https://github.com/fluxcd/flux2/releases/tag/${{ steps.update.outputs.flux_version }} - labels: flux/update diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0805b8b10..db36f4664 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -3,36 +3,29 @@ # See https://pre-commit.com/hooks.html for more hooks fail_fast: false repos: - - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook - rev: v5.0.0 - hooks: - - id: commitlint - stages: [commit-msg] - additional_dependencies: ['@commitlint/config-angular'] - repo: https://github.com/adrienverge/yamllint.git rev: v1.26.1 hooks: - id: yamllint args: - - -c - - ".github/yamllint.config.yaml" + - --config-file + - .github/lint/.yamllint.yaml - repo: https://github.com/pre-commit/pre-commit-hooks rev: v4.0.1 hooks: - id: trailing-whitespace - - id: check-added-large-files - args: [--maxkb=2048] - - id: check-merge-conflict + - id: end-of-file-fixer + - id: mixed-line-ending - repo: https://github.com/Lucas-C/pre-commit-hooks rev: v1.1.10 hooks: - id: forbid-crlf - id: forbid-tabs - - repo: https://github.com/jumanjihouse/pre-commit-hooks - rev: 2.1.5 + - repo: https://github.com/Lucas-C/pre-commit-hooks + rev: v1.1.10 hooks: - - id: shellcheck - args: [--severity=error] + - id: remove-crlf + - id: remove-tabs - repo: https://github.com/sirosen/fix-smartquotes rev: 0.2.0 hooks: @@ -41,3 +34,10 @@ repos: rev: v2.0.3 hooks: - id: forbid-secrets + - repo: https://github.com/igorshubovych/markdownlint-cli + rev: v0.28.1 + hooks: + - id: markdownlint + args: + - --config + - ".github/lint/.markdownlint.yaml" diff --git a/.taskfiles/ansible.yml b/.taskfiles/ansible.yml deleted file mode 100644 index 6a2087787..000000000 --- a/.taskfiles/ansible.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -version: "3" - -env: - ANSIBLE_CONFIG: "{{.PROJECT_DIR}}/server/ansible/ansible.cfg" - -vars: - ANSIBLE_PLAYBOOK_DIR: "{{.ANSIBLE_DIR}}/playbooks" - ANSIBLE_INVENTORY_DIR: "{{.ANSIBLE_DIR}}/inventory" - ANSIBLE_GROUPS: "master-nodes:worker-nodes" - -tasks: - ping: - desc: Ping all the k3s nodes - cmds: - - "ansible {{.ANSIBLE_GROUPS}} -i {{.ANSIBLE_INVENTORY_DIR}}/home-cluster/hosts.yml --one-line -m ping" - silent: true - - list: - desc: List all the k3s nodes - cmds: - - "ansible {{.ANSIBLE_GROUPS}} -i {{.ANSIBLE_INVENTORY_DIR}}/home-cluster/hosts.yml --list-hosts" - silent: true - - upgrade: - desc: Upgrade all the k3s node's operating system - cmds: - - "ansible-playbook -i {{.ANSIBLE_INVENTORY_DIR}}/home-cluster/hosts.yml {{.ANSIBLE_PLAYBOOK_DIR}}/ubuntu/upgrade.yml" - silent: true - - reboot: - desc: Reboot all the k3s nodes - cmds: - - "ansible {{.ANSIBLE_GROUPS}} -i {{.ANSIBLE_INVENTORY_DIR}}/home-cluster/hosts.yml -m reboot" - silent: true diff --git a/.taskfiles/linux/deps.yml b/.taskfiles/linux/deps.yml deleted file mode 100644 index 7cac9e218..000000000 --- a/.taskfiles/linux/deps.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -version: "3" - -tasks: - default: - cmds: - - task -l - silent: true diff --git a/README.md b/README.md index be514d700..b98b8280d 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,10 @@ - +# README.md -### My home Kubernetes cluster :sailboat: + -_... managed by Flux and serviced with RenovateBot_ :robot: +## My home Kubernetes cluster :sailboat: + +... managed with Flux and Renovate :robot:

@@ -13,7 +15,7 @@ _... managed by Flux and serviced with RenovateBot_ :robot: [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white&style=for-the-badge)](https://github.com/pre-commit/pre-commit) [![renovate](https://img.shields.io/badge/renovate-enabled-success?style=for-the-badge&logo=data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjUgNSAzNzAgMzcwIj48Y2lyY2xlIGN4PSIxODkiIGN5PSIxOTAiIHI9IjE4NCIgZmlsbD0iI2ZlMiIvPjxwYXRoIGZpbGw9IiM4YmIiIGQ9Ik0yNTEgMjU2bC0zOC0zOGExNyAxNyAwIDAxMC0yNGw1Ni01NmMyLTIgMi02IDAtN2wtMjAtMjFhNSA1IDAgMDAtNyAwbC0xMyAxMi05LTggMTMtMTNhMTcgMTcgMCAwMTI0IDBsMjEgMjFjNyA3IDcgMTcgMCAyNGwtNTYgNTdhNSA1IDAgMDAwIDdsMzggMzh6Ii8+PHBhdGggZmlsbD0iI2Q1MSIgZD0iTTMwMCAyODhsLTggOGMtNCA0LTExIDQtMTYgMGwtNDYtNDZjLTUtNS01LTEyIDAtMTZsOC04YzQtNCAxMS00IDE1IDBsNDcgNDdjNCA0IDQgMTEgMCAxNXoiLz48cGF0aCBmaWxsPSIjYjMwIiBkPSJNMjg1IDI1OGw3IDdjNCA0IDQgMTEgMCAxNWwtOCA4Yy00IDQtMTEgNC0xNiAwbC02LTdjNCA1IDExIDUgMTUgMGw4LTdjNC01IDQtMTIgMC0xNnoiLz48cGF0aCBmaWxsPSIjYTMwIiBkPSJNMjkxIDI2NGw4IDhjNCA0IDQgMTEgMCAxNmwtOCA3Yy00IDUtMTEgNS0xNSAwbC05LThjNSA1IDEyIDUgMTYgMGw4LThjNC00IDQtMTEgMC0xNXoiLz48cGF0aCBmaWxsPSIjZTYyIiBkPSJNMjYwIDIzM2wtNC00Yy02LTYtMTctNi0yMyAwLTcgNy03IDE3IDAgMjRsNCA0Yy00LTUtNC0xMSAwLTE2bDgtOGM0LTQgMTEtNCAxNSAweiIvPjxwYXRoIGZpbGw9IiNiNDAiIGQ9Ik0yODQgMzA0Yy00IDAtOC0xLTExLTRsLTQ3LTQ3Yy02LTYtNi0xNiAwLTIybDgtOGM2LTYgMTYtNiAyMiAwbDQ3IDQ2YzYgNyA2IDE3IDAgMjNsLTggOGMtMyAzLTcgNC0xMSA0em0tMzktNzZjLTEgMC0zIDAtNCAybC04IDdjLTIgMy0yIDcgMCA5bDQ3IDQ3YTYgNiAwIDAwOSAwbDctOGMzLTIgMy02IDAtOWwtNDYtNDZjLTItMi0zLTItNS0yeiIvPjxwYXRoIGZpbGw9IiMxY2MiIGQ9Ik0xNTIgMTEzbDE4LTE4IDE4IDE4LTE4IDE4em0xLTM1bDE4LTE4IDE4IDE4LTE4IDE4em0tOTAgODlsMTgtMTggMTggMTgtMTggMTh6bTM1LTM2bDE4LTE4IDE4IDE4LTE4IDE4eiIvPjxwYXRoIGZpbGw9IiMxZGQiIGQ9Ik0xMzQgMTMxbDE4LTE4IDE4IDE4LTE4IDE4em0tMzUgMzZsMTgtMTggMTggMTgtMTggMTh6Ii8+PHBhdGggZmlsbD0iIzJiYiIgZD0iTTExNiAxNDlsMTgtMTggMTggMTgtMTggMTh6bTU0LTU0bDE4LTE4IDE4IDE4LTE4IDE4em0tODkgOTBsMTgtMTggMTggMTgtMTggMTh6bTEzOS04NWwyMyAyM2M0IDQgNCAxMSAwIDE2TDE0MiAyNDBjLTQgNC0xMSA0LTE1IDBsLTI0LTI0Yy00LTQtNC0xMSAwLTE1bDEwMS0xMDFjNS01IDEyLTUgMTYgMHoiLz48cGF0aCBmaWxsPSIjM2VlIiBkPSJNMTM0IDk1bDE4LTE4IDE4IDE4LTE4IDE4em0tNTQgMThsMTgtMTcgMTggMTctMTggMTh6bTU1LTUzbDE4LTE4IDE4IDE4LTE4IDE4em05MyA0OGwtOC04Yy00LTUtMTEtNS0xNiAwTDEwMyAyMDFjLTQgNC00IDExIDAgMTVsOCA4Yy00LTQtNC0xMSAwLTE1bDEwMS0xMDFjNS00IDEyLTQgMTYgMHoiLz48cGF0aCBmaWxsPSIjOWVlIiBkPSJNMjcgMTMxbDE4LTE4IDE4IDE4LTE4IDE4em01NC01M2wxOC0xOCAxOCAxOC0xOCAxOHoiLz48cGF0aCBmaWxsPSIjMGFhIiBkPSJNMjMwIDExMGwxMyAxM2M0IDQgNCAxMSAwIDE2TDE0MiAyNDBjLTQgNC0xMSA0LTE1IDBsLTEzLTEzYzQgNCAxMSA0IDE1IDBsMTAxLTEwMWM1LTUgNS0xMSAwLTE2eiIvPjxwYXRoIGZpbGw9IiMxYWIiIGQ9Ik0xMzQgMjQ4Yy00IDAtOC0yLTExLTVsLTIzLTIzYTE2IDE2IDAgMDEwLTIzTDIwMSA5NmExNiAxNiAwIDAxMjIgMGwyNCAyNGM2IDYgNiAxNiAwIDIyTDE0NiAyNDNjLTMgMy03IDUtMTIgNXptNzgtMTQ3bC00IDItMTAxIDEwMWE2IDYgMCAwMDAgOWwyMyAyM2E2IDYgMCAwMDkgMGwxMDEtMTAxYTYgNiAwIDAwMC05bC0yNC0yMy00LTJ6Ii8+PC9zdmc+)](https://github.com/renovatebot/renovate) -### Bootstrap Flux +## Bootstrap Flux ```bash flux bootstrap github \ @@ -25,14 +27,29 @@ flux bootstrap github \ --network-policy=false ``` -### SOPS secret from GPG key +## SOPS secret from GPG key ```bash -gpg --export-secret-keys --armor | kubectl create secret generic sops-gpg --namespace=flux-system --from-file=sops.asc=/dev/stdin +gpg \ + --export-secret-keys \ + --armor | \ + kubectl create secret generic sops-gpg \ + --namespace=flux-system \ + --from-file=sops.asc=/dev/stdin ``` -### Encrypt kubernetes resources with sops binary +## Encrypt kubernetes resources with sops binary ```bash -sops --encrypt --pgp= --encrypted-regex '^(data|stringData)$' --in-place +sops \ + --encrypt \ + --pgp= \ + --encrypted-regex '^(data|stringData)$' \ + --in-place +``` + +## Install pre-commit hooks + +```bash +pre-commit install ``` diff --git a/commitlint.config.js b/commitlint.config.js deleted file mode 100644 index 28fe5c5bf..000000000 --- a/commitlint.config.js +++ /dev/null @@ -1 +0,0 @@ -module.exports = {extends: ['@commitlint/config-conventional']}