Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add CI, pre-commit hooks #269

Open
wants to merge 18 commits into
base: devel
Choose a base branch
from
Open

Add CI, pre-commit hooks #269

wants to merge 18 commits into from

Conversation

brucellino
Copy link

@brucellino brucellino commented Mar 20, 2024

This PR adds a few bits and pieces to help maintaining the project:

  1. Ansible role dependencies are explicitly declared (Pin role versions #268)
  2. Add pre-commit hooks to ensure that clean code is committed (can be extended later)
  3. Add a basic CI task (CI #267)

Closed #268
Closed #267
Closed #270

NicolasLiampotis and others added 12 commits January 19, 2024 10:50
Bumps [ansible](https://github.com/ansible-community/ansible-build-data) from 2.10.7 to 8.5.0.
- [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md)
- [Commits](ansible-community/ansible-build-data@2.10.7...8.5.0)

---
updated-dependencies:
- dependency-name: ansible
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Bruce Becker <[email protected]>
Signed-off-by: Bruce Becker <[email protected]>
@brucellino brucellino changed the title Create Add CI, pre-commit hooks and fix lint Mar 20, 2024
@NicolasLiampotis NicolasLiampotis changed the base branch from master to devel March 20, 2024 22:15
Copy link
Collaborator

@NicolasLiampotis NicolasLiampotis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉 Thanks a bunch for the PR! 🙏

Could you check our my comments on the branches and the ansible-core vs ansible-base vs ansible versions?

.github/workflows/lint.yml Show resolved Hide resolved
requirements.txt Outdated Show resolved Hide resolved
.pre-commit-config.yaml Show resolved Hide resolved
brucellino added a commit to brucellino/rciam-deploy that referenced this pull request Mar 21, 2024
@brucellino
Copy link
Author

@NicolasLiampotis from my side, ready to merge.

@brucellino brucellino changed the title Add CI, pre-commit hooks and fix lint Add CI, pre-commit hooks Mar 21, 2024
style(attrauth): fix lint issues in playbook
style(apache): fix ansible-lint issues in defaults and handlers
style(apache): fix lint in OS-dependent configuration tasks
style(apache): fix linting issues in ssl config tasks
style(apache): apply ansible-lint's opinionated fix to role
style(apache): align name of handler to respect ansible-lint rules
style(apache): apply lint fixes to main tasks
style(comange-registry): apply linting rules to defaults
style(comange-registry): apply linting rules to configure tasks
style(comanage): declare no changes in ad-hoc commands
  This should be updated when we know how to identify a change in order to ensure idempotency
style(comanage): split long install command over several lines
style(comanage): apply linting fixes to install tasks
style(comanage): explicitly ignore idempotency in cache clear task
style(comanage): explicitly ignore idempotency in static files tasks
style(php): fix linting errors in role defaults
style(php): fix linting errors in role defaults
style(php): fix linting errors in role taks and vars
style(shibboleth-sp): fix linting errors in role defaults
style(shibboleth-sp): fix linting errors in role main tasks
style(shibboleth-sp): fix all linting errors in role
WIP rciam#270
WIP rciam#267
style(common): apply linting rules to role defaults
style(common): apply linting rules to role defaults
style(common): fix linting errors in main role tasks
style(common): apply linting fixes to role tasks and vars
style(ssp): make role defaults pass ansible lint
chore(deps): freeze current requirements for dependabot
style(ssp): apply style rules to ssp handlers
style(ssp): reduce linting warnings in role composer tasks
style(ssp): apply linting rules to configure-common tasks
style(ssp): ensure configure-saml and shib tasks pass lint
style(ssp): ensure authservers playbook passes Ansible lint
WIP rciam#270
style(authzkeys): conform to Ansible Lint style
style(cache): conform to ansible style guide
style(cert2saml): conform to ansible style for ssp module role
style(comanage): conform comanage playbook and roles to Ansible style guide
style(d4science): conform playbook to Ansible lint
style(postgres): conform db playbook and postgres role to ansible lint
style(egi-igtf): conform EGI IGTF role and playbook to Ansible Lint
refactor(egi-igtf): move task to handler
style(deep2saml): conform playbook to Ansible Lint
style(federation-registry): conform to ansible lint
Some task modules have been changed from postgresql_query to postgresql_script
style(fedreg): conform to ansible lint
style(firewall): conform to ansible lint
style(google2saml): conform to ansible lint
chore: ignore editor cruft
style(keycloak): conform to Ansible Lint
style(keycloak): conform to Ansible Lint
style(metrics): conform metrics servers to Ansible Lint
style(monservers): conform monservers to Ansible Lint
style(oauth2saml): conform to Ansible Lint
style(ldap): conform to Ansible Lint
style(orcid): conform to Ansible Lint
style(rciam-keycloak,nginx,rsyslog,webproxy): conform to Ansible Lint
style(oidc): conform to Ansible Lint
style(registry-ui): conform to Ansible Lit
chore: add detect-secrets pre-commit hook
style(saml,oidc): conform to Ansible Lint
style(secrets): conform to Ansible Lint
style(site): conform to Ansible Lint
style(ssp): conform to Ansible Lint
fix(apache): fix module name
style(utils): conform to Ansible Lint
style: conform to Ansible Lint

---------

Signed-off-by: Bruce Becker <[email protected]>
Signed-off-by: Bruce Becker <[email protected]>
@brucellino
Copy link
Author

@NicolasLiampotis This now passes Ansible Lint
I had to refactor a few of the tasks in order to make it so, but no functionality has been changed.

@brucellino
Copy link
Author

bump @NicolasLiampotis
Can we discuss whether we can merge this?

@NicolasLiampotis
Copy link
Collaborator

bump @NicolasLiampotis Can we discuss whether we can merge this?

Before merging this, I suggest closing #272 and #274 to ensure we have a stable release in master. Merging now could potentially break several roles in the devel branch.

@brucellino
Copy link
Author

Ok, no problem. Do you guys have a test case described somewhere for #272 and #274 ? Can I help create it if not?

dependabot bot added 4 commits May 6, 2024 10:36
Bumps [dnspython](https://github.com/rthalley/dnspython) from 2.1.0 to 2.6.1.
- [Release notes](https://github.com/rthalley/dnspython/releases)
- [Changelog](https://github.com/rthalley/dnspython/blob/main/doc/whatsnew.rst)
- [Commits](rthalley/dnspython@v2.1.0...v2.6.1)

---
updated-dependencies:
- dependency-name: dnspython
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.1.3...3.1.4)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [cryptography](https://github.com/pyca/cryptography) from 42.0.5 to 43.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@42.0.5...43.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ansible-core](https://github.com/ansible/ansible) from 2.16.4 to 2.17.6.
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](ansible/ansible@v2.16.4...v2.17.6)

---
updated-dependencies:
- dependency-name: ansible-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ansible-core](https://github.com/ansible/ansible) from 2.17.6 to 2.17.7.
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](ansible/ansible@v2.17.6...v2.17.7)

---
updated-dependencies:
- dependency-name: ansible-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Pin role versions CI
2 participants