diff --git a/.gitignore b/.gitignore index d917bef13..838a90719 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ # Unit test / coverage reports .tox/ +build/ diff --git a/.zuul.yaml b/.zuul.yaml index 2435e8299..3f8239c96 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -9,14 +9,14 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +--- - project: check: jobs: - - noop + - treasuremap-lint gate: jobs: - - noop + - treasuremap-lint post: jobs: - treasuremap-upload-git-mirror @@ -27,6 +27,14 @@ nodes: - name: ubuntu-bionic label: ubuntu-bionic +- job: + name: treasuremap-lint + description: Lint treasuremap using kubeval + nodeset: treasuremap-single-node + timeout: 900 + pre-run: + - tools/gate/playbooks/deploy-kubeval.yaml + run: tools/gate/playbooks/yaml-lint.yaml - secret: name: airshipit-github-secret @@ -86,4 +94,3 @@ - name: git_mirror_credentials secret: airshipit-github-secret pass-to-parent: true - diff --git a/Makefile b/Makefile index 9170c595a..f763104d0 100644 --- a/Makefile +++ b/Makefile @@ -12,12 +12,16 @@ # See the License for the specific language governing permissions and # limitations under the License. +SHELL := /bin/bash +BUILD_DIR := build +KUBEVAL_BIN := $(BUILD_DIR)/bin + .PHONY: all all: docs .PHONY: clean clean: - rm -rf doc/build + rm -rf doc/build $(BUILD_DIR) .PHONY: docs docs: clean build_docs @@ -30,3 +34,8 @@ build_docs: .PHONY: format format: tox -e fmt + +lint: + mkdir -p build + ./tools/gate/install-kubeval.sh $(BUILD_DIR) + ./tools/gate/run-lint.sh diff --git a/tools/gate/install-kubeval.sh b/tools/gate/install-kubeval.sh new file mode 100755 index 000000000..ad9480dd8 --- /dev/null +++ b/tools/gate/install-kubeval.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# Copyright 2019 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -xe + +INSTALL_PREFIX=$1 +INSTALL_PREFIX=${INSTALL_PREFIX:-'/tmp/kubeval'} +KUBEVAL_URL=https://github.com/instrumenta/kubeval/releases/download +KUBEVAL_VER=${KUBEVAL_VER:-'0.14.0'} +URL="${KUBEVAL_URL}/${KUBEVAL_VER}/kubeval-linux-amd64.tar.gz" + +TMP=$(mktemp -d) +pushd $TMP +curl -fL $URL | tar -xz +install -D -t ${INSTALL_PREFIX}/bin kubeval +popd +rm -rf $TMP diff --git a/tools/gate/playbooks/deploy-kubeval.yaml b/tools/gate/playbooks/deploy-kubeval.yaml new file mode 100644 index 000000000..435cad6ec --- /dev/null +++ b/tools/gate/playbooks/deploy-kubeval.yaml @@ -0,0 +1,21 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- hosts: all + tasks: + - name: Install KubeVal + shell: | + set -xe + ./tools/gate/install-kubeval.sh + args: + chdir: "{{ zuul.project.src_dir }}" + become: yes diff --git a/tools/gate/playbooks/yaml-lint.yaml b/tools/gate/playbooks/yaml-lint.yaml new file mode 100644 index 000000000..3663432d7 --- /dev/null +++ b/tools/gate/playbooks/yaml-lint.yaml @@ -0,0 +1,23 @@ +# Copyright 2019 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- hosts: ubuntu-bionic + tasks: + - name: Lint site + shell: | + set -xe + ./tools/gate/run-lint.sh + args: + chdir: "{{ zuul.project.src_dir }}" + become: yes diff --git a/tools/gate/run-lint.sh b/tools/gate/run-lint.sh new file mode 100755 index 000000000..4bb7e5a14 --- /dev/null +++ b/tools/gate/run-lint.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +# Copyright 2019 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -xe + +ROOT=$1 +KUBEVAL_BIN=${KUBEVAL_BIN:-/tmp/kubeval/bin} +PATH=${KUBEVAL_BIN}:$PATH + +EXCLUDE_DIRS=( + '*/\.git/*' + '*/kustomizeconfig/*' + '*/tools/*' +) + +EXCLUDE_FILES=( + '.zuul.yaml' + 'kustomization.yaml' +) + +function join { local d=$1; shift; printf '%s' "${@/#/$d}"; } + +FILTER="$(join ' -not -path ' ${EXCLUDE_DIRS[*]})" +FILTER="$FILTER $(join ' -not -name ' ${EXCLUDE_FILES[*]})" +find $ROOT -type f \( -name "*\.yaml" $FILTER \) | xargs -r kubeval