ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor pre commit (#237)

Browse Source 
Wheee!
This commit is contained in:
Matthew Fernandez
2025-05-06 14:24:25 -06:00
committed by GitHub
parent 4285a68f3e
commit 64f7c88114
9 changed files with 109 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.ansible-lint
View File

@@ -1,10 +1,16 @@
--- ---
profile: production profile: production
offline: false offline: true
skip_list: skip_list:
- "galaxy[no-changelog]" - "galaxy[no-changelog]"
warn_list:
# seems to be a bug, see https://github.com/ansible/ansible-lint/issues/4172
- "fqcn[canonical]"
# @matferna: really not sure why lint thinks it can't find jmespath, it is installed and functional
- "jinja[invalid]"
exclude_paths: exclude_paths:
# would be better to move the roles here to the top-level roles directory # would be better to move the roles here to the top-level roles directory
- collections/ansible_collections/demo/compliance/roles/ - collections/ansible_collections/demo/compliance/roles/

25
.github/README.md vendored Normal file
View File

@@ -0,0 +1,25 @@
# GitHub Actions
## Background
We want to make attempts to run our integration tests in the same manner wether using GitHub actions or on a developers's machine locally. For this reason, the tests are curated to run using conatiner images. As of this writing, two images exist which we would like to test against:
- quay.io/ansible-product-demos/apd-ee-24:latest
- quay.io/ansible-product-demos/apd-ee-25:latest
These images are built given the structure defined in their respective EE [definitions][../execution_environments]. Because they differ (mainly due to their python versions), each gets some special handling.
## Troubleshooting GitHub Actions
### Interactive
It is likely the most straight-forward approach to interactively debug issues. The following podman command can be run from the project root directory to replicate the GitHub action:
```
podman run \
--user root \
-v $(pwd):/runner:Z \
-it \
<image> \
/bin/bash
```
`<image>` is one of `quay.io/ansible-product-demos/apd-ee-25:latest`, `quay.io/ansible-product-demos/apd-ee-24:latest`
It is not exact because GitHub seems to run closer to a sidecar container paradigm, and uses docker instead of podman, but hopefully it's close enough.
For the 24 EE, the python interpreriter verions is set for our pre-commit script like so: `USE_PYTHON=python3.9 ./.github/workflows/run-pc.sh`
The 25 EE is similary run but without the need for this variable: `./.github/workflows/run-pc.sh`

24
.github/workflows/pre-commit.yml vendored
View File

@@ -4,17 +4,23 @@ on:
- push - push
- pull_request_target - pull_request_target
env:
ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN }}
ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN }}
jobs: jobs:
pre-commit: pre-commit-25:
name: pre-commit container:
image: quay.io/ansible-product-demos/apd-ee-25
options: --user root
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-python@v5 - run: ./.github/workflows/run-pc.sh
- uses: pre-commit/action@v3.0.1 shell: bash
pre-commit-24:
container:
image: quay.io/ansible-product-demos/apd-ee-24
options: --user root
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: USE_PYTHON=python3.9 ./.github/workflows/run-pc.sh
shell: bash
...

24
.github/workflows/run-pc.sh vendored Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/bash -x
dnf install git-lfs -y
PYTHON_VARIANT="${USE_PYTHON:-python3.11}"
PATH="$PATH:$HOME/.local/bin"
# intsall pip
eval "${PYTHON_VARIANT} -m pip install --user --upgrade pip"
# try to fix 2.4 incompatibility
eval "${PYTHON_VARIANT} -m pip install --user --upgrade setuptools wheel twine check-wheel-contents"
# intsall pre-commit
eval "${PYTHON_VARIANT} -m pip install --user pre-commit"
# view pip packages
eval "${PYTHON_VARIANT} -m pip freeze --local"
# fix permissions on directory
git config --global --add safe.directory $(pwd)
# run pre-commit
pre-commit run --config $(pwd)/.pre-commit-gh.yml --show-diff-on-failure --color=always

9
.pre-commit-config.yaml
View File

@@ -14,13 +14,12 @@ repos:
- id: check-json - id: check-json
- id: check-symlinks - id: check-symlinks
- repo: https://github.com/ansible/ansible-lint.git - repo: local
# get latest release tag from https://github.com/ansible/ansible-lint/releases/
rev: v6.20.3
hooks: hooks:
- id: ansible-lint - id: ansible-lint
additional_dependencies: name: ansible-navigator lint --eei quay.io/ansible-product-demos/apd-ee-25:latest --mode stdout
- jmespath language: python
entry: bash -c "ansible-navigator lint --eei quay.io/ansible-product-demos/apd-ee-25 -v --force-color --mode stdout"
- repo: https://github.com/psf/black-pre-commit-mirror - repo: https://github.com/psf/black-pre-commit-mirror
rev: 23.11.0 rev: 23.11.0

30
.pre-commit-gh.yml Normal file
View File

@@ -0,0 +1,30 @@
---
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
hooks:
- id: trailing-whitespace
exclude: rhel[89]STIG/.*$
- id: check-yaml
exclude: \.j2.(yaml|yml)$|\.(yaml|yml).j2$
args: [--unsafe] # see https://github.com/pre-commit/pre-commit-hooks/issues/273
- id: check-toml
- id: check-json
- id: check-symlinks
- repo: https://github.com/ansible/ansible-lint.git
# get latest release tag from https://github.com/ansible/ansible-lint/releases/
rev: v6.20.3
hooks:
- id: ansible-lint
additional_dependencies:
- jmespath
- repo: https://github.com/psf/black-pre-commit-mirror
rev: 23.11.0
hooks:
- id: black
exclude: rhel[89]STIG/.*$
...

2
ansible.cfg
View File

@@ -1,5 +1,5 @@
[defaults] [defaults]
collections_path=./collections collections_path=./collections:/usr/share/ansible/collections
roles_path=./roles roles_path=./roles
[galaxy] [galaxy]

2
windows/helpdesk_new_user_portal.yml
View File

@@ -10,7 +10,7 @@
# Example result: ['&Qw2|E[-'] # Example result: ['&Qw2|E[-']
- name: Create new user - name: Create new user
community.windows.win_domain_user: microsoft.ad.user:
name: "{{ firstname }} {{ surname }}" name: "{{ firstname }} {{ surname }}"
firstname: "{{ firstname }}" firstname: "{{ firstname }}"
surname: "{{ surname }}" surname: "{{ surname }}"

4
windows/join_ad_domain.yml
View File

@@ -16,7 +16,7 @@
- name: Ensure Demo OU exists - name: Ensure Demo OU exists
run_once: true run_once: true
delegate_to: "{{ domain_controller }}" delegate_to: "{{ domain_controller }}"
community.windows.win_domain_ou: microsoft.ad.ou:
name: Demo name: Demo
state: present state: present
@@ -26,7 +26,7 @@
- name: Join ansible.local domain - name: Join ansible.local domain
register: r_domain_membership register: r_domain_membership
ansible.windows.win_domain_membership: microsoft.ad.membership:
dns_domain_name: ansible.local dns_domain_name: ansible.local
hostname: "{{ inventory_hostname.split('.')[0] }}" hostname: "{{ inventory_hostname.split('.')[0] }}"
domain_admin_user: "{{ ansible_user }}@ansible.local" domain_admin_user: "{{ ansible_user }}@ansible.local"