wip

2026-04-03 22:50:04 +02:00 · 2026-04-03 22:50:04 +02:00 · 234938972d
commit 234938972d
parent 9a398a1177
5 changed files with 14 additions and 115 deletions
--- a/.forgejo/workflows/ci.yaml
+++ b/.forgejo/workflows/ci.yaml
@ -1,40 +0,0 @@
 ---
 name: checks
 on:  # yamllint disable-line rule:truthy
  - 'push'
 jobs:
  pre-commit:
    runs-on: ubuntu-22.04
    steps:
      - uses: https://code.forgejo.org/actions/checkout@v6
      - uses: https://code.forgejo.org/actions/setup-python@v6
        with:
          python-version: '3.10'
      - uses: opentofu/setup-opentofu@v2
        with:
          tofu_version: 1.7.0
      - uses: pre-commit/action@v3.0.1
  k8s:
    runs-on: ubuntu-22.04
    steps:
      - uses: https://code.forgejo.org/actions/checkout@v6
      - name: Set up Kubeconform
        uses: bmuschko/setup-kubeconform@v1
      - name: Validate manifests
        run: make lint--kubeconform
  tflint:
    runs-on: ubuntu-22.04
    steps:
      - uses: https://code.forgejo.org/actions/checkout@v6
      - uses: terraform-linters/setup-tflint@v6
        name: Setup TFLint
        with:
          tflint_version: v0.50.3
      - name: Run TFLint
        run: make lint--tflint
--- a/.forgejo/workflows/deploy-tofu.yaml
+++ b/.forgejo/workflows/deploy-tofu.yaml
@ -1,55 +0,0 @@
 ---
 name: OpenTofu deployments
 on:  # yamllint disable-line rule:truthy
  push:
    branches:
      - 'main'
 jobs:
  authentik:
    runs-on: ubuntu-22.04
    steps:
      - uses: https://code.forgejo.org/actions/checkout@v6
      - uses: opentofu/setup-opentofu@v2
        with:
          tofu_version: 1.8.1
      - name: Deploy
        env:
          AUTHENTIK_URL: ${{ secrets.AUTHENTIK_URL }}
          AUTHENTIK_TOKEN: ${{ secrets.AUTHENTIK_TOKEN }}
          TF_VAR_firezone_client_id: ${{ secrets.TF_VAR_firezone_client_id }}
          TF_VAR_firezone_client_secret: ${{ secrets.TF_VAR_firezone_client_secret }}
          TF_VAR_gitea_client_id: ${{ secrets.TF_VAR_gitea_client_id }}
          TF_VAR_gitea_client_secret: ${{ secrets.TF_VAR_gitea_client_secret }}
          TF_VAR_miniflux_client_id: ${{ secrets.TF_VAR_miniflux_client_id }}
          TF_VAR_miniflux_client_secret: ${{ secrets.TF_VAR_miniflux_client_secret }}
          TF_VAR_portainer_client_id: ${{ secrets.TF_VAR_portainer_client_id }}
          TF_VAR_portainer_client_secret: ${{ secrets.TF_VAR_portainer_client_secret }}
          TF_VAR_paperless_client_id: ${{ secrets.TF_VAR_paperless_client_id }}
          TF_VAR_paperless_client_secret: ${{ secrets.TF_VAR_paperless_secret }}
          TF_VAR_netbird_client_id: ${{ secrets.TF_VAR_netbird_client_id }}
          TF_VAR_netbird_client_secret: ${{ secrets.TF_VAR_netbird_client_secret }}
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: |
          cd tofu/authentik
          tofu init
          tofu apply -auto-approve
  adguard:
    runs-on: ubuntu-22.04
    steps:
      - uses: https://code.forgejo.org/actions/checkout@v6
      - uses: opentofu/setup-opentofu@v2
        with:
          tofu_version: 1.7.0
      - name: Deploy
        env:
          ADGUARD_PASSWORD: ${{ secrets.ADGUARD_PASSWORD }}
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: |
          cd tofu/adguard
          tofu init
          tofu apply -auto-approve
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,7 +1,7 @@
 ---
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v5.0.0
+    rev: v6.0.0
    hooks:
      - id: trailing-whitespace
      - id: end-of-file-fixer
@ -15,18 +15,18 @@ repos:
      - id: trailing-whitespace
  - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.92.1
+    rev: v1.105.0
    hooks:
      - id: terraform_fmt
  - repo: https://github.com/adrienverge/yamllint.git
-    rev: v1.35.1
+    rev: v1.38.0
    hooks:
      - id: yamllint
        args: [--format, parsable, --strict]
  - repo: https://github.com/shellcheck-py/shellcheck-py
-    rev: v0.10.0.1
+    rev: v0.11.0.1
    hooks:
      - id: shellcheck
        files: \.sh
--- a/.woodpecker/test.yaml
+++ b/.woodpecker/test.yaml
@ -4,13 +4,7 @@ when:
    branch: feat/woodpecker-ci
 steps:
-  - name: build
+  - name: pre-commit
-    image: debian
+    image: kiwicom/pre-commit:4.3.0
    commands:
-      - echo "This is the build step"
+      - make fmt--pre-commit
      - echo "binary-data-123" > executable
  - name: a-test-step
    image: golang:1.16
    commands:
      - echo "Testing ..."
      - ./executable
--- a/14
+++ b/14
@ -1,13 +1,13 @@
-lint--pre-commit:
+fmt--pre-commit:
 	pre-commit run --all-files --color always
-lint--kubeconform:
+fmt--kubeconform:
 	kubeconform -strict -ignore-missing-schemas k8s/
-lint--tflint:
+fmt--tflint:
 	tflint --recursive
-lint:
+fmt:
-	make lint--pre-commit
+	make fmt--pre-commit
-	make lint--kubeconform
+	make fmt--kubeconform
-	make lint--tflint
+	make fmt--tflint