diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..b8b7832 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +which nix &>/dev/null && use nix diff --git a/.github/workflows/ci-non-go.sh b/.github/workflows/ci-non-go.sh new file mode 100755 index 0000000..026d526 --- /dev/null +++ b/.github/workflows/ci-non-go.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash ../../shell.nix +# shellcheck shell=bash + +set -eux + +failed=0 + +if ! git ls-files '*.md' '*.yaml' '*.yml' | xargs prettier --list-different --write; then + failed=1 +fi + +if ! git ls-files '*.json' | xargs -I '{}' sh -c 'jq --sort-keys . {} > {}.t && mv {}.t {}'; then + failed=1 +fi + +if ! shfmt -f . | xargs shfmt -s -l -d; then + failed=1 +fi + +if ! shfmt -f . | xargs shellcheck; then + failed=1 +fi + +if ! terraform fmt -write -recursive deploy/terraform/; then + failed=1 +fi + +if ! git diff | (! grep .); then + failed=1 +fi + +exit "$failed" diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..b990498 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,19 @@ +name: For each commit and PR +on: + push: + pull_request: + +jobs: + validation: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + lfs: true + - name: Install nix + uses: cachix/install-nix-action@v12 + with: + nix_path: nixpkgs=channel:nixpkgs-unstable + - name: Run ci-checks.sh + run: ./.github/workflows/ci-non-go.sh diff --git a/.github/workflows/vagrant-packet.yaml b/.github/workflows/vagrant-packet.yaml index 843b625..47b14d4 100644 --- a/.github/workflows/vagrant-packet.yaml +++ b/.github/workflows/vagrant-packet.yaml @@ -9,9 +9,9 @@ jobs: if: contains(github.event.pull_request.labels.*.name, 'ci-check/vagrant-setup') runs-on: vagrant steps: - - name: Checkout - uses: actions/checkout@v2 - - name: Vagrant Test - run: | - export VAGRANT_DEFAULT_PROVIDER="virtualbox" - go test --timeout 1h -v ./test/_vagrant + - name: Checkout + uses: actions/checkout@v2 + - name: Vagrant Test + run: | + export VAGRANT_DEFAULT_PROVIDER="virtualbox" + go test --timeout 1h -v ./test/_vagrant diff --git a/deploy/tls/ca-config.json b/deploy/tls/ca-config.json index d6d666e..9c9e14d 100644 --- a/deploy/tls/ca-config.json +++ b/deploy/tls/ca-config.json @@ -6,11 +6,18 @@ "profiles": { "server": { "expiry": "8760h", - "usages": ["signing", "key encipherment", "server auth"] + "usages": [ + "signing", + "key encipherment", + "server auth" + ] }, "signing": { "expiry": "8760h", - "usages": ["signing", "key encipherment"] + "usages": [ + "signing", + "key encipherment" + ] } } } diff --git a/deploy/vagrant/scripts/tinkerbell.sh b/deploy/vagrant/scripts/tinkerbell.sh index 3c03f0c..803ca26 100644 --- a/deploy/vagrant/scripts/tinkerbell.sh +++ b/deploy/vagrant/scripts/tinkerbell.sh @@ -81,7 +81,7 @@ main() ( fi if [ ! -f ./.env ]; then - ./generate-envrc.sh eth1 > .env + ./generate-envrc.sh eth1 >.env fi # shellcheck disable=SC1091 diff --git a/setup.sh b/setup.sh index 9a097fb..db12b97 100755 --- a/setup.sh +++ b/setup.sh @@ -405,8 +405,8 @@ start_registry() ( bootstrap_docker_registry() ( docker_login - # osie looks for tink-worker:latest, so we have to play with it a bit - # https://github.com/tinkerbell/osie/blob/master/apps/workflow-helper.sh#L66 + # osie looks for tink-worker:latest, so we have to play with it a bit + # https://github.com/tinkerbell/osie/blob/master/apps/workflow-helper.sh#L66 docker_mirror_image "${TINKERBELL_TINK_WORKER_IMAGE}" "${TINKERBELL_HOST_IP}/tink-worker:latest" ) diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..696f355 --- /dev/null +++ b/shell.nix @@ -0,0 +1,14 @@ +let _pkgs = import { }; +in { pkgs ? import (_pkgs.fetchFromGitHub { + owner = "NixOS"; + repo = "nixpkgs"; + #branch@date: nixpkgs-unstable@2020-11-04 + rev = "dfea4e4951a3cee4d1807d8d4590189cf16f366b"; + sha256 = "02j7f5l2p08144b2fb7pg6sbni5km5y72k3nk3i7irddx8j2s04i"; +}) { } }: + +with pkgs; + +mkShell { + buildInputs = [ go nodePackages.prettier shellcheck shfmt terraform ]; +}