diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..7695d73 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,20 @@ +--- +repos: + - repo: https://github.com/Lucas-C/pre-commit-hooks + rev: v1.5.1 + hooks: + - id: remove-tabs + + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.4.0 + hooks: + - id: trailing-whitespace + - id: check-merge-conflict + - id: end-of-file-fixer + - id: check-added-large-files + args: [--maxkb=750] + - id: check-case-conflict + - id: check-yaml + args: [--allow-multiple-documents] + - id: end-of-file-fixer + - id: trailing-whitespace diff --git a/.tekton/release.yaml b/.tekton/release.yaml new file mode 100644 index 0000000..1872558 --- /dev/null +++ b/.tekton/release.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: tekton.dev/v1beta1 +kind: PipelineRun +metadata: + name: release + annotations: + pipelinesascode.tekton.dev/on-event: "[push]" + pipelinesascode.tekton.dev/on-target-branch: "[main, refs/tags/*]" + pipelinesascode.tekton.dev/task: "[git-clone]" + pipelinesascode.tekton.dev/max-keep-runs: "5" +spec: + params: + - name: repo_url + value: "{{repo_url}}" + - name: revision + value: "{{revision}}" + pipelineSpec: + params: + - name: repo_url + - name: revision + workspaces: + - name: source + tasks: + - name: fetch-repository + taskRef: + name: git-clone + workspaces: + - name: output + workspace: source + params: + - name: url + value: $(params.repo_url) + - name: revision + value: $(params.revision) + - name: build-release-container-image + taskRef: + name: buildah-as-user + namespace: op1st-pipelines + runAfter: + - fetch-repository + workspaces: + - name: source + workspace: source + params: + - name: IMAGE + value: ghcr.io/b4mad/pre-commit-kustomize + + workspaces: + - name: source + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi diff --git a/Containerfile b/Containerfile new file mode 100644 index 0000000..0179a21 --- /dev/null +++ b/Containerfile @@ -0,0 +1,17 @@ +FROM alpine:latest + +LABEL org.opencontainers.image.source = "https://github.com/b4mad/pre-commit-kustomize" + +RUN adduser kustomize -D \ + && apk add curl git openssh \ + && git config --global url.ssh://git@github.com/.insteadOf https://github.com/ +RUN curl -L --output /tmp/kustomize_v5.0.3_linux_amd64.tar.gz https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.0.3/kustomize_v5.0.3_linux_amd64.tar.gz \ + && echo "c627b1575c3fecbc7ad1c181c23a7adcacf19732dab627eb57e89a7bc4c1e929 /tmp/kustomize_v5.0.3_linux_amd64.tar.gz" | sha256sum -c \ + && tar -xvzf /tmp/kustomize_v5.0.3_linux_amd64.tar.gz -C /usr/local/bin \ + && chmod +x /usr/local/bin/kustomize \ + && mkdir ~/.ssh \ + && ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts + +USER kustomize + +WORKDIR /src diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 6df052b..0000000 --- a/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -FROM alpine:latest -RUN adduser kustomize -D \ - && apk add curl git openssh \ - && git config --global url.ssh://git@github.com/.insteadOf https://github.com/ -RUN curl -L --output /tmp/kustomize_v3.3.0_linux_amd64.tar.gz https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv3.3.0/kustomize_v3.3.0_linux_amd64.tar.gz \ - && echo "4b49e1bbdb09851f11bb81081bfffddc7d4ad5f99b4be7ef378f6e3cf98d42b6 /tmp/kustomize_v3.3.0_linux_amd64.tar.gz" | sha256sum -c \ - && tar -xvzf /tmp/kustomize_v3.3.0_linux_amd64.tar.gz -C /usr/local/bin \ - && chmod +x /usr/local/bin/kustomize \ - && mkdir ~/.ssh \ - && ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts -USER kustomize -WORKDIR /src diff --git a/OWNERS b/OWNERS new file mode 100644 index 0000000..96dca6f --- /dev/null +++ b/OWNERS @@ -0,0 +1,8 @@ +# See the OWNERS docs at https://go.k8s.io/owners + +approvers: + - goern + +reviewers: + - durandom + - goern diff --git a/README.md b/README.md index 68aad5f..5d7290f 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ # pre-commit-docker-kustomize -pre-commit hook which runs kustomize docker image. Docker image is based on https://github.com/lyft/kustomizer, but added github.com into known hosts and not running this image as root. This modification allows for remote refs in your kustomize. Other git providers will probably won't work and require further changes. Please raise an issue. + +pre-commit hook which runs kustomize docker image. Container image is based on , but added github.com into known hosts and not running this image as root. This modification allows for remote refs in your kustomize. Other git providers will probably won't work and require further changes. Please raise an issue. ## Example of .pre-commit-config.yaml that verifies that 3 overlays are not broken + ```yaml # See https://pre-commit.com for more information # See https://pre-commit.com/hooks.html for more hooks @@ -12,13 +14,13 @@ repos: - id: check-yaml args: [--allow-multiple-documents] - id: check-added-large-files -- repo: https://github.com/dmitri-lerko/pre-commit-docker-kustomize +- repo: https://github.com/b4mad/pre-commit-kustomize rev: f3a8533 hooks: - id: kustomize name: kustomize-development args: [overlays/development] - verbose: false + verbose: true - id: kustomize name: kustomize-staging args: [overlays/staging] diff --git a/hooks.yaml b/hooks.yaml index a4b96cd..a89bc34 100644 --- a/hooks.yaml +++ b/hooks.yaml @@ -1,8 +1,8 @@ -- id: kustomize - name: kustomize (via docker) - description: kustomize provided by docker - entry: kustomize build - language: docker - args: [overlay/production] - always_run: true - pass_filenames: false +- id: kustomize + name: kustomize (containerized) + description: kustomize provided in a container + entry: kustomize build + language: docker + args: [overlay/production] + always_run: true + pass_filenames: false diff --git a/manifests/repository.yaml b/manifests/repository.yaml new file mode 100644 index 0000000..12ce661 --- /dev/null +++ b/manifests/repository.yaml @@ -0,0 +1,8 @@ +apiVersion: pipelinesascode.tekton.dev/v1alpha1 +kind: Repository +metadata: + creationTimestamp: null + name: github-com-b4mad-pre-commit-kustomize + namespace: op1st-pipelines +spec: + url: https://github.com/b4mad/pre-commit-kustomize