-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
43 changed files
with
3,016 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
name: CI/CD Pipeline | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
pull_request: | ||
branches: | ||
- main | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
if: false | ||
|
||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v1 | ||
|
||
- name: Cache Docker layers | ||
uses: actions/cache@v2 | ||
with: | ||
path: /tmp/.buildx-cache | ||
key: ${{ runner.os }}-buildx-${{ github.sha }} | ||
restore-keys: | | ||
${{ runner.os }}-buildx- | ||
- name: Log in to GitHub Container Registry | ||
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin | ||
|
||
- name: Build Docker image | ||
run: | | ||
docker build --build-arg TERRAFORM_VERSION=1.9.3 --build-arg ANSIBLE_VERSION=10.2.0 -t ghcr.io/${{ github.repository_owner }}/kado:latest . | ||
- name: Push Docker image | ||
run: | | ||
docker push ghcr.io/${{ github.repository_owner }}/kado:latest | ||
run-kado: | ||
runs-on: ubuntu-latest | ||
needs: build | ||
|
||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Copy .kdconfig to Home Directory | ||
run: | | ||
mkdir -p $HOME | ||
cp .kdconfig $HOME/ | ||
- name: Run Kado in Docker | ||
run: | | ||
docker run --rm -v ${{ github.workspace }}:/workspace -v $HOME/.kdconfig:/root/.kdconfig ghcr.io/${{ github.repository_owner }}/kado:latest ai |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
name: Build, Docker, and Release | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
- 'feature/*' | ||
- 'fix/*' | ||
|
||
env: | ||
VERSION_FILE: VERSION | ||
DOCKER_IMAGE: ghcr.io/${{ github.repository }} | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Set up Go | ||
uses: actions/setup-go@v3 | ||
with: | ||
go-version: '1.22.x' | ||
|
||
- name: Set up Python | ||
uses: actions/setup-python@v4 | ||
with: | ||
python-version: '3.x' | ||
|
||
- name: Log in to GitHub Container Registry | ||
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin | ||
|
||
- name: Bump version | ||
run: make version-bump | ||
|
||
- name: Read version | ||
id: version | ||
run: echo "::set-output name=version::$(cat $(VERSION_FILE))" | ||
|
||
- name: Build Docker image | ||
run: make docker-build | ||
|
||
- name: Push Docker image to GitHub Packages | ||
run: | | ||
docker push ${{ env.DOCKER_IMAGE }}:latest | ||
docker push ${{ env.DOCKER_IMAGE }}:${{ steps.version.outputs.version }} | ||
- name: Create GitHub release | ||
uses: softprops/action-gh-release@v1 | ||
with: | ||
tag_name: v${{ steps.version.outputs.version }} | ||
name: Release ${{ steps.version.outputs.version }} | ||
files: kado | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,133 @@ | ||
package main | ||
|
||
import ( | ||
"bufio" | ||
"fmt" | ||
"os" | ||
"path/filepath" | ||
"regexp" | ||
"strings" | ||
) | ||
|
||
type LintError struct { | ||
File string | ||
Line int | ||
Message string | ||
} | ||
|
||
func (e LintError) Error() string { | ||
return fmt.Sprintf("%s:%d: %s", e.File, e.Line, e.Message) | ||
} | ||
|
||
func LintKDFile(filePath string) ([]LintError, error) { | ||
file, err := os.Open(filePath) | ||
if err != nil { | ||
return nil, err | ||
} | ||
defer file.Close() | ||
|
||
var lintErrors []LintError | ||
scanner := bufio.NewScanner(file) | ||
lineNumber := 0 | ||
insideBead := false | ||
commentRegex := regexp.MustCompile(`^\s*#`) | ||
emptyLineCount := 0 | ||
|
||
for scanner.Scan() { | ||
lineNumber++ | ||
line := scanner.Text() | ||
trimmedLine := strings.TrimSpace(line) | ||
|
||
if strings.HasPrefix(trimmedLine, "bead ") && strings.HasSuffix(trimmedLine, "{") { | ||
if insideBead { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Nested beads are not allowed"}) | ||
} | ||
insideBead = true | ||
if !strings.HasPrefix(line, "bead ") { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Bead declaration should start at the beginning of the line"}) | ||
} | ||
} else if trimmedLine == "}" && insideBead { | ||
insideBead = false | ||
if !strings.HasPrefix(line, "}") { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Closing brace should be at the beginning of the line"}) | ||
} | ||
} else if insideBead { | ||
if !strings.HasPrefix(line, " ") { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Bead content should be indented with two spaces"}) | ||
} | ||
} else { | ||
if commentRegex.MatchString(trimmedLine) { | ||
if !strings.HasPrefix(trimmedLine, "#") { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Comments should start at the beginning of the line"}) | ||
} | ||
} else if trimmedLine != "" && strings.HasPrefix(line, " ") { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Non-bead content should not be indented"}) | ||
} | ||
} | ||
|
||
if trimmedLine == "" { | ||
emptyLineCount++ | ||
if emptyLineCount > 1 { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Multiple consecutive empty lines are not allowed"}) | ||
} | ||
} else { | ||
emptyLineCount = 0 | ||
} | ||
} | ||
|
||
if err := scanner.Err(); err != nil { | ||
return nil, err | ||
} | ||
|
||
if insideBead { | ||
lintErrors = append(lintErrors, LintError{filePath, lineNumber, "Unclosed bead at end of file"}) | ||
} | ||
|
||
return lintErrors, nil | ||
} | ||
|
||
func LintKDFilesInDir(dir string) ([]LintError, error) { | ||
var allErrors []LintError | ||
|
||
err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error { | ||
if err != nil { | ||
return err | ||
} | ||
if !info.IsDir() && strings.HasSuffix(info.Name(), ".kd") { | ||
errors, err := LintKDFile(path) | ||
if err != nil { | ||
return fmt.Errorf("failed to lint %s: %v", path, err) | ||
} | ||
allErrors = append(allErrors, errors...) | ||
} | ||
return nil | ||
}) | ||
|
||
if err != nil { | ||
return nil, err | ||
} | ||
|
||
return allErrors, nil | ||
} | ||
|
||
func main() { | ||
if len(os.Args) < 2 { | ||
fmt.Println("Usage: kdlinter <directory>") | ||
os.Exit(1) | ||
} | ||
|
||
dir := os.Args[1] | ||
errors, err := LintKDFilesInDir(dir) | ||
if err != nil { | ||
fmt.Fprintf(os.Stderr, "Error: %v\n", err) | ||
os.Exit(1) | ||
} | ||
|
||
for _, e := range errors { | ||
fmt.Println(e) | ||
} | ||
|
||
if len(errors) > 0 { | ||
os.Exit(1) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: KD Linter | ||
|
||
on: | ||
push: | ||
branches: | ||
- '**' | ||
|
||
jobs: | ||
lint: | ||
name: Lint KD Files | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
|
||
- name: Set up Go | ||
uses: actions/setup-go@v4 | ||
with: | ||
go-version: '1.21' | ||
|
||
- name: Build KD Linter | ||
run: | | ||
go build -o kdlinter kdlinter.go | ||
- name: Run KD Linter | ||
run: | | ||
./kdlinter . | ||
continue-on-error: true | ||
|
||
- name: Check Linter Output | ||
run: | | ||
if [ -s lint_output.txt ]; then | ||
echo "Linter found issues:" | ||
cat lint_output.txt | ||
exit 1 | ||
else | ||
echo "No linting issues found." | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
name: Sensitive Data Check | ||
|
||
on: | ||
push: | ||
branches: | ||
- '**' | ||
|
||
jobs: | ||
gitleaks: | ||
name: Gitleaks | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
with: | ||
fetch-depth: 0 | ||
|
||
- name: Gitleaks | ||
uses: gitleaks/gitleaks-action@v2 | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} | ||
|
||
- name: Check Gitleaks output | ||
if: ${{ failure() }} | ||
run: | | ||
echo "Gitleaks has detected potential sensitive data in your PR." | ||
echo "Please review the Gitleaks output and remove any sensitive information before merging." | ||
exit 1 |
Oops, something went wrong.