From 4a29bd8b6a5565684816791f760d5bff35a17edb Mon Sep 17 00:00:00 2001 From: Honest Bot Date: Fri, 5 Jul 2024 09:27:26 +0000 Subject: [PATCH] chore: synced file(s) with honestbank/.github --- .golangci.json | 3 +- .pre-commit-config.yaml | 35 +++++++-- append-ticket-id.sh | 50 +++++++++++++ catalog-info.generator.sh | 74 ++++++++++++------- docker-compose.integration.yaml | 34 +++++++++ docker-compose.yaml | 34 +++++++++ release.config.js | 1 - secrets-loader.generator.sh | 52 ++++++++++++++ spell-check.sh | 121 ++++++++++++++++++++++++++++++++ 9 files changed, 372 insertions(+), 32 deletions(-) create mode 100755 append-ticket-id.sh create mode 100755 secrets-loader.generator.sh create mode 100755 spell-check.sh diff --git a/.golangci.json b/.golangci.json index 8ab2faf..5892f8d 100644 --- a/.golangci.json +++ b/.golangci.json @@ -12,7 +12,7 @@ }, "issues": { "exclude-rules": { - "path": "/", + "path": "_test.go", "linters": ["errcheck"] } }, @@ -28,7 +28,6 @@ "goimports", "gosimple", "govet", - "ifshort", "ineffassign", "makezero", "misspell", diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6105e9d..6e12fc9 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,35 +1,60 @@ # DO NOT CHANGE. This file is being managed from a central repository # To know more simply visit https://github.com/honestbank/.github/blob/main/docs/about.md +default_install_hook_types: [ pre-commit, commit-msg ] + repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v4.5.0 hooks: - id: end-of-file-fixer + stages: [commit] - id: trailing-whitespace + stages: [commit] - id: check-yaml - args: [ '--allow-multiple-documents' ] + stages: [commit] + args: ["--allow-multiple-documents"] - id: detect-aws-credentials - args: [ '--allow-missing-credentials' ] + stages: [commit] + args: ["--allow-missing-credentials"] - repo: https://github.com/golangci/golangci-lint - rev: v1.54.2 + rev: v1.57.2 hooks: - id: golangci-lint + stages: [commit] + args: ["--timeout=10m"] - repo: https://github.com/TekWizely/pre-commit-golang rev: v1.0.0-rc.1 hooks: - id: go-imports + stages: [commit] - repo: https://github.com/gitguardian/ggshield - rev: v1.19.1 + rev: v1.26.0 hooks: - id: ggshield language: python stages: [commit] - args: [ 'secret', 'scan', 'pre-commit' ] + args: ["secret", "scan", "pre-commit"] - repo: local hooks: + - id: generate-secrets-loader + name: generate-secrets-loader + entry: ./secrets-loader.generator.sh + language: script + stages: [commit] - id: generate-catalog name: generate-catalog entry: ./catalog-info.generator.sh language: script pass_filenames: false + stages: [commit] + - id: commit-msg-spell-check + name: commit-msg-spell-check + entry: ./spell-check.sh + language: script + stages: ["commit-msg"] + - id: append-ticket-id + name: Append Ticket ID to Commit Message + entry: ./append-ticket-id.sh + language: script + stages: [ commit-msg ] diff --git a/append-ticket-id.sh b/append-ticket-id.sh new file mode 100755 index 0000000..339c5a1 --- /dev/null +++ b/append-ticket-id.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +# Function to get the current branch name +get_current_branch() { + git branch --show-current +} + +# Function to get the commit message +get_commit_message() { + cat "$1" +} + +# Function to write the commit message +write_commit_message() { + echo "$2" > "$1" +} + +# Function to extract the ticket ID from the branch name +extract_ticket_id() { + echo "$1" | grep -o -E '(acq|da|data|dec|devop|ds|it|mlops|nerds|qa|sec|spe|ss)-[0-9]+' | tr '[:lower:]' '[:upper:]' +} + +# Main script +main() { + if [ $# -eq 0 ]; then + echo "commit message file not found, are you sure you set the stage for this hook to be in stages: [ commit-msg ]?" + exit 1 + fi + + commit_message_file="$1" + branch_name=$(get_current_branch) + ticket_id=$(extract_ticket_id "$branch_name") + + if [ -z "$ticket_id" ]; then + echo "Warning: No ticket ID found in branch name '$branch_name'" + exit 0 + fi + + commit_message=$(get_commit_message "$commit_message_file") + first_line=$(echo "$commit_message" | head -n 1) + + # Check if the first line already contains the ticket_id + if ! echo "$first_line" | grep -qi "$ticket_id"; then + first_line="$first_line [$ticket_id]" + commit_message="$first_line$(echo "$commit_message" | tail -n +2)" + write_commit_message "$commit_message_file" "$commit_message" + fi +} + +main "$@" diff --git a/catalog-info.generator.sh b/catalog-info.generator.sh index e917546..30f8da4 100755 --- a/catalog-info.generator.sh +++ b/catalog-info.generator.sh @@ -10,11 +10,13 @@ if [ ! -f $META_DATA_FILE ]; then cat << EOF >> $META_DATA_FILE { "squad_name": "example-squad", + "dashboard": "https://example.com", "design_document": "https://example.com", "runbook": "https://example.com", "manual_dependencies": [], "type": "application", "lifecycle": "production", + "manual_service_names": [], "example-service-name": { "tags" : [ "language:golang", @@ -30,30 +32,49 @@ fi OUTPUT_FILE="catalog-info.yaml" : > $OUTPUT_FILE # Clear the output file before appending +typeset -A SQUAD_ALIAS +SQUAD_ALIAS[acquisition]=acquisition-squad +SQUAD_ALIAS[decisioning]=mlops-squad +SQUAD_ALIAS[decisioning-squad]=mlops-squad +SQUAD_ALIAS[mlops]=mlops-squad +SQUAD_ALIAS[self-service]=self-service-squad +SQUAD_ALIAS[spend]=spend-squad + typeset -A TEAM_MAP TEAM_MAP[acquisition-squad]=backend-engineers -TEAM_MAP[acquisition]=backend-engineers TEAM_MAP[data-engineering]=data-squad -TEAM_MAP[decisioning]=backend-engineers TEAM_MAP[devops]=devops-engineers TEAM_MAP[internal-infra]=devops-engineers +TEAM_MAP[mlops-squad]=backend-engineers TEAM_MAP[self-service-squad]=backend-engineers -TEAM_MAP[self-service]=backend-engineers TEAM_MAP[spend-squad]=backend-engineers -TEAM_MAP[spend]=backend-engineers -squad_exist_in_team() { +get_squad_name() { + local raw_squad_name=$1 + squad_name=${SQUAD_ALIAS[$raw_squad_name]} + if [[ -z $squad_name ]]; then + echo $raw_squad_name + fi + echo $squad_name +} + +get_gh_team() { local pattern=$1 - for key in "${(@k)TEAM_MAP}"; do - if [[ $key == $pattern ]]; then - return 0 - fi - done - return 1 + gh_team=${TEAM_MAP[$pattern]} + if [[ -z $gh_team ]]; then + echo null + fi + echo $gh_team } REPO_NAME=$(basename "$(pwd)") SERVICE_NAMES=(${(s: :)$(yq e '.jobs.repository-release-prod.with.helm_release_names' "$RELEASE_WORKFLOW")}) +if [[ ${#SERVICE_NAMES[@]} == 0 || "$SERVICE_NAMES" == "null" && -f "customized_helm_release_names.txt" ]]; then + SERVICE_NAMES=($(cat "customized_helm_release_names.txt")) +fi +if [[ ${#SERVICE_NAMES[@]} == 0 || "$SERVICE_NAMES" == "null" ]]; then + SERVICE_NAMES=(${(s: :)$(jq -r ".manual_service_names[]" $META_DATA_FILE)}) +fi if [[ ${#SERVICE_NAMES[@]} == 0 || "$SERVICE_NAMES" == "null" ]]; then SERVICE_NAMES=($REPO_NAME) fi @@ -62,19 +83,18 @@ SQUAD_NAME=$(yq e '.jobs.repository-release-prod.with.argocd_state_repo' "$RELEA SQUAD_NAME=$(echo "$SQUAD_NAME" | cut -c 14-50) if [[ -z $SQUAD_NAME || "$SQUAD_NAME" == "null" ]]; then SQUAD_NAME=$(jq -r '.squad_name' $META_DATA_FILE) -fi -GH_TEAM="" -if squad_exist_in_team "$SQUAD_NAME"; then - GH_TEAM=${TEAM_MAP[$SQUAD_NAME]} else - GH_TEAM="devops-engineers" + SQUAD_NAME="$SQUAD_NAME-squad" fi +SQUAD_NAME=$(get_squad_name $SQUAD_NAME) +GH_TEAM=$(get_gh_team $SQUAD_NAME) -if [[ "$GH_TEAM" == "null" ]]; then +if [[ "$GH_TEAM" == null ]]; then echo "couldn't find service owner" exit 1 fi +DASHBOARD=$(jq -r '.dashboard' $META_DATA_FILE) DESIGN_DOCUMENT=$(jq -r '.design_document' $META_DATA_FILE) RUNBOOK=$(jq -r '.runbook' $META_DATA_FILE) @@ -95,6 +115,10 @@ fi # Loop through each subfolder in the charts directory for SERVICE in $SERVICE_NAMES; do + # Links + SERVICE_DASHBOARD=$(jq -r ".\"$SERVICE\".dashboard" $META_DATA_FILE) + SERVICE_DESIGN_DOCUMENT=$(jq -r ".\"$SERVICE\".design_document" $META_DATA_FILE) + SERVICE_RUNBOOK=$(jq -r ".\"$SERVICE\".runbook" $META_DATA_FILE) # Default dependencies DEPENDENCIES=(${(s: :)$(jq -r ".manual_dependencies[]" $META_DATA_FILE)}) TOPICS=(${(s: :)$(grep Topic "config/config.go" | sed -n 's/.*default:"\([^"]*\)".*/\1/p')}) @@ -136,19 +160,22 @@ $(for tag in "${TAGS[@]}"; do echo " - $tag" done) links: - - url: $DESIGN_DOCUMENT - title: Design Document + - title: Dashboard + url: $([[ "$SERVICE_DASHBOARD" != "null" ]] && echo $SERVICE_DASHBOARD || echo $DASHBOARD) + icon: dashboard + - title: Design Document + url: $([[ "$SERVICE_DESIGN_DOCUMENT" != "null" ]] && echo $SERVICE_DESIGN_DOCUMENT || echo $DESIGN_DOCUMENT) icon: menubook - - url: $RUNBOOK - title: Runbook + - title: Runbook + url: $([[ "$SERVICE_RUNBOOK" != "null" ]] && echo $SERVICE_RUNBOOK || echo $RUNBOOK) icon: help spec: type: $TYPE lifecycle: $LIFECYCLE - owner: group:$SQUAD_NAME-squad + owner: group:$SQUAD_NAME $( if (( ${#DEPENDENCIES[@]} > 0 )); then - echo "dependsOn:" + echo " dependsOn:" fi ) $(for resource in "${DEPENDENCIES[@]}"; do @@ -163,4 +190,3 @@ fixed_content="${file_content%$'\n'}" echo "$fixed_content" > "$OUTPUT_FILE" echo "File generated: $OUTPUT_FILE" - diff --git a/docker-compose.integration.yaml b/docker-compose.integration.yaml index ad6f0fb..0c1888a 100644 --- a/docker-compose.integration.yaml +++ b/docker-compose.integration.yaml @@ -57,6 +57,14 @@ services: SCHEMA_REGISTRY_LISTENERS: "http://0.0.0.0:8082" ports: - 8082:8082 + wiremock: + container_name: wiremock + hostname: wiremock + ports: + - "8085:8080" + image: wiremock/wiremock + volumes: + - ./wiremock/stubs:/home/wiremock gcs: image: oittaa/gcp-storage-emulator:latest ports: @@ -72,3 +80,29 @@ services: KAFKA_BROKERCONNECT: "kafka:19092" depends_on: - "kafka" + s3: + image: adobe/s3mock + container_name: s3mock + environment: + - initialBuckets=bucket1 + - root=containers3root + - debug=true + ports: + - 9090:9090 + sftp: + container_name: sftp + image: atmoz/sftp + volumes: + - ./integration/sftp:/home/foo/upload + ports: + - "2222:22" + command: foo:pass:1001 + redis: + image: redis:alpine + command: redis-server --appendonly yes --requirepass "redis" + ports: + - "6379:6379" + push_gateway: + image: prom/pushgateway:latest + ports: + - "9091:9091" diff --git a/docker-compose.yaml b/docker-compose.yaml index ad6f0fb..0c1888a 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -57,6 +57,14 @@ services: SCHEMA_REGISTRY_LISTENERS: "http://0.0.0.0:8082" ports: - 8082:8082 + wiremock: + container_name: wiremock + hostname: wiremock + ports: + - "8085:8080" + image: wiremock/wiremock + volumes: + - ./wiremock/stubs:/home/wiremock gcs: image: oittaa/gcp-storage-emulator:latest ports: @@ -72,3 +80,29 @@ services: KAFKA_BROKERCONNECT: "kafka:19092" depends_on: - "kafka" + s3: + image: adobe/s3mock + container_name: s3mock + environment: + - initialBuckets=bucket1 + - root=containers3root + - debug=true + ports: + - 9090:9090 + sftp: + container_name: sftp + image: atmoz/sftp + volumes: + - ./integration/sftp:/home/foo/upload + ports: + - "2222:22" + command: foo:pass:1001 + redis: + image: redis:alpine + command: redis-server --appendonly yes --requirepass "redis" + ports: + - "6379:6379" + push_gateway: + image: prom/pushgateway:latest + ports: + - "9091:9091" diff --git a/release.config.js b/release.config.js index 7f98515..85e2a74 100644 --- a/release.config.js +++ b/release.config.js @@ -15,7 +15,6 @@ module.exports = { {type: 'docs', release: 'patch'}, {type: 'refactor', release: 'patch'}, {type: 'style', release: 'patch'}, - {type: 'ci', release: 'patch'}, {type: 'chore', release: 'patch'} ] }], diff --git a/secrets-loader.generator.sh b/secrets-loader.generator.sh new file mode 100755 index 0000000..2dc9049 --- /dev/null +++ b/secrets-loader.generator.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +TEMPLATE=$(cat < secrets and mark it as required +## 2. Export the secret name with value as JSON in the run section of the "Loading secrets" job + +name: Secrets Loader +permissions: + contents: read + +on: + workflow_call: + outputs: + encrypted_secrets: + description: "Encrypt loaded secrets in base64 JSON format" + value: \${{ jobs.loading.outputs.encrypted_secrets }} + secrets: + APOLLO_KEY: + required: true + ## Add addition secrets here + +env: + GHA_GPG_PASSPHRASE: \${{ secrets.GHA_GPG_PASSPHRASE }} + +jobs: + loading: + name: loading + runs-on: ubuntu-latest + outputs: + encrypted_secrets: \${{ steps.loading.outputs.encrypted_secrets }} + steps: + - name: Loading secrets + id: loading + run: | + PLAINTEXT_JSON=\$(cat <> \$GITHUB_OUTPUT + +EOF +) +TARGET=".github/workflows/secrets-loader.yaml" + +if [ ! -f "$TARGET" ]; then + echo "$TEMPLATE" > $TARGET +fi diff --git a/spell-check.sh b/spell-check.sh new file mode 100755 index 0000000..0bf2577 --- /dev/null +++ b/spell-check.sh @@ -0,0 +1,121 @@ +#!/bin/bash + +# Function to check if Aspell is installed +check_aspell() { + if command -v aspell > /dev/null; then + return 1 + else + echo "Aspell is not installed. Automatically installing" + return 0 + fi +} + +# Function to install Aspell on Debian-based systems +install_aspell_debian() { + echo "Attempting to install Aspell on Debian-based system..." + sudo apt-get update && sudo apt-get install -y aspell +} + +# Function to install Aspell on macOS +install_aspell_mac() { + echo "Attempting to install Aspell on macOS..." + brew install aspell +} + +# Main logic +if check_aspell; then + # Identify the platform + case "$(uname -s)" in + Linux) + if [ -f /etc/debian_version ]; then + install_aspell_debian + else + echo "Unsupported Linux distribution." + fi + ;; + Darwin) + install_aspell_mac + ;; + *) + echo "Unsupported operating system." + ;; + esac +fi + + +read -r -d '' dictionary <<'EOF' +personal_ws-1.1 en 2 +anteraja +argocd +artajasa +bersama +bigquery +brankas +brankass +cardmember +checkly +checkov +ci +cloudkms +confluentinc +coreapi +deadletter +deadletters +decrypter +ekyc +encrypter +finexus +freshchat +goka +golang +hnst +honestbank +honestcard +jq +json +kafdrop +menubook +mst +nonk8s +noti +opentracing +perf +perso +pushgateway +rclone +resc +roleset +rolesets +rtrw +rudderstack +schemaregistry +snyk +strimzi +terratest +ulid +usecase +waitlist +waitlisted +yaml +EOF + +echo "$dictionary" > dictionary.text + +# Your string to check +string=$(cat $1) + +echo "$string" + +# Check spelling +misspelled=$(echo "$string" | aspell --personal ./dictionary.text list) + +rm dictionary.text + +# If the misspelled variable is not empty, there are spelling errors +if [ -n "$misspelled" ]; then + echo "Spelling errors found:" + echo "$misspelled" + exit 1 +else + exit 0 +fi