From 4cada669298cfb2edd9948b521a0c12ab5148b4c Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Thu, 23 Nov 2023 11:42:50 +0000 Subject: [PATCH 01/12] feat: add initial `install-pre-commit-hooks` playbook --- etc/kayobe/ansible/install-pre-commit-hooks.yml | 11 +++++++++++ .../post.d/50-install-pre-commit-hooks.yml | 1 + 2 files changed, 12 insertions(+) create mode 100644 etc/kayobe/ansible/install-pre-commit-hooks.yml create mode 120000 etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml new file mode 100644 index 000000000..b604e92fb --- /dev/null +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -0,0 +1,11 @@ +--- +- name: Install pre-commit hooks + hosts: localhost + become: true + gather_facts: false + tasks: + - name: Install pre-commit hooks into kayobe virtual env + ansible.builtin.pip: + name: pre-commit + version: 3.5.0 + virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}" diff --git a/etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml b/etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml new file mode 120000 index 000000000..fe09ffaef --- /dev/null +++ b/etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml @@ -0,0 +1 @@ +../../../ansible/install-pre-commit-hooks.yml \ No newline at end of file From 39405c0ff6cad2c5cb414b71230f2eb44ffcb1e9 Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Thu, 23 Nov 2023 13:44:23 +0000 Subject: [PATCH 02/12] feat: register `pre-commit` with `git` --- .pre-commit-config.yaml | 11 +++++++++++ etc/kayobe/ansible/install-pre-commit-hooks.yml | 8 +++++++- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 000000000..498ddee33 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,11 @@ +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.4.0 + hooks: + - id: check-yaml + - id: end-of-file-fixer + - id: trailing-whitespace + - repo: https://github.com/sirwart/ripsecrets + rev: v0.1.7 + hooks: + - id: ripsecrets diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml index b604e92fb..fb5a709e4 100644 --- a/etc/kayobe/ansible/install-pre-commit-hooks.yml +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -1,7 +1,6 @@ --- - name: Install pre-commit hooks hosts: localhost - become: true gather_facts: false tasks: - name: Install pre-commit hooks into kayobe virtual env @@ -9,3 +8,10 @@ name: pre-commit version: 3.5.0 virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}" + + - name: Register pre-commit hooks with git + ansible.builtin.command: + cmd: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}/bin/pre-commit install" + creates: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}/../../.git/hooks/pre-commit" + args: + chdir: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}" From 036b5f05a5a577f9b4b0d6e30940cc10a4c621cf Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Thu, 23 Nov 2023 15:58:13 +0000 Subject: [PATCH 03/12] feat: make `install-pre-commit-hooks` opt-in --- .../ansible/install-pre-commit-hooks.yml | 27 +++++++++++-------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml index fb5a709e4..ad2737461 100644 --- a/etc/kayobe/ansible/install-pre-commit-hooks.yml +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -2,16 +2,21 @@ - name: Install pre-commit hooks hosts: localhost gather_facts: false + vars: + enable_pre_commit_hooks: false tasks: - - name: Install pre-commit hooks into kayobe virtual env - ansible.builtin.pip: - name: pre-commit - version: 3.5.0 - virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}" + - name: Install pre-commit hooks + block: + - name: Install pre-commit hooks into kayobe virtual env + ansible.builtin.pip: + name: pre-commit + version: 3.5.0 + virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}" - - name: Register pre-commit hooks with git - ansible.builtin.command: - cmd: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}/bin/pre-commit install" - creates: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}/../../.git/hooks/pre-commit" - args: - chdir: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}" + - name: Register pre-commit hooks with git + ansible.builtin.command: + cmd: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}/bin/pre-commit install" + creates: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}/../../.git/hooks/pre-commit" + args: + chdir: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}" + when: enable_pre_commit_hooks | default(false) From 9e309d25a287e3242c260e67d39bdb99cd38c68c Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Thu, 23 Nov 2023 15:58:29 +0000 Subject: [PATCH 04/12] feat: add release note --- .../notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml diff --git a/releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml b/releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml new file mode 100644 index 000000000..69a149e72 --- /dev/null +++ b/releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml @@ -0,0 +1,9 @@ +--- +features: + - | + Add playbook to install pre-commit hooks and register them with git. + The hooks currently configured to be installed will check yaml syntax, + fix new line at end of file and remove excess whitespace. This is + currently opt-in and will require ``enable_pre_commit_hooks: true`` + in the the install-pre-commit-hooks playbook. + From ef2a2b3500323e7e1bf1e87792d89315ab76d98e Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 8 Apr 2024 10:53:47 +0000 Subject: [PATCH 05/12] feat!: change when `pre-commit` hooks are installed Initally `pre-commit` hooks were installed due the presense of a hook for `control host bootstrap` and when `enable_pre_commit_hooks` was set to `true`. However now `pre-commit` hooks are only installed when the hook is present or the playbook is called, no requirement for an `Ansible` conditional to be true. --- etc/kayobe/ansible/install-pre-commit-hooks.yml | 1 - .../post.d/50-install-pre-commit-hooks.yml | 1 - 2 files changed, 2 deletions(-) delete mode 120000 etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml index ad2737461..5967f88b7 100644 --- a/etc/kayobe/ansible/install-pre-commit-hooks.yml +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -19,4 +19,3 @@ creates: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}/../../.git/hooks/pre-commit" args: chdir: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}" - when: enable_pre_commit_hooks | default(false) diff --git a/etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml b/etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml deleted file mode 120000 index fe09ffaef..000000000 --- a/etc/kayobe/hooks/control-host-bootstrap/post.d/50-install-pre-commit-hooks.yml +++ /dev/null @@ -1 +0,0 @@ -../../../ansible/install-pre-commit-hooks.yml \ No newline at end of file From 05ccc8ec73ec360b21ee3b4865abc29bf792c07e Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 8 Apr 2024 11:50:27 +0000 Subject: [PATCH 06/12] fix: update release note for `pre-commit hooks` --- .../notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml b/releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml index 69a149e72..1f0ac091d 100644 --- a/releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml +++ b/releasenotes/notes/add-pre-commit-hooks-07ce3b82bbe1d7a3.yaml @@ -4,6 +4,5 @@ features: Add playbook to install pre-commit hooks and register them with git. The hooks currently configured to be installed will check yaml syntax, fix new line at end of file and remove excess whitespace. This is - currently opt-in and will require ``enable_pre_commit_hooks: true`` - in the the install-pre-commit-hooks playbook. - + currently opt-in which can be achieved by running `install-pre-commit-hooks` + playbook. From ac3abce48e4cc3f26994a3d789f80b4773cd5d8d Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 8 Apr 2024 11:57:27 +0000 Subject: [PATCH 07/12] feat: add `pre-commit` to contributor docs --- doc/source/contributor/index.rst | 1 + doc/source/contributor/pre-commit.rst | 38 +++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 doc/source/contributor/pre-commit.rst diff --git a/doc/source/contributor/index.rst b/doc/source/contributor/index.rst index 346e67989..988957541 100644 --- a/doc/source/contributor/index.rst +++ b/doc/source/contributor/index.rst @@ -11,3 +11,4 @@ This guide is for contributors of the StackHPC Kayobe configuration project. release-notes environments/index package-updates + pre-commit diff --git a/doc/source/contributor/pre-commit.rst b/doc/source/contributor/pre-commit.rst new file mode 100644 index 000000000..d094b4af6 --- /dev/null +++ b/doc/source/contributor/pre-commit.rst @@ -0,0 +1,38 @@ +================ +Pre-commit Hooks +================ + +StackHPC Kayobe configuration carries support for +`pre-commit hooks `_ which simplify the use of git +hooks enabling the identification and repairing of broken or poor code +before committing. +These hooks are designed to make working within SKC easier and less error prone. + +Currently the following hooks are provided: + +- ``check-yaml``: perform basic yaml syntax linting +- ``end-of-file-fixer``: identify and automatically fix missing newline +- ``trailing-whitespace``: identify and automatically fix excessive white space +- ``ripsecrets``: identify and prevent secrets from being committed to the branch + +.. warning:: + The hook ``ripsecrets`` is capable of preventing the accidental leaking of secrets + such as those found within `secrets.yml` or `passwords.yml`. + However if the secret is contained within a file on it's own and lacks a certain level + of entropy then the secret will not be identified as such as and maybe leaked as a result. + +Installation of `pre-commit` hooks is handled via the `install-pre-commit-hooks` playbook +found within the Ansible directory. +Either use `kayobe playbook run` or add the playbook as a hook within Kayobe config such as +within `control-host-bootstrap/post.d`. +Once done you should find `pre-commit` is available within the `kayobe` virtualenv. + +All that remains is the installation of the hooks themselves which can be accomplished either by +running `pre-commit run` or using `git commit` when you have changes that need to be committed. +This will trigger a brief installation process of the hooks which may take a few minutes. +This a one time process and will not be required again unless new hooks are added or existing ones are updated. + +.. note:: + Currently if you run ``pre-commit run --all-files`` it will make a series of changes to + release notes that lack new lines as well configuration files that ``check-yaml`` does not + approve of. From 94e52f4cb604de20395af0b8e0e9681e281c669f Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 15 Apr 2024 15:37:59 +0100 Subject: [PATCH 08/12] fix: remove unused variable --- etc/kayobe/ansible/install-pre-commit-hooks.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml index 5967f88b7..e82051403 100644 --- a/etc/kayobe/ansible/install-pre-commit-hooks.yml +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -2,8 +2,6 @@ - name: Install pre-commit hooks hosts: localhost gather_facts: false - vars: - enable_pre_commit_hooks: false tasks: - name: Install pre-commit hooks block: From 7c4da9a3657f4e40421257154978254c1d24f15c Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 15 Apr 2024 15:40:10 +0100 Subject: [PATCH 09/12] feat: run `pre-commit install` if package is installed or updated --- etc/kayobe/ansible/install-pre-commit-hooks.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml index e82051403..1b247fc7f 100644 --- a/etc/kayobe/ansible/install-pre-commit-hooks.yml +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -10,10 +10,11 @@ name: pre-commit version: 3.5.0 virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}" + register: pip_install - name: Register pre-commit hooks with git ansible.builtin.command: cmd: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}/bin/pre-commit install" - creates: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}/../../.git/hooks/pre-commit" args: chdir: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}" + when: pip_install is changed From cf4aaa02bd4fae500a7fbc2a4a4a510733cff893 Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 15 Apr 2024 15:40:56 +0100 Subject: [PATCH 10/12] feat: use variable to control `pre_commit` version --- etc/kayobe/ansible/install-pre-commit-hooks.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml index 1b247fc7f..a2947231c 100644 --- a/etc/kayobe/ansible/install-pre-commit-hooks.yml +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -2,13 +2,15 @@ - name: Install pre-commit hooks hosts: localhost gather_facts: false + vars: + pre_commit_version: 3.5.0 tasks: - name: Install pre-commit hooks block: - name: Install pre-commit hooks into kayobe virtual env ansible.builtin.pip: name: pre-commit - version: 3.5.0 + version: "{{ pre_commit_version }}" virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}" register: pip_install From 54766db633c507d7318a8c2b093882aaba45fb9a Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 15 Apr 2024 15:53:01 +0100 Subject: [PATCH 11/12] feat: provide commands within docs for pre-commit hooks setup --- doc/source/contributor/pre-commit.rst | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/doc/source/contributor/pre-commit.rst b/doc/source/contributor/pre-commit.rst index d094b4af6..3afffc11b 100644 --- a/doc/source/contributor/pre-commit.rst +++ b/doc/source/contributor/pre-commit.rst @@ -23,10 +23,19 @@ Currently the following hooks are provided: Installation of `pre-commit` hooks is handled via the `install-pre-commit-hooks` playbook found within the Ansible directory. -Either use `kayobe playbook run` or add the playbook as a hook within Kayobe config such as +Either run the playbook manually or add the playbook as a hook within Kayobe config such as within `control-host-bootstrap/post.d`. Once done you should find `pre-commit` is available within the `kayobe` virtualenv. +To run the playbook using the following command + +- ``kayobe playbook run ${KAYOBE_CONFIG_PATH}/ansible/install-pre-commit-hooks.yml`` + +Whereas to run the playbook when control host bootstrap runs ensure it registered as symlink using the following command + +- ``mkdir -p ${KAYOBE_CONFIG_PATH}/hooks/control-host-bootstrap/post.d`` +- ``ln -s ${KAYOBE_CONFIG_PATH}/ansible/install-pre-commit-hooks.yml ${KAYOBE_CONFIG_PATH}/hooks/control-host-bootstrap/post.d/install-pre-commit-hooks.yml`` + All that remains is the installation of the hooks themselves which can be accomplished either by running `pre-commit run` or using `git commit` when you have changes that need to be committed. This will trigger a brief installation process of the hooks which may take a few minutes. From d277afb7b8a776afea25ed7a016fc235ebee1bba Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Thu, 22 Aug 2024 15:00:06 +0000 Subject: [PATCH 12/12] feat: support install `pre-commit` without `kayobe-venv` --- etc/kayobe/ansible/install-pre-commit-hooks.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/etc/kayobe/ansible/install-pre-commit-hooks.yml b/etc/kayobe/ansible/install-pre-commit-hooks.yml index a2947231c..694e07bec 100644 --- a/etc/kayobe/ansible/install-pre-commit-hooks.yml +++ b/etc/kayobe/ansible/install-pre-commit-hooks.yml @@ -11,12 +11,11 @@ ansible.builtin.pip: name: pre-commit version: "{{ pre_commit_version }}" - virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}" + virtualenv: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') | default(omit, true) }}" register: pip_install - name: Register pre-commit hooks with git ansible.builtin.command: - cmd: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') }}/bin/pre-commit install" + cmd: "{{ lookup('ansible.builtin.env', 'VIRTUAL_ENV') | default(lookup('ansible.builtin.env', 'HOME') ~ '/.local', true) }}/bin/pre-commit install" args: - chdir: "{{ lookup('ansible.builtin.env', 'KAYOBE_CONFIG_PATH') }}" - when: pip_install is changed + chdir: "{{ playbook_dir | dirname | dirname | dirname }}"