Merge pull request #1996 from manics/pre-commit-2

Autoformat bash scripts, yaml files, and markdown files with pre-commit
jupyterhub · Jan 20, 2021 · 6a3df2d · 6a3df2d
2 parents aca9181 + 6ee24df
commit 6a3df2d
Show file tree

Hide file tree

Showing 56 changed files with 1,183 additions and 1,085 deletions.
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -37,7 +37,7 @@ updates:
 
   # Maintain dependencies in our GitHub Workflows
   - package-ecosystem: "github-actions"
-    directory: "/"  # This should be / rather than .github/workflows
+    directory: "/" # This should be / rather than .github/workflows
     schedule:
       interval: daily
       time: "05:00"

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -9,7 +9,6 @@ on:
     branches: ["main", "master"]
     tags: ["[0-9]+.[0-9]+.[0-9]+*"]
 
-
 jobs:
   # Builds and pushes docker images to DockerHub and package the Helm chart and
   # pushes it to jupyterhub/helm-chart@gh-pages where index.yaml represents the
@@ -28,7 +27,7 @@ jobs:
           fetch-depth: 0
       - uses: actions/setup-python@v2
         with:
-          python-version: '3.8'
+          python-version: "3.8"
 
       - name: Install chart publishing dependencies (chartpress, helm)
         run: |

diff --git a/.github/workflows/test-chart.yaml b/.github/workflows/test-chart.yaml
@@ -23,15 +23,14 @@ on:
       - "dependabot/**"
   workflow_dispatch:
 
-
 jobs:
   lint_and_validate:
     runs-on: ubuntu-20.04
     steps:
       - uses: actions/checkout@v2
       - uses: actions/setup-python@v2
         with:
-          python-version: '3.8'
+          python-version: "3.8"
 
       - name: Install dependencies
         run: |
@@ -40,6 +39,9 @@ jobs:
           pip install chartpress yamllint
 
       - uses: pre-commit/action@v2.0.0
+      - uses: pre-commit/action@v2.0.0
+        with:
+          extra_args: --config .pre-commit-config-shellcheck.yaml
 
       - name: Lint and validate
         run: tools/templates/lint-and-validate.py
@@ -48,7 +50,6 @@ jobs:
         run: tools/templates/lint-and-validate.py --strict
         continue-on-error: true
 
-
   test:
     runs-on: ubuntu-20.04
     timeout-minutes: 20
@@ -114,7 +115,7 @@ jobs:
       #       environment and setup in a fraction of a second.
       - uses: actions/setup-python@v2
         with:
-          python-version: '3.8'
+          python-version: "3.8"
 
       # Install a local ACME server to fill the role of Let's Encrypt (LE). We
       # do this as the HTTP challenge sent out by an ACME server must be able to

diff --git a/.github/workflows/test-docs.yaml b/.github/workflows/test-docs.yaml
@@ -20,7 +20,6 @@ on:
       - "dependabot/**"
   workflow_dispatch:
 
-
 jobs:
   linkcheck:
     runs-on: ubuntu-20.04
@@ -33,7 +32,7 @@ jobs:
           fetch-depth: 0
       - uses: actions/setup-python@v2
         with:
-          python-version: '3.8'
+          python-version: "3.8"
 
       - name: Install deps
         run: pip install --no-cache-dir -r doc/doc-requirements.txt

diff --git a/.github/workflows/vuln-scan.yaml b/.github/workflows/vuln-scan.yaml
@@ -14,7 +14,6 @@ on:
     - cron: "0 0 * * *"
   workflow_dispatch:
 
-
 jobs:
   trivy_image_scan:
     if: github.repository == 'jupyterhub/zero-to-jupyterhub-k8s'
@@ -45,7 +44,7 @@ jobs:
           mkdir ./tmp
       - uses: actions/setup-python@v2
         with:
-          python-version: '3.8'
+          python-version: "3.8"
       - name: Install chartpress
         run: |
           pip install chartpress
@@ -72,11 +71,11 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: ${{ steps.image.outputs.spec }}
-          format: json  # ref: https://github.com/aquasecurity/trivy#save-the-results-as-json
+          format: json # ref: https://github.com/aquasecurity/trivy#save-the-results-as-json
           output: tmp/scan_1.json
           ignore-unfixed: true
-          severity: 'CRITICAL,HIGH'
-          exit-code: '1'
+          severity: "CRITICAL,HIGH"
+          exit-code: "1"
         # Keep running the subsequent steps of the job, they are made to
         # explicitly adjust based on this step's outcome.
         continue-on-error: true
@@ -96,10 +95,10 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: rebuilt-image
-          format: json  # ref: https://github.com/aquasecurity/trivy#save-the-results-as-json
+          format: json # ref: https://github.com/aquasecurity/trivy#save-the-results-as-json
           output: tmp/scan_2.json
           ignore-unfixed: true
-          severity: 'CRITICAL,HIGH'
+          severity: "CRITICAL,HIGH"
 
       # Analyze the scan reports. If they differ, we want to proceed and create
       # or update a PR. We use a hash from the final scan report as an
@@ -156,7 +155,7 @@ jobs:
           image-ref: rebuilt-image
           format: table
           ignore-unfixed: true
-          severity: 'CRITICAL,HIGH'
+          severity: "CRITICAL,HIGH"
 
       - name: Decision to not proceed
         if: steps.analyze.outputs.proceed == 'no'
@@ -192,7 +191,7 @@ jobs:
           title: "Vulnerability patch in ${{ matrix.image_ref }}"
           body: |
             A rebuild of `${{ steps.image.outputs.name }}` has been found to influence the detected vulnerabilities! This PR will trigger a rebuild because it has updated a comment in the Dockerfile.
-            
+
             ## About
             This scan for known vulnerabilities has been made by [aquasecurity/trivy](https://github.com/aquasecurity/trivy). Trivy was configured to filter the vulnerabilities with the following settings:
             - severity:       `CRITICAL,HIGH`

diff --git a/.pre-commit-config-shellcheck.yaml b/.pre-commit-config-shellcheck.yaml
@@ -0,0 +1,6 @@
+# See .pre-commit-config.yaml for more details.
+repos:
+  - repo: https://github.com/gruntwork-io/pre-commit
+    rev: v0.1.12
+    hooks:
+      - id: shellcheck
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,22 +1,44 @@
-# pre-commit is a tool to automatically do tasks before committing.
+# pre-commit is a tool to perform a predefined set of tasks manually and/or
+# automatically before git commits are made.
 #
 # Config reference: https://pre-commit.com/#pre-commit-configyaml---top-level
 #
+# Common tasks
+#
+# - Run on all files:   pre-commit run --all-files
+# - Register git hooks: pre-commit install --install-hooks
+#
+# About bash scripts autoformatting
+#
+# All hooks in this file can automatically be installed by pre-commit, but the
+# hook we want to use for bash script formatting, shellcheck, must be manually
+# installed. If needed, install it and run it using the link and snippet below.
+#
+#   https://github.com/koalaman/shellcheck#installing
+#
+#   pre-commit run --config .pre-commit-config-shellcheck.yaml --all-files
+#
 repos:
-  # Python code formatting
+  # Autoformat: Python code
   - repo: https://github.com/ambv/black
     rev: 20.8b1
     hooks:
       - id: black
         args: [--target-version=py36]
 
-  # Shell script code formatting
+  # Autoformat: Bash scripts
   - repo: https://github.com/lovesegfault/beautysh
     rev: 6.0.1
     hooks:
       - id: beautysh
 
-  # Reset changes by chartpress
+  # Autoformat: markdown, yaml (but not helm templates)
+  - repo: https://github.com/pre-commit/mirrors-prettier
+    rev: v2.2.1
+    hooks:
+      - id: prettier
+
+  # Reset Chart.yaml version and values.yaml image tags
   - repo: local
     hooks:
       - id: chartpress
@@ -26,3 +48,9 @@ repos:
         entry: chartpress --reset
         language: system
         pass_filenames: false
+
+  # Check chart for possible issues
+  - repo: https://github.com/gruntwork-io/pre-commit
+    rev: v0.1.10
+    hooks:
+      - id: helmlint
diff --git a/.prettierignore b/.prettierignore
@@ -0,0 +1 @@
+jupyterhub/templates/