diff --git a/.drone.yml b/.drone.yml index 98318a51..dd2f7bb7 100644 --- a/.drone.yml +++ b/.drone.yml @@ -3,6 +3,6 @@ type: kubernetes name: default steps: - name: kubeval - image: garethr/kubeval + image: registry.gitlab.com/pipeline-components/yamllint commands: - - kubeval --ignore-missing-schemas -d ./flux/ + - yamllint -c .yamllint.taml . diff --git a/.yamllint.yaml b/.yamllint.yaml new file mode 100644 index 00000000..efbcd467 --- /dev/null +++ b/.yamllint.yaml @@ -0,0 +1,24 @@ +--- +ignore: | + charts/ + docs/ + .private/ + .terraform/ + .vscode/ + gotk-components.yaml +extends: default +rules: + empty-lines: + max-end: 1 + truthy: + allowed-values: ["true", "false", "on"] + comments: + min-spaces-from-content: 1 + line-length: disable + braces: + min-spaces-inside: 0 + max-spaces-inside: 1 + brackets: + min-spaces-inside: 0 + max-spaces-inside: 0 + indentation: enable diff --git a/flux/cluster/apps/authentik/external-secret.yaml b/flux/cluster/apps/authentik/external-secret.yaml index e7a2abfa..a7789afc 100644 --- a/flux/cluster/apps/authentik/external-secret.yaml +++ b/flux/cluster/apps/authentik/external-secret.yaml @@ -11,7 +11,7 @@ spec: target: name: authentik data: - - secretKey: secret_key - remoteRef: - key: authentik/authentik - property: secret_key + - secretKey: secret_key + remoteRef: + key: authentik/authentik + property: secret_key diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 559e6673..5860d27e 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -5,7 +5,7 @@ metadata: namespace: authentik spec: interval: 1m0s - chart: + chart: spec: # renovate: registryUrl=https://charts.goauthentik.io chart: authentik diff --git a/flux/cluster/apps/gitops/drone/external-secret.yaml b/flux/cluster/apps/gitops/drone/external-secret.yaml index b8f2845a..11894ddc 100644 --- a/flux/cluster/apps/gitops/drone/external-secret.yaml +++ b/flux/cluster/apps/gitops/drone/external-secret.yaml @@ -11,17 +11,17 @@ spec: target: name: drone data: - - secretKey: DRONE_RPC_SECRET - remoteRef: - key: gitops/drone - property: drone_rpc_secret + - secretKey: DRONE_RPC_SECRET + remoteRef: + key: gitops/drone + property: drone_rpc_secret - - secretKey: DRONE_GITEA_CLIENT_ID - remoteRef: - key: gitops/drone - property: drone_gitea_client_id + - secretKey: DRONE_GITEA_CLIENT_ID + remoteRef: + key: gitops/drone + property: drone_gitea_client_id - - secretKey: DRONE_GITEA_CLIENT_SECRET - remoteRef: - key: gitops/drone - property: drone_gitea_client_secret + - secretKey: DRONE_GITEA_CLIENT_SECRET + remoteRef: + key: gitops/drone + property: drone_gitea_client_secret diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml index e9b29b12..0d5cd558 100644 --- a/flux/cluster/apps/gitops/drone/runner.yaml +++ b/flux/cluster/apps/gitops/drone/runner.yaml @@ -24,6 +24,6 @@ spec: tag: 1.0.0-rc.3 rbac: buildNamespaces: - - drone-build + - drone-build env: DRONE_NAMESPACE_DEFAULT: drone-build diff --git a/flux/cluster/apps/gitops/renovate/external-secret.yaml b/flux/cluster/apps/gitops/renovate/external-secret.yaml index 854c4a80..23606bce 100644 --- a/flux/cluster/apps/gitops/renovate/external-secret.yaml +++ b/flux/cluster/apps/gitops/renovate/external-secret.yaml @@ -11,11 +11,11 @@ spec: target: name: renovate data: - - secretKey: RENOVATE_TOKEN - remoteRef: - key: gitops/renovate - property: gitea_token - - secretKey: GITHUB_COM_TOKEN - remoteRef: - key: gitops/renovate - property: github_token + - secretKey: RENOVATE_TOKEN + remoteRef: + key: gitops/renovate + property: gitea_token + - secretKey: GITHUB_COM_TOKEN + remoteRef: + key: gitops/renovate + property: github_token diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 837386bd..24b048e4 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -87,7 +87,7 @@ data: "ghcr.io/fluxcd/image-reflector-controller", "ghcr.io/fluxcd/kustomize-controller", "ghcr.io/fluxcd/notification-controller", - "ghcr.io/fluxcd/source-controller" + "ghcr.io/fluxcd/source-controller" ], "regexManagers": [ { diff --git a/flux/cluster/apps/networking/kustomization.yaml b/flux/cluster/apps/networking/kustomization.yaml index 0ad868a3..8f492af6 100644 --- a/flux/cluster/apps/networking/kustomization.yaml +++ b/flux/cluster/apps/networking/kustomization.yaml @@ -1,4 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: +resources: - traefik diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 3df4b2bc..5842d6a5 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -59,7 +59,7 @@ spec: experimental: plugins: enabled: false - affinity: {} + affinity: {} providers: kubernetesCRD: enabled: true diff --git a/flux/cluster/apps/olympus/umami/external-secret.yaml b/flux/cluster/apps/olympus/umami/external-secret.yaml index 49a91f16..213a9450 100644 --- a/flux/cluster/apps/olympus/umami/external-secret.yaml +++ b/flux/cluster/apps/olympus/umami/external-secret.yaml @@ -11,7 +11,7 @@ spec: target: name: umami data: - - secretKey: HASH_SALT - remoteRef: - key: olympus/umami - property: hash_salt + - secretKey: HASH_SALT + remoteRef: + key: olympus/umami + property: hash_salt diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml index 50d9f4fd..375dad1e 100644 --- a/flux/cluster/apps/olympus/umami/ingress.yaml +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -7,13 +7,13 @@ metadata: traefik.ingress.kubernetes.io/router.middlewares: olympus-umamijs@kubernetescrd spec: rules: - - host: "msg.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: umami - port: - number: 80 + - host: "msg.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: umami + port: + number: 80 diff --git a/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml b/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml index fd2d56df..c839834c 100644 --- a/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml +++ b/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml @@ -16,10 +16,10 @@ spec: app: wooloofan-club spec: containers: - - name: wooloofan-club - image: 0x76/wooloofan.club - ports: - - containerPort: 80 + - name: wooloofan-club + image: 0x76/wooloofan.club + ports: + - containerPort: 80 --- apiVersion: apps/v1 kind: Deployment @@ -39,10 +39,10 @@ spec: app: wooloofan-club-whoami spec: containers: - - name: wooloofan-club-whoami - image: containous/whoami - ports: - - containerPort: 80 + - name: wooloofan-club-whoami + image: containous/whoami + ports: + - containerPort: 80 --- apiVersion: v1 kind: Service @@ -76,23 +76,23 @@ metadata: spec: ingressClassName: "traefik" rules: - - host: "wooloofan.club" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: wooloofan-club-service - port: - number: 80 - - host: "whoami.wooloofan.club" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: wooloofan-club-whoami-service - port: - number: 80 + - host: "wooloofan.club" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wooloofan-club-service + port: + number: 80 + - host: "whoami.wooloofan.club" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wooloofan-club-whoami-service + port: + number: 80 diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml index a2a2499a..fac7c6f0 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -11,23 +11,23 @@ spec: target: name: zookeeper data: - - secretKey: DISCORD_APP_ID - remoteRef: - key: presidential-paradise/zookeeper - property: discord_app_id - - secretKey: DISCORD_PUBLIC_KEY - remoteRef: - key: presidential-paradise/zookeeper - property: discord_public_key - - secretKey: DISCORD_TOKEN - remoteRef: - key: presidential-paradise/zookeeper - property: discord_token - - secretKey: TWITTER_TOKEN - remoteRef: - key: presidential-paradise/zookeeper - property: twitter_token - - secretKey: RELEASE_COOKIE - remoteRef: - key: presidential-paradise/zookeeper - property: erlang_cookie + - secretKey: DISCORD_APP_ID + remoteRef: + key: presidential-paradise/zookeeper + property: discord_app_id + - secretKey: DISCORD_PUBLIC_KEY + remoteRef: + key: presidential-paradise/zookeeper + property: discord_public_key + - secretKey: DISCORD_TOKEN + remoteRef: + key: presidential-paradise/zookeeper + property: discord_token + - secretKey: TWITTER_TOKEN + remoteRef: + key: presidential-paradise/zookeeper + property: twitter_token + - secretKey: RELEASE_COOKIE + remoteRef: + key: presidential-paradise/zookeeper + property: erlang_cookie diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml index 7f9d7fe6..44a42803 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -5,13 +5,13 @@ metadata: namespace: presidential-paradise spec: rules: - - host: "zookeeper.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: zookeeper - port: - number: 8085 + - host: "zookeeper.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: zookeeper + port: + number: 8085 diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml index d5dc285c..e6ec808d 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml @@ -6,10 +6,10 @@ metadata: spec: clusterIP: None ports: - - name: epmd - port: 4369 - targetPort: epmd - protocol: TCP + - name: epmd + port: 4369 + targetPort: epmd + protocol: TCP selector: app: zookeeper --- @@ -20,8 +20,8 @@ metadata: namespace: presidential-paradise spec: ports: - - name: http - targetPort: web - port: 8085 + - name: http + targetPort: web + port: 8085 selector: app: zookeeper diff --git a/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml b/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml index 42c052f0..d370ea66 100644 --- a/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml +++ b/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml @@ -1,5 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- image-update-automation.yaml -- zookeeper.yaml + - image-update-automation.yaml + - zookeeper.yaml diff --git a/flux/cluster/base/flux-system/kustomization.yaml b/flux/cluster/base/flux-system/kustomization.yaml index fb0f20c8..c3635442 100644 --- a/flux/cluster/base/flux-system/kustomization.yaml +++ b/flux/cluster/base/flux-system/kustomization.yaml @@ -1,8 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- gotk-components.yaml -- gotk-sync.yaml -- xirion-registry-creds.yaml -- image-update-automation -- charts + - gotk-components.yaml + - gotk-sync.yaml + - xirion-registry-creds.yaml + - image-update-automation + - charts diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index 00c89d3e..652b06c7 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -28,4 +28,3 @@ spec: sourceRef: kind: GitRepository name: external-secrets-crd-source -