From 44d263b2bfbc50d48628ff973081c6c1c534eb8c Mon Sep 17 00:00:00 2001 From: Andrii Ostapenko Date: Mon, 6 Jul 2020 14:19:39 -0500 Subject: [PATCH] Enable templates linting - braces - brackets - colons - commas - comments - hyphens - indentation - key-duplicates with corresponding code changes. Also disable enforcement for document-(start|end) rules and disables warnings to increase readability. * Unrestrict octal values rule since benefits of file modes readability exceed possible issues with yaml 1.2 adoption in future k8s versions. These issues will be addressed when/if they occur. Change-Id: Ic5e327cf40c4b09c90738baff56419a6cef132da Signed-off-by: Andrii Ostapenko --- barbican/templates/pod-test.yaml | 2 +- cinder/templates/deployment-api.yaml | 2 +- cinder/templates/deployment-backup.yaml | 2 +- cinder/templates/deployment-scheduler.yaml | 2 +- cinder/templates/deployment-volume.yaml | 3 +- heat/templates/secret-keystone.yaml | 10 +++--- magnum/templates/secret-keystone.yaml | 10 +++--- neutron/templates/pod-rally-test.yaml | 3 +- nova/templates/daemonset-compute.yaml | 2 +- nova/values.yaml | 3 -- nova/values_overrides/rocky-opensuse_15.yaml | 1 - placement/Chart.yaml | 2 +- placement/templates/deployment.yaml | 2 +- ...nge-memcache-backend-2d85a3c75b32db39.yaml | 2 +- senlin/templates/pod-test.yaml | 2 +- tests/pvc-test.yaml | 2 +- tools/gate/files/rally-reports.yaml | 2 +- .../backends/networking/bagpipe_bgp.yaml | 8 ++--- tox.ini | 15 +++++---- yamllint-templates.conf | 32 +++++++++++++++++++ yamllint.conf | 15 ++++----- 21 files changed, 74 insertions(+), 48 deletions(-) create mode 100644 yamllint-templates.conf diff --git a/barbican/templates/pod-test.yaml b/barbican/templates/pod-test.yaml index 2dd7f30fa0..acd68be9d1 100644 --- a/barbican/templates/pod-test.yaml +++ b/barbican/templates/pod-test.yaml @@ -38,7 +38,7 @@ spec: {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} restartPolicy: Never initContainers: -{{ tuple $envAll "tests" $mounts_barbican_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "tests" $mounts_barbican_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} containers: - name: barbican-test {{ tuple $envAll "scripted_test" | include "helm-toolkit.snippets.image" | indent 6 }} diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index e0c5643ff5..0a94d8196f 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -168,7 +168,7 @@ spec: secretName: cinder-etc defaultMode: 0444 {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} - #NOTE (portdirect): this will need to be set to a shared mount amongst all cinder + # NOTE (portdirect): this will need to be set to a shared mount amongst all cinder # pods for the coordination backend to be fully functional. - name: cinder-coordination emptyDir: {} diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml index af5be9f66f..39176fe6fe 100755 --- a/cinder/templates/deployment-backup.yaml +++ b/cinder/templates/deployment-backup.yaml @@ -243,7 +243,7 @@ spec: claimName: cinder-backup {{- end }} {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} - #NOTE (portdirect): this will need to be set to a shared mount amongst all cinder + # NOTE (portdirect): this will need to be set to a shared mount amongst all cinder # pods for the coordination backend to be fully functional. - name: cinder-coordination emptyDir: {} diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index 84803a3d2d..056ee13a92 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -117,7 +117,7 @@ spec: secretName: cinder-etc defaultMode: 0444 {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} - #NOTE (portdirect): this will need to be set to a shared mount amongst all cinder + # NOTE (portdirect): this will need to be set to a shared mount amongst all cinder # pods for the coordination backend to be fully functional. - name: cinder-coordination emptyDir: {} diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index f46e1a30f9..9559d2f3f4 100755 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -96,7 +96,6 @@ spec: mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }} {{ end }} - name: init-cinder-conf -{{ tuple $envAll "cinder_volume" | include "helm-toolkit.snippets.image" | indent 10 }} {{ dict "envAll" $envAll "application" "cinder_volume" "container" "init_cinder_conf" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -240,7 +239,7 @@ spec: secretName: {{ .Values.secrets.rbd.volume | quote }} {{ end }} {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} - #NOTE (portdirect): this will need to be set to a shared mount amongst all cinder + # NOTE (portdirect): this will need to be set to a shared mount amongst all cinder # pods for the coordination backend to be fully functional. - name: cinder-coordination emptyDir: {} diff --git a/heat/templates/secret-keystone.yaml b/heat/templates/secret-keystone.yaml index a1c293847e..d6758ce1d5 100644 --- a/heat/templates/secret-keystone.yaml +++ b/heat/templates/secret-keystone.yaml @@ -32,9 +32,9 @@ metadata: name: {{ $envAll.Values.secrets.identity.heat_stack_user }} type: Opaque data: - OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc | indent 4 }} - OS_REGION_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.region_name | b64enc | indent 4 }} - OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.domain_name | b64enc | indent 4 }} - OS_USERNAME: {{ .Values.endpoints.identity.auth.heat_stack_user.username | b64enc | indent 4 }} - OS_PASSWORD: {{ .Values.endpoints.identity.auth.heat_stack_user.password | b64enc | indent 4 }} + OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc }} + OS_REGION_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.region_name | b64enc }} + OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.domain_name | b64enc }} + OS_USERNAME: {{ .Values.endpoints.identity.auth.heat_stack_user.username | b64enc }} + OS_PASSWORD: {{ .Values.endpoints.identity.auth.heat_stack_user.password | b64enc }} {{- end }} diff --git a/magnum/templates/secret-keystone.yaml b/magnum/templates/secret-keystone.yaml index 2870dd597c..3bbc5e6fa5 100644 --- a/magnum/templates/secret-keystone.yaml +++ b/magnum/templates/secret-keystone.yaml @@ -32,9 +32,9 @@ metadata: name: {{ $envAll.Values.secrets.identity.magnum_stack_user }} type: Opaque data: - OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc | indent 4 }} - OS_REGION_NAME: {{ .Values.endpoints.identity.auth.magnum_stack_user.region_name | b64enc | indent 4 }} - OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.magnum_stack_user.domain_name | b64enc | indent 4 }} - OS_USERNAME: {{ .Values.endpoints.identity.auth.magnum_stack_user.username | b64enc | indent 4 }} - OS_PASSWORD: {{ .Values.endpoints.identity.auth.magnum_stack_user.password | b64enc | indent 4 }} + OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc }} + OS_REGION_NAME: {{ .Values.endpoints.identity.auth.magnum_stack_user.region_name | b64enc }} + OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.magnum_stack_user.domain_name | b64enc }} + OS_USERNAME: {{ .Values.endpoints.identity.auth.magnum_stack_user.username | b64enc }} + OS_PASSWORD: {{ .Values.endpoints.identity.auth.magnum_stack_user.password | b64enc }} {{- end }} diff --git a/neutron/templates/pod-rally-test.yaml b/neutron/templates/pod-rally-test.yaml index 042b9e954a..0fb96ece44 100644 --- a/neutron/templates/pod-rally-test.yaml +++ b/neutron/templates/pod-rally-test.yaml @@ -26,11 +26,10 @@ kind: Pod metadata: name: {{ print $envAll.Release.Name "-test" }} annotations: + "helm.sh/hook": test-success {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} labels: {{ tuple $envAll "neutron" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} - annotations: - "helm.sh/hook": test-success {{ dict "envAll" $envAll "podName" "neutron-test" "containerNames" (list "init" "neutron-test" "neutron-test-ks-user") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }} spec: nodeSelector: diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index f0708ef7b8..7e5d14aa79 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -88,7 +88,7 @@ spec: {{ dict "envAll" $envAll "application" "nova" "container" "nova_compute_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} env: - name: NOVA_USER_UID - value: "{{ .Values.pod.user.nova.uid }}" + value: "{{ .Values.pod.security_context.nova.pod.runAsUser }}" command: - /tmp/nova-compute-init.sh terminationMessagePath: /var/log/termination-log diff --git a/nova/values.yaml b/nova/values.yaml index 768e8abefe..7901591278 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -2335,9 +2335,6 @@ pod: enabled: True params: initialDelaySeconds: 30 - user: - nova: - uid: 42424 security_context: nova: pod: diff --git a/nova/values_overrides/rocky-opensuse_15.yaml b/nova/values_overrides/rocky-opensuse_15.yaml index c9f04d96de..88d2d2158d 100644 --- a/nova/values_overrides/rocky-opensuse_15.yaml +++ b/nova/values_overrides/rocky-opensuse_15.yaml @@ -24,5 +24,4 @@ images: nova_spiceproxy: "docker.io/openstackhelm/nova:rocky-opensuse_15" nova_spiceproxy_assets: "docker.io/openstackhelm/nova:rocky-opensuse_15" nova_service_cleaner: "docker.io/openstackhelm/ceph-config-helper:latest-opensuse_15" - ... diff --git a/placement/Chart.yaml b/placement/Chart.yaml index 1ea11071bc..c847b517a4 100644 --- a/placement/Chart.yaml +++ b/placement/Chart.yaml @@ -22,4 +22,4 @@ sources: - https://opendev.org/openstack/placement - https://opendev.org/openstack/openstack-helm maintainers: - - name: OpenStack-Helm Authors \ No newline at end of file + - name: OpenStack-Helm Authors diff --git a/placement/templates/deployment.yaml b/placement/templates/deployment.yaml index 1d63b34c5b..55154203d4 100644 --- a/placement/templates/deployment.yaml +++ b/placement/templates/deployment.yaml @@ -71,7 +71,7 @@ spec: - name: p-api containerPort: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} readinessProbe: - #NOTE(portdirect): use tcpSocket check as HTTP will return 401 + # NOTE(portdirect): use tcpSocket check as HTTP will return 401 tcpSocket: port: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} initialDelaySeconds: 15 diff --git a/releasenotes/notes/change-memcache-backend-2d85a3c75b32db39.yaml b/releasenotes/notes/change-memcache-backend-2d85a3c75b32db39.yaml index 5f3a9247b0..75be1099bc 100644 --- a/releasenotes/notes/change-memcache-backend-2d85a3c75b32db39.yaml +++ b/releasenotes/notes/change-memcache-backend-2d85a3c75b32db39.yaml @@ -3,4 +3,4 @@ other: - | memcache backend for nova has been changed from oslo_cache.memcache_pool to dogpile.cache.memcached. You can revert to previous behaviour by - setting conf.nova.cache.backend to "oslo_cache.memcache_pool". \ No newline at end of file + setting conf.nova.cache.backend to "oslo_cache.memcache_pool". diff --git a/senlin/templates/pod-test.yaml b/senlin/templates/pod-test.yaml index 5ec967f071..05a65cfd86 100644 --- a/senlin/templates/pod-test.yaml +++ b/senlin/templates/pod-test.yaml @@ -36,7 +36,7 @@ spec: {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} restartPolicy: Never initContainers: -{{ tuple $envAll "tests" $mounts_senlin_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "tests" $mounts_senlin_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} containers: - name: {{.Release.Name}}-senlin-test {{ tuple $envAll "scripted_test" | include "helm-toolkit.snippets.image" | indent 6 }} diff --git a/tests/pvc-test.yaml b/tests/pvc-test.yaml index 6c4a6850df..65f278eb7a 100644 --- a/tests/pvc-test.yaml +++ b/tests/pvc-test.yaml @@ -45,7 +45,7 @@ metadata: name: ceph-test spec: storageClassName: general - accessModes: [ "ReadWriteOnce" ] + accessModes: ["ReadWriteOnce"] resources: requests: storage: 1Gi diff --git a/tools/gate/files/rally-reports.yaml b/tools/gate/files/rally-reports.yaml index 70edcd2048..3c11107e53 100644 --- a/tools/gate/files/rally-reports.yaml +++ b/tools/gate/files/rally-reports.yaml @@ -28,4 +28,4 @@ spec: claimName: pvc-rally - name: rally-data hostPath: - path: /tmp/rally-data \ No newline at end of file + path: /tmp/rally-data diff --git a/tools/overrides/backends/networking/bagpipe_bgp.yaml b/tools/overrides/backends/networking/bagpipe_bgp.yaml index 7a82e29f45..ae2d8a95dd 100644 --- a/tools/overrides/backends/networking/bagpipe_bgp.yaml +++ b/tools/overrides/backends/networking/bagpipe_bgp.yaml @@ -13,10 +13,10 @@ conf: extensions: bagpipe_bgpvpn bagpipe_bgp: bgp: - local_address: 192.168.143.88 # IP address for mpls/gre tunnels - peers: 192.168.143.96 # IP addresses of BGP peers - my_as: 23242 # Autonomous System number - enable_rtc: true # Enable RT Constraint (RFC4684) + local_address: 192.168.143.88 # IP address for mpls/gre tunnels + peers: 192.168.143.96 # IP addresses of BGP peers + my_as: 23242 # Autonomous System number + enable_rtc: true # Enable RT Constraint (RFC4684) common: root_helper: sudo /var/lib/openstack/bin/neutron-rootwrap /etc/neutron/rootwrap.conf api: diff --git a/tox.ini b/tox.ini index d8c71ad2c7..99969b6925 100644 --- a/tox.ini +++ b/tox.ini @@ -22,12 +22,15 @@ whitelist_externals = rm [testenv:lint] -deps = yamllint +deps = + yq + yamllint commands = - bash -c "rm -rf {toxinidir}/.yamllint" - bash -c "mkdir -p {toxinidir}/.yamllint" - bash -c "cp -r $(ls {toxinidir}) {toxinidir}/.yamllint/" - bash -c "find {toxinidir}/.yamllint -type f -exec sed -i 's/%%%.*/XXX/g' \{\} +" - bash -c "yamllint -c {toxinidir}/yamllint.conf {toxinidir}/.yamllint/*/values* {toxinidir}/yamllint.conf" + rm -rf .yamllint + bash -c 'if [ ! -d ../openstack-helm-infra ]; then\ + git clone https://opendev.org/openstack/openstack-helm-infra ../openstack-helm-infra;\ + fi' + bash ../openstack-helm-infra/tools/gate/lint.sh whitelist_externals = + rm bash diff --git a/yamllint-templates.conf b/yamllint-templates.conf new file mode 100644 index 0000000000..d833c5b094 --- /dev/null +++ b/yamllint-templates.conf @@ -0,0 +1,32 @@ +--- + +yaml-files: +- '*.yaml' +- '*.yml' +- '.yamllint' + +rules: + braces: enable + brackets: enable + colons: enable + commas: enable + comments: enable + comments-indentation: disable + document-end: disable + document-start: disable + empty-lines: disable + empty-values: disable + hyphens: enable + indentation: + spaces: 2 + indent-sequences: whatever + key-duplicates: enable + key-ordering: disable + line-length: disable + new-line-at-end-of-file: disable + new-lines: disable + octal-values: disable + quoted-strings: disable + trailing-spaces: disable + truthy: disable +... diff --git a/yamllint.conf b/yamllint.conf index 912533f01c..62ff69c417 100644 --- a/yamllint.conf +++ b/yamllint.conf @@ -11,13 +11,11 @@ rules: colons: enable commas: enable comments: enable - comments-indentation: - level: warning - document-end: enable - document-start: enable + comments-indentation: disable + document-end: disable + document-start: disable empty-lines: enable - empty-values: - level: warning + empty-values: disable hyphens: enable indentation: spaces: 2 @@ -27,9 +25,8 @@ rules: line-length: disable new-line-at-end-of-file: enable new-lines: enable - octal-values: enable + octal-values: disable quoted-strings: disable trailing-spaces: enable - truthy: - level: warning + truthy: disable ...