From 642d06dfb03c74683b3eea6a28a59622a81a1b31 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Wed, 6 Jan 2021 15:49:12 +0200
Subject: [PATCH] pre-commit.
- Adding checks.
- Add to CI.
- Address issues.
---
.envrc | 0
.gitlab-ci.yml | 7 ++-
.pre-commit-config.yaml | 89 ++++++++++++++++++++++++++++++++
README.md | 10 ++--
content/ansible-example-role.rst | 2 +-
content/ansible-modules.rst | 2 +-
content/ansible-python.rst | 2 +-
content/bundle_certs.rst | 4 +-
content/docker_tcp_socket.rst | 2 +-
content/pelican.rst | 38 +++++++-------
content/pre-commit.rst | 2 +-
content/resolver.rst | 2 +-
content/shell_binary_bundle.rst | 8 +--
content/ssl.rst | 2 +-
pelicanconf.py | 32 ++++++------
publishconf.py | 7 +--
16 files changed, 152 insertions(+), 57 deletions(-)
mode change 100755 => 100644 .envrc
create mode 100644 .pre-commit-config.yaml
diff --git a/.envrc b/.envrc
old mode 100755
new mode 100644
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index af20ce5..ebed5db 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,6 +2,10 @@
variables:
GIT_SUBMODULE_STRATEGY: recursive
+include:
+ - project: shore/ci-templates
+ file: templates/pre-commit.yml
+
build:
tags: ["host01.shore.co.il"]
script:
@@ -15,4 +19,5 @@ build:
--volume "/var/www/www.shore.co.il/blog:/builds/nimrod/blog/output"
--workdir "$PWD"
adarnimrod/ci-images:python3
- /bin/sh -xc "pipenv --python=python3 install && pipenv run clean && pipenv run build"
+ /bin/sh -xc
+ "pipenv --python=python3 install && pipenv run clean && pipenv run build"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..942ae71
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,89 @@
+---
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v3.4.0
+ hooks:
+ - id: check-executables-have-shebangs
+ - id: check-merge-conflict
+ - id: check-toml
+ files: Pipfile
+ - id: trailing-whitespace
+
+ - repo: https://github.com/Yelp/detect-secrets
+ rev: v0.14.3
+ hooks:
+ - id: detect-secrets
+ exclude: Pipfile\.lock
+
+ - repo: https://github.com/adrienverge/yamllint
+ rev: v1.25.0
+ hooks:
+ - id: yamllint
+
+ - repo: https://github.com/amperser/proselint/
+ rev: 0.10.2
+ hooks:
+ - id: proselint
+ types: [plain-text]
+ exclude: LICENSE
+
+ - repo: https://github.com/ambv/black
+ rev: 20.8b1
+ hooks:
+ - id: black
+ args:
+ - |
+ --line-length=79
+
+ - repo: https://github.com/Lucas-C/pre-commit-hooks-markup
+ rev: v1.0.1
+ hooks:
+ - id: rst-linter
+ exclude: spam\.rst
+
+ - repo: https://github.com/myint/rstcheck.git
+ rev: master
+ hooks:
+ - id: rstcheck
+
+ - repo: https://github.com/PyCQA/prospector
+ rev: 1.3.1
+ hooks:
+ - id: prospector
+ args:
+ - |-
+ --max-line-length=79
+ - |-
+ --with-tool=pyroma
+ - |-
+ --with-tool=bandit
+ - |-
+ --without-tool=pep257
+ - |-
+ --doc-warnings
+ - |-
+ --test-warnings
+ - |-
+ --full-pep8
+ - |-
+ --strictness=high
+ - |-
+ --no-autodetect
+ additional_dependencies:
+ - bandit
+ - pyroma
+
+ - repo: https://gitlab.com/pycqa/flake8.git
+ rev: 3.8.4
+ hooks:
+ - id: flake8
+ args:
+ - |-
+ --doctests
+ additional_dependencies:
+ - flake8-bugbear
+
+ - repo: https://github.com/executablebooks/mdformat.git
+ rev: 0.5.3
+ hooks:
+ - id: mdformat
diff --git a/README.md b/README.md
index 45f114d..3c15961 100644
--- a/README.md
+++ b/README.md
@@ -40,11 +40,11 @@ pipenv run clean
This software and content are licensed under the
[Creative Commons - Attribution-NonCommercial-NoDerivatives 4.0 International license](https://creativecommons.org/licenses/by/4.0/)
-(see `LICENSE.txt).
+(see `LICENSE.txt`).
## Author Information
-Nimrod Adar, [contact me](mailto:nimrod@shore.co.il) or visit my [website](
-https://www.shore.co.il/). Patches are welcome via [`git send-email`](
-http://git-scm.com/book/en/v2/Git-Commands-Email). The repository is located
-at: <https://git.shore.co.il/explore>.
+Nimrod Adar, [contact me](mailto:nimrod@shore.co.il) or visit my
+[website](https://www.shore.co.il/). Patches are welcome via
+[`git send-email`](http://git-scm.com/book/en/v2/Git-Commands-Email). The repository
+is located at: <https://git.shore.co.il/expore/>.
diff --git a/content/ansible-example-role.rst b/content/ansible-example-role.rst
index bde1d31..72aeb59 100644
--- a/content/ansible-example-role.rst
+++ b/content/ansible-example-role.rst
@@ -12,7 +12,7 @@ inspired by Test-kitchen and the tests can be written using `Testinfra
<http://testinfra.readthedocs.io/>`_ which in turn is using `pytest
<http://pytest.org/>`_. The reasons for me to choose this combination is that
the tools are written in Python and that they're focused on Ansible. However I
-quickly grew tired of copying files from role to role or making the same
+quickly grew tired of copying files from role to role or making the same
changes to files again and again. So in that spirit I created a new Git repo
with an empty Ansible role (no tasks, variables, handlers etc.) but has all of
my changes and tweaks already applied and working tests out of the box.
diff --git a/content/ansible-modules.rst b/content/ansible-modules.rst
index 43e30b2..9004026 100644
--- a/content/ansible-modules.rst
+++ b/content/ansible-modules.rst
@@ -44,7 +44,7 @@ example
git push
Really, not that complicated. The only magic (undocumented) bit is creating a
-:code:`__init__.py` file inside the :code:`library` directory, which is a
+:code:`__init__.py` file inside the :code:`library` directory, which is a
shame that the Ansible documentation doesn't cover that. If you want to see a
real-life example, checkout my `ansible-playbooks
<https://git.shore.co.il/ansible/ansible-playbooks.git>`_ and `ansible-modules
diff --git a/content/ansible-python.rst b/content/ansible-python.rst
index fbcc1d6..75d4ef2 100644
--- a/content/ansible-python.rst
+++ b/content/ansible-python.rst
@@ -50,7 +50,7 @@ a list of all of our server's ip addresses.
Putting that information to good use
------------------------------------
-
+
Now that we have a list of the ip addresses, we can start running Ansible
commands right from with Python (just like we did) or build a playbook by
outputting a YAML file. I chose the latter.
diff --git a/content/bundle_certs.rst b/content/bundle_certs.rst
index 11d51a2..cda7df6 100644
--- a/content/bundle_certs.rst
+++ b/content/bundle_certs.rst
@@ -1,4 +1,4 @@
-bundle_certs
+bundle certs
############
:date: 2016-03-02
@@ -42,7 +42,7 @@ One solution I thought of is creating a base template repository that all
others are forked from. The upside is if I change something in the base
repository I can fetch it in all other repositories. The downside is not all
repositories are the same (different license, programming language, pre-commit
-and git hooks).
+and git hooks).
Another option I know of are tools that manage a specific aspect of the repo,
for example the license, or :code:`.gitignore`.
diff --git a/content/docker_tcp_socket.rst b/content/docker_tcp_socket.rst
index b7436ae..4857ca0 100644
--- a/content/docker_tcp_socket.rst
+++ b/content/docker_tcp_socket.rst
@@ -19,4 +19,4 @@ is to override Systemd' socket activation config. Here's how (all command are as
echo '[Socket]' > /etc/systemd/system/docker.socket.d/tcp.conf
echo 'ListenStream=2375' >> /etc/systemd/system/docker.socket.d/tcp.conf
systemctl daemon-reload
- systemctl restart docker
+ systemctl restart docker
diff --git a/content/pelican.rst b/content/pelican.rst
index 3cd15d2..b107dce 100644
--- a/content/pelican.rst
+++ b/content/pelican.rst
@@ -37,28 +37,28 @@ Create a blog directory and an empty blog ::
This script will help you create a new Pelican-based website.
Please answer the following questions so this script can generate the files
needed by Pelican.
-
-
- > Where do you want to create your new web site? [.]
+
+
+ > Where do you want to create your new web site? [.]
> What will be the title of this web site? My Blog
> Who will be the author of this web site? <Insert you name here>
- > What will be the default language of this web site? [en]
- > Do you want to specify a URL prefix? e.g., http://example.com (Y/n)
+ > What will be the default language of this web site? [en]
+ > Do you want to specify a URL prefix? e.g., http://example.com (Y/n)
> What is your URL prefix? (see above example; no trailing slash) <Insert blog URL without trailing slash>
- > Do you want to enable article pagination? (Y/n)
- > How many articles per page do you want? [10]
- > Do you want to generate a Fabfile/Makefile to automate generation and publishing? (Y/n)
- > Do you want an auto-reload & simpleHTTP script to assist with theme and site development? (Y/n)
- > Do you want to upload your website using FTP? (y/N)
+ > Do you want to enable article pagination? (Y/n)
+ > How many articles per page do you want? [10]
+ > Do you want to generate a Fabfile/Makefile to automate generation and publishing? (Y/n)
+ > Do you want an auto-reload & simpleHTTP script to assist with theme and site development? (Y/n)
+ > Do you want to upload your website using FTP? (y/N)
> Do you want to upload your website using SSH? (y/N) y
> What is the hostname of your SSH server? [localhost] <Insert SSH server address>
- > What is the port of your SSH server? [22]
+ > What is the port of your SSH server? [22]
> What is your username on that server? [root] <Insert SSH username>
> Where do you want to put your web site on that server? [/var/www] <Insert full path to your blog's directory>
- > Do you want to upload your website using Dropbox? (y/N)
- > Do you want to upload your website using S3? (y/N)
- > Do you want to upload your website using Rackspace Cloud Files? (y/N)
- > Do you want to upload your website using GitHub Pages? (y/N)
+ > Do you want to upload your website using Dropbox? (y/N)
+ > Do you want to upload your website using S3? (y/N)
+ > Do you want to upload your website using Rackspace Cloud Files? (y/N)
+ > Do you want to upload your website using GitHub Pages? (y/N)
Done. Your new project is available at blog
Since Pelican uses OpenSSH, you can use servers defined in your SSH preferences. Now, lets configure the blog to our liking.
@@ -80,8 +80,8 @@ In the blog directory there are the 2 configuration files: pelicanconf.py for co
And to publishconf.py: ::
CATEGORY_FEED_ATOM = None
-
-I've set the timezone to mine (so that the time of published articles is correct), add everything under contents/static as static contents to be uploaded to the server, disabled showing of categories of articles and creating feeds for them, disabled saving of articles by tags and set pages (which are simple web pages unlike articles which are blog entries) to show on the menu. Next, themes.
+
+I've set the timezone to mine (so that the time of published articles is correct), add everything under contents/static as static contents to be uploaded to the server, disabled showing of categories of articles and creating feeds for them, disabled saving of articles by tags and set pages (which are simple web pages unlike articles which are blog entries) to show on the menu. Next, themes.
Themes
------
@@ -107,13 +107,13 @@ Create a ReStructuredText file inside of contents. The filename is for personal
:slug: this-will-the-filename
:author: <Insert your name here>
:summary: <Insert summary here>
-
+
After we added the content we want to upload it to our web server (I use fabric)
.. code:: shell
fab publish
-
+
If you don't have keys set for the server it will ask you for your password to the server.
Last thing, you can create pages, create a pages directory inside contents and save the files there. Their format is the same as articles but they'll have a somewhat template applied and they will be shown in the menu. A good example will an 'About Me' page.
diff --git a/content/pre-commit.rst b/content/pre-commit.rst
index 6525fcd..91e2a2d 100644
--- a/content/pre-commit.rst
+++ b/content/pre-commit.rst
@@ -15,7 +15,7 @@ My view on testing
------------------
I find that Pre-commit suites my view on proportionate testing. The smaller the
-change, the faster the test (and as a result, more trivial). Personally, I
+change, the faster the test (and as a result, more trivial). Personally, I
prefer to structure my work as small commits that are easier to revert, these
deserve fast (and more trivial) tests which Pre-commit provides. The bigger the
change, the more rigorous (and thus longer) the test. In my opinion this helps
diff --git a/content/resolver.rst b/content/resolver.rst
index f28bd59..1a2ec09 100644
--- a/content/resolver.rst
+++ b/content/resolver.rst
@@ -23,7 +23,7 @@ To create a new container:
docker run -it adarnimrod/resolver
-Inside the container you have access to :code:`nslookup`, :code:`dig` and
+Inside the container you have access to :code:`nslookup`, :code:`dig` and
:code:`mail` for testing purposes. If you need to test new changes,
:code:`exit` the container and create a new one with no cache.
diff --git a/content/shell_binary_bundle.rst b/content/shell_binary_bundle.rst
index 4219672..c03b435 100644
--- a/content/shell_binary_bundle.rst
+++ b/content/shell_binary_bundle.rst
@@ -6,9 +6,9 @@ Bundling a binary file into a shell script
When creating an auto-scaling group in EC2 I often try to package the deployment
script into the user data. Installing some packaged software is easy to do but
-bundling configuration files that are needed is less straightforward.
+bundling configuration files that are needed is less straightforward.
If the files are not confidential in any way, I either clone a Git repository
-or download a tarball from our static assets domain. But this leads to a
+or download a tarball from our static assets domain. But this leads to a
dependency on external services and a slightly more complex deployment
procedure. A few days ago I was faced with the same options again but it didn't
sit right with me to do all this for a couple of files that are a few K's in
@@ -21,7 +21,7 @@ First version
I searched and found an article in the `Linux Journal
<http://www.linuxjournal.com/content/add-binary-payload-your-shell-scripts>`_
that seemed to show what I wanted to (and seems to be copied everywhere). You
-could download a single file that was a shell script with the binary blob
+could download a single file that was a shell script with the binary blob
inside. Your usage will be close to this
.. code:: shell
@@ -46,7 +46,7 @@ to what I wanted. The code I wrote is available on my `GitLab instance
The implementation works as follows. The bundle has the script at the start of
the file with the encoded binary at the end. The shell executes the script part
-(which ends with exit as to not continue any further, causing errors) and
+(which ends with exit as to not continue any further, causing errors) and
:code:`uudecode` only starts processing after it sees the relevant header. The
script feeds itself to :code:`uudecode` (:code:`uudecode "$0"`) which decodes
the binary and outputs it to disk which the script can then use. The code has
diff --git a/content/ssl.rst b/content/ssl.rst
index 18365d5..cca0cff 100644
--- a/content/ssl.rst
+++ b/content/ssl.rst
@@ -27,7 +27,7 @@ What are we left with?
Since modern browser browsers that support SSL 3.0 support TLS 1.0, we'll be using TLS 1.0 or newer. Any AES cipher (AES-GCM preferred) with ECDH key exchange (preferred) or DH key exchange and SHA2 (preferred) or SHA1 hashes and disable compression. On my server (OpenBSD firewall/ load-balancer/ SSL terminator and reverse-proxy) with the included OpenSSL and Nginx the configuration is as followed ::
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers !kRSA:!3DES:!RC4:!DES:!MD5:!aNULL:!NULL:AESGCM+ECDH:AES256+ECDH:AES128:+SHA1;
ssl_prefer_server_ciphers on;
diff --git a/pelicanconf.py b/pelicanconf.py
index 643b2b4..f809b6d 100644
--- a/pelicanconf.py
+++ b/pelicanconf.py
@@ -1,18 +1,18 @@
# -*- coding: utf-8 -*- #
from __future__ import unicode_literals
-AUTHOR = 'Nimrod Adar'
-SITENAME = 'My notes and ramblings'
-SITEURL = 'http://localhost:8080'
+AUTHOR = "Nimrod Adar"
+SITENAME = "My notes and ramblings"
+SITEURL = "http://localhost:8080"
-PATH = 'content'
+PATH = "content"
-TIMEZONE = 'Asia/Jerusalem'
+TIMEZONE = "Asia/Jerusalem"
-DEFAULT_LANG = 'en'
+DEFAULT_LANG = "en"
# Feed generation is usually not desired when developing
-FEED_ALL_ATOM = 'feeds/all.atom.xml'
+FEED_ALL_ATOM = "feeds/all.atom.xml"
CATEGORY_FEED_ATOM = None
TRANSLATION_FEED_ATOM = None
AUTHOR_FEED_ATOM = None
@@ -25,18 +25,18 @@ DEFAULT_PAGINATION = 3
# Uncomment following line if you want document-relative URLs when developing
RELATIVE_URLS = True
-DIRECT_TEMPLATES = ('index', 'archives')
+DIRECT_TEMPLATES = ("index", "archives")
DISPLAY_CATEGORIES_ON_MENU = False
DISPLAY_PAGES_ON_MENU = True
-MENUITEMS = (('Code', 'https://git.shore.co.il/explore/'),)
+MENUITEMS = (("Code", "https://git.shore.co.il/explore/"),)
THEME = "./pelican-mockingbird"
-TAGS_SAVE_AS = ''
-TAG_SAVE_AS = ''
-STATIC_PATHS = ['static']
-ARTICLE_URL = '{slug}/'
+TAGS_SAVE_AS = ""
+TAG_SAVE_AS = ""
+STATIC_PATHS = ["static"]
+ARTICLE_URL = "{slug}/"
DELETE_OUTPUT_DIRECTORY = True
-SLUGIFY_SOURCE = 'basename'
-ARTICLE_SAVE_AS = '{slug}/index.html'
+SLUGIFY_SOURCE = "basename"
+ARTICLE_SAVE_AS = "{slug}/index.html"
-LOCALE = ('C.UTF-8')
+LOCALE = "C.UTF-8"
diff --git a/publishconf.py b/publishconf.py
index 7d457ea..962aa0d 100644
--- a/publishconf.py
+++ b/publishconf.py
@@ -5,9 +5,10 @@ from __future__ import unicode_literals
import os
import sys
+
sys.path.append(os.curdir)
-from pelicanconf import *
+from pelicanconf import * # noqa: E402,F401,F403
-SITEURL = 'https://www.shore.co.il/blog'
+SITEURL = "https://www.shore.co.il/blog"
RELATIVE_URLS = False
-PLUGINS = ('minification',)
+PLUGINS = ("minification",)
--
GitLab