squash

ci: when hadolint: DL3047 chore(deps): update dependency jinja2 to v2.11.3 (#1) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> chore(deps): update dependency pykeepass to v4.1.0 (#2) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> Syntax Test chore(deps): update dependency jinja2 to v3.1.4 (#3) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> t d fdgh 3 r dd dff ff df ff dfdf ff todo dd dd ff ff chore(deps): update woodpeckerci/plugin-git docker tag to v2.5.1 (#5) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> pip extra pykeepass==4.0.3 ff ff f apackages dd ff ff ff --root-user-action--root-user-action dd ff ff ff gg ff chore(deps): update dependency ansible-dev-tools to v24.7.2 (#6) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> chore(deps): update dependency ansible-manage-lvm to v0.2.12 (#7) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> chore(deps): update dependency community.crypto to v2.21.1 (#8) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> chore(deps): update docker docker tag to v27.1.0 (#9) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> chore(deps): update dependency ansible_role_gitea to v3.5.0 (#10) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> ffd d chore(deps): update docker docker tag to v27.1.1 (#11) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> ff f dd dd ff dsfsa dd chore(deps): update dependency pykeepass to v4.1.0 (#12) Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> H
2024-07-09 22:35:14 +02:00 · 2024-07-09 22:35:14 +02:00 · 73c15af7b4
commit 73c15af7b4
6 changed files with 192 additions and 0 deletions
--- a/.woodpecker/build.yml
+++ b/.woodpecker/build.yml
@ -0,0 +1,61 @@
+---
+depends_on:
+  - lint
+
+clone:
+  git:
+    image: "woodpeckerci/plugin-git:2.5.1"
+    settings:
+      depth: 9999 # wird benötigt um die Commits zählen zu können
+      lfs: false
+      partial: false
+
+steps:
+  set_variables:
+    image: "registry.mgrote.net/allzweckcontainer:latest"
+    commands:
+      # set version
+      - |
+        MAJOR="1"
+        MINOR="0"
+        PATCH="$(git rev-list --count "$CI_COMMIT_BRANCH")"
+        VERSION="v$MAJOR.$MINOR.$PATCH"
+        if [ "$CI_COMMIT_BRANCH" != "main" ] && [ "$CI_COMMIT_BRANCH" != "master" ]; then
+            VERSION=$VERSION-dev
+        fi
+        echo "VERSION=$VERSION" >> .variables
+      # set date
+      - |
+        DATE=$(date --iso-8601=seconds)
+        echo "DATE=$DATE" >> .variables
+    when:
+      - event: [push, pull_request, cron, manual]
+        evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
+
+  build_and_push: # damit dieser Step laufen kann muss das Repo in der Woodpecker-GUI "privilegiert" sein
+    image: "docker:27.1.1"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    commands:
+      - cat .variables
+      - source .variables
+      # https://unix.stackexchange.com/questions/748633/error-multiple-platforms-feature-is-currently-not-supported-for-docker-driver
+      - docker buildx create --use --platform=linux/amd64 --name multi-platform-builder
+      - docker buildx inspect --bootstrap
+      - |
+        docker buildx build \
+        --platform=linux/amd64 \
+        --push \
+        --tag registry.mgrote.net/${CI_REPO_NAME}:${CI_COMMIT_SHA:0:8} \
+        --tag registry.mgrote.net/${CI_REPO_NAME}:${CI_COMMIT_BRANCH} \
+        --tag registry.mgrote.net/${CI_REPO_NAME}:latest \
+        --tag registry.mgrote.net/${CI_REPO_NAME}:$VERSION \
+        --label org.opencontainers.image.url=$CI_REPO_URL \
+        --label org.opencontainers.image.source=$CI_REPO_URL \
+        --label org.opencontainers.image.revision=$CI_COMMIT_SHA \
+        --label org.opencontainers.image.created=$DATE \
+        --file Dockerfile .
+    when:
+      - event: [push, pull_request, cron, manual]
+        evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
+...
--- a/.woodpecker/lint.yml
+++ b/.woodpecker/lint.yml
@ -0,0 +1,33 @@
+---
+steps:
+  gitleaks:
+    image: zricethezav/gitleaks:v8.18.4
+    commands:
+      - gitleaks detect --no-git --verbose --source $CI_WORKSPACE
+    when:
+      - event: [push, pull_request, cron]
+        evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
+
+  hadolint:
+    image: pipelinecomponents/hadolint:0.26.4
+    commands:
+      - hadolint Dockerfile
+    when:
+      - event: [push, pull_request, cron]
+        evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
+
+  shellcheck:
+    image: "koalaman/shellcheck-alpine:v0.10.0"
+    commands:
+      - |
+        find . -type f -not -path './.git/*' -not -path './collections/*' -exec file {} \; | while IFS= read -r line; do
+          if echo "$line" | grep -q "shell script"; then
+            file_path=$(echo "$line" | awk -F':' '{print $1}')
+            shellcheck "$file_path"
+          fi
+        done
+    when:
+      - event: [push, pull_request, cron]
+        evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
+        #ss
+...
--- a/39
+++ b/39
@ -0,0 +1,39 @@
+FROM python:3.12.4-bookworm
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+WORKDIR /
+COPY requirements.txt .
+COPY requirements.yaml .
+
+# hadolint ignore=DL3013
+RUN python3 -m pip install --no-cache-dir --upgrade pip \
+	&& python3 -m pip install --no-cache-dir -r requirements.txt
+
+RUN ansible-galaxy install -r requirements.yaml --roles-path=/ansible/roles
+
+# hadolint ignore=DL3008
+RUN apt-get update \
+	&& apt-get -y --no-install-recommends install \
+	  vim \
+		tmux \
+		htop \
+		git \
+		dnsutils \
+		mc \
+		ca-certificates \
+		tree \
+		wget \
+		curl \
+		whois \
+		net-tools \
+		apt-transport-https \
+		moreutils \
+		acl \
+		ripgrep \
+		pwgen \
+		keychain \
+		bc \
+		jq \
+	&& rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/* requirements.txt requirements.yaml\
+	&& apt-get clean
--- a/renovate.json
+++ b/renovate.json
@ -0,0 +1,13 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    ":dependencyDashboard",
+    ":semanticPrefixFixDepsChoreOthers",
+    ":ignoreModulesAndTests",
+    "group:monorepos",
+    "group:recommended",
+    "replacements:all",
+    "workarounds:all",
+    "mergeConfidence:all-badges"
+  ]
+}
--- a/requirements.txt
+++ b/requirements.txt
@ -0,0 +1,4 @@
+pykeepass==4.1.0
+jmespath==1.0.1
+ansible==10.2.0
+ansible-dev-tools==24.7.2
--- a/requirements.yaml
+++ b/requirements.yaml
@ -0,0 +1,42 @@
+collections:
+  - name: community.general
+    version: "9.2.0"
+  - name: community.crypto
+    version: "2.21.1"
+  - name: ansible.posix
+    version: "1.5.4"
+  - name: community.docker
+    version: "3.11.0"
+  - name: viczem.keepass
+    version: "0.7.5"
+roles:
+  - name: ansible-role-bootstrap
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-bootstrap
+    version: "7.0.2"
+  - name: ansible-ufw
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-ufw
+    version: "v4.1.13"
+  - name: ansible-manage-lvm
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-manage-lvm
+    version: "v0.2.12"
+  - name: ansible-role-unattended-upgrades
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-unattended-upgrades
+    version: "v4.6.0"
+  - name: ansible-role-pip
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-pip
+    version: "3.0.3"
+  - name: ansible-role-nfs
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-nfs
+    version: "2.0.0"
+  - name: ansible-role-docker
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-docker
+    version: "7.1.0"
+  - name: ansible_role_ctop
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible_role_ctop
+    version: "1.1.6"
+  - name: ansible_role_gitea
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible_role_gitea
+    version: "v3.5.0"
+  - name: ansible-role-postgresql
+    src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-postgresql
+    version: "3.5.2"