Merge pull request #42 from RADAR-base/more-commit-hooks

More commit hooks

.github/workflows/pre-commit.yaml

@@ -12,7 +12,7 @@ jobs:
   pre-commit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Install devbox
         uses: jetify-com/[email protected]

.pre-commit-config.yaml

@@ -1,6 +1,19 @@
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
 repos:
+- repo: https://github.com/crate-ci/typos
+  rev: v1.28.4
+  hooks:
+  - id: typos
+- repo: https://github.com/codespell-project/codespell
+  rev: v2.2.4
+  hooks:
+  - id: codespell
+- repo: https://github.com/thlorenz/doctoc
+  rev: v2.2.0
+  hooks:
+  - id: doctoc
+    files: ^README.md$
 - repo: https://github.com/pre-commit/pre-commit-hooks
   rev: v5.0.0
   hooks:
@@ -35,6 +48,10 @@ repos:
     args:
     - --args=--quiet
     - --args=--download-external-modules False
+- repo: https://github.com/rhysd/actionlint
+  rev: v1.7.5
+  hooks:
+  - id: actionlint-system
 - repo: local
   hooks:
   - id: terraform-docs-cluster
@@ -49,3 +66,15 @@ repos:
     entry: terraform-docs markdown table config/
     pass_filenames: false
     files: 'config/'
+  - id: gitleaks
+    name: Run Gitleaks
+    language: system
+    entry: gitleaks dir --verbose
+    require_serial: true
+- repo: https://github.com/commitizen-tools/commitizen
+  rev: v4.1.0
+  hooks:
+  - id: commitizen
+  - id: commitizen-branch
+    stages: [pre-push]
+    args: [--rev-range, b8223c2d9c5368587ece45f19e36d5909afb8cce..HEAD]

README.md

@@ -7,6 +7,21 @@ This repository aims to provide [IaC](https://en.wikipedia.org/wiki/Infrastructu
 [![Lint and validate](https://github.com/RADAR-base/RADAR-K8s-Infrastructure/actions/workflows/pre-commit.yaml/badge.svg)](https://github.com/phidatalab/RADAR-K8s-Infrastructure/actions/workflows/pre-commit.yaml/badge.svg)
 [![Join our community Slack](https://img.shields.io/badge/slack-radarbase-success.svg?logo=slack)](https://docs.google.com/forms/d/e/1FAIpQLScKNZ-QonmxNkekDMLLbP-b_IrNHyDRuQValBy1BAsLOjEFpg/viewform)
 
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+
+- [Dependencies](#dependencies)
+- [Usage](#usage)
+  - [Workspaces](#workspaces)
+  - [Configure credentials](#configure-credentials)
+  - [Create the infrastructure](#create-the-infrastructure)
+  - [Connect to and verify the cluster](#connect-to-and-verify-the-cluster)
+  - [Configure the cluster (optional)](#configure-the-cluster-optional)
+  - [Contributing](#contributing)
+  - [Known limitations](#known-limitations)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
 # Dependencies
 
 [Terraform](https://developer.hashicorp.com/terraform/downloads) >= 1.7.0, < 1.8.0<br>
@@ -140,9 +155,11 @@ The dependencies and linting tools and managed via Devbox, you need to [install
 devbox shell
 ```
 
-To download all of the dependencies and install to Git hooks to lint the configuration before it is commited.
+To download all of the dependencies and install to Git hooks to lint the configuration before it is committed.
+
+In order to support new version of EKS you need to make sure the addons that we use are compatible with the new target version. You can get a list of addons and their EKS compatibility with running `aws eks describe-addons-versions` and then searching for the addons that are defined in [cluster/data.tf](./cluster/data.tf).
 
-In order to support new version of EKS you need to make sure the addons that we use are compatible with the new target version. You can get a list of addons and their EKS compatiblity with running `aws eks describe-addons-versions` and then searching for the addons that are defined in [cluster/data.tf](./cluster/data.tf).
+This project also uses [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) to have a standardized commit message. Please have a look and make sure your commit message follows that.
 
 ## Known limitations
 

cluster/iam.tf

@@ -177,5 +177,5 @@ resource "aws_iam_policy" "ecr_pull_through_cache" {
 
   tags = merge(tomap({ "Name" : "${var.eks_cluster_name}-ecr-pull-through-cache-policy" }), var.common_tags)
 
-  #checkov:skip=CKV_AWS_355,CKV_AWS_290: Temporarly skip these checks
+  #checkov:skip=CKV_AWS_355,CKV_AWS_290: Temporarily skip these checks
 }

config/variables.tf

@@ -105,7 +105,7 @@ variable "karpenter_version" {
 variable "radar_postgres_password" {
   type        = string
   description = "Password for the PostgreSQL database used by Radar components"
-  # Make sure to chage the default value when var.enable_rds is set to "true"
+  # Make sure to change the default value when var.enable_rds is set to "true"
   default   = "change_me"
   sensitive = true
 }

devbox.json

@@ -8,6 +8,12 @@
     "trivy@latest",
     "checkov@latest",
     "kubernetes-helm@latest",
+    "commitizen@latest",
+    "typos@latest",
+    "codespell@latest",
+    "doctoc@latest",
+    "gitleaks@latest",
+    "actionlint@latest",
   ],
   "shell": {
     "init_hook": [
@@ -21,7 +27,7 @@
         "cd $DEVBOX_PROJECT_ROOT/cluster && terraform apply",
         "aws eks update-kubeconfig --name `terraform output eks_cluster_name` --alias `terraform output eks_cluster_name` --role-arn `terraform output assume_eks_admins_role`",
         "kubectl --context `terraform output eks_cluster_name` get nodes",
-        "kubectl --context `terraform output eks_cluster_name` get pods -A"
+        "kubectl --context `terraform output eks_cluster_name` get pods -A",
       ],
       "install_config": [
         "cd $DEVBOX_PROJECT_ROOT/config && terraform apply",