Skip to content

Commit

Permalink
style: update and rerun precommit over the repo
Browse files Browse the repository at this point in the history
  • Loading branch information
iranzo committed Oct 26, 2022
1 parent f1761a3 commit 1e2ad4d
Show file tree
Hide file tree
Showing 39 changed files with 593 additions and 531 deletions.
2 changes: 2 additions & 0 deletions .isort.cfg
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[settings]
known_third_party =
154 changes: 94 additions & 60 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,68 +1,102 @@
---
fail_fast: true
repos:
- repo: meta
hooks:
- id: check-useless-excludes
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v2.2.1
hooks:
- id: prettier
files: \.(css|js|md|markdown|json)
- repo: https://github.com/python/black
rev: 20.8b1
hooks:
- id: black
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.4.0
hooks:
- id: check-added-large-files
- id: check-ast
- id: check-case-conflict
- id: check-executables-have-shebangs
- id: check-json
- id: check-merge-conflict
- id: check-symlinks
- id: check-vcs-permalinks
- id: check-xml
- id: check-yaml
- hooks:
- id: commitizen
stages:
- commit-msg
repo: https://github.com/commitizen-tools/commitizen
rev: v2.35.0
- hooks:
- id: check-useless-excludes
repo: meta
- hooks:
- files: \.(css|js|md|markdown|json)
id: prettier
repo: https://github.com/pre-commit/mirrors-prettier
rev: v3.0.0-alpha.3
- hooks:
- id: seed-isort-config
repo: https://github.com/asottile/seed-isort-config
rev: v2.2.0
- hooks:
- id: isort
repo: https://github.com/pre-commit/mirrors-isort
rev: v5.10.1
- hooks:
- id: black
repo: https://github.com/python/black
rev: 22.10.0
- hooks:
- id: check-added-large-files
- id: check-ast
- id: check-case-conflict
- id: check-executables-have-shebangs
- id: check-json
- id: check-merge-conflict
- id: check-symlinks
- id: check-vcs-permalinks
- id: debug-statements
- id: check-xml
- args:
- --unsafe
id: check-yaml
- id: end-of-file-fixer
- id: forbid-new-submodules
- args:
- --branch
- gh-pages
id: no-commit-to-branch
- id: requirements-txt-fixer
- id: sort-simple-yaml
- id: trailing-whitespace
- id: mixed-line-ending
- id: detect-private-key
- id: check-byte-order-marker
- id: check-docstring-first
repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.3.0
- hooks:
- id: flake8
repo: https://gitlab.com/pycqa/flake8
rev: 3.9.2
- hooks:
- additional_dependencies:
- mvdan.cc/sh/v3/cmd/[email protected]
args:
- --unsafe
- id: end-of-file-fixer
- id: fix-encoding-pragma
- id: forbid-new-submodules
- id: no-commit-to-branch
args:
- --branch
- gh-pages
- id: requirements-txt-fixer
- id: sort-simple-yaml
- id: trailing-whitespace
- repo: https://gitlab.com/pycqa/flake8
rev: 3.9.0
hooks:
- id: flake8
- repo: local
hooks:
- id: shfmt
name: shfmt
minimum_pre_commit_version: 2.4.0
language: golang
additional_dependencies:
- mvdan.cc/sh/v3/cmd/[email protected]
- -w
- -i
- "2"
- -s
entry: shfmt
args:
- -w
- -i
- '2'
id: shfmt
language: golang
minimum_pre_commit_version: 2.4.0
name: shfmt
types:
- shell
- repo: https://github.com/asottile/blacken-docs
rev: v1.10.0
- shell
repo: local
- hooks:
- id: blacken-docs
repo: https://github.com/asottile/blacken-docs
rev: v1.12.1

# - repo: https://github.com/asottile/pyupgrade
# rev: v2.38.0
# hooks:
# - id: pyupgrade
# args: [--py39-plus]

- repo: https://github.com/jumanjihouse/pre-commit-hook-yamlfmt
rev: 0.2.2 # or other specific tag
hooks:
- id: blacken-docs
- repo: https://github.com/hcodes/yaspeller.git
rev: v7.0.0
- id: yamlfmt
args: [--mapping, '2', --sequence, '4', --offset, '2', '--preserve-quotes']


- repo: https://github.com/hcodes/yaspeller.git
rev: v8.0.1
hooks:
- id: yaspeller
- id: yaspeller
types:
- markdown
- markdown
63 changes: 31 additions & 32 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,6 @@ Using default/api-foobar-example-com:6443/system:admin context
> If your kubeconfig file doesn't have the proper permissions you may get the error "KUBECONFIG not set".
> In that case verify that the kubeconfig file has read permissions for the user that is used inside the container or just `chmod o+r kubeconfig` in your host.

### Build your own container

You can build your own container with the included
Expand Down Expand Up @@ -96,29 +95,29 @@ in the [info](./info), [checks](./checks) or [ssh](./ssh) directories.

### Checks

| Script | Description |
| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- |
| [alertmanager](checks/alertmanager) | Checks if there are warning or error alerts firing |
| [bz1948052](checks/bz1948052) | Checks if the node is using a kernel version affected by [BZ1948052](https://bugzilla.redhat.com/show_bug.cgi?id=1948052) |
| [chronyc](checks/chronyc) | Checks if the worker clocks are synced using chronyc |
| [clusterversion_errors](checks/clusterversion_errors) | Checks if there are clusterversion errors |
| [csr](checks/csr) | Checks if there are pending csr |
| [ctrlnodes](checks/ctrlnodes) | Checks if any controller nodes have had the NoSchedule taint removed |
| [entropy](checks/entropy) | Checks if the workers have enough entropy |
| [iptables-22623-22624](checks/iptables-22623-22624) | Checks if the nodes iptables rules are blocking 22623/tpc or 22624/tcp |
| [mcp](checks/mcp) | Checks if there are degraded mcp |
| [mellanox-firmware-version](checks/mellanox-firmware-version) | Checks if the nodes' Mellanox Connect-4 firmware version is below the recommended version. |
| [nodes](checks/nodes) | Checks if there are not ready or not schedulable nodes |
| [notrunningpods](checks/notrunningpods) | Checks if there are not running pods |
| [operators](checks/operators) | Checks if there are operators in 'bad' state |
| [pdb](checks/pdb) | Checks if there are PodDisruptionBudgets with 0 disruptions allowed |
| [port-thrasing](checks/port-thrasing) | Checks if there are OVN pods thrasing |
| [pvc](checks/pvc) | Checks if there are persistent volume claims that are not bound |
| [restarts](checks/restarts) | Checks if there are pods restarted > `n` times (10 by default) |
| [sriov](checks/sriov) | Checks if the SR-IOV network state is synced |
| [terminating](checks/terminating) | Checks if there are pods terminating |
| [ovn-pods-memory-usage](checks/ovn-pods-memory-usage) | Checks if the memory usage of the OVN pods is under the LIMIT threshold |
| [zombies](checks/zombies) | Checks if more than 5 zombie processes exist on the hosts |
| Script | Description |
| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- |
| [alertmanager](checks/alertmanager) | Checks if there are warning or error alerts firing |
| [bz1948052](checks/bz1948052) | Checks if the node is using a kernel version affected by [BZ1948052](https://bugzilla.redhat.com/show_bug.cgi?id=1948052) |
| [chronyc](checks/chronyc) | Checks if the worker clocks are synced using chronyc |
| [clusterversion_errors](checks/clusterversion_errors) | Checks if there are clusterversion errors |
| [csr](checks/csr) | Checks if there are pending csr |
| [ctrlnodes](checks/ctrlnodes) | Checks if any controller nodes have had the NoSchedule taint removed |
| [entropy](checks/entropy) | Checks if the workers have enough entropy |
| [iptables-22623-22624](checks/iptables-22623-22624) | Checks if the nodes iptables rules are blocking 22623/tpc or 22624/tcp |
| [mcp](checks/mcp) | Checks if there are degraded mcp |
| [mellanox-firmware-version](checks/mellanox-firmware-version) | Checks if the nodes' Mellanox Connect-4 firmware version is below the recommended version. |
| [nodes](checks/nodes) | Checks if there are not ready or not schedulable nodes |
| [notrunningpods](checks/notrunningpods) | Checks if there are not running pods |
| [operators](checks/operators) | Checks if there are operators in 'bad' state |
| [pdb](checks/pdb) | Checks if there are PodDisruptionBudgets with 0 disruptions allowed |
| [port-thrasing](checks/port-thrasing) | Checks if there are OVN pods thrasing |
| [pvc](checks/pvc) | Checks if there are persistent volume claims that are not bound |
| [restarts](checks/restarts) | Checks if there are pods restarted > `n` times (10 by default) |
| [sriov](checks/sriov) | Checks if the SR-IOV network state is synced |
| [terminating](checks/terminating) | Checks if there are pods terminating |
| [ovn-pods-memory-usage](checks/ovn-pods-memory-usage) | Checks if the memory usage of the OVN pods is under the LIMIT threshold |
| [zombies](checks/zombies) | Checks if more than 5 zombie processes exist on the hosts |

### SSH Checks

Expand Down Expand Up @@ -156,14 +155,14 @@ in the [info](./info), [checks](./checks) or [ssh](./ssh) directories.

### Environment variables

| Environment variable | Default value | Description |
| -------------------- | ---------------------------------------------------- | --------------------------------------------------------------------------------- |
| INTEL_IDS | 8086:158b | Intel device IDs to check for firmware. Can be overridden for non-supported NICs. |
| OCDEBUGIMAGE | registry.redhat.io/rhel8/support-tools:latest | Used by `oc debug`. |
| OSETOOLSIMAGE | registry.redhat.io/openshift4/ose-tools-rhel8:latest | Used by `oc debug` in [ethtool-firmware-version](info/ethtool-firmware-version) |
| RESTART_THRESHOLD | 10 | Used by the [restarts](checks/restarts) script. |
| THRASING_THRESHOLD | 10 | Used by the [port-thrashing](checks/port-thrashing) script. |
| PARALLELJOBS | 1 | By default, all the `oc debug` commands run in a serial fashion, unless this variable is set >1 |
| Environment variable | Default value | Description |
| -------------------- | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- |
| INTEL_IDS | 8086:158b | Intel device IDs to check for firmware. Can be overridden for non-supported NICs. |
| OCDEBUGIMAGE | registry.redhat.io/rhel8/support-tools:latest | Used by `oc debug`. |
| OSETOOLSIMAGE | registry.redhat.io/openshift4/ose-tools-rhel8:latest | Used by `oc debug` in [ethtool-firmware-version](info/ethtool-firmware-version) |
| RESTART_THRESHOLD | 10 | Used by the [restarts](checks/restarts) script. |
| THRASING_THRESHOLD | 10 | Used by the [port-thrashing](checks/port-thrashing) script. |
| PARALLELJOBS | 1 | By default, all the `oc debug` commands run in a serial fashion, unless this variable is set >1 |
| OVN_MEMORY_LIMIT | 5000 | Used by the [ovn-pods-memory-usage](checks/ovn-pods-memory-usage) script to set the maximum memory LIMIT (in Mi) to trigger the warning. |

### About firmware version
Expand Down
2 changes: 1 addition & 1 deletion checks/bz1948052
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ if oc auth can-i get nodes >/dev/null 2>&1; then
if [ ! -z "${ERRORFILE}" ]; then
echo $errors >${ERRORFILE}
fi
if [[ "$error" == true ]]; then
if [[ $error == true ]]; then
exit ${OCERROR}
else
exit ${OCOK}
Expand Down
7 changes: 4 additions & 3 deletions checks/chronyc
Original file line number Diff line number Diff line change
Expand Up @@ -3,22 +3,23 @@
[ -z ${UTILSFILE} ] && source $(echo "$(dirname ${0})/../utils")

tmperrorfile=$(mktemp)
echo 0 > $tmperrorfile
echo 0 >$tmperrorfile

if oc auth can-i debug node >/dev/null 2>&1; then
msg "Collecting NTP data... (${BLUE}using oc debug, it can take a while${NOCOLOR})"
# shellcheck disable=SC2016
for node in $(oc get nodes -o go-template='{{range .items}}{{$node := .}}{{range .status.conditions}}{{if eq .type "Ready"}}{{if eq .status "True"}}node/{{$node.metadata.name}}{{"\n"}}{{end}}{{end}}{{end}}{{end}}'); do
# See https://medium.com/@robert.i.sandor/getting-started-with-parallelization-in-bash-e114f4353691
((i=i%PARALLELJOBS)); ((i++==0)) && wait
((i = i % PARALLELJOBS))
((i++ == 0)) && wait
(
# shellcheck disable=2016
if ! SOURCES=$(oc debug --image="${OCDEBUGIMAGE}" "${node}" -- chroot /host sh -c 'chronyc activity' 2>/dev/null | awk '/sources online/ { print $1 }'); then
msg "${ORANGE}Error running oc debug in ${node}${NOCOLOR}"
else
if [ -n "${SOURCES}" ] && [ "${SOURCES}" -lt 1 ]; then
msg "${RED}Clock doesn't seem to be synced in ${node}${NOCOLOR}"
echo 1 > $tmperrorfile
echo 1 >$tmperrorfile
fi
fi
) &
Expand Down
2 changes: 1 addition & 1 deletion checks/clusterversion_errors
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ if oc auth can-i get clusterversion >/dev/null 2>&1; then
if [ ! -z "${ERRORFILE}" ]; then
echo $errors >${ERRORFILE}
fi
if [[ "$error" == true ]]; then
if [[ $error == true ]]; then
exit ${OCERROR}
else
exit ${OCOK}
Expand Down
2 changes: 1 addition & 1 deletion checks/csr
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ if oc auth can-i get csr >/dev/null 2>&1; then
if [ ! -z "${ERRORFILE}" ]; then
echo $errors >${ERRORFILE}
fi
if [[ "$error" == true ]]; then
if [[ $error == true ]]; then
exit ${OCERROR}
else
exit ${OCOK}
Expand Down
2 changes: 1 addition & 1 deletion checks/ctrlnodes
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ if oc auth can-i get nodes >/dev/null 2>&1; then
if [ ! -z "${ERRORFILE}" ]; then
echo $errors >${ERRORFILE}
fi
if [[ "$error" == true ]]; then
if [[ $error == true ]]; then
exit ${OCERROR}
else
exit ${OCOK}
Expand Down
7 changes: 4 additions & 3 deletions checks/entropy
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,22 @@
[ -z ${UTILSFILE} ] && source $(echo "$(dirname ${0})/../utils")

tmperrorfile=$(mktemp)
echo 0 > $tmperrorfile
echo 0 >$tmperrorfile

if oc auth can-i debug node >/dev/null 2>&1; then
msg "Collecting entropy data... (${BLUE}using oc debug, it can take a while${NOCOLOR})"
# shellcheck disable=SC2016
for node in $(oc get nodes -o go-template='{{range .items}}{{$node := .}}{{range .status.conditions}}{{if eq .type "Ready"}}{{if eq .status "True"}}node/{{$node.metadata.name}}{{"\n"}}{{end}}{{end}}{{end}}{{end}}'); do
# See https://medium.com/@robert.i.sandor/getting-started-with-parallelization-in-bash-e114f4353691
((i=i%PARALLELJOBS)); ((i++==0)) && wait
((i = i % PARALLELJOBS))
((i++ == 0)) && wait
(
if ! ENTROPY=$(oc debug --image="${OCDEBUGIMAGE}" "${node}" -- chroot /host sh -c 'cat /proc/sys/kernel/random/entropy_avail' 2>/dev/null); then
msg "${ORANGE}Error running oc debug in ${node}${NOCOLOR}"
else
if [ -n "${ENTROPY}" ] && [ "${ENTROPY}" -lt 200 ]; then
msg "${RED}Low entropy in ${node}${NOCOLOR}"
echo 1 > $tmperrorfile
echo 1 >$tmperrorfile
fi
fi
) &
Expand Down
Loading

0 comments on commit 1e2ad4d

Please sign in to comment.