From 0996cfbf67222b39c2aadfa83c03e475d4b58cd6 Mon Sep 17 00:00:00 2001 From: Ian Fijolek Date: Wed, 2 Nov 2022 12:32:27 -0700 Subject: [PATCH] Update hooks --- .pre-commit-config.yaml | 16 ++++++++++------ .secrets-baseline | 2 +- .tflint.hcl | 7 +++++++ core/blocky/blocky.tf | 4 ++-- core/metrics/metrics.tf | 8 +------- core/traefik/traefik.tf | 2 +- requirements.txt | 2 +- root.tf | 4 ++++ services/backups/backups.tf | 4 ++-- services/nextcloud/nextcloud.tf | 2 +- storage_plugins/democratic-csi.tf | 12 ++++++------ 11 files changed, 36 insertions(+), 27 deletions(-) create mode 100644 .tflint.hcl diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f069db3..5743630 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,22 +1,26 @@ --- repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.64.1 + rev: v1.76.0 hooks: - id: terraform_fmt - id: terraform_validate - - id: terraform_providers_lock - # - id: terraform_tflint - # - id: terraform_tfsec + args: + - --tf-init-args=-lockfile=readonly + - id: terraform_tflint + args: + - --args=--config=__GIT_WORKING_DIR__/.tflint.hcl + - id: terraform_tfsec + # - id: terraform_providers_lock - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.1.0 + rev: v4.3.0 hooks: - id: check-added-large-files - id: check-merge-conflict - id: end-of-file-fixer - id: trailing-whitespace - repo: https://github.com/Yelp/detect-secrets - rev: v1.2.0 + rev: v1.4.0 hooks: - id: detect-secrets args: ['--baseline', '.secrets-baseline'] diff --git a/.secrets-baseline b/.secrets-baseline index 400bce6..1f28b5e 100644 --- a/.secrets-baseline +++ b/.secrets-baseline @@ -1,5 +1,5 @@ { - "version": "1.2.0", + "version": "1.4.0", "plugins_used": [ { "name": "ArtifactoryDetector" diff --git a/.tflint.hcl b/.tflint.hcl new file mode 100644 index 0000000..c62c1b5 --- /dev/null +++ b/.tflint.hcl @@ -0,0 +1,7 @@ +rule "terraform_required_version" { + enabled = false +} + +rule "terraform_required_providers" { + enabled = false +} diff --git a/core/blocky/blocky.tf b/core/blocky/blocky.tf index 9765d7e..1a9e6f2 100644 --- a/core/blocky/blocky.tf +++ b/core/blocky/blocky.tf @@ -8,7 +8,7 @@ locals { config_data = templatefile( "${path.module}/config.yml", { - "base_hostname" = "${var.base_hostname}", + "base_hostname" = var.base_hostname, } ) } @@ -17,7 +17,7 @@ resource "nomad_job" "blocky" { hcl2 { enabled = true vars = { - "config_data" = "${local.config_data}", + "config_data" = local.config_data, } } diff --git a/core/metrics/metrics.tf b/core/metrics/metrics.tf index 7f0a991..229ab2b 100644 --- a/core/metrics/metrics.tf +++ b/core/metrics/metrics.tf @@ -6,12 +6,6 @@ resource "nomad_job" "exporters" { jobspec = file("${path.module}/exporters.nomad") } -data "consul_nodes" "all-nodes" { - query_options { - datacenter = "dc1" - } -} - resource "nomad_job" "prometheus" { hcl2 { enabled = true @@ -26,7 +20,7 @@ resource "nomad_job" "grafana" { } jobspec = templatefile("${path.module}/grafana.nomad", { - module_path = "${path.module}" + module_path = path.module }) } diff --git a/core/traefik/traefik.tf b/core/traefik/traefik.tf index ea17fdd..fe3827a 100644 --- a/core/traefik/traefik.tf +++ b/core/traefik/traefik.tf @@ -8,7 +8,7 @@ resource "nomad_job" "traefik" { hcl2 { enabled = true vars = { - "base_hostname" = "${var.base_hostname}", + "base_hostname" = var.base_hostname, } } diff --git a/requirements.txt b/requirements.txt index 9b9c138..3e760e8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ pre-commit -detect-secrets==1.2.0 +detect-secrets==1.4.0 # This should match what is in .pre-commit-config.yaml ansible python-consul hvac diff --git a/root.tf b/root.tf index 94a9246..acb0148 100644 --- a/root.tf +++ b/root.tf @@ -10,3 +10,7 @@ # module "storage_plugins" { # source = "./storage_plugins" # } + +terraform { + required_version = ">=1.2.9" +} diff --git a/services/backups/backups.tf b/services/backups/backups.tf index f62e0b8..e26a628 100644 --- a/services/backups/backups.tf +++ b/services/backups/backups.tf @@ -1,6 +1,6 @@ resource "nomad_job" "backups" { jobspec = templatefile("${path.module}/backup.nomad", { - module_path = "${path.module}", + module_path = path.module, batch_node = null, }) } @@ -18,7 +18,7 @@ resource "nomad_job" "backups-oneoff" { # node.node_name # ]) jobspec = templatefile("${path.module}/backup.nomad", { - module_path = "${path.module}", + module_path = path.module, batch_node = each.key, }) } diff --git a/services/nextcloud/nextcloud.tf b/services/nextcloud/nextcloud.tf index 98520c9..68379b8 100644 --- a/services/nextcloud/nextcloud.tf +++ b/services/nextcloud/nextcloud.tf @@ -6,7 +6,7 @@ resource "nomad_job" "nextcloud" { hcl2 { enabled = true vars = { - "backup_config" = "${local.backup_config}", + "backup_config" = local.backup_config, } } diff --git a/storage_plugins/democratic-csi.tf b/storage_plugins/democratic-csi.tf index 6dba3b5..a4d12b0 100644 --- a/storage_plugins/democratic-csi.tf +++ b/storage_plugins/democratic-csi.tf @@ -28,9 +28,9 @@ resource "nomad_job" "storage-controller" { hcl2 { enabled = true vars = { - "image_name" = "${var.image_name}", - "csi_version" = "${var.csi_version}", - "config_data" = "${local.democratic_nfs_config}" + "image_name" = var.image_name, + "csi_version" = var.csi_version, + "config_data" = local.democratic_nfs_config } } @@ -41,9 +41,9 @@ resource "nomad_job" "storage-node" { hcl2 { enabled = true vars = { - "image_name" = "${var.image_name}", - "csi_version" = "${var.csi_version}", - "config_data" = "${local.democratic_nfs_config}" + "image_name" = var.image_name, + "csi_version" = var.csi_version, + "config_data" = local.democratic_nfs_config } }