Skip to content

Commit

Permalink
fix: make linter happy
Browse files Browse the repository at this point in the history
  • Loading branch information
@meysam81
meysam81 committed Oct 6, 2024
1 parent f2f353c commit 23b7876
Show file tree
Hide file tree
Showing 19 changed files with 166 additions and 163 deletions.
1 change: 1 addition & 0 deletions .github/FUNDING.yml
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
---
github:
- meysam81
7 changes: 4 additions & 3 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
---
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
- package-ecosystem: github-actions
directory: /
schedule:
interval: "weekly"
interval: weekly
5 changes: 3 additions & 2 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
name: ci

concurrency:
Expand All @@ -9,7 +10,7 @@ on:
branches:
- main
tags:
- "v*"
- v*
pull_request:
branches:
- main
Expand Down Expand Up @@ -54,7 +55,7 @@ jobs:
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: "trivy-results.sarif"
sarif_file: trivy-results.sarif

test:
if: github.event_name == 'push' || github.event_name == 'pull_request'
Expand Down
3 changes: 2 additions & 1 deletion .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0
hooks:
- id: check-added-large-files
args: ["--maxkb=800"]
args: [--maxkb=800]
- id: check-ast
- id: check-executables-have-shebangs
- id: check-json
Expand Down
1 change: 1 addition & 0 deletions oathkeeper/base/clusterrole.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down
1 change: 1 addition & 0 deletions oathkeeper/base/clusterrolebinding.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
Expand Down
249 changes: 117 additions & 132 deletions oathkeeper/base/crds.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand All @@ -11,153 +12,137 @@ spec:
singular: rule
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: Rule is the Schema for the rules API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RuleSpec defines the desired state of Rule
properties:
authenticators:
items:
description: Authenticator represents a handler that authenticates
provided credentials.
- name: v1alpha1
schema:
openAPIV3Schema:
description: Rule is the Schema for the rules API
properties:
apiVersion:
description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal

Check failure on line 21 in oathkeeper/base/crds.yml

View workflow job for this annotation

GitHub Actions / ansible-lint

yaml[line-length] 

Line too long (169 > 160 characters)
value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"

Check failure on line 22 in oathkeeper/base/crds.yml

View workflow job for this annotation

GitHub Actions / ansible-lint

yaml[line-length] 

Line too long (164 > 160 characters)
type: string
kind:
description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits

Check failure on line 25 in oathkeeper/base/crds.yml

View workflow job for this annotation

GitHub Actions / ansible-lint

yaml[line-length] 

Line too long (165 > 160 characters)
requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"

Check failure on line 26 in oathkeeper/base/crds.yml

View workflow job for this annotation

GitHub Actions / ansible-lint

yaml[line-length] 

Line too long (169 > 160 characters)
type: string
metadata:
type: object
spec:
description: RuleSpec defines the desired state of Rule
properties:
authenticators:
items:
description: Authenticator represents a handler that authenticates provided credentials.
properties:
config:
description: Config configures the handler. Configuration keys vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Name is the name of a handler
type: string
required:
- handler
type: object
type: array
authorizer:
description: Authorizer represents a handler that authorizes the subject ("user") from the previously validated credentials making the request.

Check failure on line 49 in oathkeeper/base/crds.yml

View workflow job for this annotation

GitHub Actions / ansible-lint

yaml[line-length] 

Line too long (161 > 160 characters)
properties:
config:
description: Config configures the handler. Configuration keys
vary per handler.
description: Config configures the handler. Configuration keys vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Name is the name of a handler
type: string
required:
- handler
- handler
type: object
type: array
authorizer:
description: Authorizer represents a handler that authorizes the subject
("user") from the previously validated credentials making the request.
properties:
config:
description: Config configures the handler. Configuration keys
vary per handler.
configMapName:
description: ConfigMapName points to the K8s ConfigMap that contains these rules
maxLength: 253
minLength: 1
pattern: "[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*"
type: string
errors:
items:
description: Error represents a handler that is responsible for executing logic when an error happens.
properties:
config:
description: Config configures the handler. Configuration keys vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Name is the name of a handler
type: string
required:
- handler
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Name is the name of a handler
type: string
required:
- handler
type: object
configMapName:
description: ConfigMapName points to the K8s ConfigMap that contains
these rules
maxLength: 253
minLength: 1
pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
type: string
errors:
items:
description: Error represents a handler that is responsible for
executing logic when an error happens.
type: array
match:
description: Match defines the URL(s) that an access rule should match.
properties:
config:
description: Config configures the handler. Configuration keys
vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Name is the name of a handler
methods:
description: Methods represent an array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...)
items:
type: string
type: array
url:
description: URL is the URL that should be matched. It supports regex templates.
type: string
required:
- handler
- methods
- url
type: object
type: array
match:
description: Match defines the URL(s) that an access rule should match.
properties:
methods:
description: Methods represent an array of HTTP methods (e.g.
GET, POST, PUT, DELETE, ...)
items:
type: string
type: array
url:
description: URL is the URL that should be matched. It supports
regex templates.
type: string
required:
- methods
- url
type: object
mutators:
items:
description: Mutator represents a handler that transforms the HTTP
request before forwarding it.
mutators:
items:
description: Mutator represents a handler that transforms the HTTP request before forwarding it.
properties:
config:
description: Config configures the handler. Configuration keys vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Name is the name of a handler
type: string
required:
- handler
type: object
type: array
upstream:
description: Upstream represents the location of a server where requests matching a rule should be forwarded to.
properties:
config:
description: Config configures the handler. Configuration keys
vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Name is the name of a handler
preserveHost:
description: PreserveHost includes the host and port of the url value if set to false. If true, the host and port of the ORY Oathkeeper Proxy

Check failure on line 116 in oathkeeper/base/crds.yml

View workflow job for this annotation

GitHub Actions / ansible-lint

yaml[line-length] 

Line too long (163 > 160 characters)
will be used instead.
type: boolean
stripPath:
description: StripPath replaces the provided path prefix when forwarding the requested URL to the upstream URL.
type: string
url:
description: URL defines the target URL for incoming requests
maxLength: 256
minLength: 3
pattern: ^(?:https?:\/\/)?(?:[^@\/\n]+@)?(?:www\.)?([^:\/\n]+)
type: string
required:
- handler
- url
type: object
required:
- match
type: object
status:
description: RuleStatus defines the observed state of Rule
properties:
validation:
description: Validation defines the validation state of Rule
properties:
valid:
type: boolean
validationError:
type: string
type: object
type: array
upstream:
description: Upstream represents the location of a server where requests
matching a rule should be forwarded to.
properties:
preserveHost:
description: PreserveHost includes the host and port of the url
value if set to false. If true, the host and port of the ORY
Oathkeeper Proxy will be used instead.
type: boolean
stripPath:
description: StripPath replaces the provided path prefix when
forwarding the requested URL to the upstream URL.
type: string
url:
description: URL defines the target URL for incoming requests
maxLength: 256
minLength: 3
pattern: ^(?:https?:\/\/)?(?:[^@\/\n]+@)?(?:www\.)?([^:\/\n]+)
type: string
required:
- url
type: object
required:
- match
type: object
status:
description: RuleStatus defines the observed state of Rule
properties:
validation:
description: Validation defines the validation state of Rule
properties:
valid:
type: boolean
validationError:
type: string
type: object
type: object
type: object
served: true
storage: true
type: object
type: object
served: true
storage: true
9 changes: 5 additions & 4 deletions oathkeeper/base/deployment-oathkeeper-maester.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
Expand All @@ -24,10 +25,10 @@ spec:
automountServiceAccountToken: true
containers:
- args:
- "--metrics-addr=0.0.0.0:8080"
- --metrics-addr=0.0.0.0:8080
- controller
- "--rulesConfigmapName=oathkeeper-rules"
- "--rulesConfigmapNamespace=$(POD_NAMESPACE)"
- --rulesConfigmapName=oathkeeper-rules
- --rulesConfigmapNamespace=$(POD_NAMESPACE)
command:
- /manager
env:
Expand Down Expand Up @@ -65,7 +66,7 @@ spec:
initContainers:
- command:
- /bin/sh
- "-c"
- -c
- |
cm=$(kubectl get configmap oathkeeper-rules -n $(POD_NAMESPACE) -o jsonpath='{.metadata.name}' 2>/dev/null || true)
Expand Down
7 changes: 4 additions & 3 deletions oathkeeper/base/deployment-oathkeeper.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
Expand All @@ -24,7 +25,7 @@ spec:
containers:
- args:
- serve
- "--config"
- --config
- /etc/oathkeeper/config.yml
command:
- oathkeeper
Expand Down Expand Up @@ -94,10 +95,10 @@ spec:
terminationGracePeriodSeconds: 300
volumes:
- configMap:
defaultMode: 0444
defaultMode: "0444"
name: oathkeeper-config
name: oathkeeper-config
- configMap:
defaultMode: 0444
defaultMode: "0444"
name: oathkeeper-rules
name: oathkeeper-rules-volume
Loading

0 comments on commit 23b7876

Please sign in to comment.