From f10f5088413223412b25da3691e0607e03703e9c Mon Sep 17 00:00:00 2001 From: tsandrini Date: Wed, 7 Aug 2024 11:20:52 +0200 Subject: [PATCH 1/4] ci(dependabot): init --- .github/dependabot.yml | 28 ++++++++++++++++++++++++++++ .github/pull_request_template.md | 14 +++++++------- 2 files changed, 35 insertions(+), 7 deletions(-) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..e69f8c9 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,28 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + labels: + - dependencies + + # NOTE: For additional ecosystems refer to the documentation + # package-ecosystem: "gitsubmodule" + # directory: "/" + # schedule: + # interval: "weekly" + # labels: + # - dependencies + + # - package-ecosystem: "docker" + # directory: "/" + # schedule: + # interval: "weekly" + # labels: + # - dependencies diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index f4a3fec..377f862 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -26,13 +26,13 @@ updates (if applicable). --> -- \[ \] I have tested the relevant changes locally. -- \[ \] I have checked that `nix flake check` passes. -- \[ \] I have ensured my commits follow the project's commits guidelines. -- \[ \] I have checked that the changes follow a linear history. -- \[ \] (If applicable) I have commented any relevant parts of my code. -- \[ \] (If applicable) I have added appropriate unit/feature tests. -- \[ \] (If applicable) I have updated the documentation accordingly (in English). +- [ ] I have tested the relevant changes locally. +- [ ] I have checked that `nix flake check` passes. +- [ ] I have ensured my commits follow the project's commits guidelines. +- [ ] I have checked that the changes follow a linear history. +- [ ] (If applicable) I have commented any relevant parts of my code. +- [ ] (If applicable) I have added appropriate unit/feature tests. +- [ ] (If applicable) I have updated the documentation accordingly (in English). ## Additional Notes From 2ad122be17d37e1d90585dfc8514d7dd4082753b Mon Sep 17 00:00:00 2001 From: tsandrini Date: Wed, 7 Aug 2024 12:49:10 +0200 Subject: [PATCH 2/4] style(flake): updated treefmt config --- .envrc | 3 ++- .github/ISSUE_TEMPLATE/bug_report.md | 4 ++-- .github/ISSUE_TEMPLATE/feature_request.md | 4 ++-- .github/dependabot.yml | 26 +++++++++++------------ .github/pull_request_template.md | 14 ++++++------ .github/workflows/cachix-push.yml | 8 ------- .github/workflows/flake-check.yml | 9 -------- .github/workflows/flakehub-publish.yml | 5 ----- .github/workflows/update-flake-lock.yml | 5 ----- flake-parts/hosts/spinorbundle/README.md | 2 +- flake-parts/treefmt.nix | 21 ++++++++++++------ 11 files changed, 41 insertions(+), 60 deletions(-) diff --git a/.envrc b/.envrc index 8f2fbe0..0c2bcc4 100644 --- a/.envrc +++ b/.envrc @@ -1,3 +1,5 @@ +#!/usr/bin/env bash + if ! has nix_direnv_version || ! nix_direnv_version 3.0.4; then source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.4/direnvrc" "sha256-DzlYZ33mWF/Gs8DDeyjr8mnVmQGx7ASYqA5WlxwvBG4=" fi @@ -12,7 +14,6 @@ watch_file flake.lock [ -f flake-parts/treefmt.nix ] && watch_file flake-parts/treefmt.nix [ -f flake-parts/pre-commit-hooks.nix ] && watch_file flake-parts/pre-commit-hooks.nix - # Check which devshell implementation we are using and load that one if [ -f flake-parts/devenv/dev.nix ]; then if ! use flake .#dev --accept-flake-config --override-input devenv-root "file+file://"<(printf %s "$PWD"); then diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index c3577c0..89fdea2 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -1,4 +1,4 @@ ---- +______________________________________________________________________ ## name: Bug report about: Create a report to help us improve title: "" labels: bug assignees: "" @@ -42,6 +42,6 @@ Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result. output here ``` ---- +______________________________________________________________________ Add a :+1: \[reaction\] to \[issues you find important\]. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index a956be4..e28751d 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -1,4 +1,4 @@ ---- +______________________________________________________________________ ## name: Feature request about: Suggest an idea for this project title: "" labels: feature-request assignees: "" @@ -14,6 +14,6 @@ A clear and concise description of any alternative solutions or features you've **Additional context** Add any other context or screenshots about the feature request here. ---- +______________________________________________________________________ Add a :+1: \[reaction\] to \[issues you find important\]. diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e69f8c9..3686bbf 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -12,17 +12,17 @@ updates: labels: - dependencies - # NOTE: For additional ecosystems refer to the documentation - # package-ecosystem: "gitsubmodule" - # directory: "/" - # schedule: - # interval: "weekly" - # labels: - # - dependencies +# NOTE: For additional ecosystems refer to the documentation +# package-ecosystem: "gitsubmodule" +# directory: "/" +# schedule: +# interval: "weekly" +# labels: +# - dependencies - # - package-ecosystem: "docker" - # directory: "/" - # schedule: - # interval: "weekly" - # labels: - # - dependencies +# - package-ecosystem: "docker" +# directory: "/" +# schedule: +# interval: "weekly" +# labels: +# - dependencies diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 377f862..f4a3fec 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -26,13 +26,13 @@ updates (if applicable). --> -- [ ] I have tested the relevant changes locally. -- [ ] I have checked that `nix flake check` passes. -- [ ] I have ensured my commits follow the project's commits guidelines. -- [ ] I have checked that the changes follow a linear history. -- [ ] (If applicable) I have commented any relevant parts of my code. -- [ ] (If applicable) I have added appropriate unit/feature tests. -- [ ] (If applicable) I have updated the documentation accordingly (in English). +- \[ \] I have tested the relevant changes locally. +- \[ \] I have checked that `nix flake check` passes. +- \[ \] I have ensured my commits follow the project's commits guidelines. +- \[ \] I have checked that the changes follow a linear history. +- \[ \] (If applicable) I have commented any relevant parts of my code. +- \[ \] (If applicable) I have added appropriate unit/feature tests. +- \[ \] (If applicable) I have updated the documentation accordingly (in English). ## Additional Notes diff --git a/.github/workflows/cachix-push.yml b/.github/workflows/cachix-push.yml index e73805b..083a875 100644 --- a/.github/workflows/cachix-push.yml +++ b/.github/workflows/cachix-push.yml @@ -1,43 +1,35 @@ # --- Push packages & devshells to the cachix binary cache service name: cachix push - on: workflow_dispatch: # allows manual triggering from the Actions UI push: branches: - main - jobs: cachix-push: runs-on: "ubuntu-latest" steps: - name: "Checking out repository..." uses: actions/checkout@v4 - - name: "Installing and configuring the nix package manager..." uses: DeterminateSystems/nix-installer-action@main with: extra-conf: | accept-flake-config = true allow-import-from-derivation = true - - name: "Setting up magic-nix-cache..." uses: DeterminateSystems/magic-nix-cache-action@main - - name: "Settings up cachix binary cache..." uses: cachix/cachix-action@v15 with: name: tsandrini # If you chose API tokens for write access OR if you have a private cache authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - # NOTE Install any necessary packages here - name: "Setting up packages..." run: | nix profile install nixpkgs#nix-fast-build # parallel nix builder - - name: "Running `nix build ...`..." run: nix-fast-build --skip-cached --no-nom --flake ".#packages.$(nix eval --raw --impure --expr builtins.currentSystem)" - - name: "Running `nix develop...`..." run: nix-fast-build --skip-cached --no-nom --flake ".#devShells.$(nix eval --raw --impure --expr builtins.currentSystem)" diff --git a/.github/workflows/flake-check.yml b/.github/workflows/flake-check.yml index cd8e597..cf5b0ac 100644 --- a/.github/workflows/flake-check.yml +++ b/.github/workflows/flake-check.yml @@ -1,6 +1,5 @@ # --- Run `nix flake check` name: nix flake check - on: workflow_dispatch: # allows manual triggering from the Actions UI push: @@ -10,37 +9,29 @@ on: types: [opened, reopened, synchronize] repository_dispatch: types: [create-pull-request] - jobs: flake-check: runs-on: "ubuntu-latest" steps: - name: "Checking out repository..." uses: actions/checkout@v4 - - name: "Installing and configuring the nix package manager..." uses: DeterminateSystems/nix-installer-action@main with: extra-conf: | accept-flake-config = true allow-import-from-derivation = true - - name: "Setting up magic-nix-cache..." uses: DeterminateSystems/magic-nix-cache-action@main - # NOTE Install any necessary packages here - name: "Setting up packages..." run: | nix profile install nixpkgs#nix-fast-build # parallel nix builder - - name: "Running `nix flake check`..." run: nix-fast-build --skip-cached --no-nom --flake ".#checks.$(nix eval --raw --impure --expr builtins.currentSystem)" - - name: "Running `nix build ...`..." run: nix-fast-build --skip-cached --no-nom --flake ".#packages.$(nix eval --raw --impure --expr builtins.currentSystem)" - - name: "Running `nix develop...`..." run: nix-fast-build --skip-cached --no-nom --flake ".#devShells.$(nix eval --raw --impure --expr builtins.currentSystem)" - - name: "Checking flake inputs for stale & insecure nixpkgs versions..." uses: DeterminateSystems/flake-checker-action@main diff --git a/.github/workflows/flakehub-publish.yml b/.github/workflows/flakehub-publish.yml index 9d8fc51..a717384 100644 --- a/.github/workflows/flakehub-publish.yml +++ b/.github/workflows/flakehub-publish.yml @@ -1,12 +1,10 @@ # --- Publish flake to FlakeHub name: FlakeHub - on: workflow_dispatch: # allows manual triggering from the Actions UI push: branches: - main - jobs: flakehub-publish: runs-on: "ubuntu-latest" @@ -16,17 +14,14 @@ jobs: steps: - name: "Checking out repository..." uses: actions/checkout@v4 - - name: "Installing and configuring the nix package manager..." uses: DeterminateSystems/nix-installer-action@main with: extra-conf: | accept-flake-config = true allow-import-from-derivation = true - - name: "Setting up magic-nix-cache..." uses: DeterminateSystems/magic-nix-cache-action@main - - name: "Publishing flake to FlakeHub..." uses: DeterminateSystems/flakehub-push@main with: diff --git a/.github/workflows/update-flake-lock.yml b/.github/workflows/update-flake-lock.yml index 8d70155..ce0fce3 100644 --- a/.github/workflows/update-flake-lock.yml +++ b/.github/workflows/update-flake-lock.yml @@ -1,28 +1,23 @@ # --- Periodically update flake inputs in flake.lock name: update-flake-lock - on: workflow_dispatch: # allows manual triggering from the Actions UI schedule: - cron: "0 0 * * 0" # runs weekly on Sunday at 00:00 - jobs: update-flake-lock: runs-on: ubuntu-latest steps: - name: "Checking out repository..." uses: actions/checkout@v4 - - name: "Installing and configuring the nix package manager..." uses: DeterminateSystems/nix-installer-action@main with: extra-conf: | accept-flake-config = true allow-import-from-derivation = true - - name: "Setting up magic-nix-cache..." uses: DeterminateSystems/magic-nix-cache-action@main - - name: "Updating flake.lock..." uses: DeterminateSystems/update-flake-lock@main with: diff --git a/flake-parts/hosts/spinorbundle/README.md b/flake-parts/hosts/spinorbundle/README.md index da6d8a8..babd838 100644 --- a/flake-parts/hosts/spinorbundle/README.md +++ b/flake-parts/hosts/spinorbundle/README.md @@ -95,7 +95,7 @@ mount /dev/disk/by-label/boot /mnt/boot ``` _Notenote_: At this stage you should either start an ssh-agent -(``eval `ssh-agent` ``) and add the +(`` eval `ssh-agent` ``) and add the appropriate keys (`ssh-add /root/.ssh/id_ed25519`) or in case you don't want to use agenix you should patch the config with your desired way of handling secrets and default passwords. diff --git a/flake-parts/treefmt.nix b/flake-parts/treefmt.nix index 42a6b73..b18c3eb 100644 --- a/flake-parts/treefmt.nix +++ b/flake-parts/treefmt.nix @@ -40,21 +40,28 @@ "*.woff2" "flake-parts/pkgs/docs/**/*" ]; + shellcheck.includes = [ + "*.sh" + ".envrc" + ]; + prettier.editorconfig = true; }; programs = { deadnix.enable = true; # Find and remove unused code in .nix source files statix.enable = true; # Lints and suggestions for the nix programming language nixfmt.enable = true; # An opinionated formatter for Nix - # NOTE Choose a different formatter if you'd like to - # nixfmt.enable = true; # An opinionated formatter for Nix - # alejandra.enable = true; # The Uncompromising Nix Code Formatter - actionlint.enable = true; # Static checker for GitHub Actions workflow files - prettier.enable = true; # Prettier is an opinionated code formatter mdformat.enable = true; # CommonMark compliant Markdown formatter - # yamlfmt.enable = true; # An extensible command line tool or library to format yaml files. - # jsonfmt.enable = true; # Formatter for JSON files + yamlfmt.enable = true; # An extensible command line tool or library to format yaml files. + jsonfmt.enable = true; # Formatter for JSON files + + shellcheck.enable = true; # Shell script analysis tool + shfmt.enable = true; # Shell parser and formatter + + actionlint.enable = true; # Static checker for GitHub Actions workflow files + # prettier.enable = true; # Prettier is an opinionated code formatter + # mdsh.enable = true; # Markdown shell pre-processor }; }; }; From 6e90de4a2c42c6b9c940fdc61970cf07cc3984dd Mon Sep 17 00:00:00 2001 From: tsandrini Date: Wed, 7 Aug 2024 13:24:32 +0200 Subject: [PATCH 3/4] style(treefmt): udpate treefmt & pre-commit config --- .github/ISSUE_TEMPLATE/bug_report.md | 16 +++++++----- .github/ISSUE_TEMPLATE/feature_request.md | 25 +++++++++++++------ ...t_template.md => PULL_REQUEST_TEMPLATE.md} | 16 ++++++------ .github/dependabot.yml | 1 - flake-parts/hosts/spinorbundle/README.md | 2 +- flake-parts/pre-commit-hooks.nix | 6 ++--- flake-parts/treefmt.nix | 4 +-- 7 files changed, 42 insertions(+), 28 deletions(-) rename .github/{pull_request_template.md => PULL_REQUEST_TEMPLATE.md} (68%) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 89fdea2..a8f292b 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -1,6 +1,10 @@ -______________________________________________________________________ - -## name: Bug report about: Create a report to help us improve title: "" labels: bug assignees: "" +--- +name: 🪲 Bug Report +about: Create a bug report to help us resolving the bug +title: "🪲[BUG]: " +labels: "bug" +assignees: "" +--- ## Describe the bug @@ -29,8 +33,8 @@ Add any other context about the problem here. ## Notify maintainers ## Metadata @@ -42,6 +46,6 @@ Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result. output here ``` -______________________________________________________________________ +--- Add a :+1: \[reaction\] to \[issues you find important\]. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index e28751d..e6bce3e 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -1,19 +1,28 @@ -______________________________________________________________________ +--- +name: 💡 Feature Request +about: Suggest an interesting feature idea for this project +title: "💡[FEATURE]: " +labels: "enhancement" +assignees: "" +--- -## name: Feature request about: Suggest an idea for this project title: "" labels: feature-request assignees: "" +## Is your feature request related to a problem? Please describe -**Is your feature request related to a problem? Please describe.** -A clear and concise description of what the problem is. Ex. I'm always frustrated when \[...\] +A clear and concise description of what the problem is. Ex. I'm always frustrated +when \[...\] + +## Describe the solution you'd like -**Describe the solution you'd like** A clear and concise description of what you want to happen. -**Describe alternatives you've considered** +## Describe alternatives you've considered + A clear and concise description of any alternative solutions or features you've considered. -**Additional context** +## Additional context + Add any other context or screenshots about the feature request here. -______________________________________________________________________ +--- Add a :+1: \[reaction\] to \[issues you find important\]. diff --git a/.github/pull_request_template.md b/.github/PULL_REQUEST_TEMPLATE.md similarity index 68% rename from .github/pull_request_template.md rename to .github/PULL_REQUEST_TEMPLATE.md index f4a3fec..31ba229 100644 --- a/.github/pull_request_template.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,3 +1,5 @@ + + ## Overview -- \[ \] I have tested the relevant changes locally. -- \[ \] I have checked that `nix flake check` passes. -- \[ \] I have ensured my commits follow the project's commits guidelines. -- \[ \] I have checked that the changes follow a linear history. -- \[ \] (If applicable) I have commented any relevant parts of my code. -- \[ \] (If applicable) I have added appropriate unit/feature tests. -- \[ \] (If applicable) I have updated the documentation accordingly (in English). +- [ ] I have tested the relevant changes locally. +- [ ] I have checked that `nix flake check` passes. +- [ ] I have ensured my commits follow the project's commits guidelines. +- [ ] I have checked that the changes follow a linear history. +- [ ] (If applicable) I have commented any relevant parts of my code. +- [ ] (If applicable) I have added appropriate unit/feature tests. +- [ ] (If applicable) I have updated the documentation accordingly (in English). ## Additional Notes diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3686bbf..f7418c9 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,7 +11,6 @@ updates: interval: "weekly" labels: - dependencies - # NOTE: For additional ecosystems refer to the documentation # package-ecosystem: "gitsubmodule" # directory: "/" diff --git a/flake-parts/hosts/spinorbundle/README.md b/flake-parts/hosts/spinorbundle/README.md index babd838..da6d8a8 100644 --- a/flake-parts/hosts/spinorbundle/README.md +++ b/flake-parts/hosts/spinorbundle/README.md @@ -95,7 +95,7 @@ mount /dev/disk/by-label/boot /mnt/boot ``` _Notenote_: At this stage you should either start an ssh-agent -(`` eval `ssh-agent` ``) and add the +(``eval `ssh-agent` ``) and add the appropriate keys (`ssh-add /root/.ssh/id_ed25519`) or in case you don't want to use agenix you should patch the config with your desired way of handling secrets and default passwords. diff --git a/flake-parts/pre-commit-hooks.nix b/flake-parts/pre-commit-hooks.nix index acbc39c..a7be32e 100644 --- a/flake-parts/pre-commit-hooks.nix +++ b/flake-parts/pre-commit-hooks.nix @@ -31,12 +31,12 @@ treefmt.package = if (treefmt-wrapper != null) then treefmt-wrapper else pkgs.treefmt; nil.enable = true; # Nix Language server, an incremental analysis assistant for writing in Nix. - # markdownlint.enable = true; # Markdown lint tool - # typos.enable = true; # Source code spell checker + markdownlint.enable = true; # Markdown lint tool - # actionlint.enable = true; # GitHub workflows linting commitizen.enable = true; # Commitizen is release management tool designed for teams. editorconfig-checker.enable = true; # A tool to verify that your files are in harmony with your .editorconfig + # actionlint.enable = true; # GitHub workflows linting + # typos.enable = true; # Source code spell checker gitleaks = { enable = true; diff --git a/flake-parts/treefmt.nix b/flake-parts/treefmt.nix index b18c3eb..f818463 100644 --- a/flake-parts/treefmt.nix +++ b/flake-parts/treefmt.nix @@ -52,15 +52,15 @@ statix.enable = true; # Lints and suggestions for the nix programming language nixfmt.enable = true; # An opinionated formatter for Nix - mdformat.enable = true; # CommonMark compliant Markdown formatter + prettier.enable = true; # Prettier is an opinionated code formatter yamlfmt.enable = true; # An extensible command line tool or library to format yaml files. jsonfmt.enable = true; # Formatter for JSON files + # mdformat.enable = true; # CommonMark compliant Markdown formatter shellcheck.enable = true; # Shell script analysis tool shfmt.enable = true; # Shell parser and formatter actionlint.enable = true; # Static checker for GitHub Actions workflow files - # prettier.enable = true; # Prettier is an opinionated code formatter # mdsh.enable = true; # Markdown shell pre-processor }; }; From d331b375e8e36faad83ccb481bfa831980270c5d Mon Sep 17 00:00:00 2001 From: tsandrini Date: Wed, 7 Aug 2024 14:01:54 +0200 Subject: [PATCH 4/4] style(project): fix formatting of md files --- .github/ISSUE_TEMPLATE/bug_report.md | 2 +- CHANGELOG.md | 2 ++ README.md | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index a8f292b..648022c 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -1,6 +1,6 @@ --- name: 🪲 Bug Report -about: Create a bug report to help us resolving the bug +about: Create a bug report to help us resolve the bug title: "🪲[BUG]: " labels: "bug" assignees: "" diff --git a/CHANGELOG.md b/CHANGELOG.md index f93fa57..ae38eea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,5 @@ + + # Changelog ## v0.4.0 (2024-08-06) diff --git a/README.md b/README.md index a554de8..9ec96a7 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ The project is also hosted on [FlakeHub](https://flakehub.com/flake/tsandrini/te ## 2. Design choices ⚙️ - This projects is generated via and uses - https://github.com/tsandrini/flake-parts-builder + [flake-parts-builder](https://github.com/tsandrini/flake-parts-builder) which makes it super easy to share modularity between different projects. - Modules are disabled by default. Why you might ask? 🤓 ... Setting `myModule.enable = true;` can be done from multiple places, moreover we can