Merge pull request #17 from jobtome-labs/feature/review-dog

Feature/review dog

README.md

@@ -145,10 +145,17 @@ stages:
   - lint
 
 variables:
-  #optional, used by docker-lint
+  # optional, used by docker-lint
   IGNORE_DOCKER_LINT: "DL3012"
+
+  # optional, used to enable reviewdog
+  ENABLE_REVIEWDOG: 1
+  REVIEWDOG_GITLAB_API_TOKEN: <personal gitlab token used to call v4 api endpoints>
+  REVIEWDOG_LEVEL: warning # optional, values: info, warning, error
 ```
 
+The [Review Dog](https://github.com/reviewdog/reviewdog) feature provides a way to post review comments automatically by integrating with any linter tools with ease. It uses an output of lint tools and posts them as a comment if findings are in diff of patches to review.
+
 The default skipped test for `lint-docker` is `Provide an email address or URL as maintainer`. See skippable tests [here](https://hub.docker.com/r/hadolint/hadolint).
 
 If one wants to check the kube manifests (through lint and security practices), then the import becomes `test-kubernetes-score.yaml`, and it will perform the following:
@@ -758,7 +765,7 @@ stages:
 
 ```yaml
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/<REF>/terraform-security.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/<REF>/test-terraform-security.yml'
 
 stages:
   - test

bucket-production.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/bucket-quality.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/bucket-quality.yml'
 
 deploy:production:
   extends: .deploy

bucket-quality.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/templates/bucket.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/bucket.yml'
 
 deploy:quality:
   extends: .deploy

cloudrun-production.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/cloudrun-quality.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/cloudrun-quality.yml'
 
 deploy:production:
   extends: deploy:quality

cloudrun-quality.yml

@@ -1,6 +1,6 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/docker.yml'
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/templates/cloudrun.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/docker.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/cloudrun.yml'
 
 deploy:quality:
   extends: .cloudrun:deploy

docker.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/templates/docker.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/docker.yml'
 
 build:
   stage: build

helm-multiregion.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/helm-quality.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/helm-quality.yml'
 
 # EUROPE
 deploy:production:europe:helm:

helm-quality.yml

@@ -1,6 +1,6 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/docker.yml'
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/templates/helm.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/docker.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/helm.yml'
 
 deploy:quality:helm:
   variables:

helm-regional.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/helm-quality.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/helm-quality.yml'
 
 deploy:production:helm:
   extends: .deploy:production:helm

kubernetes-multiregion.yml

@@ -1,6 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/kubernetes-quality.yml'
-
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/kubernetes-quality.yml'
 
 # EUROPE
 deploy:production:europe:image:

kubernetes-quality.yml

@@ -1,6 +1,6 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/docker.yml'
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/templates/kubernetes.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/docker.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/kubernetes.yml'
 
 deploy:quality:image:
   variables:

kubernetes-regional.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/kubernetes-quality.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/kubernetes-quality.yml'
 
 deploy:production:image:
   extends: .deploy:production:image

lint-go.yml

@@ -1,15 +1,40 @@
 lint:go:
   stage: lint
-  image: cytopia/golint:latest-release-0.1
+  image: gadiener/golint-reviewdog:v1.0.0
+  variables:
+    GITLAB_API: ${CI_API_V4_URL}
   script:
     - |
-
       echo
-      echo "-> Linting code:"
+      echo "-> Linting Go files:"
       echo
 
-      golint .
+      if [ -z "${LINT_PATH}" ]; then
+        LINT_PATH="./..."
+      fi
+
+      if [ "${ENABLE_REVIEWDOG}" = "1" ]; then
+        echo
+        echo "-> Enabled Review Dog!"
+        echo
+
+        if [ -z "${REVIEWDOG_GITLAB_API_TOKEN}" ]; then
+          echo
+          echo "-> [WARNING] Missing 'REVIEWDOG_GITLAB_API_TOKEN' variable!"
+          echo
+          exit 1
+        fi
+
+        if [ -z "${REVIEWDOG_LEVEL}" ]; then
+          REVIEWDOG_LEVEL="warning"
+        fi
+
+        golint "${LINT_PATH}" | reviewdog -name="Go Linter" \
+          -f=golint -diff="git diff master" -reporter=gitlab-mr-discussion -level="${REVIEWDOG_LEVEL}"
+      else
+        golint "${LINT_PATH}"
+      fi
 
       echo
-      echo "-> Code checked!"
+      echo "-> Go files checked!"
       echo

lint-yaml.yml

@@ -1,19 +1,40 @@
 lint:yaml:
   stage: lint
-  image: cytopia/yamllint:1.18
+  image: gdiener/yamllint-reviewdog:v1.0.0
+  variables:
+    GITLAB_API: ${CI_API_V4_URL}
   script:
     - |
-
-      if [[ -z "${YAML_DIR}" ]]; then
-        YAML_DIR="kube/"
+      if [[ -z "${LINT_PATH}" ]]; then
+        LINT_PATH="."
       fi
 
       echo
-      echo "-> Linting manifests:"
+      echo "-> Linting YAML files:"
       echo
 
-      yamllint ${YAML_DIR}
+      if [ "${ENABLE_REVIEWDOG}" = "1" ]; then
+        echo
+        echo "-> Enabled Review Dog!"
+        echo
+
+        if [ -z "${REVIEWDOG_GITLAB_API_TOKEN}" ]; then
+          echo
+          echo "-> [WARNING] Missing 'REVIEWDOG_GITLAB_API_TOKEN' variable!"
+          echo
+          exit 1
+        fi
+
+        if [ -z "${REVIEWDOG_LEVEL}" ]; then
+          REVIEWDOG_LEVEL="warning"
+        fi
+
+        yamllint --format "parsable" "${LINT_PATH}" | reviewdog -name="YAML Linter" \
+          -efm="%f:%l:%c: %m" -diff="git diff master" -reporter=gitlab-mr-discussion -level="${INPUT_LEVEL}"
+      else
+        yamllint "${LINT_PATH}"
+      fi
 
       echo
-      echo "-> Manifests checked!"
+      echo "-> YAML files checked!"
       echo

serverless-multiregion.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/serverless-quality.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/serverless.yml'
 
 # EUROPE
 deploy:production:europe:

serverless-regional.yml

@@ -1,6 +1,6 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/serverless-quality.yml'
-
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/serverless.yml'
+  
 deploy:production:
   extends: .serverless:deploy
   variables:

ssh-production.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/ssh-quality.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/ssh-quality.yml'
 
 ssh:production:
   extends: .ssh:exec

ssh-quality.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/templates/ssh.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/ssh.yml'
 
 ssh:quality:
   extends: .ssh:exec

test-terraform-security.yml

@@ -0,0 +1,14 @@
+
+test:terraform-security:
+  stage: test
+  image: linuxbandit/terraform-with-tfsec:v0.12.9
+  script:
+    - |
+      if [ -n "${TF_FOLDER_PATH}" ]; then
+        cd "${TF_FOLDER_PATH}"
+      fi
+      terraform --version
+      terraform init -backend=false
+      tfsec .
+  variables:
+    GIT_DEPTH: 1

test-unit.yml

@@ -1,5 +1,5 @@
 include:
-  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.4.0/templates/docker.yml'
+  - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.5.0/templates/docker.yml'
 
 test:unit:
   extends: .docker