Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

2020-02-14 Thread Tor Bug Tracker & Wiki 
#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 i pushed my changes to my own fork to the linter here:

 https://github.com/anarcat/puppet-git-hooks

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

2019-09-12 Thread Tor Bug Tracker & Wiki 
#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 update: i'm using this fork of the validator: https://github.com/cmeissner
 /puppet-git-hooks

 it has a few improvements, most notably a better handling of missing yaml-
 lint requirements.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

2019-08-19 Thread Tor Bug Tracker & Wiki 
#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 the workaround I've found is to set this in puppet-git-
 hooks/commit_hooks/config.cfg:

 {{{
 CHECK_PUPPET_LINT="permissive" # enabled, permissive or disabled
 (permissive runs but return code is ignored)
 CHECK_PUPPET_DOCS="permissive" # enabled, permissive or disabled
 (permissive runs but return code is ignored)
 }}}

 That keeps the warnings, but makes them "soft".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

2019-08-19 Thread Tor Bug Tracker & Wiki 
#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 The following packages are used by the check:

 * librarian-puppet
 * puppet-strings
 * ruby-rspec
 * r10k

 ... and probably more, those were just the ones missing on my machine.

 one big downside with such a check is that it will fail if the modified
 file has *any* linting error, even if it wasn't introduced by the commit.
 this means deploying this will lead to significant churn in the codebase
 as we'll need to lint each file we touch in the future...

 kind of annoying, but i can't think of a way around that without disabling
 linting. but maybe it's a good way to start: even without linting, we
 would catch other syntax errors, run tests, etc...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

2019-08-19 Thread Tor Bug Tracker & Wiki 
#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 after reviewing koumbit's hook, i figured i would give drwahl's hooks a
 try. they are similar, but the latter is better designed and module. I've
 audited the source and cloned it on pauli, stopping just shy of hooking it
 into the normal git hooks.

 instead, i've configured it locally, as a pre-commit hook, to see how it
 behaves. when I'm satisfied by that, i'll deploy it in production.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

2019-07-23 Thread Tor Bug Tracker & Wiki 
#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 some example implementations:

  * https://redmine.koumbit.net/projects/git-hooks, specifically:
* https://redmine.koumbit.net/projects/git-
 hooks/repository/revisions/master/entry/update-verify-puppet-syntax
* https://redmine.koumbit.net/projects/git-
 hooks/repository/revisions/master/entry/pre-receive-check-allowed-
 puppetmodules
* https://redmine.koumbit.net/projects/git-
 hooks/repository/revisions/master/entry/pre-receive-enforce-gpg-signatures
* ... and other hooks: https://redmine.koumbit.net/projects/git-
 hooks/repository
  * https://github.com/drwahl/puppet-git-hooks is more elaborate, but
 unmaintained (since 2017)

 there are probably many others such checks out there...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

2019-07-23 Thread Tor Bug Tracker & Wiki 
#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 we often do "YOLO" (You Only Live Once) commits in Puppet because of silly
 syntax errors and typos that could be caught by automated systems. even
 just a simple git hook checking for syntax errors in manifests would be an
 improvement, but we could also run tests and so on.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs