Skip to content
Snippets Groups Projects
Commit 7557620a authored by František Dvořák's avatar František Dvořák
Browse files

Megalinter: updates

* no algorthm check from devsskim
* tune grype linter
* updata paths to ignore
parent d6ce1710
No related branches found
No related tags found
No related merge requests found
...@@ -20,6 +20,7 @@ DISABLE_LINTERS: ...@@ -20,6 +20,7 @@ DISABLE_LINTERS:
# yaml[octal-values]: bug # yaml[octal-values]: bug
ANSIBLE_ANSIBLE_LINT_ARGUMENTS: >- ANSIBLE_ANSIBLE_LINT_ARGUMENTS: >-
-x yaml[octal-values] -x yaml[octal-values]
--exclude .ansible/roles/
--exclude megalinter-reports/ --exclude megalinter-reports/
--exclude */deployments/*.yaml --exclude */deployments/*.yaml
--exclude */playbooks/files/calico.yaml --exclude */playbooks/files/calico.yaml
...@@ -39,13 +40,17 @@ REPOSITORY_CHECKOV_ARGUMENTS: >- ...@@ -39,13 +40,17 @@ REPOSITORY_CHECKOV_ARGUMENTS: >-
--skip-path .*/playbooks/files/(jupyterhub-jwt|calico).yaml --skip-path .*/playbooks/files/(jupyterhub-jwt|calico).yaml
--skip-path .*/playbooks/upgrade.yaml --skip-path .*/playbooks/upgrade.yaml
# DS126858 (algorithm): false positive, used as images tag
# DS137138 (http): local communication # DS137138 (http): local communication
# DS169125 (ssl): protocol actually banned # DS169125 (ssl): protocol actually banned
# DS169126 (ssl): protocol actually banned # DS169126 (ssl): protocol actually banned
# DS176209: FIXME jupyterhub-jwt.yaml # DS176209: FIXME jupyterhub-jwt.yaml
REPOSITORY_DEVSKIM_ARGUMENTS: >- REPOSITORY_DEVSKIM_ARGUMENTS: >-
--ignore-globs .git/**,**/playbooks/files/calico.yaml --ignore-globs /tmp/lint/.ansible/**,/tmp/lint/.git/**,/tmp/lint/**/playbooks/files/calico.yaml
--ignore-rule-ids DS137138,DS169125,DS169126,DS176209 --ignore-rule-ids DS126858,DS137138,DS169125,DS169126,DS176209
# no check for terraform plugins
REPOSITORY_GRYPE_ARGUMENTS: --exclude ./*/terraform/**
# terraform_unused_declarations: common variables file # terraform_unused_declarations: common variables file
# terraform_required_providers: common requirements file # terraform_required_providers: common requirements file
...@@ -57,6 +62,6 @@ TERRAFORM_TFLINT_ARGUMENTS: >- ...@@ -57,6 +62,6 @@ TERRAFORM_TFLINT_ARGUMENTS: >-
YAML_PRETTIER_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*)\.yaml$ YAML_PRETTIER_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*)\.yaml$
YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*|playbooks/files/calico|terraform/cloud-init)\.yaml$ YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*|playbooks/files/calico|terraform/cloud-init)\.yaml$|^common/playbooks/templates/nexus/.*\.yaml$
FILTER_REGEX_EXCLUDE: ^.*\.swp$ FILTER_REGEX_EXCLUDE: ^.*\.swp|\.ansible/.*$
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment