From c38503cef8f575781f7f555f175ccc33feac6746 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= <valtri@civ.zcu.cz> Date: Tue, 5 Nov 2024 22:13:01 +0100 Subject: [PATCH] Megalinter file --- .mega-linter.yaml | 62 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 .mega-linter.yaml diff --git a/.mega-linter.yaml b/.mega-linter.yaml new file mode 100644 index 0000000..d0f9810 --- /dev/null +++ b/.mega-linter.yaml @@ -0,0 +1,62 @@ +--- +DISABLE: + - COPYPASTE + - SPELL + +DISABLE_LINTERS: + # Unable to import 'requests' (import-error) + - PYTHON_PYLINT + # can't be configured (bugs), too many checks + - REPOSITORY_KICS + # can't be configured + - REPOSITORY_TRIVY + # usage problems (https://github.com/prettier/prettier/issues/6069) + - YAML_PRETTIER + # problem with schemas + - YAML_V8R + # requires terraform files, but without directories selection + - TERRAFORM_TERRASCAN + +# yaml[octal-values]: bug +ANSIBLE_ANSIBLE_LINT_ARGUMENTS: >- + -x yaml[octal-values] + --exclude megalinter-reports/ + --exclude */deployments/*.yaml + --exclude */playbooks/files/calico.yaml + --exclude */terraform/cloud-init.yaml + +# B105:hardcoded_password_string: false positive +# B404:blacklist: subprocess needed +# B603:subprocess_without_shell_equals_true: needed +PYTHON_BANDIT_ARGUMENTS: --skip B105,B404,B603 + +# CKV2_ANSIBLE_1 (http): local comunication +# CKV_OPENSTACK_2: useless check +# CKV_SECRET_6 (base64): just crazy check +# FIXME: jupyterhub-jwt.yaml +REPOSITORY_CHECKOV_ARGUMENTS: >- + --skip-check CKV2_ANSIBLE_1,CKV_OPENSTACK_2,CKV_SECRET_6 + --skip-path .*/playbooks/files/(jupyterhub-jwt|calico).yaml + --skip-path .*/playbooks/upgrade.yaml + +# DS137138 (http): local communication +# DS169125 (ssl): protocol actually banned +# DS169126 (ssl): protocol actually banned +# DS176209: FIXME jupyterhub-jwt.yaml +REPOSITORY_DEVSKIM_ARGUMENTS: >- + --ignore-globs .git/**,**/playbooks/files/calico.yaml + --ignore-rule-ids DS137138,DS169125,DS169126,DS176209 + +# terraform_unused_declarations: common variables file +# terraform_required_providers: common requirements file +# terraform_required_version: common requirements file +TERRAFORM_TFLINT_ARGUMENTS: >- + --disable-rule=terraform_unused_declarations + --disable-rule=terraform_required_providers + --disable-rule=terraform_required_version + +YAML_PRETTIER_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*)\.yaml$ + +YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*|playbooks/files/calico|terraform/cloud-init)\.yaml$ + +FILTER_REGEX_EXCLUDE: ^.*\.swp$ -- GitLab