diff --git a/.markdownlint.yaml b/.markdownlint.yaml new file mode 100644 index 00000000..0c4194a4 --- /dev/null +++ b/.markdownlint.yaml @@ -0,0 +1,272 @@ +# Example markdownlint configuration with all properties set to their default value + +# Default state for all rules +default: true + +# Path to configuration file to extend +extends: null + +# MD001/heading-increment : Heading levels should only increment by one level at a time : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md001.md +MD001: true + +# MD003/heading-style : Heading style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md003.md +MD003: + # Heading style + style: "consistent" + +# MD004/ul-style : Unordered list style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md004.md +MD004: + # List style + style: "consistent" + +# MD005/list-indent : Inconsistent indentation for list items at the same level : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md005.md +MD005: true + +# MD007/ul-indent : Unordered list indentation : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md007.md +MD007: + # Spaces for indent + indent: 2 + # Whether to indent the first level of the list + start_indented: false + # Spaces for first level indent (when start_indented is set) + start_indent: 2 + +# MD009/no-trailing-spaces : Trailing spaces : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md009.md +MD009: + # Spaces for line break + br_spaces: 2 + # Allow spaces for empty lines in list items + list_item_empty_lines: false + # Include unnecessary breaks + strict: false + +# MD010/no-hard-tabs : Hard tabs : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md010.md +MD010: + # Include code blocks + code_blocks: false + # Fenced code languages to ignore + ignore_code_languages: [] + # Number of spaces for each hard tab + spaces_per_tab: 1 + +# MD011/no-reversed-links : Reversed link syntax : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md011.md +MD011: true + +# MD012/no-multiple-blanks : Multiple consecutive blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md012.md +MD012: + # Consecutive blank lines + maximum: 1 + +# MD013/line-length : Line length : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md +MD013: + # Number of characters + line_length: 80 + # Number of characters for headings + heading_line_length: 80 + # Number of characters for code blocks + code_block_line_length: 80 + # Include code blocks + code_blocks: false + # Include tables + tables: false + # Include headings + headings: false + # Strict length checking + strict: false + # Stern length checking + stern: false + +# MD014/commands-show-output : Dollar signs used before commands without showing output : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md014.md +MD014: true + +# MD018/no-missing-space-atx : No space after hash on atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md018.md +MD018: true + +# MD019/no-multiple-space-atx : Multiple spaces after hash on atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md019.md +MD019: true + +# MD020/no-missing-space-closed-atx : No space inside hashes on closed atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md020.md +MD020: true + +# MD021/no-multiple-space-closed-atx : Multiple spaces inside hashes on closed atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md021.md +MD021: true + +# MD022/blanks-around-headings : Headings should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md022.md +MD022: + # Blank lines above heading + lines_above: 1 + # Blank lines below heading + lines_below: 1 + +# MD023/heading-start-left : Headings must start at the beginning of the line : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md023.md +MD023: true + +# MD024/no-duplicate-heading : Multiple headings with the same content : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md024.md +MD024: + # Only check sibling headings + siblings_only: false + +# MD025/single-title/single-h1 : Multiple top-level headings in the same document : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md025.md +MD025: + # Heading level + level: 1 + # RegExp for matching title in front matter + front_matter_title: "^\\s*title\\s*[:=]" + +# MD026/no-trailing-punctuation : Trailing punctuation in heading : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md026.md +MD026: + # Punctuation characters + punctuation: ".,;:!。,;:!" + +# MD027/no-multiple-space-blockquote : Multiple spaces after blockquote symbol : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md027.md +MD027: true + +# MD028/no-blanks-blockquote : Blank line inside blockquote : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md028.md +MD028: true + +# MD029/ol-prefix : Ordered list item prefix : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md029.md +MD029: + # List style + style: "one_or_ordered" + +# MD030/list-marker-space : Spaces after list markers : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md030.md +MD030: + # Spaces for single-line unordered list items + ul_single: 1 + # Spaces for single-line ordered list items + ol_single: 1 + # Spaces for multi-line unordered list items + ul_multi: 1 + # Spaces for multi-line ordered list items + ol_multi: 1 + +# MD031/blanks-around-fences : Fenced code blocks should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md031.md +MD031: + # Include list items + list_items: true + +# MD032/blanks-around-lists : Lists should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md032.md +MD032: true + +# MD033/no-inline-html : Inline HTML : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md033.md +MD033: + # Allowed elements + allowed_elements: [] + +# MD034/no-bare-urls : Bare URL used : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md034.md +MD034: true + +# MD035/hr-style : Horizontal rule style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md035.md +MD035: + # Horizontal rule style + style: "consistent" + +# MD036/no-emphasis-as-heading : Emphasis used instead of a heading : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md036.md +MD036: + # Punctuation characters + punctuation: ".,;:!?。,;:!?" + +# MD037/no-space-in-emphasis : Spaces inside emphasis markers : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md037.md +MD037: true + +# MD038/no-space-in-code : Spaces inside code span elements : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md038.md +MD038: true + +# MD039/no-space-in-links : Spaces inside link text : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md039.md +MD039: true + +# MD040/fenced-code-language : Fenced code blocks should have a language specified : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md040.md +MD040: + # List of languages + allowed_languages: [] + # Require language only + language_only: false + +# MD041/first-line-heading/first-line-h1 : First line in a file should be a top-level heading : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md041.md +MD041: + # Heading level + level: 1 + # RegExp for matching title in front matter + front_matter_title: "^\\s*title\\s*[:=]" + +# MD042/no-empty-links : No empty links : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md042.md +MD042: true + +# MD043/required-headings : Required heading structure : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md043.md +# MD043: + # List of headings + # headings: [] + # Match case of headings + # match_case: false + +# MD044/proper-names : Proper names should have the correct capitalization : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md044.md +MD044: + # List of proper names + names: [] + # Include code blocks + code_blocks: true + # Include HTML elements + html_elements: true + +# MD045/no-alt-text : Images should have alternate text (alt text) : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md045.md +MD045: true + +# MD046/code-block-style : Code block style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md046.md +MD046: + # Block style + style: "consistent" + +# MD047/single-trailing-newline : Files should end with a single newline character : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md047.md +MD047: true + +# MD048/code-fence-style : Code fence style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md048.md +MD048: + # Code fence style + style: "consistent" + +# MD049/emphasis-style : Emphasis style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md049.md +MD049: + # Emphasis style + style: "consistent" + +# MD050/strong-style : Strong style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md050.md +MD050: + # Strong style + style: "consistent" + +# MD051/link-fragments : Link fragments should be valid : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md051.md +MD051: true + +# MD052/reference-links-images : Reference links and images should use a label that is defined : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md052.md +MD052: + # Include shortcut syntax + shortcut_syntax: false + +# MD053/link-image-reference-definitions : Link and image reference definitions should be needed : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md053.md +MD053: + # Ignored definitions + ignored_definitions: + - "//" + +# MD054/link-image-style : Link and image style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md054.md +MD054: + # Allow autolinks + autolink: true + # Allow inline links and images + inline: true + # Allow full reference links and images + full: true + # Allow collapsed reference links and images + collapsed: true + # Allow shortcut reference links and images + shortcut: true + # Allow URLs as inline links + url_inline: true + +# MD055/table-pipe-style : Table pipe style : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md055.md +MD055: + # Table pipe style + style: "consistent" + +# MD056/table-column-count : Table column count : https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md056.md +MD056: true diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..e41fbc2d --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,41 @@ +exclude: ^(img/) +repos: +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.6.0 + hooks: + - id: check-added-large-files + - id: debug-statements + - id: detect-private-key + - id: end-of-file-fixer + - id: requirements-txt-fixer + - id: trailing-whitespace +- repo: https://github.com/astral-sh/ruff-pre-commit + rev: v0.3.7 + hooks: + - id: ruff + args: [--fix, --exit-non-zero-on-fix] +- repo: https://github.com/psf/black + rev: 24.4.0 + hooks: + - id: black +- repo: https://github.com/pre-commit/mirrors-mypy + rev: v1.9.0 + hooks: + - id: mypy + args: ["--config-file", "pyproject.toml"] + additional_dependencies: + - types-PyYAML +- repo: https://github.com/compilerla/conventional-pre-commit + rev: v3.2.0 + hooks: + - id: conventional-pre-commit + stages: [commit-msg] + args: [--strict] +- repo: https://github.com/igorshubovych/markdownlint-cli + rev: v0.39.0 + hooks: + - id: markdownlint +- repo: https://github.com/renovatebot/pre-commit-hooks + rev: 37.353.0 + hooks: + - id: renovate-config-validator diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 150250fe..36043299 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,33 +2,39 @@ ## Overview -This document explains the processes and practices recommended for contributing enhancements to -this operator. +This document explains the processes and practices recommended for contributing +enhancements to this operator. -- Generally, before developing bugs or enhancements to this charm, you should [open an issue - ](https://github.com/canonical/hydra-operator/issues) explaining your use case. +- Generally, before developing bugs or enhancements to this charm, you + should [open an issue](https://github.com/canonical/hydra-operator/issues) + explaining your use case. - If you would like to chat with us about charm development, you can reach - us at [Canonical Mattermost public channel](https://chat.charmhub.io/charmhub/channels/charm-dev) + us + at [Canonical Mattermost public channel](https://chat.charmhub.io/charmhub/channels/charm-dev) or [Discourse](https://discourse.charmhub.io/). -- Familiarising yourself with the [Charmed Operator Framework](https://juju.is/docs/sdk) library +- Familiarising yourself with + the [Charmed Operator Framework](https://juju.is/docs/sdk) library will help you a lot when working on new features or bug fixes. -- All enhancements require review before being merged. Code review typically examines +- All enhancements require review before being merged. Code review typically + examines - code quality - test coverage - user experience for Juju administrators of this charm. -- Please help us out in ensuring easy to review branches by rebasing your pull request branch onto - the `main` branch. This also avoids merge commits and creates a linear Git commit history. +- Please help us out in ensuring easy to review branches by rebasing your pull + request branch onto the `main` branch. This also avoids merge commits and + creates a linear Git commit history. ## Developing -You can use the environments created by `tox` for development: +You can use the environments created by `tox` for development. It helps +install `pre-commit` and `mypy` type checker. ```shell -tox --notest -e unit -source .tox/unit/bin/activate +tox -e dev +source .tox/dev/bin/activate ``` -### Testing +## Testing ```shell tox -e unit # unit tests @@ -36,13 +42,16 @@ tox -e integration # integration tests ``` To test this charm manually, execute the container: -```bash + +```shell kubectl exec -it hydra-0 -c hydra -n -- sh ``` Create an exemplary client: + ```shell -# hydra create client --endpoint http://127.0.0.1:4445/ --name example-client +$ hydra create client --endpoint http://127.0.0.1:4445/ --name example-client + CLIENT ID b55b6857-968e-4fb7-be77-f701ec751405 CLIENT SECRET b3wFYH2N_epJY6C8jCuinBRP60 GRANT TYPES authorization_code @@ -53,8 +62,10 @@ REDIRECT URIS ``` List the clients: + ```shell -# hydra list clients --endpoint http://127.0.0.1:4445/ +$ hydra list clients --endpoint http://127.0.0.1:4445/ + CLIENT ID CLIENT SECRET GRANT TYPES RESPONSE TYPES SCOPE AUDIENCE REDIRECT URIS b55b6857-968e-4fb7-be77-f701ec751405 authorization_code code offline_access offline openid @@ -62,7 +73,7 @@ NEXT PAGE TOKEN IS LAST PAGE true ``` -## Build charm +## Building Build the charm in this git repository using: @@ -70,10 +81,9 @@ Build the charm in this git repository using: charmcraft pack ``` -### Deploy +## Deploying - -```bash +```shell # Create a model juju add-model dev # Enable DEBUG logging @@ -82,10 +92,12 @@ juju model-config logging-config="=INFO;unit=DEBUG" juju deploy postgresql-k8s --channel edge --trust # Deploy the charm juju deploy ./hydra*.charm --resource oci-image=$(yq eval '.resources.oci-image.upstream-source' metadata.yaml) -# Add relation -juju relate postgresql-k8s hydra +# Add integration +juju integrate postgresql-k8s hydra ``` ## Canonical Contributor Agreement -Canonical welcomes contributions to Charmed Ory Hydra. Please check out our [contributor agreement](https://ubuntu.com/legal/contributors) if you're interested in contributing to the solution. +Canonical welcomes contributions to Charmed Ory Hydra. Please check out +our [contributor agreement](https://ubuntu.com/legal/contributors) if you're +interested in contributing to the solution. diff --git a/README.md b/README.md index dfb3450f..6d47b123 100644 --- a/README.md +++ b/README.md @@ -1,76 +1,103 @@ # Charmed Ory Hydra [![CharmHub Badge](https://charmhub.io/hydra/badge.svg)](https://charmhub.io/hydra) +[![Juju](https://img.shields.io/badge/Juju%20-3.0+-%23E95420)](https://github.com/juju/juju) +[![License](https://img.shields.io/github/license/canonical/hydra-operator?label=License)](https://github.com/canonical/hydra-operator/blob/main/LICENSE) + +[![Continuous Integration Status](https://github.com/canonical/hydra-operator/actions/workflows/on_push.yaml/badge.svg?branch=main)](https://github.com/canonical/hydra-operator/actions?query=branch%3Amain) +[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit)](https://github.com/pre-commit/pre-commit) +[![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-%23FE5196.svg)](https://conventionalcommits.org) ## Description -Python Operator for Ory Hydra - a scalable, security first OAuth 2.0 and OpenID Connect server. For more details and documentation, visit https://www.ory.sh/docs/hydra/ +Python Operator for Ory Hydra - a scalable, security first OAuth 2.0 and +OpenID Connect server. For more details and documentation, +visit . ## Usage -```bash +```shell juju deploy postgresql-k8s --channel edge --trust juju deploy hydra --trust -juju relate postgresql-k8s hydra +juju integrate postgresql-k8s hydra ``` You can follow the deployment status with `watch -c juju status --color`. -## Relations +## Integrations ### PostgreSQL -This charm requires a relation with [postgresql-k8s-operator](https://github.com/canonical/postgresql-k8s-operator). +This charm requires an integration +with [postgresql-k8s-operator](https://github.com/canonical/postgresql-k8s-operator). ### Ingress -The Hydra Operator offers integration with the [traefik-k8s-operator](https://github.com/canonical/traefik-k8s-operator) for ingress. Hydra has two APIs which can be exposed through ingress, the public API and the admin API. +The Hydra Operator offers integration with +the [traefik-k8s-operator](https://github.com/canonical/traefik-k8s-operator) +for ingress. Hydra has two APIs which can be exposed through ingress, the public +API and the admin API. -If you have traefik deployed and configured in your hydra model, to provide ingress to the admin API run: +If you have traefik deployed and configured in your hydra model, to provide +ingress to the admin API run: -```bash -juju relate traefik-admin hydra:admin-ingress +```shell +juju integrate traefik-admin hydra:admin-ingress ``` To provide ingress to the public API run: -```bash -juju relate traefik-public hydra:public-ingress +```shell +juju integrate traefik-public hydra:public-ingress ``` ### Kratos -This charm offers integration with [kratos-operator](https://github.com/canonical/kratos-operator). In order to integrate hydra with kratos, it needs to be able to access hydra's admin API endpoint. -To enable that, integrate the two charms: -```console +This charm offers integration +with [kratos-operator](https://github.com/canonical/kratos-operator). In order +to integrate hydra with kratos, it needs to be able to access hydra's admin API +endpoint. To enable that, integrate the two charms: + +```shell juju integrate kratos hydra ``` ### Identity Platform Login UI -The following instructions assume that you have deployed `traefik-admin` and `traefik-public` charms and related them to hydra. Note that the UI charm should run behind a proxy. +The following instructions assume that you have deployed `traefik-admin` +and `traefik-public` charms and integrated them with hydra. Note that the UI +charm should run behind a proxy. -This charm offers integration with [identity-platform-login-ui-operator](https://github.com/canonical/identity-platform-login-ui-operator). In order to integrate them, run: +This charm offers integration +with [identity-platform-login-ui-operator](https://github.com/canonical/identity-platform-login-ui-operator). +In order to integrate them, run: -```console +```shell juju integrate hydra:ui-endpoint-info identity-platform-login-ui-operator:ui-endpoint-info juju integrate identity-platform-login-ui-operator:hydra-endpoint-info hydra:hydra-endpoint-info ``` ## OCI Images -The image used by this charm is hosted on [Docker Hub](https://hub.docker.com/r/oryd/hydra) and maintained by Ory. +The image used by this charm is hosted +on [Docker Hub](https://hub.docker.com/r/oryd/hydra) and maintained by Ory. ## Security -Security issues can be reported through [LaunchPad](https://wiki.ubuntu.com/DebuggingSecurity#How%20to%20File). Please do not file GitHub issues about security issues. +Security issues can be reported +through [LaunchPad](https://wiki.ubuntu.com/DebuggingSecurity#How%20to%20File). +Please do not file GitHub issues about security issues. ## Contributing -Please see the [Juju SDK docs](https://juju.is/docs/sdk) for guidelines on enhancements to this -charm following best practice guidelines, and -[CONTRIBUTING.md](https://github.com/canonical/hydra-operator/blob/main/CONTRIBUTING.md) for developer guidance. +Please see the [Juju SDK docs](https://juju.is/docs/sdk) for guidelines on +enhancements to this charm following best practice guidelines, +and [CONTRIBUTING.md](https://github.com/canonical/hydra-operator/blob/main/CONTRIBUTING.md) +for developer guidance. ## License -The Charmed Hydra Operator is free software, distributed under the Apache Software License, version 2.0. See [LICENSE](https://github.com/canonical/hydra-operator/blob/main/LICENSE) for more information. +The Charmed Hydra Operator is free software, distributed under the Apache +Software License, version 2.0. +See [LICENSE](https://github.com/canonical/hydra-operator/blob/main/LICENSE) for +more information. diff --git a/renovate.json b/renovate.json index 7d137056..3b36b6be 100644 --- a/renovate.json +++ b/renovate.json @@ -9,7 +9,8 @@ ":rebaseStalePrs", ":semanticCommits", ":semanticCommitScope(deps)", - "helpers:pinGitHubActionDigests" + "helpers:pinGitHubActionDigests", + ":enablePreCommit" ], "automergeType": "pr", "rebaseWhen": "behind-base-branch", @@ -25,7 +26,6 @@ { "groupName": "operator pip deps", "matchManagers": ["pip_requirements"], - "fileMatch": ["requirements\\.txt$"], "matchUpdateTypes": ["minor", "patch", "pin", "digest"], "schedule": ["at any time"], "prPriority": 5, @@ -34,7 +34,6 @@ { "groupName": "operator pip deps", "matchManagers": ["pip_requirements"], - "fileMatch": ["requirements\\.txt$"], "matchUpdateTypes": ["major"], "schedule": ["at any time"], "prPriority": 5 @@ -63,6 +62,14 @@ "automerge": true, "schedule": ["at any time"], "additionalBranchPrefix": "auto-" + }, + { + "groupName": "pre-commit hooks", + "matchManagers": ["pre-commit"], + "matchUpdateTypes": ["major", "minor", "patch", "pin", "digest"], + "automerge": true, + "schedule": ["at any time"], + "additionalBranchPrefix": "auto-" } ] } diff --git a/tox.ini b/tox.ini index c534d34a..18d9e04e 100644 --- a/tox.ini +++ b/tox.ini @@ -22,6 +22,15 @@ passenv = CHARM_BUILD_DIR MODEL_SETTINGS +[testenv:dev] +description = Prepare local development tools +deps = + pre-commit + mypy + types-PyYAML +commands = + pre-commit install -t commit-msg + [testenv:fmt] description = Apply coding style standards to code deps =