.github/workflows: add workflows for linting nomad and terraform formatting

.git-blame-ignore-revs

@@ -0,0 +1,2 @@
+1d72ba6c0beeb30d85d8021cb2004b3f6f48126d
+301aae86217b9c24fed83ac28f5da3d06d30e47e

.github/workflows/nomad-lint.yml

@@ -0,0 +1,43 @@
+name: Lint Nomad files
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - master
+    paths:
+      - services/nomad/**.nomad
+  push:
+    branches:
+      - master
+    paths:
+      - services/nomad/**.nomad
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  lint:
+    name: Lint Nomad files
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/void-linux/void-glibc
+    steps:
+      - name: Prepare container
+        run: |
+          xbps-install -Syu xbps && xbps-install -y void-repo-nonfree && \
+            xbps-install -Syu && xbps-install -y nomad bash git
+
+      - name: Checkout repo
+        uses: classabbyamp/treeless-checkout-action@v1
+
+      - name: Run Lints
+        run: |
+          rv=0
+          printf "\033[1m=> Checking formatting of nomad files\033[0m\n"
+          nomad fmt -check -recursive services/nomad || rv=1
+          if [ "$rv" -ne 0 ]; then
+            printf "\033[1m=> Some nomad files need formatting! Run 'nomad fmt' on the listed files. \033[0m\n"
+          fi
+          exit "$rv"
+

.github/workflows/terraform-lint.yml

@@ -0,0 +1,43 @@
+name: Lint Terraform files
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - master
+    paths:
+      - terraform/**.tf
+  push:
+    branches:
+      - master
+    paths:
+      - terraform/**.tf
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  lint:
+    name: Lint Terraform files
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/void-linux/void-glibc
+    steps:
+      - name: Prepare container
+        run: |
+          xbps-install -Syu xbps && xbps-install -y void-repo-nonfree && \
+            xbps-install -Syu && xbps-install -y terraform bash git
+
+      - name: Checkout repo
+        uses: classabbyamp/treeless-checkout-action@v1
+
+      - name: Run Lints
+        run: |
+          rv=0
+          printf "\033[1m=> Checking formatting of terraform files\033[0m\n"
+          terraform fmt -check -recursive terraform || rv=1
+          if [ "$rv" -ne 0 ]; then
+            printf "\033[1m=> Some terraform files need formatting! Run 'terraform fmt' on the listed files. \033[0m\n"
+          fi
+          exit "$rv"
+

services/nomad/apps/alps.nomad

@@ -1,7 +1,7 @@
 job "alps" {
   datacenters = ["VOID"]
-  namespace = "apps-restricted"
-  type = "service"
+  namespace   = "apps-restricted"
+  type        = "service"
 
   group "app" {
     count = 1
@@ -16,7 +16,7 @@ job "alps" {
       port = "http"
       meta {
         nginx_enable = "true"
-        nginx_names = "alps.s.voidlinux.org alps.voidlinux.org"
+        nginx_names  = "alps.s.voidlinux.org alps.voidlinux.org"
       }
     }
 
@@ -25,7 +25,7 @@ job "alps" {
 
       config {
         image = "ghcr.io/void-linux/infra-alps:9cb23b09"
-        args = ["imaps://mx1.voidlinux.org:993", "smtps://mx1.voidlinux.org:465"]
+        args  = ["imaps://mx1.voidlinux.org:993", "smtps://mx1.voidlinux.org:465"]
       }
     }
   }

services/nomad/apps/debuginfod.nomad

@@ -1,21 +1,21 @@
 job "debuginfod" {
   datacenters = ["VOID"]
-  namespace = "apps"
-  type = "service"
+  namespace   = "apps"
+  type        = "service"
 
   group "app" {
     count = 1
 
     volume "binpkgs" {
-      type = "host"
+      type      = "host"
       read_only = true
-      source = "root-pkgs"
+      source    = "root-pkgs"
     }
 
     volume "debuginfod" {
-      type = "host"
+      type      = "host"
       read_only = false
-      source = "debuginfod-data"
+      source    = "debuginfod-data"
     }
 
     network {
@@ -30,31 +30,31 @@ job "debuginfod" {
       port = "http"
       meta {
         nginx_enable = "true"
-        nginx_names = "debuginfod.s.voidlinux.org debuginfod.voidlinux.org"
+        nginx_names  = "debuginfod.s.voidlinux.org debuginfod.voidlinux.org"
       }
 
       check {
-        type = "http"
+        type         = "http"
         address_mode = "host"
-        path = "/metrics"
-        timeout = "30s"
-        interval = "15s"
+        path         = "/metrics"
+        timeout      = "30s"
+        interval     = "15s"
       }
     }
 
     task "debuginfod" {
       driver = "docker"
 
       volume_mount {
-        volume = "binpkgs"
+        volume      = "binpkgs"
         destination = "/binpkgs"
-        read_only = true
+        read_only   = true
       }
 
       volume_mount {
-        volume = "debuginfod"
+        volume      = "debuginfod"
         destination = "/debuginfod"
-        read_only = false
+        read_only   = false
       }
 
       config {
@@ -73,12 +73,12 @@ job "debuginfod" {
 
       resources {
         memory = 8000
-        cpu = 6000
+        cpu    = 6000
       }
 
       restart {
         attempts = 100
-        delay = "30s"
+        delay    = "30s"
       }
     }
   }

services/nomad/apps/devspace.nomad

@@ -1,21 +1,21 @@
 job "devspace" {
   datacenters = ["VOID-MIRROR"]
-  namespace = "apps"
-  type = "service"
+  namespace   = "apps"
+  type        = "service"
 
   group "sftpgo" {
     count = 1
 
     volume "devspace_data" {
-      type = "host"
+      type      = "host"
       read_only = false
-      source = "devspace_data"
+      source    = "devspace_data"
     }
 
     volume "netauth_config" {
-      type = "host"
+      type      = "host"
       read_only = true
-      source = "netauth_config"
+      source    = "netauth_config"
     }
 
     network {
@@ -31,13 +31,13 @@ job "devspace" {
       port = "http"
       meta {
         nginx_enable = "true"
-        nginx_names = "devspace-sftp.voidlinux.org"
+        nginx_names  = "devspace-sftp.voidlinux.org"
       }
       check {
-        type = "http"
-        port = 8081
-        path = "/healthz"
-        timeout = "1s"
+        type     = "http"
+        port     = 8081
+        path     = "/healthz"
+        timeout  = "1s"
         interval = "30s"
       }
     }
@@ -46,39 +46,39 @@ job "devspace" {
       driver = "docker"
 
       volume_mount {
-        volume = "devspace_data"
+        volume      = "devspace_data"
         destination = "/data"
-        read_only = false
+        read_only   = false
       }
 
       volume_mount {
-        volume = "netauth_config"
+        volume      = "netauth_config"
         destination = "/etc/netauth"
-        read_only = true
+        read_only   = true
       }
 
       config {
-        image = "ghcr.io/void-linux/infra-sftpgo:20241231R1"
+        image        = "ghcr.io/void-linux/infra-sftpgo:20241231R1"
         network_mode = "host"
       }
 
       env {
-        SFTPGO_HTTPD__BINDINGS__0__PORT = "${NOMAD_PORT_http}"
-        SFTPGO_HTTPD__TEMPLATES_PATH = "/usr/share/sftpgo/templates"
-        SFTPGO_HTTPD__STATIC_FILES_PATH = "/usr/share/sftpgo/static"
-        SFTPGO_SFTPD__HOST_KEYS = "/secrets/id_rsa,/secrets/id_ecdsa,/secrets/id_ed25519"
-        SFTPGO_TELEMETRY__BIND_PORT = "8081"
-        SFTPGO_TELEMETRY__BIND_ADDRESS = ""
-        SFTPGO_DATA_PROVIDER__DRIVER = "sqlite"
-        SFTPGO_DATA_PROVIDER__NAME = "/data/sftpgo.db"
+        SFTPGO_HTTPD__BINDINGS__0__PORT          = "${NOMAD_PORT_http}"
+        SFTPGO_HTTPD__TEMPLATES_PATH             = "/usr/share/sftpgo/templates"
+        SFTPGO_HTTPD__STATIC_FILES_PATH          = "/usr/share/sftpgo/static"
+        SFTPGO_SFTPD__HOST_KEYS                  = "/secrets/id_rsa,/secrets/id_ecdsa,/secrets/id_ed25519"
+        SFTPGO_TELEMETRY__BIND_PORT              = "8081"
+        SFTPGO_TELEMETRY__BIND_ADDRESS           = ""
+        SFTPGO_DATA_PROVIDER__DRIVER             = "sqlite"
+        SFTPGO_DATA_PROVIDER__NAME               = "/data/sftpgo.db"
         SFTPGO_DATA_PROVIDER__EXTERNAL_AUTH_HOOK = "/usr/libexec/sftpgo/netauth-hook"
-        SFTPGO_COMMAND__COMMANDS__0__PATH = "/usr/libexec/sftpgo/netauth-hook"
-        SFTPGO_COMMAND__COMMANDS__0__ENV = "SFTPGO_NETAUTH_REQUIREGROUP=devspace-users,SFTPGO_NETAUTH_HOMEDIR=/data/home"
-        SFTPGO_COMMAND__COMMANDS__0__HOOK = "external_auth"
+        SFTPGO_COMMAND__COMMANDS__0__PATH        = "/usr/libexec/sftpgo/netauth-hook"
+        SFTPGO_COMMAND__COMMANDS__0__ENV         = "SFTPGO_NETAUTH_REQUIREGROUP=devspace-users,SFTPGO_NETAUTH_HOMEDIR=/data/home"
+        SFTPGO_COMMAND__COMMANDS__0__HOOK        = "external_auth"
       }
 
       template {
-                data = <<EOF
+        data        = <<EOF
 {{- with nomadVar "nomad/jobs/devspace" -}}
 {{ .ssh_host_rsa_key }}
 {{- end -}}
@@ -87,7 +87,7 @@ EOF
       }
 
       template {
-                data = <<EOF
+        data        = <<EOF
 {{- with nomadVar "nomad/jobs/devspace" -}}
 {{ .ssh_host_ed25519_key }}
 {{- end -}}
@@ -96,7 +96,7 @@ EOF
       }
 
       template {
-                data = <<EOF
+        data        = <<EOF
 {{- with nomadVar "nomad/jobs/devspace" -}}
 {{ .ssh_host_ecdsa_key }}
 {{- end -}}
@@ -110,9 +110,9 @@ EOF
     count = 1
 
     volume "devspace_home" {
-      type = "host"
+      type      = "host"
       read_only = true
-      source = "devspace_home"
+      source    = "devspace_home"
     }
 
     network {
@@ -125,15 +125,15 @@ EOF
       port = "http"
       meta {
         nginx_enable = "true"
-        nginx_names = "devspace.voidlinux.org"
+        nginx_names  = "devspace.voidlinux.org"
       }
     }
 
     task "nginx" {
       driver = "docker"
 
       volume_mount {
-        volume = "devspace_home"
+        volume      = "devspace_home"
         destination = "/srv/www"
       }
 
@@ -142,7 +142,7 @@ EOF
       }
 
       template {
-        data = <<EOF
+        data        = <<EOF
 server {
     server_name devspace;
     listen 0.0.0.0:80 default_server;