Migrate code - next try§

.ansible-lint

@@ -0,0 +1,71 @@
+# .ansible-lint
+exclude_paths:
+  - .cache/  # implicit unless exclude_paths is defined in config
+  - .github/
+# parseable: true
+# quiet: true
+# verbosity: 1
+
+# Mock modules or roles in order to pass ansible-playbook --syntax-check
+mock_modules:
+  - zuul_return
+  # note the foo.bar is invalid as being neither a module or a collection
+  - fake_namespace.fake_collection.fake_module
+  - fake_namespace.fake_collection.fake_module.fake_submodule
+mock_roles:
+  - mocked_role
+  - author.role_name  # old standalone galaxy role
+  - fake_namespace.fake_collection.fake_role  # role within a collection
+
+# Enable checking of loop variable prefixes in roles
+loop_var_prefix: "{role}_"
+
+# Enforce variable names to follow pattern below, in addition to Ansible own
+# requirements, like avoiding python identifiers. To disable add `var-naming`
+# to skip_list.
+# var_naming_pattern: "^[a-z_][a-z0-9_]*$"
+
+use_default_rules: true
+# Load custom rules from this specific folder
+# rulesdir:
+#   - ./rule/directory/
+
+# This makes linter to fully ignore rules/tags listed below
+skip_list:
+  - skip_this_tag
+  - git-latest
+  - command-instead-of-shell  # Use shell only when shell functionality is required.
+  - no-changed-when
+  - no-handler
+  - ignore-errors
+
+# Any rule that has the 'opt-in' tag will not be loaded unless its 'id' is
+# mentioned in the enable_list:
+enable_list:
+  - fqcn-builtins  # opt-in
+  - no-log-password  # opt-in
+  - no-same-owner  # opt-in
+  # add yaml here if you want to avoid ignoring yaml checks when yamllint
+  # library is missing. Normally its absence just skips using that rule.
+  - yaml
+# Report only a subset of tags and fully ignore any others
+# tags:
+#   - var-spacing
+
+# This makes the linter display but not fail for rules/tags listed below:
+warn_list:
+  - skip_this_tag
+  - git-latest
+  - experimental  # experimental is included in the implicit list
+  # - role-name
+
+# Offline mode disables installation of requirements.yml
+offline: false
+
+# Define required Ansible's variables to satisfy syntax check
+extra_vars:
+  foo: bar
+  multiline_string_variable: |
+    line1
+    line2
+  complex_variable: ":{;\t$()"

.linter-config/.checkov.yml

@@ -0,0 +1,15 @@
+block-list-secret-scan: []
+branch: master
+download-external-modules: false
+evaluate-variables: true
+external-modules-download-path: .external_modules
+framework:
+  - all
+mask: []
+output:
+  - cli
+quiet: true
+secrets-history-timeout: 12h
+secrets-scan-file-type: []
+summary-position: top
+skip-check: []

.pre-commit-config.yaml

@@ -0,0 +1,24 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+      - id: fix-byte-order-marker
+      - id: check-json
+      - id: check-yaml
+        # args:
+        #   - "-c __GIT_WORKING_DIR__/.linter-config/.yamllint"
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: mixed-line-ending
+        args: ['--fix=lf']
+        description: Forces to replace line ending by the UNIX 'lf' character
+      - id: detect-aws-credentials
+        args: ['--allow-missing-credentials']
+      - id: detect-private-key
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.81.0
+    hooks:
+      - id: terraform_checkov
+        exclude: "[examples|test]/.*$"
+        args:
+          - "--args=--config-file __GIT_WORKING_DIR__/.linter-config/.checkov.yml"

.tool-versions

@@ -0,0 +1 @@
+pre-commit 3.3.3

.yamllint

@@ -0,0 +1,34 @@
+---
+yaml-files:
+  - '*.yaml'
+  - '*.yml'
+  - '.yamllint'
+
+rules:
+  braces: enable
+  brackets: enable
+  colons: enable
+  commas: enable
+  comments:
+    level: warning
+  comments-indentation: disable
+  #  level: warning
+  document-end: disable
+  # document-start:
+  #   level: warning
+  document-start: disable
+  empty-lines: enable
+  empty-values: disable
+  float-values: disable
+  hyphens: enable
+  indentation: enable
+  key-duplicates: enable
+  key-ordering: disable
+  line-length: disable
+  new-line-at-end-of-file: enable
+  new-lines: enable
+  octal-values: disable
+  quoted-strings: disable
+  trailing-spaces: enable
+  truthy:
+    level: warning

Dockerfile

@@ -0,0 +1,31 @@
+FROM alpine:3.18.2
+
+LABEL maintainer="Michael Oberdorf IT-Consulting <info@oberdorf-itc.de>" \
+      de.dsb2pushover.version="1.0.9"
+
+# LOGLEVEL can be one of debug, info, warning , error
+ENV LOGLEVEL info
+
+COPY --chown=root:root /requirements.txt /
+
+RUN apk upgrade --available --no-cache --update \
+    && apk add --no-cache --update \
+       libcurl=8.2.1-r0 \
+       python3=3.11.4-r0 \
+       py3-beautifulsoup4=4.12.2-r1 \
+       py3-curl=7.45.2-r1 \
+       py3-numpy=1.24.4-r0 \
+       py3-packaging=23.1-r1 \
+       py3-pandas=1.5.3-r1 \
+       py3-pillow=9.5.0-r1 \
+       py3-pip=23.1.2-r0 \
+       py3-requests=2.31.0-r0 \
+    && pip3 install --no-cache-dir -r /requirements.txt
+
+COPY --chown=root:root /src /
+
+USER 3182:3182
+
+# Start Server
+ENTRYPOINT ["python3"]
+CMD ["-u", "/app/dsb2pushover.py"]

requirements.txt

@@ -0,0 +1,5 @@
+datetime==5.2
+# needs to be fixed to 0.0.14 and \src\usr\local\lib\python3.9\site-packages\dsbapi\__init__.py needs to be removed
+dsbapipy>=0.0.13
+http.client==0.1.22
+pytesseract==0.3.10