From 78c0bf2a6b23b993f14cdc82160d5b27e512ad60 Mon Sep 17 00:00:00 2001
From: Matthew Baggett <matthew@baggett.me>
Date: Fri, 28 Jun 2024 20:08:55 +0200
Subject: [PATCH] fix linting issues

---
 .trunk/trunk.yaml          |  2 +-
 README.md                  |  4 +---
 modules/minio/minio.tf     |  1 +
 modules/vigil/terraform.tf |  4 ++++
 nginx.tf                   |  1 +
 printers/Dockerfile        | 25 +++++++++----------------
 vigil.tf                   |  1 +
 7 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
index 80ae92a..6ea7987 100644
--- a/.trunk/trunk.yaml
+++ b/.trunk/trunk.yaml
@@ -21,6 +21,7 @@ lint:
     - trufflehog # Trufflehog duplicates gitleaks functionality.
     - terrascan
     - trivy
+    - checkov
   enabled:
     - hadolint@2.12.0
     - tflint@0.51.1
@@ -28,7 +29,6 @@ lint:
     - markdownlint@0.41.0
     - taplo@0.8.1
     - actionlint@1.7.1
-    - checkov@3.2.156
     - git-diff-check
     - prettier@3.3.2
     - yamllint@1.35.1
diff --git a/README.md b/README.md
index 1aff114..0491f80 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,3 @@
-Grey's Docker Swarm does IAC
-============================
+# Grey's Docker Swarm does IAC
 
 Or: How I learned to stop worrying and love the swarm.
-
diff --git a/modules/minio/minio.tf b/modules/minio/minio.tf
index 78a8343..cf89f2a 100644
--- a/modules/minio/minio.tf
+++ b/modules/minio/minio.tf
@@ -52,6 +52,7 @@ resource "docker_service" "minio" {
 }
 
 module "minio_nginx_config" {
+  # tflint-ignore: terraform_module_pinned_source
   source   = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
   hostname = var.domain
   //certificate   = acme_certificate.ooo_grey["s3"]
diff --git a/modules/vigil/terraform.tf b/modules/vigil/terraform.tf
index 2f7817b..2b76e1b 100644
--- a/modules/vigil/terraform.tf
+++ b/modules/vigil/terraform.tf
@@ -12,5 +12,9 @@ terraform {
       source  = "BrendanThompson/scratch"
       version = "~> 0.4"
     }
+    local = {
+      source  = "hashicorp/local"
+      version = "~>2.1"
+    }
   }
 }
diff --git a/nginx.tf b/nginx.tf
index e8187c7..5c2291d 100644
--- a/nginx.tf
+++ b/nginx.tf
@@ -11,6 +11,7 @@ resource "docker_network" "loadbalancer" {
 }
 
 module "nginx" {
+  # tflint-ignore: terraform_module_pinned_source
   source = "git::https://code.techinc.nl/grey/terraform-nginx.git"
   configs = concat(
     module.minio.nginx_files,
diff --git a/printers/Dockerfile b/printers/Dockerfile
index 81f96ef..3fbfbbc 100644
--- a/printers/Dockerfile
+++ b/printers/Dockerfile
@@ -1,6 +1,6 @@
 FROM octoprint/octoprint AS octoprint
-RUN apt update -q && \
-    apt install -yq \
+RUN apt-get update -q && \
+    apt-get install -yq --no-install-recommends \
         cpulimit \
         sudo \
         curl wget \
@@ -13,23 +13,16 @@ RUN apt update -q && \
 
 FROM octoprint AS mjpg-streamer-builder
 WORKDIR /build
-RUN apt update -q && \
-    apt install -yq unzip subversion
+RUN apt-get update -q && \
+    apt-get install -yq --no-install-recommends \
+      unzip  \
+      subversion
 RUN curl -s -L https://github.com/pranjalv123/mjpg-streamer-yu12/archive/refs/heads/master.zip --output mjpeg-streamer-yu12.zip && \
-    unzip -q mjpeg-streamer-yu12.zip
-RUN cd mjpg-streamer-yu12-master/mjpg-streamer && \
-    make && \
+    unzip -q mjpeg-streamer-yu12.zip \
+WORKDIR /build/mjpg-streamer-yu12-master/mjpg-streamer
+RUN make && \
     ls -lah
 
 FROM octoprint AS octoprint-mjpg-streamer
 COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/mjpg_streamer /usr/local/bin/mjpg_streamer
 COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/*.so /usr/local/lib/mjpg-streamer/
-
-FROM octoprint AS octoklipper
-RUN git clone https://github.com/Klipper3d/klipper.git klipper && \
-    cd klipper && \
-    git checkout master && \
-    rm .git -rf
-RUN venv/bin/pip install -r klipper/scripts/klippy-requirements.txt \
- && venv/bin/python -m compileall klipper/klippy \
- && venv/bin/python klipper/klippy/chelper/__init__.py
diff --git a/vigil.tf b/vigil.tf
index cb83839..8a5f8ff 100644
--- a/vigil.tf
+++ b/vigil.tf
@@ -1,4 +1,5 @@
 module "vigil_nginx_config" {
+  # tflint-ignore: terraform_module_pinned_source
   source   = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
   hostname = "vigil.california.ti"
   //certificate   = acme_certificate.ooo_grey["s3"]