Add yaml linter github action

.github/dependabot.yml

@@ -1,3 +1,4 @@
+---
 version: 2
 updates:
   - package-ecosystem: 'github-actions'

.github/workflows/api.yml

@@ -1,3 +1,4 @@
+---
 name: Validate API Spec
 
 on:
@@ -19,30 +20,29 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - name: Checkout code
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
-      with:
-        fetch-depth: 1
+      - name: Checkout code
+        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        with:
+          fetch-depth: 1
 
-    - name: Setup Node.js
-      uses: actions/setup-node@c2ac33f2c62f978d6c944d9648125a294e56dc0b # v4.0.2
-      with:
-        node-version: 'v20.12.0'
+      - name: Setup Node.js
+        uses: actions/setup-node@c2ac33f2c62f978d6c944d9648125a294e56dc0b # v4.0.2
+        with:
+          node-version: 'v20.12.0'
 
-    - name: Install tsp
-      run: npm install -g @typespec/[email protected]
+      - name: Install tsp
+        run: npm install -g @typespec/[email protected]
 
-    - name: Install dependencies
-      run: npm ci
+      - name: Install dependencies
+        run: npm ci
 
-    - name: Install autorest
-      run: npm install -g [email protected]
+      - name: Install autorest
+        run: npm install -g [email protected]
 
-    - name: make generate
-      run: make generate
-      working-directory: './api'
-
-    - name: Check for Uncommitted Changes
-      run: |
-        git diff --exit-code || (echo "::error::Uncommitted changes detected in OpenAPI spec. Please regenerate and commit them." && exit 1)
+      - name: make generate
+        run: make generate
+        working-directory: './api'
 
+      - name: Check for Uncommitted Changes
+        run: |
+          git diff --exit-code || (echo "::error::Uncommitted changes detected in OpenAPI spec. Please regenerate and commit them." && exit 1)

.github/workflows/ci-go.yml

@@ -1,3 +1,4 @@
+---
 name: 'ci-go'
 on:
   pull_request:

.github/workflows/yaml-lint.yml

@@ -0,0 +1,23 @@
+---
+# MegaLinter GitHub Action configuration file
+# More info at https://oxsecurity.github.io/megalinter
+name: mega-linter-yaml
+
+on:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    name: mega-linter-yaml
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        with:
+          fetch-depth: 1
+
+      - name: yamllint
+        uses: oxsecurity/megalinter/flavors/ci_light@v7

.golangci.yml

@@ -1,3 +1,4 @@
+---
 run:
   timeout: 10m
   skip-dirs-use-default: true
@@ -22,4 +23,4 @@ linters:
     - unused
 linters-settings:
   goimports:
-    local-prefixes: github.com/Azure/ARO-HCP
+    local-prefixes: github.com/Azure/ARO-HCP

.mega-linter.yml

@@ -0,0 +1,14 @@
+---
+# Configuration file for MegaLinter
+# See all available variables at https://oxsecurity.github.io/megalinter/configuration/ and in linters documentation
+
+APPLY_FIXES: none
+ENABLE_LINTERS:
+  - YAML_YAMLLINT
+EXCLUDED_DIRECTORIES:
+  - "node_modules"
+LINTER_RULES_PATH: .
+PRINT_ALPACA: false
+GITHUB_STATUS_REPORTER: false
+GITHUB_COMMENT_REPORTER: false
+VALIDATE_ALL_CODEBASE: true

.yamllint.yml

@@ -0,0 +1,30 @@
+---
+yaml-files:
+  - '*.yaml'
+  - '*.yml'
+  - '.yamllint'
+
+rules:
+  braces: enable
+  brackets: enable
+  colons: enable
+  commas: enable
+  comments: disable
+  comments-indentation: disable
+  document-end: disable
+  document-start: disable
+  empty-lines: enable
+  empty-values: disable
+  hyphens: enable
+  indentation: disable
+  key-duplicates: enable
+  key-ordering: disable
+  line-length: disable
+  new-line-at-end-of-file: enable
+  new-lines: enable
+  octal-values: disable
+  quoted-strings: disable
+  trailing-spaces: enable
+  truthy:
+    level: warning
+    check-keys: false

api/autorest-config.yaml

@@ -1,3 +1,4 @@
+---
 input-file: redhatopenshift/resource-manager/Microsoft.RedHatOpenshift/preview/2024-06-10-preview/openapi.json
 use:
   # TODO: This is an old version. We should fix incompatibilities and remove this later

api/redhatopenshift/HcpCluster/tspconfig.yaml

@@ -1,3 +1,4 @@
+---
 emit:
   - '@azure-tools/typespec-autorest'
 options:

deploy/aro-hcp-frontend.yml

@@ -1,92 +1,93 @@
+---
 apiVersion: template.openshift.io/v1
 kind: Template
 metadata:
   name: frontend-template
 
 parameters:
-- name: NAMESPACE
-  required: true
-  value: aro-hcp
-- name: REPLICAS 
-  required: true
-  value: "1"
-- name: ARO_HCP_FRONTEND_IMAGE
-  required: true
-- name: FRONTEND_MI_CLIENT_ID
-  required: true
-  description: "Client ID of Frontend Managed Identity"
+  - name: NAMESPACE
+    required: true
+    value: aro-hcp
+  - name: REPLICAS
+    required: true
+    value: "1"
+  - name: ARO_HCP_FRONTEND_IMAGE
+    required: true
+  - name: FRONTEND_MI_CLIENT_ID
+    required: true
+    description: "Client ID of Frontend Managed Identity"
 
 objects:
-- apiVersion: v1
-  kind: Namespace
-  metadata:
-    name: ${NAMESPACE}
-- apiVersion: v1
-  kind: ServiceAccount
-  metadata:
-    annotations:
-      azure.workload.identity/client-id: ${FRONTEND_MI_CLIENT_ID}
-    name: frontend
-    namespace: ${NAMESPACE}
-- apiVersion: apps/v1
-  kind: Deployment
-  metadata:
-    labels:
-      app: aro-hcp-frontend
-    name: aro-hcp-frontend
-    namespace: ${NAMESPACE}
-  spec:
-    progressDeadlineSeconds: 600
-    replicas: ${{REPLICAS}}
-    revisionHistoryLimit: 10
-    selector:
-      matchLabels:
+  - apiVersion: v1
+    kind: Namespace
+    metadata:
+      name: ${NAMESPACE}
+  - apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      annotations:
+        azure.workload.identity/client-id: ${FRONTEND_MI_CLIENT_ID}
+      name: frontend
+      namespace: ${NAMESPACE}
+  - apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      labels:
         app: aro-hcp-frontend
-    strategy:
-      rollingUpdate:
-        maxSurge: 25%
-        maxUnavailable: 25%
-      type: RollingUpdate
-    template:
-      metadata:
-        labels:
+      name: aro-hcp-frontend
+      namespace: ${NAMESPACE}
+    spec:
+      progressDeadlineSeconds: 600
+      replicas: ${{REPLICAS}}
+      revisionHistoryLimit: 10
+      selector:
+        matchLabels:
           app: aro-hcp-frontend
-          azure.workload.identity/use: "true"
-      spec:
-        serviceAccountName: frontend
-        containers:
-        - name: aro-hcp-frontend
-          image: ${ARO_HCP_FRONTEND_IMAGE}
-          imagePullPolicy: IfNotPresent
-          ports:
-          - containerPort: 8443
-            protocol: TCP
-          resources:
-            limits:
-              memory: 1Gi
-            requests:
-              cpu: 100m
-              memory: 500Mi
-          securityContext:
-            allowPrivilegeEscalation: false
-            capabilities:
-              drop:
-              - ALL
-            runAsNonRoot: true
-            seccompProfile:
-              type: RuntimeDefault
-          livenessProbe:
-            httpGet:
-              path: /healthz/ready
-              port: 8443
-            initialDelaySeconds: 15
-            periodSeconds: 20
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /healthz/ready
-              port: 8443
-            initialDelaySeconds: 5
-            periodSeconds: 10
-        restartPolicy: Always
-        terminationGracePeriodSeconds: 30
+      strategy:
+        rollingUpdate:
+          maxSurge: 25%
+          maxUnavailable: 25%
+        type: RollingUpdate
+      template:
+        metadata:
+          labels:
+            app: aro-hcp-frontend
+            azure.workload.identity/use: "true"
+        spec:
+          serviceAccountName: frontend
+          containers:
+            - name: aro-hcp-frontend
+              image: ${ARO_HCP_FRONTEND_IMAGE}
+              imagePullPolicy: IfNotPresent
+              ports:
+                - containerPort: 8443
+                  protocol: TCP
+              resources:
+                limits:
+                  memory: 1Gi
+                requests:
+                  cpu: 100m
+                  memory: 500Mi
+              securityContext:
+                allowPrivilegeEscalation: false
+                capabilities:
+                  drop:
+                    - ALL
+                runAsNonRoot: true
+                seccompProfile:
+                  type: RuntimeDefault
+              livenessProbe:
+                httpGet:
+                  path: /healthz/ready
+                  port: 8443
+                initialDelaySeconds: 15
+                periodSeconds: 20
+                failureThreshold: 3
+              readinessProbe:
+                httpGet:
+                  path: /healthz/ready
+                  port: 8443
+                initialDelaySeconds: 5
+                periodSeconds: 10
+          restartPolicy: Always
+          terminationGracePeriodSeconds: 30