ci: Check spelling with codespell

* You can ignore words inline by adding a comment like `# codespell:ignore word`. * You can ignore words by adding them to the `.codespell_ignores` file. * You can ignore files and directories by adding them with `skip = ` to the `.codespellrc` file. Signed-off-by: Sergei Petrosian <[email protected]>
linux-system-roles · Feb 13, 2025 · e818743 · e818743
1 parent 2ff2c4e
commit e818743
Show file tree

Hide file tree

Showing 6 changed files with 31 additions and 6 deletions.
diff --git a/.codespell_ignores b/.codespell_ignores
diff --git a/.codespellrc b/.codespellrc
@@ -0,0 +1,8 @@
+[codespell]
+check-hidden = true
+# Note that `-w` doesn't work when ignore-multiline-regex is set
+# https://github.com/codespell-project/codespell/issues/3642
+ignore-multiline-regex = codespell:ignore-begin.*codespell:ignore-end
+ignore-words = .codespell_ignores
+# skip-file is not available https://github.com/codespell-project/codespell/pull/2759
+skip = .pandoc_template.html5,.README.html
diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml
@@ -0,0 +1,17 @@
+# Codespell configuration is within .codespellrc
+---
+name: Codespell
+on:  # yamllint disable-line rule:truthy
+  - pull_request
+permissions:
+  contents: read
+jobs:
+  codespell:
+    name: Check for spelling errors
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Codespell
+        uses: codespell-project/actions-codespell@v2
diff --git a/.github/workflows/tft_citest_bad.yml b/.github/workflows/tft_citest_bad.yml
@@ -36,7 +36,7 @@ jobs:
           RUN_ID=$(gh api "repos/$REPO/actions/workflows/tft.yml/runs?event=issue_comment" \
             | jq -r "[.workflow_runs[] | select( .display_title == \"$PR_TITLE\" ) | select( .conclusion == \"failure\" ) | .id][0]")
           if [ "$RUN_ID" = "null" ]; then
-            echo "Failed workflow not found, exitting"
+            echo "Failed workflow not found, exiting"
             exit 1
           fi
           echo "Re-running workflow $RUN_ID"

diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # keylime_server
 
-[![ansible-lint.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-test.yml) [![markdownlint.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/markdownlint.yml) [![shellcheck.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/shellcheck.yml) [![tft.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/woke.yml)
+[![ansible-lint.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/ansible-test.yml) [![codespell.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/codespell.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/codespell.yml) [![markdownlint.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/markdownlint.yml) [![shellcheck.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/shellcheck.yml) [![tft.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/keylime_server/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/keylime_server/actions/workflows/woke.yml)
 
 Ansible role for configuring and deploying the server components for Keylime Remote Attestation.
 

diff --git a/templates/keylime.conf.j2 b/templates/keylime.conf.j2
@@ -122,7 +122,7 @@ enable_insecure_payload = False
 # Set to -1 or any negative or out of range PCR value to turn off.
 measure_payload_pcr=-1
 
-# Wether or not to use an exponantial backoff algorithm for retries.
+# Whether or not to use an exponantial backoff algorithm for retries.
 exponential_backoff = True
 
 # Either how long to wait between failed attempts to communicate with the TPM
@@ -256,7 +256,7 @@ auto_migrate_db = True
 # Set to "0" to create one worker per processor.
 multiprocessing_pool_num_workers = 0
 
-# Wether or not to use an exponantial backoff algorithm for retries.
+# Whether or not to use an exponantial backoff algorithm for retries.
 exponential_backoff = True
 
 # Either how long to wait between failed attempts to connect to a cloud agent
@@ -458,7 +458,7 @@ accept_tpm_hash_algs = sha512,sha384,sha256,sha1
 accept_tpm_encryption_algs = ecc,rsa
 accept_tpm_signing_algs = ecschnorr,rsassa
 
-# Wether or not to use an exponantial backoff algorithm for retries.
+# Whether or not to use an exponantial backoff algorithm for retries.
 exponential_backoff = True
 
 # Either how long to wait between failed attempts to connect to a cloud agent
@@ -518,7 +518,7 @@ registrar_tls_port = 8891
 
 # Registrar TLS options.  This is for authenticating the registrar to clients
 # who want to query AIKs.
-# The 'tls_dir' option wil place CA certificates and files for TLS in the /var/lib/keylime/
+# The 'tls_dir' option will place CA certificates and files for TLS in the /var/lib/keylime/
 # directory.
 #
 # Set to "generate" to automatically generate a CA/certificates in the 'reg_ca'