From c6daebcc42cbba1099575ff82df9ebdef9c73abb Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 3 Feb 2024 15:24:41 +0900 Subject: [PATCH 1/8] initial update --- .github/workflows/depup.yml | 2 +- .github/workflows/dockerimage.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/reviewdog.yml | 2 +- .github/workflows/test.yml | 15 +++---- Dockerfile | 13 ++++-- README.md | 73 +++++++------------------------ action.yml | 15 ++++--- entrypoint.sh | 15 ++++--- testdata/.gitignore | 2 + testdata/subdir/text.md | 2 - testdata/testdata.tf | 1 + testdata/text.md | 5 --- 13 files changed, 56 insertions(+), 93 deletions(-) create mode 100644 testdata/.gitignore delete mode 100644 testdata/subdir/text.md create mode 100644 testdata/testdata.tf delete mode 100644 testdata/text.md diff --git a/.github/workflows/depup.yml b/.github/workflows/depup.yml index 50de607..fcc7060 100644 --- a/.github/workflows/depup.yml +++ b/.github/workflows/depup.yml @@ -30,5 +30,5 @@ jobs: This PR is auto generated by [depup workflow](https://github.com/${{ github.repository }}/actions?query=workflow%3Adepup). branch: depup/reviewdog - base: master + base: main labels: "bump:minor" diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml index 0402ca9..d75fbd0 100644 --- a/.github/workflows/dockerimage.yml +++ b/.github/workflows/dockerimage.yml @@ -2,7 +2,7 @@ name: Docker Image CI on: push: branches: - - master + - main pull_request: jobs: build: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 47c908a..4c9a0f1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,7 +2,7 @@ name: release on: push: branches: - - master + - main tags: - "v*.*.*" pull_request: diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 49eebeb..36b105a 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -2,7 +2,7 @@ name: reviewdog on: push: branches: - - master + - main pull_request: jobs: shellcheck: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 82d4949..d1b8ec9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -2,11 +2,11 @@ name: Test on: push: branches: - - master + - main pull_request: jobs: test-check: - name: runner / (github-check) + name: runner / terraform validate (github-check) runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -15,11 +15,11 @@ jobs: github_token: ${{ secrets.github_token }} reporter: github-check level: info - locale: "US" + workdir: ./testdata/ test-pr-check: if: github.event_name == 'pull_request' - name: runner / (github-pr-check) + name: runner / terraform validate (github-pr-check) runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -28,12 +28,11 @@ jobs: github_token: ${{ secrets.github_token }} reporter: github-pr-check level: warning - locale: "US" - workdir: ./testdata/subdir/ + workdir: ./testdata/ test-pr-review: if: github.event_name == 'pull_request' - name: runner / (github-pr-review) + name: runner / terraform validate (github-pr-review) runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -42,5 +41,5 @@ jobs: github_token: ${{ secrets.github_token }} reporter: github-pr-review level: error - locale: "US" reviewdog_flags: -filter-mode=file -fail-on-error + workdir: ./testdata/ diff --git a/Dockerfile b/Dockerfile index 489860d..0d93842 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,21 @@ FROM alpine:3.19 -ENV REVIEWDOG_VERSION=v0.15.0 +ENV REVIEWDOG_VERSION=v0.17.0 +ENV TERRAFORM_VERSION=latest SHELL ["/bin/ash", "-eo", "pipefail", "-c"] # hadolint ignore=DL3006 -RUN apk --no-cache add git +RUN apk --no-cache add git=2.43.0-r0 jq=1.7.1-r0 RUN wget -O - -q https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh| sh -s -- -b /usr/local/bin/ ${REVIEWDOG_VERSION} -# TODO: Install a linter and/or change docker image as you need. -RUN wget -O - -q https://git.io/misspell | sh -s -- -b /usr/local/bin/ +RUN if [ "${TERRAFORM_VERSION}" = "latest" ]; then \ + TERRAFORM_VERSION=$(wget -qO - https://api.github.com/repos/hashicorp/terraform/releases/latest | jq --raw-output '.tag_name' | cut -c 2-); \ + fi \ + && wget -q https://releases.hashicorp.com/terraform/"${TERRAFORM_VERSION}"/terraform_"${TERRAFORM_VERSION}"_linux_amd64.zip \ + && unzip ./terraform_"${TERRAFORM_VERSION}"_linux_amd64.zip -d /usr/local/bin/ \ + && rm -rf ./terraform_"${TERRAFORM_VERSION}"_linux_amd64.zip COPY entrypoint.sh /entrypoint.sh diff --git a/README.md b/README.md index 80c5cf0..1ec8fcf 100644 --- a/README.md +++ b/README.md @@ -1,29 +1,19 @@ -# action-template +# action-terraform-validate - -[![Test](https://github.com/reviewdog/action-template/workflows/Test/badge.svg)](https://github.com/reviewdog/action-template/actions?query=workflow%3ATest) -[![reviewdog](https://github.com/reviewdog/action-template/workflows/reviewdog/badge.svg)](https://github.com/reviewdog/action-template/actions?query=workflow%3Areviewdog) -[![depup](https://github.com/reviewdog/action-template/workflows/depup/badge.svg)](https://github.com/reviewdog/action-template/actions?query=workflow%3Adepup) -[![release](https://github.com/reviewdog/action-template/workflows/release/badge.svg)](https://github.com/reviewdog/action-template/actions?query=workflow%3Arelease) -[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/reviewdog/action-template?logo=github&sort=semver)](https://github.com/reviewdog/action-template/releases) +[![Test](https://github.com/maruLoop/action-terraform-validate/workflows/Test/badge.svg)](https://github.com/maruLoop/action-terraform-validate/actions?query=workflow%3ATest) +[![reviewdog](https://github.com/maruLoop/action-terraform-validate/workflows/reviewdog/badge.svg)](https://github.com/maruLoop/action-terraform-validate/actions?query=workflow%3Areviewdog) +[![depup](https://github.com/maruLoop/action-terraform-validate/workflows/depup/badge.svg)](https://github.com/maruLoop/action-terraform-validate/actions?query=workflow%3Adepup) +[![release](https://github.com/maruLoop/action-terraform-validate/workflows/release/badge.svg)](https://github.com/maruLoop/action-terraform-validate/actions?query=workflow%3Arelease) +[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/maruLoop/action-terraform-validate?logo=github&sort=semver)](https://github.com/maruLoop/action-terraform-validate/releases) [![action-bumpr supported](https://img.shields.io/badge/bumpr-supported-ff69b4?logo=github&link=https://github.com/haya14busa/action-bumpr)](https://github.com/haya14busa/action-bumpr) ![github-pr-review demo](https://user-images.githubusercontent.com/3797062/73162963-4b8e2b00-4132-11ea-9a3f-f9c6f624c79f.png) ![github-pr-check demo](https://user-images.githubusercontent.com/3797062/73163032-70829e00-4132-11ea-8481-f213a37db354.png) -This is a template repository for [reviewdog](https://github.com/reviewdog/reviewdog) action with release automation. -Click `Use this template` button to create your reviewdog action :dog:! - -If you want to create your own reviewdog action from scratch without using this -template, please check and copy release automation flow. -It's important to manage release workflow and sync reviewdog version for all -reviewdog actions. - -This repo contains a sample action to run [misspell](https://github.com/client9/misspell). +This action runs [terraform validate](https://developer.hashicorp.com/terraform/cli/commands/validate) with [reviewdog](https://github.com/reviewdog/reviewdog) on pull requests to improve experience. ## Input - ```yaml inputs: github_token: @@ -52,26 +42,25 @@ inputs: reviewdog_flags: description: 'Additional reviewdog flags' default: '' - ### Flags for ### - locale: - description: '-locale flag of misspell. (US/UK)' - default: '' + ### Variables for Terraform ### + envvar: + description: 'Environment variables for terraform init' + terraform_version: + description: 'The terraform version to install and use. The default is `latest`' ``` ## Usage - ```yaml name: reviewdog on: [pull_request] jobs: - # TODO: change `linter_name`. - linter_name: - name: runner / + terraform_validate: + name: runner / terraform validate runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: reviewdog/action-template@v1 + - uses: maruLoop/action-terraform-validate@v1 with: github_token: ${{ secrets.github_token }} # Change reviewdog reporter if you need [github-pr-check,github-check,github-pr-review]. @@ -80,35 +69,3 @@ jobs: # GitHub Status Check won't become failure with warning. level: warning ``` - -## Development - -### Release - -#### [haya14busa/action-bumpr](https://github.com/haya14busa/action-bumpr) -You can bump version on merging Pull Requests with specific labels (bump:major,bump:minor,bump:patch). -Pushing tag manually by yourself also work. - -#### [haya14busa/action-update-semver](https://github.com/haya14busa/action-update-semver) - -This action updates major/minor release tags on a tag push. e.g. Update v1 and v1.2 tag when released v1.2.3. -ref: https://help.github.com/en/articles/about-actions#versioning-your-action - -### Lint - reviewdog integration - -This reviewdog action template itself is integrated with reviewdog to run lints -which is useful for Docker container based actions. - -![reviewdog integration](https://user-images.githubusercontent.com/3797062/72735107-7fbb9600-3bde-11ea-8087-12af76e7ee6f.png) - -Supported linters: - -- [reviewdog/action-shellcheck](https://github.com/reviewdog/action-shellcheck) -- [reviewdog/action-hadolint](https://github.com/reviewdog/action-hadolint) -- [reviewdog/action-misspell](https://github.com/reviewdog/action-misspell) - -### Dependencies Update Automation -This repository uses [reviewdog/action-depup](https://github.com/reviewdog/action-depup) to update -reviewdog version. - -[![reviewdog depup demo](https://user-images.githubusercontent.com/3797062/73154254-170e7500-411a-11ea-8211-912e9de7c936.png)](https://github.com/reviewdog/action-template/pull/6) diff --git a/action.yml b/action.yml index 9e7aa23..5eef415 100644 --- a/action.yml +++ b/action.yml @@ -1,6 +1,6 @@ -name: 'TODO: Run with reviewdog' -description: 'TODO: 🐶 Run with reviewdog on pull requests to improve code review experience.' -author: 'TODO: ' +name: 'Run terraform validate with reviewdog' +description: 'TODO: 🐶 Run terraform validate with reviewdog on pull requests to improve code review experience.' +author: 'maru' inputs: github_token: description: 'GITHUB_TOKEN' @@ -28,10 +28,11 @@ inputs: reviewdog_flags: description: 'Additional reviewdog flags' default: '' - ### Flags for ### - locale: - description: '-locale flag of misspell. (US/UK)' - default: '' + ### Variables for terraform validate ### + envvar: + description: 'Environment variables for terraform init' + terraform_version: + description: 'The terraform version to install and use. The default is `latest`' runs: using: 'docker' image: 'Dockerfile' diff --git a/entrypoint.sh b/entrypoint.sh index bf42c60..e762c0c 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,17 +2,22 @@ set -e if [ -n "${GITHUB_WORKSPACE}" ] ; then - cd "${GITHUB_WORKSPACE}/${INPUT_WORKDIR}" || exit + cd "${GITHUB_WORKSPACE}/${INPUT_WORKDIR}" || exit 1 git config --global --add safe.directory "${GITHUB_WORKSPACE}" || exit 1 fi export REVIEWDOG_GITHUB_API_TOKEN="${INPUT_GITHUB_TOKEN}" +echo "${INPUT_ENVVAR}" | while IFS= read -r line; do + export line +done -misspell -locale="${INPUT_LOCALE}" . \ - | reviewdog -efm="%f:%l:%c: %m" \ - -name="linter-name (misspell)" \ +terraform init +terraform validate -json \ + | jq -r '.diagnostics[] | "\(.range.filename):\(.range.start.line):\(.range.start.column): \(.detail)"' \ + | reviewdog -efm="%f:%l:%c:%m" \ + -name="terraform validate" \ -reporter="${INPUT_REPORTER:-github-pr-check}" \ -filter-mode="${INPUT_FILTER_MODE}" \ -fail-on-error="${INPUT_FAIL_ON_ERROR}" \ -level="${INPUT_LEVEL}" \ - ${INPUT_REVIEWDOG_FLAGS} + "${INPUT_REVIEWDOG_FLAGS}" diff --git a/testdata/.gitignore b/testdata/.gitignore new file mode 100644 index 0000000..c035e72 --- /dev/null +++ b/testdata/.gitignore @@ -0,0 +1,2 @@ +.terraform +.terraform.lock.hcl diff --git a/testdata/subdir/text.md b/testdata/subdir/text.md deleted file mode 100644 index 5b33346..0000000 --- a/testdata/subdir/text.md +++ /dev/null @@ -1,2 +0,0 @@ -Determinisitic result is important! - diff --git a/testdata/testdata.tf b/testdata/testdata.tf new file mode 100644 index 0000000..3911a2a --- /dev/null +++ b/testdata/testdata.tf @@ -0,0 +1 @@ +resource "null_resource" "foo" {} diff --git a/testdata/text.md b/testdata/text.md deleted file mode 100644 index 5025db8..0000000 --- a/testdata/text.md +++ /dev/null @@ -1,5 +0,0 @@ -Determinisitic result is important. - -colour # <= Check -locale - -langauge From 5ebf1cb1efb82a1681ca9179b5036bf80fefdfe8 Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 10 Feb 2024 14:36:58 +0900 Subject: [PATCH 2/8] fix --- .github/workflows/test.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d1b8ec9..b226911 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,5 +41,7 @@ jobs: github_token: ${{ secrets.github_token }} reporter: github-pr-review level: error - reviewdog_flags: -filter-mode=file -fail-on-error + reviewdog_flags: | + -filter-mode=file + -fail-on-error workdir: ./testdata/ From e6153f694d99783e8beeb70a81d34e7b1d6b2939 Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 10 Feb 2024 14:39:33 +0900 Subject: [PATCH 3/8] fix --- .github/workflows/test.yml | 4 +--- entrypoint.sh | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b226911..d1b8ec9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,7 +41,5 @@ jobs: github_token: ${{ secrets.github_token }} reporter: github-pr-review level: error - reviewdog_flags: | - -filter-mode=file - -fail-on-error + reviewdog_flags: -filter-mode=file -fail-on-error workdir: ./testdata/ diff --git a/entrypoint.sh b/entrypoint.sh index e762c0c..58fb2eb 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -20,4 +20,4 @@ terraform validate -json \ -filter-mode="${INPUT_FILTER_MODE}" \ -fail-on-error="${INPUT_FAIL_ON_ERROR}" \ -level="${INPUT_LEVEL}" \ - "${INPUT_REVIEWDOG_FLAGS}" + ${INPUT_REVIEWDOG_FLAGS} From fa58a9d255547e570713a9aa89f014d305397fb3 Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 10 Feb 2024 23:42:39 +0900 Subject: [PATCH 4/8] fix --- action.yml | 4 +++- entrypoint.sh | 4 +++- testdata/.gitignore | 2 -- 3 files changed, 6 insertions(+), 4 deletions(-) delete mode 100644 testdata/.gitignore diff --git a/action.yml b/action.yml index 5eef415..74e515f 100644 --- a/action.yml +++ b/action.yml @@ -29,8 +29,10 @@ inputs: description: 'Additional reviewdog flags' default: '' ### Variables for terraform validate ### + terraform_init_options: + description: 'options for terraform init to pass backend configuration and so on' envvar: - description: 'Environment variables for terraform init' + description: 'Environment variables for terraform init to pass backend configuration' terraform_version: description: 'The terraform version to install and use. The default is `latest`' runs: diff --git a/entrypoint.sh b/entrypoint.sh index 58fb2eb..3f3198a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -11,7 +11,9 @@ echo "${INPUT_ENVVAR}" | while IFS= read -r line; do export line done -terraform init +printenv + +terraform init ${INPUT_TERRAFORM_INIT_OPTIONS} terraform validate -json \ | jq -r '.diagnostics[] | "\(.range.filename):\(.range.start.line):\(.range.start.column): \(.detail)"' \ | reviewdog -efm="%f:%l:%c:%m" \ diff --git a/testdata/.gitignore b/testdata/.gitignore deleted file mode 100644 index c035e72..0000000 --- a/testdata/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -.terraform -.terraform.lock.hcl From 64b038ae5aaf7be68b4f50c955f387b369f703cf Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 10 Feb 2024 23:44:10 +0900 Subject: [PATCH 5/8] test --- .github/workflows/test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d1b8ec9..6c13c46 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -43,3 +43,6 @@ jobs: level: error reviewdog_flags: -filter-mode=file -fail-on-error workdir: ./testdata/ + envvar: | + key1=value1 + key2=value2 From ce81be44aadcedcba9f443240935885dc285d17f Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 10 Feb 2024 23:49:07 +0900 Subject: [PATCH 6/8] Update README --- .github/workflows/test.yml | 4 ++-- README.md | 8 ++++++-- entrypoint.sh | 2 -- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6c13c46..6d3bc9c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -44,5 +44,5 @@ jobs: reviewdog_flags: -filter-mode=file -fail-on-error workdir: ./testdata/ envvar: | - key1=value1 - key2=value2 + KEY1=value1 + KEY2=value2 diff --git a/README.md b/README.md index 1ec8fcf..ac7e949 100644 --- a/README.md +++ b/README.md @@ -43,8 +43,10 @@ inputs: description: 'Additional reviewdog flags' default: '' ### Variables for Terraform ### + terraform_init_options: + description: 'options for terraform init to pass backend configuration and so on' envvar: - description: 'Environment variables for terraform init' + description: 'Environment variables for terraform init to pass backend configuration' terraform_version: description: 'The terraform version to install and use. The default is `latest`' ``` @@ -60,7 +62,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: maruLoop/action-terraform-validate@v1 + - uses: maruloop/action-terraform-validate@v1 with: github_token: ${{ secrets.github_token }} # Change reviewdog reporter if you need [github-pr-check,github-check,github-pr-review]. @@ -68,4 +70,6 @@ jobs: # Change reporter level if you need. # GitHub Status Check won't become failure with warning. level: warning + envvar: | + AWS_REGION=ap-northeast-1 ``` diff --git a/entrypoint.sh b/entrypoint.sh index 3f3198a..531d3e5 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -11,8 +11,6 @@ echo "${INPUT_ENVVAR}" | while IFS= read -r line; do export line done -printenv - terraform init ${INPUT_TERRAFORM_INIT_OPTIONS} terraform validate -json \ | jq -r '.diagnostics[] | "\(.range.filename):\(.range.start.line):\(.range.start.column): \(.detail)"' \ From 43d6b03a3dad1e75427ebd068fe51a07c211b6c0 Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 10 Feb 2024 23:50:35 +0900 Subject: [PATCH 7/8] update --- README.md | 4 ++-- action.yml | 2 +- entrypoint.sh | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index ac7e949..bebd343 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,7 @@ inputs: ### Variables for Terraform ### terraform_init_options: description: 'options for terraform init to pass backend configuration and so on' - envvar: + envvars: description: 'Environment variables for terraform init to pass backend configuration' terraform_version: description: 'The terraform version to install and use. The default is `latest`' @@ -70,6 +70,6 @@ jobs: # Change reporter level if you need. # GitHub Status Check won't become failure with warning. level: warning - envvar: | + envvars: | AWS_REGION=ap-northeast-1 ``` diff --git a/action.yml b/action.yml index 74e515f..1618698 100644 --- a/action.yml +++ b/action.yml @@ -31,7 +31,7 @@ inputs: ### Variables for terraform validate ### terraform_init_options: description: 'options for terraform init to pass backend configuration and so on' - envvar: + envvars: description: 'Environment variables for terraform init to pass backend configuration' terraform_version: description: 'The terraform version to install and use. The default is `latest`' diff --git a/entrypoint.sh b/entrypoint.sh index 531d3e5..40204fb 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -7,7 +7,7 @@ if [ -n "${GITHUB_WORKSPACE}" ] ; then fi export REVIEWDOG_GITHUB_API_TOKEN="${INPUT_GITHUB_TOKEN}" -echo "${INPUT_ENVVAR}" | while IFS= read -r line; do +echo "${INPUT_ENVVARS}" | while IFS= read -r line; do export line done From bb149c02c9470100b473ae38b29a21dfa5909629 Mon Sep 17 00:00:00 2001 From: Toshiya-Kato Date: Sat, 10 Feb 2024 23:54:02 +0900 Subject: [PATCH 8/8] Disable SC2086 --- entrypoint.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/entrypoint.sh b/entrypoint.sh index 40204fb..6d56538 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -11,6 +11,7 @@ echo "${INPUT_ENVVARS}" | while IFS= read -r line; do export line done +# shellcheck disable=SC2086 terraform init ${INPUT_TERRAFORM_INIT_OPTIONS} terraform validate -json \ | jq -r '.diagnostics[] | "\(.range.filename):\(.range.start.line):\(.range.start.column): \(.detail)"' \