From ffd5a195796823c2ce9afc45894ef81a916940f5 Mon Sep 17 00:00:00 2001
From: Umesh Kumhar <umeshkumhar@google.com>
Date: Wed, 6 Mar 2024 18:14:48 +0530
Subject: [PATCH] Add github actions for tf lint check (#296)

Add github actions for tf lint check
---
 .github/workflows/ci.yaml                     | 35 +++++++++++++++++++
 .../workloads-without-iap.example.tfvars      |  8 ++---
 applications/rag/variables.tf                 |  4 +--
 applications/rag/workloads.tfvars             |  2 +-
 .../user/modules/service_accounts/versions.tf |  2 +-
 applications/ray/versions.tf                  |  4 +--
 .../sample-terraform.tfvars                   |  4 +--
 .../standard-gke-public.platform.tfvars       |  4 +--
 modules/iap/iap.tf                            |  4 +--
 modules/iap/variables.tf                      |  2 +-
 modules/kuberay-monitoring/main.tf            |  2 +-
 tutorials/hf-tgi/outputs.tf                   |  2 +-
 12 files changed, 54 insertions(+), 19 deletions(-)
 create mode 100644 .github/workflows/ci.yaml

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
new file mode 100644
index 000000000..3188efcec
--- /dev/null
+++ b/.github/workflows/ci.yaml
@@ -0,0 +1,35 @@
+name: Terraform CI
+on: 
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+jobs:
+  Terraform-Lint-Check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.5.7"
+
+      - name: Terraform fmt
+        id: fmt
+        run: terraform fmt -check -recursive
+
+      - name: Terraform Init
+        id: init
+        run: |
+          terraform -chdir=applications/rag init 
+          terraform -chdir=applications/ray init 
+          terraform -chdir=applications/jupyter init 
+
+      - name: Terraform Validate
+        id: validate
+        run: |
+          terraform -chdir=applications/rag validate -no-color
+          terraform -chdir=applications/ray validate -no-color
+          terraform -chdir=applications/jupyter validate -no-color
+
diff --git a/applications/jupyter/workloads-without-iap.example.tfvars b/applications/jupyter/workloads-without-iap.example.tfvars
index ccf033cf2..e048ac674 100644
--- a/applications/jupyter/workloads-without-iap.example.tfvars
+++ b/applications/jupyter/workloads-without-iap.example.tfvars
@@ -26,10 +26,10 @@ cluster_membership_id = "" # required only for private clusters, default: cluste
 #######################################################
 
 ## JupyterHub variables
-namespace                            = "jupyter"
-gcs_bucket                           = "<gcs-bucket>"
-create_gcs_bucket                    = true
-workload_identity_service_account    = "jupyter-service-account"
+namespace                         = "jupyter"
+gcs_bucket                        = "<gcs-bucket>"
+create_gcs_bucket                 = true
+workload_identity_service_account = "jupyter-service-account"
 
 # Jupyterhub without IAP
 add_auth = false
diff --git a/applications/rag/variables.tf b/applications/rag/variables.tf
index ca86bcf04..a5e77ff78 100644
--- a/applications/rag/variables.tf
+++ b/applications/rag/variables.tf
@@ -265,9 +265,9 @@ variable "autopilot_cluster" {
 }
 
 variable "cloudsql_instance" {
-  type    = string
+  type        = string
   description = "Name of the CloudSQL instance for RAG VectorDB"
-  default = "pgvector-instance"
+  default     = "pgvector-instance"
 }
 
 variable "cpu_pools" {
diff --git a/applications/rag/workloads.tfvars b/applications/rag/workloads.tfvars
index aba62feae..dca101637 100644
--- a/applications/rag/workloads.tfvars
+++ b/applications/rag/workloads.tfvars
@@ -38,7 +38,7 @@ rag_service_account        = "rag-system-account"
 
 # Creates a google service account & k8s service account & configures workload identity with appropriate permissions.
 # Set to false & update the variable `jupyter_service_account` to use an existing IAM service account.
-jupyter_service_account        = "jupyter-system-account"
+jupyter_service_account = "jupyter-system-account"
 
 ## Embeddings table name - change this to the TABLE_NAME used in the notebook.
 dataset_embeddings_table_name = "googlemaps_reviews_db"
diff --git a/applications/ray/raytrain-examples/raytrain-with-gcsfusecsi/kuberaytf/user/modules/service_accounts/versions.tf b/applications/ray/raytrain-examples/raytrain-with-gcsfusecsi/kuberaytf/user/modules/service_accounts/versions.tf
index 436ce51c2..53d5c8e95 100644
--- a/applications/ray/raytrain-examples/raytrain-with-gcsfusecsi/kuberaytf/user/modules/service_accounts/versions.tf
+++ b/applications/ray/raytrain-examples/raytrain-with-gcsfusecsi/kuberaytf/user/modules/service_accounts/versions.tf
@@ -15,7 +15,7 @@
 terraform {
   required_providers {
     google = {
-      source  = "hashicorp/google"
+      source = "hashicorp/google"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"
diff --git a/applications/ray/versions.tf b/applications/ray/versions.tf
index a8a0a268a..b8e6f2c71 100644
--- a/applications/ray/versions.tf
+++ b/applications/ray/versions.tf
@@ -15,10 +15,10 @@
 terraform {
   required_providers {
     google = {
-      source  = "hashicorp/google"
+      source = "hashicorp/google"
     }
     google-beta = {
-      source  = "hashicorp/google-beta"
+      source = "hashicorp/google-beta"
     }
     helm = {
       source  = "hashicorp/helm"
diff --git a/benchmarks/benchmark/tools/locust-load-inference/sample-terraform.tfvars b/benchmarks/benchmark/tools/locust-load-inference/sample-terraform.tfvars
index ff2e8cd05..dcd6739b4 100644
--- a/benchmarks/benchmark/tools/locust-load-inference/sample-terraform.tfvars
+++ b/benchmarks/benchmark/tools/locust-load-inference/sample-terraform.tfvars
@@ -21,5 +21,5 @@ tokenizer                  = "tiiuae/falcon-7b"
 # Benchmark configuration for triggering single test via Locust Runner
 test_duration = 60
 # Increase test_users to allow more parallelism (especially when testing HPA)
-test_users    = 1
-test_rate     = 5
+test_users = 1
+test_rate  = 5
diff --git a/infrastructure/tfvars_tests/standard-gke-public.platform.tfvars b/infrastructure/tfvars_tests/standard-gke-public.platform.tfvars
index 4046f4362..86d951569 100644
--- a/infrastructure/tfvars_tests/standard-gke-public.platform.tfvars
+++ b/infrastructure/tfvars_tests/standard-gke-public.platform.tfvars
@@ -66,8 +66,8 @@ gpu_pools = [{
   accelerator_count  = 2
   accelerator_type   = "nvidia-tesla-t4"
   gpu_driver_version = "LATEST"
-},
-{
+  },
+  {
     name               = "gpu-pool-l4"
     machine_type       = "g2-standard-24"
     node_locations     = "us-central1-a"
diff --git a/modules/iap/iap.tf b/modules/iap/iap.tf
index 097a1f387..c9344ae18 100644
--- a/modules/iap/iap.tf
+++ b/modules/iap/iap.tf
@@ -36,7 +36,7 @@ resource "helm_release" "iap_jupyter" {
   name             = "iap-jupyter"
   chart            = "${path.module}/charts/iap/"
   namespace        = var.namespace
-  create_namespace = true 
+  create_namespace = true
   # timeout increased to support autopilot scaling resources, and give enough time to complete the deployment 
   timeout = 1200
   set {
@@ -108,7 +108,7 @@ resource "helm_release" "iap_frontend" {
   name             = "iap-frontend"
   chart            = "${path.module}/charts/iap/"
   namespace        = var.namespace
-  create_namespace = true 
+  create_namespace = true
   # timeout increased to support autopilot scaling resources, and give enough time to complete the deployment
   timeout = 1200
   set {
diff --git a/modules/iap/variables.tf b/modules/iap/variables.tf
index b12c761a1..af09d87c2 100644
--- a/modules/iap/variables.tf
+++ b/modules/iap/variables.tf
@@ -138,7 +138,7 @@ variable "jupyter_k8s_backend_service_name" {
 variable "jupyter_k8s_backend_service_port" {
   type        = number
   description = "Name of the Backend Service Port"
-  default = 80
+  default     = 80
 }
 
 variable "jupyter_url_domain_addr" {
diff --git a/modules/kuberay-monitoring/main.tf b/modules/kuberay-monitoring/main.tf
index 46e627058..8a320ec81 100644
--- a/modules/kuberay-monitoring/main.tf
+++ b/modules/kuberay-monitoring/main.tf
@@ -47,7 +47,7 @@ resource "helm_release" "grafana" {
 }
 
 data "kubernetes_service" "example" {
-  count       = var.enable_grafana_on_ray_dashboard ? 1 : 0
+  count = var.enable_grafana_on_ray_dashboard ? 1 : 0
   metadata {
     name      = "grafana"
     namespace = var.namespace
diff --git a/tutorials/hf-tgi/outputs.tf b/tutorials/hf-tgi/outputs.tf
index 3816613c4..7078bac0d 100644
--- a/tutorials/hf-tgi/outputs.tf
+++ b/tutorials/hf-tgi/outputs.tf
@@ -24,5 +24,5 @@ output "inference_service_namespace" {
 
 output "inference_service_endpoint" {
   description = "Endpoint of model inference service"
-  value = kubernetes_service.inference_service.status != null ? (kubernetes_service.inference_service.status[0].load_balancer != null ? "${kubernetes_service.inference_service.status[0].load_balancer[0].ingress[0].ip}" : "") : ""
+  value       = kubernetes_service.inference_service.status != null ? (kubernetes_service.inference_service.status[0].load_balancer != null ? "${kubernetes_service.inference_service.status[0].load_balancer[0].ingress[0].ip}" : "") : ""
 }