Skip to content

Commit

Permalink
Upgrade to TF 0.13 + more pre-commit hooks & improvements (#4)
Browse files Browse the repository at this point in the history 
* Update pre-commit hooks, remove build-harness, rework docs, remove deps sources and switch to serverless for packaging
  • Loading branch information
@aleks-fofanov
aleks-fofanov authored Apr 25, 2021
1 parent 2a6f538 commit bd740cc
Show file tree
Hide file tree
Showing 56 changed files with 12,576 additions and 8,791 deletions.
155 changes: 155 additions & 0 deletions .github/workflows/pre-commit.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,155 @@
name: Pre-Commit

on:
pull_request:
push:
branches:
- master

env:
node-version: '14'
python-version: '3.8'
function-source-code-dir: ./source-code
packaged-function-dir: ./packaged

jobs:
packageLambda:
name: Package lambda function
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install Node.js & npm
uses: actions/setup-node@v2
with:
node-version: ${{env.node-version}}
check-latest: true
- name: Install Python 3
uses: actions/setup-python@v2
with:
python-version: ${{env.python-version}}
- name: Install Serverless Framework
run: npm install -g serverless
- name: Install Node.js dependencies
working-directory: ${{env.function-source-code-dir}}
run: npm install
- name: Create artifacts directory
run: mkdir -p ${{env.packaged-function-dir}}
- name: Package lambda function
working-directory: ${{env.function-source-code-dir}}
run: sls package --package ${{env.packaged-function-dir}}
- name: Upload packaged lambda function to artifacts
uses: actions/upload-artifact@v2
with:
name: lambda
path: ${{env.packaged-function-dir}}/*.zip

# Min Terraform version(s)
getDirectories:
name: Get root directories
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install Python
uses: actions/setup-python@v2
- name: Build matrix
id: matrix
run: |
DIRS=$(python -c "import json; import glob; print(json.dumps([x.replace('/versions.tf', '') for x in glob.glob('./**/versions.tf', recursive=True)]))")
echo "::set-output name=directories::$DIRS"
outputs:
directories: ${{ steps.matrix.outputs.directories }}

preCommitMinVersions:
name: Min TF validate
needs:
- getDirectories
- packageLambda
runs-on: ubuntu-latest
strategy:
matrix:
directory: ${{ fromJson(needs.getDirectories.outputs.directories) }}
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Download artifcats (packaged lambda)
uses: actions/download-artifact@v2
with:
name: lambda
- name: Create artifacts directory
run: mkdir -p ${{env.packaged-function-dir}} && cp ./*.zip ${{env.packaged-function-dir}}
- name: Install Python
uses: actions/setup-python@v2
- name: Terraform min/max versions
id: minMax
uses: clowdhaus/[email protected]
with:
directory: ${{ matrix.directory }}
- name: Install Terraform v${{ steps.minMax.outputs.minVersion }}
uses: hashicorp/setup-terraform@v1
with:
terraform_version: ${{ steps.minMax.outputs.minVersion }}
- name: Install pre-commit dependencies
run: pip install pre-commit
- name: Execute pre-commit
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory != '.' }}
run:
pre-commit run terraform_validate --color=always --show-diff-on-failure --files ${{ matrix.directory }}/*
- name: Execute pre-commit
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory == '.' }}
run:
pre-commit run terraform_validate --color=always --show-diff-on-failure --files $(ls *.tf)

# Max Terraform version
getBaseVersion:
name: Module max TF version
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Terraform min/max versions
id: minMax
uses: clowdhaus/[email protected]
outputs:
minVersion: ${{ steps.minMax.outputs.minVersion }}
maxVersion: ${{ steps.minMax.outputs.maxVersion }}

preCommitMaxVersion:
name: Max TF pre-commit
runs-on: ubuntu-latest
needs:
- getBaseVersion
- packageLambda
strategy:
fail-fast: false
matrix:
version:
- ${{ needs.getBaseVersion.outputs.maxVersion }}
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Download artifcats (packaged lambda)
uses: actions/download-artifact@v2
with:
name: lambda
- name: Create artifacts directory
run: mkdir -p ${{env.packaged-function-dir}} && cp ./*.zip ${{env.packaged-function-dir}}
- name: Install Python
uses: actions/setup-python@v2
- name: Install Terraform v${{ matrix.version }}
uses: hashicorp/setup-terraform@v1
with:
terraform_version: ${{ matrix.version }}
- name: Install pre-commit dependencies
run: |
pip install pre-commit
curl -L "$(curl -s https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | grep -o -E "https://.+?-v0.12\..+?-linux-amd64" | head -n1)" > terraform-docs && chmod +x terraform-docs && sudo mv terraform-docs /usr/bin/
curl -L "$(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" > tflint.zip && unzip tflint.zip && rm tflint.zip && sudo mv tflint /usr/bin/
curl -L "$(curl -s https://api.github.com/repos/tfsec/tfsec/releases/latest | grep -o -E "https://.+?tfsec-linux-amd64")" > tfsec && chmod +x tfsec && sudo mv tfsec /usr/bin/
- name: Execute pre-commit
# Run all pre-commit checks on max version supported
if: ${{ matrix.version == needs.getBaseVersion.outputs.maxVersion }}
run: pre-commit run --color=always --show-diff-on-failure --all-files
12 changes: 8 additions & 4 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,13 @@ override.tf.json
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*

# IDE
.idea/
**/generated/
!**/generated/.gitkeep

.build-harness
build-harness
# Serverless directories
.serverless
**/packaged/*
!**/packaged/*.zip

# NodeJS
node_modules/
27 changes: 14 additions & 13 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,21 @@
repos:
- repo: git://github.com/antonbabenko/pre-commit-terraform
rev: v1.30.0
rev: v1.48.0
hooks:
- id: terraform_fmt
- id: terraform_docs_replace
args: ['--with-aggregate-type-defaults', '--dest=docs/terraform.md']
- repo: local
hooks:
- id: build-readme
name: Build README.md
language: system
entry: make readme/sync
types: [file]
files: ^README\.yaml$
- id: terraform_validate
- id: terraform_docs
- id: terraform_tflint
args:
- '--args=--config=__GIT_WORKING_DIR__/.tflint.hcl'
- '--args=--format=compact'
require_serial: true
- id: terraform_tfsec
args:
- '--args=--exclude-downloaded-modules --concise-output'
require_serial: true
exclude: ^examples/
- repo: git://github.com/pre-commit/pre-commit-hooks
rev: v2.5.0
rev: v3.4.0
hooks:
- id: check-merge-conflict

61 changes: 61 additions & 0 deletions .tflint.hcl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
config {
module = false
force = false
disabled_by_default = true
}

plugin "aws" {
enabled = false
}

rule "terraform_deprecated_interpolation" {
enabled = true
}

rule "terraform_deprecated_index" {
enabled = true
}

rule "terraform_unused_declarations" {
enabled = true
}

rule "terraform_comment_syntax" {
enabled = true
}

rule "terraform_documented_outputs" {
enabled = true
}

rule "terraform_documented_variables" {
enabled = true
}

rule "terraform_typed_variables" {
enabled = true
}

rule "terraform_module_pinned_source" {
enabled = true
}

rule "terraform_naming_convention" {
enabled = true
}

rule "terraform_required_version" {
enabled = true
}

rule "terraform_required_providers" {
enabled = true
}

rule "terraform_standard_module_structure" {
enabled = true
}

rule "terraform_workspace_remote" {
enabled = true
}
16 changes: 0 additions & 16 deletions .travis.yml
View file

This file was deleted.

16 changes: 0 additions & 16 deletions 3rd-party-licenses.md
View file

This file was deleted.

12 changes: 0 additions & 12 deletions Makefile
View file

This file was deleted.

Loading

0 comments on commit bd740cc

Please sign in to comment.