feat: Upgraded synthetic module, disabled fdr and customized nexi tes… #9487
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Static Analysis | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
static_analysis: | |
runs-on: ubuntu-latest | |
steps: | |
- name: ⚡ Checkout code | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- name: 📖 Read current terraform version | |
run: | | |
VER=$(cat .terraform-version) | |
echo "TERRAFORM_VERSION=$VER" >> $GITHUB_ENV | |
- name: 🔨 Setup Terraform | |
# from https://github.com/hashicorp/setup-terraform/commits/main | |
uses: hashicorp/setup-terraform@97f030cf6dc0b4f5e0da352c7bca9cca34579800 #v3.1.0 | |
with: | |
terraform_version: "${{ env.TERRAFORM_VERSION }}" | |
- name: 🏁 Init terraform folders | |
id: init_terraform_folders | |
shell: bash | |
run: | | |
echo -e "\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-" | |
echo "+ 🔨 CREATE CACHE FOLDER +" | |
echo -e "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-\n" | |
export TF_PLUGIN_CACHE_DIR="/tmp/.terraform.d/plugin-cache" | |
mkdir -p ${TF_PLUGIN_CACHE_DIR} | |
ls -la ${TF_PLUGIN_CACHE_DIR} | |
echo "📢 Show space" | |
df -h | |
du -h ${TF_PLUGIN_CACHE_DIR} | |
echo -e "\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-" | |
echo "+ 🏁 INIT TERRAFORM FOLDERS 🏁 +" | |
echo -e "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-\n" | |
FOLDERS=$(grep -rl --include='*.tf' --exclude-dir='.terraform' '^' . | xargs -I{} dirname {} | sort -u) | |
echo "FOLDERS=${FOLDERS}" | |
pids=() | |
# TAG=$(cat .terraform-version) | |
# docker pull hashicorp/terraform:$TAG | |
for f in $FOLDERS; do | |
pushd "$(pwd)/${f}" | |
sed -i -e 's/ backend "azurerm" {}//g' 99_main.tf # use local backend | |
terraform init -upgrade & | |
pids+=($!) | |
popd | |
done | |
# Wait for each specific process to terminate. | |
# Instead of this loop, a single call to 'wait' would wait for all the jobs | |
# to terminate, but it would not give us their exit status. | |
# | |
for pid in "${pids[@]}"; do | |
# | |
# Waiting on a specific PID makes the wait command return with the exit | |
# status of that process. Because of the 'set -e' setting, any exit status | |
# other than zero causes the current shell to terminate with that exit | |
# status as well. | |
# | |
wait "$pid" | |
done | |
echo "📢 Show space 3" | |
df -h | |
ls -la /tmp/.terraform.d/plugin-cache | |
du -h -d 5 ${TF_PLUGIN_CACHE_DIR} | |
- name: Show precommit version | |
shell: bash | |
run: | | |
echo -e "\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+" | |
echo "+ 1️⃣ SHOW PRECOMMIT VERSION 1️⃣ +" | |
echo -e "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\n" | |
TAG=v1.96.2@sha256:01f870b7689b5a09c1a370914fcddcac42c4b6478c9d369e1d2590dd0a66ffd0 | |
docker run --rm --entrypoint cat ghcr.io/antonbabenko/pre-commit-terraform:$TAG /usr/bin/tools_versions_info | |
- name: 🚨 Run precommit | |
id: run_precommit | |
shell: bash | |
run: | | |
echo -e "\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+" | |
echo "+- 🚨 PRECOMMIT TERRAFORM 🚨 -+" | |
echo -e "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\n" | |
export TF_PLUGIN_CACHE_DIR="/tmp/.terraform.d/plugin-cache" | |
TAG=v1.96.2@sha256:01f870b7689b5a09c1a370914fcddcac42c4b6478c9d369e1d2590dd0a66ffd0 | |
docker run \ | |
-v $(pwd):/lint \ | |
-v /tmp/.terraform.d/plugin-cache:/tmp/.terraform.d/plugin-cache \ | |
-w /lint \ | |
ghcr.io/antonbabenko/pre-commit-terraform:$TAG \ | |
run -a |