cicd added

Author: Josh-Tracy

.github/workflows/release.yml

@@ -0,0 +1,119 @@
+name: Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      versionNumber:
+        description: 'Release version number (v#.#.#)'
+        type: string
+        required: true
+
+permissions:
+  contents: read # Changelog commit operations use service account PAT
+
+jobs:
+  changelog-version:
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.changelog-version.outputs.version }}
+    steps:
+      - id: changelog-version
+        run: echo "version=$(echo "${{ inputs.versionNumber }}" | cut -c 2-)" >> "$GITHUB_OUTPUT"
+
+  changelog:
+    needs: changelog-version
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          fetch-depth: 0
+          # Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations
+          # More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials
+          persist-credentials: false
+
+      - name: Batch changes
+        uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0
+        with:
+          version: latest
+          args: batch ${{ needs.changelog-version.outputs.version }}
+
+      - name: Merge changes
+        uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0
+        with:
+          version: latest
+          args: merge
+
+      - name: Git push changelog
+        run: |
+          git config --global user.name "${{ vars.TF_THESUDO_CI_COMMIT_AUTHOR }}"
+          git config --global user.email "${{ vars.TF_THESUDO_CI_COMMIT_EMAIL }}"
+          git add .
+          git commit -a -m "Update changelog"
+          git push "https://${{ vars.TF_THESUDO_CI_COMMIT_AUTHOR }}:${{ secrets.TF_THESUDO_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git"
+
+  release-tag:
+    needs: changelog
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          fetch-depth: 0
+          # Default input is the SHA that initially triggered the workflow. As we created a new commit in the previous job,
+          # to ensure we get the latest commit we use the ref for checkout: 'refs/heads/<branch_name>'
+          ref: ${{ github.ref }}
+          # Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations
+          # More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials
+          persist-credentials: false
+
+      - name: Git push release tag
+        run: |
+          git config --global user.name "${{ vars.TF_THESUDO_CI_COMMIT_AUTHOR }}"
+          git config --global user.email "${{ vars.TF_THESUDO_CI_COMMIT_EMAIL }}"
+          
+          git tag "${{ inputs.versionNumber }}"
+          git push "https://${{ vars.TF_THESUDO_CI_COMMIT_AUTHOR }}:${{ secrets.TF_THESUDO_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" "${{ inputs.versionNumber }}"
+
+  release-notes:
+    needs: [ changelog-version, changelog, release-tag ]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          ref: ${{ inputs.versionNumber }}
+          fetch-depth: 0
+
+      - name: Generate Release Notes
+        run: |
+          cd .changes
+          sed -e "1{/# /d;}" -e "2{/^$/d;}" ${{ needs.changelog-version.outputs.version }}.md > release-notes.txt
+
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        with:
+          name: release-notes
+          path: ./.changes/release-notes.txt
+          retention-days: 1
+
+#   terraform-provider-release:
+#     name: 'Terraform Provider Release'
+#     needs: [ release-notes ]
+#     permissions:
+#       contents: write # Needed for goreleaser to create GitHub release
+#       issues: write # Needed for goreleaser to close associated milestone
+#     uses: hashicorp/ghaction-terraform-provider-release/.github/workflows/hashicorp.yml@9b5d2ca4b85f3a54d5c4d12e7690ddad1526ff6c # v3.0.1
+#     secrets:
+#       hc-releases-key-prod: '${{ secrets.HC_RELEASES_KEY_PROD }}'
+#       hc-releases-key-staging: '${{ secrets.HC_RELEASES_KEY_STAGING }}'
+#       hc-releases-github-token: '${{ secrets.HASHI_RELEASES_GITHUB_TOKEN }}'
+#       hc-releases-terraform-registry-sync-token: '${{ secrets.TF_PROVIDER_RELEASE_TERRAFORM_REGISTRY_SYNC_TOKEN }}'
+#       setup-signore-github-token: '${{ secrets.HASHI_SIGNORE_GITHUB_TOKEN }}'
+#       signore-client-id: '${{ secrets.SIGNORE_CLIENT_ID }}'
+#       signore-client-secret: '${{ secrets.SIGNORE_CLIENT_SECRET }}'
+#       hc-releases-host-staging: '${{ secrets.HC_RELEASES_HOST_STAGING }}'
+#       hc-releases-host-prod: '${{ secrets.HC_RELEASES_HOST_PROD }}'
+#     with:
+#       release-notes: true
+#       setup-go-version-file: 'go.mod'
+#       # Product Version (e.g. v1.2.3)
+#       product-version: '${{ inputs.versionNumber }}'

.github/workflows/test.yml

@@ -0,0 +1,80 @@
+name: Test
+
+on:
+  pull_request:
+    branches: [ main ]
+    paths-ignore:
+      - 'README.md'
+      - 'CHANGELOG.md'
+      - 'website/*'
+  push:
+    branches: [ main ]
+    paths-ignore:
+      - 'README.md'
+      - 'CHANGELOG.md'
+      - 'website/*'
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+    - name: Set up Go
+      uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+      with:
+        go-version-file: 'go.mod'
+      id: go
+
+    - name: Run linters
+      uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
+      with:
+        version: latest
+
+    - name: Generate
+      run: make generate
+
+    - name: Confirm no diff
+      run: |
+        git diff --compact-summary --exit-code || \
+          (echo "*** Unexpected differences after code generation. Run 'make generate' and commit."; exit 1)
+
+    - name: Build
+      run: make build
+
+  test:
+    name: 'Acc. Tests (OS: ${{ matrix.os }} / TF: ${{ matrix.terraform }})'
+    needs: build
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 20
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - macos-latest
+          - windows-latest
+          - ubuntu-latest
+        terraform: ${{ fromJSON(vars.TF_VERSIONS_PROTOCOL_V5) }}
+    steps:
+
+    - name: Check out code
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+    - name: Setup Go
+      uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+      with:
+        go-version-file: 'go.mod'
+        check-latest: true
+
+    - name: Setup Terraform ${{ matrix.terraform }}
+      uses: hashicorp/setup-terraform@97f030cf6dc0b4f5e0da352c7bca9cca34579800 # v3.1.0
+      with:
+        terraform_version: ${{ matrix.terraform }}
+        terraform_wrapper: false
+
+    - name: Run acceptance test
+      run: make testacc

.github/workflows/update_docs.yml

@@ -0,0 +1,38 @@
+name: Update Documentation
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  update_docs:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v2
+
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: '1.22.2'
+
+      - name: Run go generate
+        run: go generate ./...
+
+      - name: Execute build_media_map script
+        run: chmod +x ./scripts/build_media_map.sh && ./scripts/build_media_map.sh
+        id: script_output
+
+      - name: Append output to docs/index.md
+        run: |
+          echo -e "\n# epic Provider\n$(cat docs/index.md)" > docs/index.md
+          echo "${{ steps.script_output.outputs.result }}" >> docs/index.md
+
+      - name: Commit and Push changes
+        run: |
+            git config --global user.name "${{ vars.TF_THESUDO_CI_COMMIT_AUTHOR }}"
+            git config --global user.email "${{ vars.TF_THESUDO_CI_COMMIT_EMAIL }}"
+            git add .
+            git commit -a -m "Update changelog"
+            git push "https://${{ vars.TF_THESUDO_CI_COMMIT_AUTHOR }}:${{ secrets.TF_THESUDO_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git"

.github/workflows/validate_data.yml

@@ -1,4 +1,43 @@
-
-# Validate validate_data.go validCombinations matches the structure of /data
 # Validate .json files under /data/* are formatted as expected
-# replace spaces with _ and validate file contents are valid json syntax
+# replace spaces with _ and validate file contents are valid json syntax
+
+name: Validate JSON Data Files
+
+on:
+  push:
+    paths:
+      - 'data/**'
+  pull_request:
+    paths:
+      - 'data/**'
+
+jobs:
+  validate_json:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v2
+
+      - name: Set up Python 3.x
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.x'
+
+      - name: Install JSON validation tool
+        run: pip install jsonschema
+
+      - name: Validate JSON Files
+        run: |
+          find data -type f -name '*.json' | while read file; do
+            # Check file name format (all lowercase and no spaces)
+            if [[ ! "$file" =~ ^data/[a-zA-Z0-9_]+/[a-z0-9_]+\.json$ ]]; then
+              echo "File name format error: $file"
+              exit 1
+            fi
+            # Check JSON syntax
+            python -m json.tool "$file" > /dev/null
+            if [ $? -ne 0 ]; then
+              echo "JSON syntax error in file: $file"
+              exit 1
+            fi
+          done

.golangci.yml

@@ -0,0 +1,27 @@
+# Visit https://golangci-lint.run/ for usage documentation
+# and information on other useful linters
+issues:
+  max-per-linter: 0
+  max-same-issues: 0
+
+linters:
+  disable-all: true
+  enable:
+    - durationcheck
+    - errcheck
+    - exportloopref
+    - forcetypeassert
+    - godot
+    - gofmt
+    - gosimple
+    - ineffassign
+    - makezero
+    - misspell
+    - nilerr
+    - predeclared
+    - staticcheck
+    - tenv
+    - unconvert
+    - unparam
+    - unused
+    - vet

.goreleaser.yml

@@ -0,0 +1,58 @@
+# Visit https://goreleaser.com for documentation on how to customize this
+# behavior.
+before:
+  hooks:
+    - go mod tidy
+builds:
+- env:
+    - CGO_ENABLED=0
+  mod_timestamp: '{{ .CommitTimestamp }}'
+  flags:
+    - -trimpath
+  ldflags:
+    - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
+  goos:
+    - freebsd
+    - windows
+    - linux
+    - darwin
+  goarch:
+    - amd64
+    - '386'
+    - arm
+    - arm64
+  ignore:
+    - goos: darwin
+      goarch: '386'
+  binary: '{{ .ProjectName }}_v{{ .Version }}'
+archives:
+- files:
+  - LICENSE
+  - data/*
+- format: zip
+  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
+checksum:
+  extra_files:
+    - glob: 'terraform-registry-manifest.json'
+      name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
+  name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
+  algorithm: sha256
+signs:
+  - artifacts: checksum
+    args:
+      # if you are using this in a GitHub action or some other automated pipeline, you 
+      # need to pass the batch flag to indicate its not interactive.
+      - "--batch"
+      - "--local-user"
+      - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+release:
+  extra_files:
+    - glob: 'terraform-registry-manifest.json'
+      name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
+  # draft: true
+changelog:
+  skip: true