deps(docker): bump hashicorp/terraform from 1.9.7 to 1.9.8 #878
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Test | |
on: | |
pull_request: | |
push: | |
merge_group: | |
workflow_dispatch: | |
# Don't grant any access by default | |
permissions: {} | |
jobs: | |
# Set build metadata before running any other job so we can reuse them for | |
# both the standandard and the slim images, and for verification as well. | |
# We can't run this as part of the build-container-image job because it | |
# runs multiple times due to its matrix configuration, leading to race | |
# conditions when verifying container image labels. | |
set-build-metadata: | |
name: Set build metadata | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
outputs: | |
CONTAINER_IMAGE_BUILD_DATE: ${{ steps.set-container-image-build-metadata.outputs.CONTAINER_IMAGE_BUILD_DATE }} | |
CONTAINER_IMAGE_BUILD_REVISION: ${{ steps.set-container-image-build-metadata.outputs.CONTAINER_IMAGE_BUILD_REVISION }} | |
CONTAINER_IMAGE_BUILD_VERSION: ${{ steps.set-container-image-build-metadata.outputs.CONTAINER_IMAGE_BUILD_VERSION }} | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set build metadata | |
id: set-container-image-build-metadata | |
run: | | |
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then | |
BUILD_REVISION=${{ github.sha }} | |
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then | |
BUILD_REVISION=${{ github.event.pull_request.head.sha }} | |
else | |
echo "[ERROR] Event not supported when setting build revision and build version" | |
exit 1 | |
fi | |
. scripts/build-metadata.sh | |
if [ -z "${BUILD_DATE}" ]; then | |
echo "[ERROR] BUILD_DATE is empty" | |
exit 1 | |
fi | |
if [ -z "${BUILD_REVISION}" ]; then | |
echo "[ERROR] BUILD_REVISION is empty" | |
exit 1 | |
fi | |
if [ -z "${BUILD_VERSION}" ]; then | |
echo "[ERROR] BUILD_VERSION is empty" | |
exit 1 | |
fi | |
echo "Build date (GH Actions workflow): ${BUILD_DATE}" | |
echo "Build revision (GH Actions workflow): ${BUILD_REVISION}" | |
echo "Build version (GH Actions workflow): ${BUILD_VERSION}" | |
{ | |
echo "BUILD_DATE=${BUILD_DATE}" | |
echo "BUILD_REVISION=${BUILD_REVISION}" | |
echo "BUILD_VERSION=${BUILD_VERSION}" | |
} >> "${GITHUB_ENV}" | |
{ | |
echo "CONTAINER_IMAGE_BUILD_DATE=${BUILD_DATE}" | |
echo "CONTAINER_IMAGE_BUILD_REVISION=${BUILD_REVISION}" | |
echo "CONTAINER_IMAGE_BUILD_VERSION=${BUILD_VERSION}" | |
} >> "${GITHUB_OUTPUT}" | |
build-container-image: | |
name: Build and Test | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
needs: | |
- set-build-metadata | |
concurrency: | |
# Ref: https://docs.github.com/en/actions/learn-github-actions/contexts#github-context | |
# github.head_ref: head_ref or source branch of the pull request | |
# github.ref: ref of the branch that triggered the workflow | |
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ matrix.images.target }} | |
cancel-in-progress: true | |
strategy: | |
fail-fast: false | |
matrix: | |
images: | |
- prefix: slim- | |
target: slim | |
- prefix: "" | |
target: standard | |
timeout-minutes: 60 | |
env: | |
CONTAINER_IMAGE_ID: "ghcr.io/khulnasoft-lab/awesome-linter:${{ matrix.images.prefix }}latest" | |
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}" | |
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "awesome-linter-${{ matrix.images.prefix }}latest" | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Free Disk space | |
shell: bash | |
run: | | |
sudo rm -rf /usr/local/lib/android || true | |
sudo rm -rf /usr/share/dotnet || true | |
sudo rm -rf /opt/ghc || true | |
sudo rm -rf /usr/local/.ghcup || true | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build Image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: ./Dockerfile | |
build-args: | | |
BUILD_DATE=${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_DATE }} | |
BUILD_REVISION=${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_REVISION }} | |
BUILD_VERSION=${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_VERSION }} | |
cache-from: type=registry,ref=${{ env.CONTAINER_IMAGE_ID }}-buildcache | |
outputs: type=docker,dest=/tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar | |
push: false | |
secrets: | | |
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
tags: | | |
${{ env.CONTAINER_IMAGE_ID }} | |
target: "${{ matrix.images.target }}" | |
# Load the image here because the docker/build-push-action doesn't support multiple exporters yet | |
# Ref: https://github.com/docker/build-push-action/issues/413 | |
# Ref: https://github.com/moby/buildkit/issues/1555 | |
- name: Load image | |
run: | | |
docker load <"/tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar" | |
- name: Print environment info | |
run: | | |
make info | |
- name: Upload ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image | |
uses: actions/upload-artifact@v4.3.6 | |
with: | |
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} | |
path: /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar | |
test-local-action: | |
name: Test the Awesome-linter GitHub Action | |
runs-on: ubuntu-latest | |
needs: build-container-image | |
permissions: | |
contents: read | |
strategy: | |
matrix: | |
images: | |
- container-image-id: awesome-linter-latest | |
prefix: "" | |
target: standard | |
- container-image-id: awesome-linter-slim-latest | |
prefix: slim- | |
target: slim | |
env: | |
CONTAINER_IMAGE_ID: "ghcr.io/khulnasoft-lab/awesome-linter:${{ matrix.images.prefix }}latest" | |
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}" | |
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "awesome-linter-${{ matrix.images.prefix }}latest" | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Download ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image | |
uses: actions/download-artifact@v4.1.8 | |
with: | |
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} | |
path: /tmp | |
- name: Load ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image | |
run: | | |
docker load --input /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar | |
docker image ls -a | |
- name: Update action.yml | |
run: | | |
echo "yq version: $(yq --version)" | |
yq '.runs.image = "docker://" + env(CONTAINER_IMAGE_ID)' -i action.yml | |
echo "Action file contents:" | |
cat action.yml | |
- name: Test Local Action (debug log) | |
uses: ./ | |
env: | |
LOG_LEVEL: DEBUG | |
CREATE_LOG_FILE: true | |
VALIDATE_ALL_CODEBASE: false | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITLEAKS_CONFIG_FILE: .gitleaks-ignore-tests.toml | |
FILTER_REGEX_EXCLUDE: ".*(/test/linters/|CHANGELOG.md).*" | |
RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES: "default.json,hoge.json" | |
TYPESCRIPT_STANDARD_TSCONFIG_FILE: ".github/linters/tsconfig.json" | |
VALIDATE_JAVASCRIPT_STANDARD: false | |
- name: Get the contents of the log file | |
run: | | |
sudo cat awesome-linter.log | |
sudo rm -v awesome-linter.log | |
- name: Test Local Action (default log) | |
uses: ./ | |
env: | |
VALIDATE_ALL_CODEBASE: false | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITLEAKS_CONFIG_FILE: .gitleaks-ignore-tests.toml | |
FILTER_REGEX_EXCLUDE: ".*(/test/linters/|CHANGELOG.md).*" | |
TYPESCRIPT_STANDARD_TSCONFIG_FILE: ".github/linters/tsconfig.json" | |
VALIDATE_JAVASCRIPT_STANDARD: false | |
build-test-suite-matrix: | |
name: Build test suite matrix | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
outputs: | |
matrix: ${{ steps.generate-matrix.outputs.test-cases }} | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Generate test cases matrix | |
id: generate-matrix | |
run: | | |
TEST_TARGETS=$(make -pRrq 2>&1 | grep 'test:' | tr -d '\n' | sed -e "s/^test: //" | jq --raw-input --slurp --compact-output 'split(" ")') | |
echo "TEST_TARGETS: ${TEST_TARGETS}" | |
echo "test-cases=${TEST_TARGETS}" >> "${GITHUB_OUTPUT}" | |
run-test-suite: | |
name: Run test cases | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
needs: | |
- set-build-metadata | |
- build-container-image | |
- build-test-suite-matrix | |
strategy: | |
matrix: | |
test-case: ${{ fromJson(needs.build-test-suite-matrix.outputs.matrix) }} | |
images: | |
- container-image-id: awesome-linter-latest | |
prefix: "" | |
target: standard | |
- container-image-id: awesome-linter-slim-latest | |
prefix: slim- | |
target: slim | |
include: | |
# Also run the test target to check if running the whole test suite | |
# in the same execution environment prevents it from succeeding | |
- test-case: test | |
env: | |
CONTAINER_IMAGE_ID: "ghcr.io/khulnasoft-lab/awesome-linter:${{ matrix.images.prefix }}latest" | |
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}" | |
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "awesome-linter-${{ matrix.images.prefix }}latest" | |
BUILD_DATE: ${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_DATE }} | |
BUILD_REVISION: ${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_REVISION }} | |
BUILD_VERSION: ${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_VERSION }} | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Download ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image | |
uses: actions/download-artifact@v4.1.8 | |
with: | |
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} | |
path: /tmp | |
- name: Load ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image | |
run: | | |
docker load --input /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar | |
docker image ls -a | |
- name: "Test case: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} - ${{ matrix.test-case }}" | |
run: | | |
echo "Running: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} - ${{ matrix.test-case }}" | |
make ${{ matrix.test-case }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# The purpose of this job is to run only when the run-test-suite job runs to completion. | |
# We can use this job as a required status check in a branch protection rule without | |
# having to select each individual job that dynamically add to the test matrix. | |
test-success-placeholder: | |
name: Check if all the tests passed | |
if: ${{ always() }} | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
needs: | |
- run-test-suite | |
- test-local-action | |
steps: | |
- name: Test suite success | |
if: ${{ !(contains(needs.*.result, 'failure')) && !contains(needs.*.result, 'cancelled') && !contains(needs.*.result, 'skipped') }} | |
run: exit 0 | |
- name: Test suite failures | |
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') || contains(needs.*.result, 'skipped') }} | |
run: exit 1 | |
preview-release-notes: | |
if: github.event_name == 'pull_request' && github.repository == github.event.pull_request.head.repo.full_name && github.repository == 'awesome-linter/awesome-linter' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup authentication token | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" > .github-personal-access-token | |
- name: Generate a preview of the release notes | |
run: | | |
make release-please-dry-run |