generated from equinix-labs/terraform-equinix-template
-
Notifications
You must be signed in to change notification settings - Fork 2
81 lines (68 loc) · 2.05 KB
/
pre-commit.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
name: 'run-pre-commit-hooks'
# This workflow runs the pre-commit hooks defined in .pre-commit-config.yaml
on:
pull_request:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
pre-commit:
runs-on: ${{ matrix.os }}
env:
GO_VERSION: ${{ matrix.go }}
TF_VERSION: ${{ matrix.tf }}
TFLINT_VERSION: ${{ matrix.tflint }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
strategy:
matrix:
os: [ubuntu-latest]
tf: [1.4.0]
tflint: [v0.47.0]
go: ['1.20']
permissions:
pull-requests: write
id-token: write
contents: read
steps:
- name: Checkout from Github
uses: actions/checkout@v4
- name: Install Python3
uses: actions/setup-python@v5
- name: Install tflint
uses: terraform-linters/setup-tflint@v4
with:
tflint_version: ${{ env.TFLINT_VERSION }}
- name: Cache tflint plugin dir
uses: actions/cache@v4
with:
path: ~/.tflint.d/plugins
key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }}
- name: Install Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TF_VERSION }}
- name: Config Terraform plugin cache
run: |
echo 'plugin_cache_dir="$HOME/.terraform.d/plugin-cache"' >~/.terraformrc
mkdir --parents ~/.terraform.d/plugin-cache
- name: Cache Terraform
uses: actions/cache@v4
with:
path: |
~/.terraform.d/plugin-cache
key: ${{ runner.os }}-terraform-${{ hashFiles('**/.terraform.lock.hcl') }}
restore-keys: |
${{ runner.os }}-terraform-
- name: Install tfsec
uses: jaxxstorm/[email protected]
with:
repo: aquasecurity/tfsec
platform: linux
arch: amd64
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Install shfmt
run: go install mvdan.cc/sh/v3/cmd/shfmt@latest
- uses: pre-commit/[email protected]