chore(terraform-version): update terraform (non-major) #2640
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # yamllint disable rule:line-length | |
| name: lint | |
| on: | |
| pull_request: | |
| schedule: | |
| - cron: '0 5 * * 1' | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| detect-changes: | |
| uses: ppat/github-workflows/.github/workflows/detect-changed-files.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| # yamllint disable-line rule:indentation | |
| files_yaml: | | |
| actions: | |
| - .github/workflows/** | |
| docker: | |
| - '**/Dockerfile' | |
| markdown: | |
| - '**.md' | |
| renovate: | |
| - .github/renovate.json | |
| - .github/renovate/** | |
| shellscripts: | |
| - '**.sh' | |
| terraform: | |
| - '**.tf' | |
| - '**/.terraform-version' | |
| - '**/.terraform.lock.hcl' | |
| - '.tflint.hcl' | |
| yaml: | |
| - '**.yaml' | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| terraform-dirs: | |
| needs: [detect-changes] | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 2 | |
| outputs: | |
| terraform_dirs: ${{ steps.determine-tf-dirs.outputs.dirs }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 | |
| with: | |
| fetch-depth: 1 | |
| persist-credentials: false | |
| - name: Determine Terraform directories to validate | |
| id: determine-tf-dirs | |
| # yamllint disable-line rule:indentation | |
| run: | | |
| if [[ "${{ github.event_name }}" != "pull_request" ]]; then | |
| # For workflow_dispatch, validate all terraform directories | |
| TF_DIRS=$(find templates/ -maxdepth 2 -mindepth 2 -type d -not -name '.*' 2>/dev/null | sort | jq -R -s -c 'split("\n") | map(select(length > 0))') | |
| elif [[ "${{ fromJSON(needs.detect-changes.outputs.results).terraform_any_changed }}" == "true" ]]; then | |
| # For pull requests, check which files changed | |
| CHANGED_FILES="${{ fromJSON(needs.detect-changes.outputs.results).terraform_all_changed_files }}" | |
| TEMPLATE_CHANGES=$(echo "$CHANGED_FILES" | tr ' ' '\n' | grep '^templates/' || true) | |
| # Otherwise only validate affected templates | |
| TF_DIRS=$(echo "$TEMPLATE_CHANGES" | grep -o 'templates/[^/]*' | sort | uniq | tr -d ' ' | jq -R -s -c 'split("\n") | map(select(length > 0))') | |
| else | |
| TF_DIRS="[]" | |
| echo "No Terraform changes detected" | |
| fi | |
| echo "dirs=$TF_DIRS" >> $GITHUB_OUTPUT | |
| commit-messages: | |
| if: ${{ github.event_name == 'pull_request' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-commit-messages.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref }} | |
| fetch_depth: ${{ github.event.pull_request.commits || 0 }} | |
| from: ${{ github.event.pull_request.head.sha || 'HEAD' }}~${{ github.event.pull_request.commits || '1' }} | |
| to: ${{ github.event.pull_request.head.sha || 'HEAD' }} | |
| github-actions: | |
| needs: [detect-changes] | |
| if: ${{ github.event_name != 'pull_request' || fromJSON(needs.detect-changes.outputs.results).actions_any_changed == 'true' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-github-actions.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| files: ${{ github.event_name != 'pull_request' && 'ALL' || fromJSON(needs.detect-changes.outputs.results).actions_all_changed_files }} | |
| markdown: | |
| needs: [detect-changes] | |
| if: ${{ github.event_name != 'pull_request' || fromJSON(needs.detect-changes.outputs.results).markdown_any_changed == 'true' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-markdown.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| files: ${{ github.event_name != 'pull_request' && 'ALL' || fromJSON(needs.detect-changes.outputs.results).markdown_all_changed_files }} | |
| docker-files: | |
| needs: [detect-changes] | |
| if: ${{ github.event_name != 'pull_request' || fromJSON(needs.detect-changes.outputs.results).docker_any_changed == 'true' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-hadolint.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| files: ${{ github.event_name != 'pull_request' && 'ALL' || fromJSON(needs.detect-changes.outputs.results).docker_all_changed_files }} | |
| hadolint_config: .hadolint.yaml | |
| pre-commit: | |
| uses: ppat/github-workflows/.github/workflows/lint-pre-commit.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| renovate-config-check: | |
| needs: [detect-changes] | |
| if: ${{ github.event_name != 'pull_request' || fromJSON(needs.detect-changes.outputs.results).renovate_any_changed == 'true' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-renovate-config-check.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| files: ${{ github.event_name != 'pull_request' && 'ALL' || fromJSON(needs.detect-changes.outputs.results).renovate_all_changed_files }} | |
| shellcheck: | |
| needs: [detect-changes] | |
| if: ${{ github.event_name != 'pull_request' || fromJSON(needs.detect-changes.outputs.results).shellscripts_any_changed == 'true' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-shellcheck.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| files: ${{ github.event_name != 'pull_request' && 'ALL' || fromJSON(needs.detect-changes.outputs.results).shellscripts_all_changed_files }} | |
| terraform: | |
| needs: [terraform-dirs] | |
| if: ${{ github.event_name != 'pull_request' || needs.terraform-dirs.outputs.terraform_dirs != '[]' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-terraform.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| tf_dirs: ${{ needs.terraform-dirs.outputs.terraform_dirs }} | |
| yaml: | |
| needs: [detect-changes] | |
| if: ${{ github.event_name != 'pull_request' || fromJSON(needs.detect-changes.outputs.results).yaml_any_changed == 'true' }} | |
| uses: ppat/github-workflows/.github/workflows/lint-yaml.yaml@b62897fd95e2274bfb096f275a7e5588d61bb1c3 # v3.0.1 | |
| with: | |
| git_ref: ${{ github.head_ref || github.ref }} | |
| files: ${{ github.event_name != 'pull_request' && 'ALL' || fromJSON(needs.detect-changes.outputs.results).yaml_all_changed_files }} |