Merge pull request #15 from PostHog/tom/fix-2 #33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'base' | |
| on: | |
| push: | |
| tags: [ v* ] | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| test-job: | |
| name: Run Tests | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.13" | |
| - name: Install uv | |
| run: curl -LsSf https://astral.sh/uv/install.sh | sh | |
| - name: Install pre-commit | |
| run: pip3 install pre-commit | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: "1.14.2" | |
| - name: Install tflint | |
| run: | | |
| curl -s https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh | bash | |
| - name: Install terraform-docs | |
| run: | | |
| curl -Lo /tmp/terraform-docs.tar.gz https://github.com/terraform-docs/terraform-docs/releases/download/v0.21.0/terraform-docs-v0.21.0-linux-amd64.tar.gz | |
| tar -xzf /tmp/terraform-docs.tar.gz -C /tmp | |
| sudo mv /tmp/terraform-docs /usr/local/bin/ | |
| - name: Install Trivy | |
| run: | | |
| wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - | |
| echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list | |
| sudo apt-get update | |
| sudo apt-get install trivy -y | |
| # Pre-download policy bundle to avoid race condition when pre-commit runs parallel scans | |
| trivy fs --scanners misconfig --cache-dir ~/.cache/trivy . | |
| - name: Run tests | |
| run: bash run-tests.sh | |
| - name: Show uncommitted changes | |
| if: always() | |
| run: | | |
| echo "=== Git Status ===" | |
| git status | |
| echo "=== Git Diff ===" | |
| git diff | |
| # localstack: | |
| # name: localstack | |
| # runs-on: ubuntu-22.04 | |
| # defaults: | |
| # run: | |
| # shell: bash | |
| # env: | |
| # AWS_DEFAULT_REGION: "eu-central-1" | |
| # TF_CLI_ARGS_plan: "-compact-warnings" | |
| # TF_CLI_ARGS_apply: "-compact-warnings" | |
| # services: | |
| # localstack-service: | |
| # image: localstack/localstack:3.4.0 | |
| # ports: | |
| # - "4566:4566" | |
| # - "4510-4559:4510-4559" | |
| # env: | |
| # #SERVICES: "sqs,s3" | |
| # FORCE_NONINTERACTIVE: 1 | |
| # AWS_ACCESS_KEY_ID: test | |
| # AWS_SECRET_ACCESS_KEY: test | |
| # options: >- | |
| # --health-cmd "./bin/localstack status services" | |
| # --health-interval 10s | |
| # --health-timeout 5s | |
| # --health-retries 5 | |
| # --health-start-period 15s | |
| # volumes: | |
| # - /var/run/docker.sock:/var/run/docker.sock # https://docs.localstack.cloud/references/lambda-provider-v2/#docker-not-available | |
| # steps: | |
| # - uses: actions/checkout@master | |
| # - name: Setup Terraform | |
| # uses: hashicorp/setup-terraform@v1 | |
| # with: | |
| # terraform_version: 1.5.0 | |
| # - uses: actions/setup-python@v4 | |
| # with: | |
| # python-version: '3.13' | |
| # - name: Terraform-local installation | |
| # run: pip3 install terraform-local==0.16.1 | |
| # - name: Install uv | |
| # run: curl -LsSf https://astral.sh/uv/install.sh | sh | |
| # - name: terraform drop unsupported by localstack | |
| # run: | | |
| # rm sheduler_group.tf | |
| # - name: terraform init | |
| # run: tflocal init -backend-config=./tests/localstack-backend.tf | |
| # - name: terraform validate | |
| # run: tflocal validate | |
| # - name: terraform plan | |
| # run: tflocal plan -var-file=./tests/localstack.tfvars -out=plan.tfplan | |
| # - name: terraform apply | |
| # run: tflocal apply -auto-approve plan.tfplan |