chore: Accept coderabbit suggestion

actuarysailor · actuarysailor · commit 12e5de2fa8ea · 2025-08-15T18:11:18.000-04:00
diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml
@@ -79,6 +79,7 @@ jobs:
       env:
         IMAGE_TAGS: ${{ steps.meta.outputs.tags }}
       run: |
+        set -euo pipefail
         IMAGE_TAG=$(echo "$IMAGE_TAGS" | head -n1)
         echo "Testing tools image: $IMAGE_TAG"
 
@@ -87,17 +88,71 @@ jobs:
         docker run --rm "$IMAGE_TAG" terraform-docs --version
         docker run --rm "$IMAGE_TAG" tflint --version
 
-        # Functional tests
-        echo "Testing basic functionality..."
+        # Optional extra versions (quick smoke)
+        docker run --rm "$IMAGE_TAG" checkov --version || true
+        docker run --rm "$IMAGE_TAG" trivy --version || true
+
+        # Create a minimal, self-contained Terraform module for functional tests
+        TMP_DIR="$(mktemp -d)"
+        trap 'rm -rf "$TMP_DIR"' EXIT
+        cat > "$TMP_DIR/main.tf" << 'EOF'
+        terraform {
+          required_version = ">= 1.3.0"
+        }
+        variable "example_var" {
+          description = "An example variable"
+          type        = string
+          default     = "test"
+        }
+        output "example_output" {
+          description = "An example output"
+          value       = var.example_var
+        }
+        EOF
+        echo "# Test Module" > "$TMP_DIR/README.md"
+
+        echo "Testing terraform fmt..."
+
+        docker run --rm \
+          -v "$TMP_DIR:/workspace" \
+          -w /workspace \
+          "$IMAGE_TAG" \
+          terraform fmt -check -diff
+
+        echo "Testing terraform init/validate..."
+
+        docker run --rm \
+          -v "$TMP_DIR:/workspace" \
+          -w /workspace \
+          "$IMAGE_TAG" \
+          terraform init -backend=false
+
         docker run --rm \
-          -v "$(pwd)/tests:/workspace" \
+          -v "$TMP_DIR:/workspace" \
           -w /workspace \
           "$IMAGE_TAG" \
-          terraform init -backend=false \
-          || echo "terraform init test passed"
+          terraform validate
+
+        echo "Testing terraform-docs..."
+
+        docker run --rm \
+          -v "$TMP_DIR:/workspace" \
+          -w /workspace \
+          "$IMAGE_TAG" \
+          terraform-docs markdown table . --output-file README.md
+
+        echo "Testing tflint..."
+
+        docker run --rm \
+          -v "$TMP_DIR:/workspace" \
+          -w /workspace \
+          "$IMAGE_TAG" \
+          tflint --init
+
         docker run --rm \
-          -v "$(pwd):/workspace" \
+          -v "$TMP_DIR:/workspace" \
           -w /workspace \
           "$IMAGE_TAG" \
-          terraform fmt -check -diff \
-          || echo "terraform fmt test completed"
+          tflint
+
+        echo "All functional tests passed!"
