Setup actions for pre-commit (#34)

* Setup actions for pre-commit

* Link check

* To drop

* Edit path

* Pre-commit badge

* Revert "Edit path"

This reverts commit ccd5c09.

* Revert "To drop"

This reverts commit a3ccee0.

* Setup plan for examples

* Remove dead code

Author: bonclay7

.github/workflows/linkcheck.json

@@ -0,0 +1,27 @@
+{
+    "timeout": "5s",
+    "retryOn429": true,
+    "retryCount": 5,
+    "fallbackRetryDelay": "30s",
+    "aliveStatusCodes": [200, 206],
+    "httpHeaders": [
+      {
+        "urls": ["https://help.github.com/"],
+        "headers": {
+          "Accept-Encoding": "zstd, br, gzip, deflate"
+        }
+      }
+    ],
+    "ignorePatterns": [
+      {
+        "pattern": [
+            "localhost"
+        ]
+      },
+      {
+        "pattern": [
+            "127.0.0.1"
+        ]
+      }
+    ]
+}

.github/workflows/markdown-link-check.yaml

@@ -0,0 +1,29 @@
+name: Check Markdown links
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "**/*.md"
+
+  pull_request:
+    branches:
+      - main
+    paths:
+      - "**/*.md"
+
+jobs:
+  markdown-link-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: '16.x'
+      - name: install markdown-link-check
+        run: npm install -g [email protected]
+      - name: markdown-link-check version
+        run: npm list -g markdown-link-check
+      - name: Run markdown-link-check on MD files
+        run: find docs -name "*.md" | xargs -n 1 markdown-link-check -q -c .github/workflows/linkcheck.json

.github/workflows/pre-commit.yaml

@@ -0,0 +1,134 @@
+name: pre-commit
+
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '**.tf'
+      - '**.yml'
+      - '**.yaml'
+
+env:
+  TERRAFORM_DOCS_VERSION: v0.16.0
+  TFSEC_VERSION: v1.22.0
+  TF_PLUGIN_CACHE_DIR: ${{ github.workspace }}/.terraform.d/plugin-cache
+  TFLINT_VERSION: v0.38.1
+
+concurrency:
+  group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
+  cancel-in-progress: true
+
+jobs:
+  collectInputs:
+    name: Collect workflow inputs
+    runs-on: ubuntu-latest
+    outputs:
+      directories: ${{ steps.dirs.outputs.directories }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Get root directories
+        id: dirs
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+
+  preCommitMinVersions:
+    name: Min TF pre-commit
+    needs: collectInputs
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        directory: ${{ fromJson(needs.collectInputs.outputs.directories) }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: dorny/paths-filter@v2
+        id: changes
+        with:
+          # We only need to check Terraform files for the current directory
+          # because the `preCommitMaxVersion` job will run the full,
+          # exhaustive checks (always)
+          filters: |
+            src:
+              - '${{ matrix.directory }}/*.tf'
+
+      - name: Config Terraform plugin cache
+        if: steps.changes.outputs.src== 'true'
+        run: mkdir --parents ${{ env.TERRAFORM_DOCS_VERSION }}
+
+      - name: Cache Terraform
+        uses: actions/cache@v3
+        if: steps.changes.outputs.src== 'true'
+        with:
+          path: ${{ env.TERRAFORM_DOCS_VERSION }}
+          key: ${{ runner.os }}-terraform-${{ hashFiles('**/.terraform.lock.hcl') }}
+          restore-keys: ${{ runner.os }}-terraform-
+
+      - name: Terraform min/max versions
+        uses: clowdhaus/[email protected]
+        if: steps.changes.outputs.src== 'true'
+        id: minMax
+        with:
+          directory: ${{ matrix.directory }}
+
+      - name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+        # Run only validate pre-commit check on min version supported
+        if: ${{ matrix.directory !=  '.' && steps.changes.outputs.src== 'true' }}
+        with:
+          terraform-version: ${{ steps.minMax.outputs.minVersion }}
+          args: 'terraform_validate --color=always --show-diff-on-failure --files ${{ matrix.directory }}/*'
+
+      - name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+        # Run only validate pre-commit check on min version supported
+        if: ${{ matrix.directory ==  '.' && steps.changes.outputs.src== 'true' }}
+        with:
+          terraform-version: ${{ steps.minMax.outputs.minVersion }}
+          args: 'terraform_validate --color=always --show-diff-on-failure --files $(ls *.tf)'
+
+  preCommitMaxVersion:
+    name: Max TF pre-commit
+    runs-on: ubuntu-latest
+    needs: collectInputs
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: dorny/paths-filter@v2
+        id: changes
+        with:
+          filters: |
+            src:
+              - '**/*.tf'
+
+      - name: Config Terraform plugin cache
+        if: steps.changes.outputs.src== 'true'
+        run: mkdir --parents ${{ env.TERRAFORM_DOCS_VERSION }}
+
+      - name: Cache Terraform
+        uses: actions/cache@v3
+        if: steps.changes.outputs.src== 'true'
+        with:
+          path: ${{ env.TF_PLUGIN_CACHE_DIR }}
+          key: ${{ runner.os }}-terraform-${{ hashFiles('**/.terraform.lock.hcl') }}
+          restore-keys: ${{ runner.os }}-terraform-
+
+      - name: Install tfsec
+        if: steps.changes.outputs.src== 'true'
+        run: curl -sSLo ./tfsec https://github.com/aquasecurity/tfsec/releases/download/${{ env.TFSEC_VERSION }}/tfsec-$(uname)-amd64 && chmod +x tfsec && sudo mv tfsec /usr/bin/
+
+      - name: Terraform min/max versions
+        id: minMax
+        uses: clowdhaus/[email protected]
+        if: steps.changes.outputs.src== 'true'
+
+      - name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }}
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+        if: steps.changes.outputs.src== 'true'
+        with:
+          terraform-version: ${{ steps.minMax.outputs.maxVersion }}
+          terraform-docs-version: ${{ env.TERRAFORM_DOCS_VERSION }}
+          tflint-version: ${{ env.TFLINT_VERSION }}

README.md

@@ -1,5 +1,7 @@
 # AWS Observability Accelerator for Terraform
 
+[![pre-commit](https://github.com/aws-observability/terraform-aws-observability-accelerator/actions/workflows/pre-commit.yaml/badge.svg)](https://github.com/aws-observability/terraform-aws-observability-accelerator/actions/workflows/pre-commit.yaml)
+
 Welcome to the AWS Observability Accelerator for Terraform!
 
 The AWS Observability accelerator for Terraform is a set of modules to help you

examples/eks-cluster-with-vpc/versions.tf

@@ -23,4 +23,11 @@ terraform {
       version = ">= 1.25.0"
     }
   }
+
+  # ##  Used for end-to-end testing on project; update to suit your needs
+  # backend "s3" {
+  #   bucket = "observability-accelerator-terraform-states"
+  #   region = "us-west-2"
+  #   key    = "e2e/eks-cluster-with-vpc/terraform.tfstate"
+  # }
 }

examples/existing-cluster-with-base-and-infra/versions.tf

@@ -22,4 +22,12 @@ terraform {
       version = ">= 1.25.0"
     }
   }
+
+  # ##  Used for end-to-end testing on project; update to suit your needs
+  # backend "s3" {
+  #   bucket = "observability-accelerator-terraform-states"
+  #   region = "us-west-2"
+  #   key    = "e2e/existing-cluster-with-base-and-infra/terraform.tfstate"
+  # }
+
 }