-
Notifications
You must be signed in to change notification settings - Fork 0
45 lines (42 loc) · 1.49 KB
/
pre-commit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
name: pre-commit
on:
pull_request:
push:
branches:
- main
env:
DBT_PROFILES_DIR: ../ci
PRIVATE_KEY: ${{ SECRETS.SNOWFLAKE_PRIVATE_KEY }}
SNOWFLAKE_PRIVATE_KEY_PATH: /tmp/private_key.p8
SNOWFLAKE_USER: GITHUB_ACTIONS_SVC_USER_DEV
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
- uses: actions/setup-python@v3
- name: Setup terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: v1.4.0
- name: Install tflint
run: |
curl -s https://raw.githubusercontent.com/terraform-linters/\
tflint/master/install_linux.sh | bash
- id: auth
name: Authenticate to Google Cloud
uses: google-github-actions/auth@v1
with:
# The credentials here can read metadata only, which makes them
# good enough for `dbt compile`, but not good enough for
# `dbt docs generate`. Should we want to do more detailed checks
# at some point, we should revisit the service account permissions.
credentials_json: ${{ secrets.GOOGLE_CREDENTIALS }}
export_environment_variables: true
- uses: actions/setup-python@v3
# TODO: once we are on dbt-snowflake 1.5, no need to pipe to a file, we can
# just use $SNOWFLAKE_PRIVATE_KEY
- name: Set up private key
run: echo "$PRIVATE_KEY" > $SNOWFLAKE_PRIVATE_KEY_PATH
- uses: pre-commit/[email protected]