Apply GitHub workflow changes #861
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## These checks will be superseded by documentation.yml | |
## when the provider documentation layout is moved to | |
## the Terraform Registry layout. | |
name: Website Checks | |
on: | |
push: | |
branches: | |
- main | |
- "release/**" | |
pull_request: | |
paths: | |
- .github/workflows/website.yml | |
- .ci/.markdownlinkcheck.json | |
- .ci/.tflint.hcl | |
- .ci/tools/go.mod | |
- .markdownlint.yml | |
- website/docs/** | |
## NOTE: !!! | |
## When changing these workflows, ensure that the following is updated: | |
## - Documentation: docs/continuous-integration.md | |
## - Documentation: docs/makefile-cheat-sheet.md | |
## - Makefile: ./GNUmakefile | |
jobs: | |
markdown-link-check-a-h-markdown: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: YakDriver/md-check-links@0a295ce2e08c544aae01cccc9b4c6801a8398942 # v2.2.0 | |
name: markdown-link-check website/docs/**/[a-h].markdown | |
with: | |
quiet: "yes" | |
verbose: "yes" | |
config: ".ci/.markdownlinkcheck.json" | |
directory: "website/docs/r, website/docs/d" | |
prefix: "[a-h]" | |
extension: ".markdown" | |
branch: "main" | |
modified: "no" | |
markdown-link-check-i-z-markdown: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: YakDriver/md-check-links@0a295ce2e08c544aae01cccc9b4c6801a8398942 # v2.2.0 | |
name: markdown-link-check website/docs/**/[i-z].markdown | |
with: | |
quiet: "yes" | |
verbose: "yes" | |
config: ".ci/.markdownlinkcheck.json" | |
directory: "website/docs/r, website/docs/d" | |
prefix: "[i-z]" | |
extension: ".markdown" | |
branch: "main" | |
modified: "no" | |
markdown-link-check-md: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: YakDriver/md-check-links@0a295ce2e08c544aae01cccc9b4c6801a8398942 # v2.2.0 | |
name: markdown-link-check website/docs/**/*.md | |
with: | |
quiet: "yes" | |
verbose: "yes" | |
config: ".ci/.markdownlinkcheck.json" | |
directory: "website/docs" | |
# Don't check CDKTF translated guides, e.g. website/docs/cdktf/typescript/guides/version-4-upgrade.html.markdown. | |
depth: 2 | |
extension: ".md" | |
# Checking only modified files in the PR does not respect 'mex-depth'. | |
# branch: "main" | |
# modified: "yes" | |
markdown-lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: avto-dev/markdown-lint@04d43ee9191307b50935a753da3b775ab695eceb # v1.5.0 | |
with: | |
args: "website/docs" | |
# Ignore CDKTF translated guides. | |
ignore: "website/docs/cdktf/*/guides/*" | |
misspell: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version-file: .ci/tools/go.mod | |
- uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
continue-on-error: true | |
timeout-minutes: 2 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} | |
- run: cd .ci/tools && go install github.com/client9/misspell/cmd/misspell | |
- run: make website-misspell | |
terrafmt: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version-file: .ci/tools/go.mod | |
- uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
continue-on-error: true | |
timeout-minutes: 2 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} | |
- run: cd .ci/tools && go install github.com/katbyte/terrafmt | |
- run: terrafmt diff ./website --check --pattern '*.markdown' | |
tflint: | |
runs-on: custom-linux-xl | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version-file: .ci/tools/go.mod | |
- uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
continue-on-error: true | |
timeout-minutes: 2 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} | |
- run: cd .ci/tools && go install github.com/katbyte/terrafmt | |
- run: cd .ci/tools && go install github.com/terraform-linters/tflint | |
- uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
name: Cache plugin dir | |
with: | |
path: ~/.tflint.d/plugins | |
key: ${{ runner.os }}-tflint-${{ hashFiles('.ci/.tflint.hcl') }} | |
- run: tflint --config .ci/.tflint.hcl --init | |
- run: | | |
exit_code=0 | |
# Configure the rules for tflint. | |
# The *_invalid_* rules disabled here prevent evaluation of expressions. | |
# Do not disable *_invalid_name rules, since these are good checks for e.g. "%s" formatting verbs | |
# being carried over from test cases. | |
shared_rules=( | |
"--disable-rule=aws_cloudwatch_event_target_invalid_arn" | |
"--disable-rule=aws_db_instance_default_parameter_group" | |
"--disable-rule=aws_elasticache_cluster_default_parameter_group" | |
"--disable-rule=aws_elasticache_replication_group_default_parameter_group" | |
"--disable-rule=aws_iam_policy_sid_invalid_characters" | |
"--disable-rule=aws_iam_saml_provider_invalid_saml_metadata_document" | |
"--disable-rule=aws_iam_server_certificate_invalid_certificate_body" | |
"--disable-rule=aws_iam_server_certificate_invalid_private_key" | |
"--disable-rule=aws_iot_certificate_invalid_csr" | |
"--disable-rule=aws_lb_invalid_load_balancer_type" | |
"--disable-rule=aws_lb_target_group_invalid_protocol" | |
"--disable-rule=aws_networkfirewall_rule_group_invalid_rules" | |
"--disable-rule=aws_s3_object_copy_invalid_source" | |
"--disable-rule=aws_servicecatalog_portfolio_share_invalid_type" | |
"--disable-rule=aws_transfer_ssh_key_invalid_body" | |
"--disable-rule=aws_worklink_website_certificate_authority_association_invalid_certificate" | |
"--disable-rule=terraform_unused_declarations" | |
"--disable-rule=terraform_typed_variables" | |
) | |
while read -r filename; do | |
rules=("${shared_rules[@]}") | |
if [[ "$filename" == "./website/docs/guides/version-2-upgrade.html.markdown" ]]; then | |
# ./website/docs/guides/version-2-upgrade.html.markdown should still include pre-0.12 syntax, | |
# since v1.0 does not support Terraform 0.12. | |
rules+=( | |
"--disable-rule=terraform_deprecated_index" | |
"--disable-rule=terraform_deprecated_interpolation" | |
) | |
elif [[ "$filename" == "./website/docs/guides/version-3-upgrade.html.markdown" ]]; then | |
# ./website/docs/guides/version-3-upgrade.html.markdown has one example showing migration from | |
# pre-0.12 syntax to 0.12 syntax. We can't customize rules per block, and adding a | |
# tflint-ignore directive to documentation is not ideal. | |
rules+=( | |
"--enable-rule=terraform_deprecated_index" | |
"--disable-rule=terraform_deprecated_interpolation" | |
) | |
else | |
rules+=( | |
"--enable-rule=terraform_deprecated_index" | |
"--enable-rule=terraform_deprecated_interpolation" | |
) | |
fi | |
# We need to capture the output and error code here. We don't want to exit on the first error | |
set +e | |
./.ci/scripts/validate-terraform-file.sh "$filename" "${rules[@]}" || exit_code=1 | |
set -e | |
done < <(find ./website/docs -not \( -path ./website/docs/cdktf -prune \) -type f -name '*.markdown' | sort -u) | |
exit $exit_code |