From e7a5f851570c3e90116b9a7acc4070801e4be7b2 Mon Sep 17 00:00:00 2001 From: ivan katliarchuk Date: Wed, 6 Jul 2022 08:44:05 +0100 Subject: [PATCH] inline with blueprint project --- .chglog/CHANGELOG.tpl.md | 51 ---------------------------- .chglog/config.yml | 10 ------ .github/settings.yml | 26 +++++++++++++++ .github/workflows/linter.yml | 52 +++++++++++++++++++++++++++++ .github/workflows/main.yaml | 34 ------------------- .github/workflows/pr-title.yml | 49 +++++++++++++++++++++++++++ .github/workflows/release.draft.yml | 17 ++++++++-- .github/workflows/release.yaml | 47 -------------------------- .pre-commit-config.yaml | 12 +++---- .tflint.hcl | 37 +++++++++++++------- 10 files changed, 170 insertions(+), 165 deletions(-) delete mode 100644 .chglog/CHANGELOG.tpl.md delete mode 100644 .chglog/config.yml create mode 100644 .github/settings.yml create mode 100644 .github/workflows/linter.yml delete mode 100644 .github/workflows/main.yaml create mode 100644 .github/workflows/pr-title.yml delete mode 100644 .github/workflows/release.yaml diff --git a/.chglog/CHANGELOG.tpl.md b/.chglog/CHANGELOG.tpl.md deleted file mode 100644 index 389f911..0000000 --- a/.chglog/CHANGELOG.tpl.md +++ /dev/null @@ -1,51 +0,0 @@ -{{ if .Versions -}} - -## [Unreleased] -{{ if .Unreleased.CommitGroups -}} -{{ range .Unreleased.CommitGroups -}} -### {{ .Title }} -{{ range .Commits -}} -- {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }} -{{ end }} -{{ end -}} -{{ else }} -{{ range .Unreleased.Commits -}} -- {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }} -{{ end }} -{{ end -}} -{{ end -}} - -{{ range .Versions }} - -## {{ if .Tag.Previous }}[{{ .Tag.Name }}]{{ else }}{{ .Tag.Name }}{{ end }} - {{ datetime "2006-01-02" .Tag.Date }} -{{ if .CommitGroups -}} -{{ range .CommitGroups -}} -### {{ .Title }} -{{ range .Commits -}} -- {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }} -{{ end }} -{{ end -}} -{{ else }} -{{ range .Commits -}} -- {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }} -{{ end }} -{{ end -}} - -{{- if .NoteGroups -}} -{{ range .NoteGroups -}} -### {{ .Title }} -{{ range .Notes }} -{{ .Body }} -{{ end }} -{{ end -}} -{{ end -}} -{{ end -}} - -{{- if .Versions }} -[Unreleased]: {{ .Info.RepositoryURL }}/compare/{{ $latest := index .Versions 0 }}{{ $latest.Tag.Name }}...HEAD -{{ range .Versions -}} -{{ if .Tag.Previous -}} -[{{ .Tag.Name }}]: {{ $.Info.RepositoryURL }}/compare/{{ .Tag.Previous.Name }}...{{ .Tag.Name }} -{{ end -}} -{{ end -}} -{{ end -}} \ No newline at end of file diff --git a/.chglog/config.yml b/.chglog/config.yml deleted file mode 100644 index 0db26c7..0000000 --- a/.chglog/config.yml +++ /dev/null @@ -1,10 +0,0 @@ -style: github -template: CHANGELOG.tpl.md -info: - title: CHANGELOG - repository_url: https://github.com/terraform-module/terraform-helm-release.git -options: - header: - pattern: "^(.*)$" - pattern_maps: - - Subject \ No newline at end of file diff --git a/.github/settings.yml b/.github/settings.yml new file mode 100644 index 0000000..a989b25 --- /dev/null +++ b/.github/settings.yml @@ -0,0 +1,26 @@ +# These settings are synced to GitHub by https://probot.github.io/apps/settings/ +_extends: .github + +repository: + # See https://developer.github.com/v3/repos/#edit for all available settings. + name: terraform-helm-release + description: "ℹ️ App release with terraform and helm." + homepage: https://ivankatliarchuk.github.io + topics: ivank, terraform, terraform-module, helm, kubernetes + private: false + has_issues: true + has_projects: false + has_wiki: false + has_downloads: false + has_pages: true + is_template: true + default_branch: master + allow_squash_merge: true + allow_merge_commit: true + allow_rebase_merge: true + delete_branch_on_merge: true + enable_automated_security_fixes: true + enable_vulnerability_alerts: false + +branches: + - name: master diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml new file mode 100644 index 0000000..24cd4dd --- /dev/null +++ b/.github/workflows/linter.yml @@ -0,0 +1,52 @@ +--- +name: linter +# This workflow is triggered on pushes to the repository. +on: + push: + pull_request: + branches: + - main + - master + workflow_dispatch: + +jobs: + terraform-validate: + name: code format + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + # https://github.com/hashicorp/setup-terraform + - uses: hashicorp/setup-terraform@v2 + + - name: Cache terraform folder + uses: actions/cache@v2 + with: + path: ./.terraform + key: terraform + + - name: terraform fmt + run: terraform fmt -check -recursive -diff + continue-on-error: true + + - name: terraform init + run: terraform init + + - name: terraform validate + run: terraform validate + + tflint: + name: "tflint" + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/cache@v2 + name: Cache tflint plugin dir + with: + path: ~/.tflint.d/plugins + key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} + - uses: terraform-linters/setup-tflint@v1 + name: setup tflint + - name: init tflint + run: tflint --init --config .tflint.hcl + - name: run tflint + run: tflint -f compact --config .tflint.hcl diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml deleted file mode 100644 index 7f0ffaf..0000000 --- a/.github/workflows/main.yaml +++ /dev/null @@ -1,34 +0,0 @@ -name: commit-check -# This workflow is triggered on pushes to the repository. -on: [push, pull_request] - -jobs: - tflint: - name: TFLint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - name: TFLint - uses: docker://wata727/tflint - - fmt: - name: Code Format - runs-on: ubuntu-latest - container: - image: hashicorp/terraform:latest - steps: - - uses: actions/checkout@master - - run: | - terraform fmt --recursive -check=true - - docs: - name: Pre-Commit-Hook - runs-on: macOS-latest - steps: - - uses: actions/checkout@master - - name: Install Deps - run: | - brew install pre-commit terraform-docs terraform tflint - - name: Check All Files - run: | - pre-commit run --all-files diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml new file mode 100644 index 0000000..482e73a --- /dev/null +++ b/.github/workflows/pr-title.yml @@ -0,0 +1,49 @@ +name: 'validate-pr-title' + +on: + pull_request_target: + types: + - opened + - edited + - synchronize + +jobs: + main: + name: validate pr title + runs-on: ubuntu-latest + steps: + # Please look up the latest version from + # https://github.com/amannn/action-semantic-pull-request/releases + - uses: amannn/action-semantic-pull-request@v4.5.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + # Configure which types are allowed. + # Default: https://github.com/commitizen/conventional-commit-types + types: | + fix + feat + docs + ci + chore + # Configure that a scope must always be provided. + requireScope: false + # If `subjectPattern` is configured, you can use this property to override + # the default error message that is shown when the pattern doesn't match. + # The variables `subject` and `title` can be used within the message. + subjectPatternError: | + The subject "{subject}" found in the pull request title "{title}" + didn't match the configured pattern. Please ensure that the subject + starts with an uppercase character. + # For work-in-progress PRs you can typically use draft pull requests + # from Github. However, private repositories on the free plan don't have + # this option and therefore this action allows you to opt-in to using the + # special "[WIP]" prefix to indicate this state. This will avoid the + # validation of the PR title and the pull request checks remain pending. + # Note that a second check will be reported if this is enabled. + wip: true + # When using "Squash and merge" on a PR with only one commit, GitHub + # will suggest using that commit message instead of the PR title for the + # merge commit, and it's easy to commit this by mistake. Enable this option + # to also validate the commit message for one commit PRs. + validateSingleCommit: false diff --git a/.github/workflows/release.draft.yml b/.github/workflows/release.draft.yml index 63e3487..f0a0ee4 100644 --- a/.github/workflows/release.draft.yml +++ b/.github/workflows/release.draft.yml @@ -1,30 +1,41 @@ +--- name: release.draft on: + push: + branches: + - master workflow_dispatch: inputs: prerelease: description: Is this a pre-release required: true default: true + type: boolean publish: description: Publish release required: false default: false + type: boolean bump: description: 'Bumping (#major, #minor or #patch)' required: false default: patch + type: choice + options: + - 'patch' + - 'minor' + - 'major' jobs: draft-a-release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: check next version - uses: anothrNick/github-tag-action@1.35.0 + uses: anothrNick/github-tag-action@1.39.0 id: tag env: DRY_RUN: true @@ -32,7 +43,7 @@ jobs: DEFAULT_BUMP: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.bump || 'patch' }} - name: release-draft - uses: release-drafter/release-drafter@v5.15.0 + uses: release-drafter/release-drafter@v5.20.0 if: "!contains(github.event.head_commit.message, 'skip')" id: release env: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index 6f7c9d0..0000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,47 +0,0 @@ -name: release -on: - push: - branches: - - master - -env: - WITH_V: true - DEFAULT_BUMP: patch - INITIAL_VERSION: 0.13.0 - TERRAFORM_VERSION: 0.13 - -jobs: - build: - name: release new version - runs-on: ubuntu-latest - if: "contains(github.event.head_commit.message, 'release')" - steps: - - uses: actions/checkout@master - - - name: register values - id: register - run: | - echo "::set-output name=release_timestamp::$(date +%Y-%m-%d_%H.%m)" - echo "::set-output name=tag_hash::${GITHUB_SHA::8}" - echo "::set-output name=changelog::$(git log -1 --pretty=format:"%s")" - - - name: Bump version and push tag - uses: anothrNick/github-tag-action@1.22.0 - id: tag - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: create release - id: create_release - uses: actions/create-release@v1.1.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.tag.outputs.tag }} - release_name: release ${{ steps.tag.outputs.tag }} ${{ steps.register.outputs.release_timestamp}} - draft: false - prerelease: false - body: | - Changes in this Release ${{ steps.tag.outputs.tag }} ${{ steps.register.outputs.release_timestamp }} - - ${{ steps.register.outputs.changelog }} - - Terraform Version: ${{ env.TERRAFORM_VERSION }} \ No newline at end of file diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 992ef17..934969d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,12 +1,12 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.0.1 + rev: v4.3.0 hooks: - id: check-added-large-files args: ['--maxkb=500'] - id: check-executables-have-shebangs - id: pretty-format-json - args: ['--autofix', '--no-sort-keys', '--indent=4'] + args: ['--autofix', '--no-sort-keys', '--indent=2'] - id: check-byte-order-marker - id: check-case-conflict - id: check-executables-have-shebangs @@ -16,13 +16,9 @@ repos: - id: check-merge-conflict - id: detect-aws-credentials args: ['--allow-missing-credentials'] -- repo: git://github.com/antonbabenko/pre-commit-terraform - rev: v1.50.0 +- repo: https://github.com/antonbabenko/pre-commit-terraform + rev: v1.73.0 hooks: - id: terraform_fmt - id: terraform_docs - id: terraform_tflint -- repo: https://github.com/smian/pre-commit-makefile.git - rev: 261f8fb4b31dfdc05d1a1d7fbde1f1462ecde66d - hooks: - - id: makefile-doc diff --git a/.tflint.hcl b/.tflint.hcl index 85b3f20..a968081 100644 --- a/.tflint.hcl +++ b/.tflint.hcl @@ -1,39 +1,48 @@ +config { + module = false +} + plugin "aws" { - enabled = true - deep_check = false - ignore_module = {} - varfile = [] + enabled = true + version = "0.13.3" + source = "github.com/terraform-linters/tflint-ruleset-aws" } -rule "terraform_documented_variables" { +rule "terraform_comment_syntax" { enabled = true } -rule "terraform_documented_outputs" { +rule "terraform_deprecated_index" { enabled = true } -rule "terraform_comment_syntax" { +rule "terraform_deprecated_interpolation" { enabled = true } -rule "terraform_naming_convention" { +rule "terraform_documented_outputs" { enabled = true } -rule "terraform_deprecated_interpolation" { +rule "terraform_documented_variables" { enabled = true } -rule "terraform_deprecated_index" { +rule "terraform_module_pinned_source" { + enabled = true + style = "flexible" +} + +rule "terraform_module_version" { enabled = true } -rule "terraform_required_providers" { +rule "terraform_naming_convention" { enabled = true + format = "snake_case" } -rule "terraform_required_version" { +rule "terraform_standard_module_structure" { enabled = true } @@ -44,3 +53,7 @@ rule "terraform_typed_variables" { rule "terraform_unused_declarations" { enabled = true } + +rule "terraform_unused_required_providers" { + enabled = true +}