From d133e8b25f2326bef5e9a62c9f8f4e9be6d3d7f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ramon=20R=C3=BCttimann?= Date: Thu, 23 Nov 2023 14:35:46 +0100 Subject: [PATCH] chore: add Github action to build provider We want to get rid of the provider-build step in CSE, building the providers in their own repos makes more sense. This Github Action creates a release for every commit that is named `v0.0.0-` and attaches a linux/amd64 and darwin/arm64 binary to it. This commit also removes all unneeded actions that came from / with the fork. --- .github/workflows/README.md | 20 - .github/workflows/acctest-terraform-lint.yml | 94 ----- .github/workflows/autoremove_labels.yml | 18 - .github/workflows/changelog.yml | 74 ---- .github/workflows/dependencies.yml | 77 ---- .github/workflows/documentation.yml | 54 --- .github/workflows/examples.yml | 88 ---- .github/workflows/firewatch.yml | 26 -- .github/workflows/generate_changelog.yml | 28 -- .github/workflows/issue-comment-created.yml | 19 - .github/workflows/issues.yml | 27 -- .github/workflows/lock.yml | 23 -- .github/workflows/maintainer-edit.yml | 22 - .github/workflows/milestone-closed.yml | 20 - .github/workflows/milestone.yml | 25 -- .github/workflows/post_publish.yml | 27 -- .github/workflows/project.yml | 20 - .github/workflows/pull_requests.yml | 61 --- .github/workflows/regressions.yml | 45 --- .github/workflows/release.yml | 135 +++---- .github/workflows/roadmap_milestone.yml | 15 - .github/workflows/snapshot.yml | 44 -- .github/workflows/stale.yml | 27 -- .github/workflows/team_slack_bot.yml | 21 - .github/workflows/terraform_provider.yml | 401 ------------------- .github/workflows/website.yml | 178 -------- 26 files changed, 54 insertions(+), 1535 deletions(-) delete mode 100644 .github/workflows/README.md delete mode 100644 .github/workflows/acctest-terraform-lint.yml delete mode 100644 .github/workflows/autoremove_labels.yml delete mode 100644 .github/workflows/changelog.yml delete mode 100644 .github/workflows/dependencies.yml delete mode 100644 .github/workflows/documentation.yml delete mode 100644 .github/workflows/examples.yml delete mode 100644 .github/workflows/firewatch.yml delete mode 100644 .github/workflows/generate_changelog.yml delete mode 100644 .github/workflows/issue-comment-created.yml delete mode 100644 .github/workflows/issues.yml delete mode 100644 .github/workflows/lock.yml delete mode 100644 .github/workflows/maintainer-edit.yml delete mode 100644 .github/workflows/milestone-closed.yml delete mode 100644 .github/workflows/milestone.yml delete mode 100644 .github/workflows/post_publish.yml delete mode 100644 .github/workflows/project.yml delete mode 100644 .github/workflows/pull_requests.yml delete mode 100644 .github/workflows/regressions.yml delete mode 100644 .github/workflows/roadmap_milestone.yml delete mode 100644 .github/workflows/snapshot.yml delete mode 100644 .github/workflows/stale.yml delete mode 100644 .github/workflows/team_slack_bot.yml delete mode 100644 .github/workflows/terraform_provider.yml delete mode 100644 .github/workflows/website.yml diff --git a/.github/workflows/README.md b/.github/workflows/README.md deleted file mode 100644 index 248d11bb1bf..00000000000 --- a/.github/workflows/README.md +++ /dev/null @@ -1,20 +0,0 @@ -# GitHub Workflows - -## Using the `setup-terraform` action - -By default, the [`setup-terraform` action](https://github.com/hashicorp/setup-terraform) adds a wrapper for the `terraform` command that allows passing results to subsequent steps. This will prevent using the output of a `terraform` command as the input to another command in the same step. - -The wrapper can be turned off by using - -```yaml -steps: -- uses: hashicorp/setup-terraform@v1 - with: - terraform_wrapper: false -``` - -## Testing workflows locally - -The tool [`act`](https://github.com/nektos/act) can be used to test GitHub workflows locally. The default container [intentionally does not have feature parity](https://github.com/nektos/act#default-runners-are-intentionally-incomplete) with the containers used in GitHub due to the size of a full container. - -The file `./actrc` configures `act` to use a fully-featured container. diff --git a/.github/workflows/acctest-terraform-lint.yml b/.github/workflows/acctest-terraform-lint.yml deleted file mode 100644 index 28f59dd44f1..00000000000 --- a/.github/workflows/acctest-terraform-lint.yml +++ /dev/null @@ -1,94 +0,0 @@ -name: Acceptance Test Linting -on: - push: - branches: - - main - - "release/**" - pull_request: - paths: - - .github/workflows/acctest-terraform-lint.yml - - .go-version - - .tflint.hcl - - 'internal/service/**/*_test.go' - - scripts/validate-terraform.sh - - tools/go.mod - -jobs: - terrafmt: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - - run: cd tools && go install github.com/katbyte/terrafmt - - - run: | - # efs/file_system_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - # kms/grant_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - # quicksight/user_test.go: format verb as resource name (%[1]q). https://github.com/katbyte/terrafmt/issues/48 - # sns/platform_application_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - find ./internal/service -type f -name '*_test.go' \ - | sort -u \ - | grep -v efs/file_system_test.go \ - | grep -v kms/grant_test.go \ - | grep -v quicksight/user_test.go \ - | grep -v sns/platform_application_test.go \ - | xargs -I {} terrafmt diff --check --fmtcompat {} - - validate-terraform: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - - run: cd tools && go install github.com/katbyte/terrafmt - - - run: cd tools && go install github.com/terraform-linters/tflint - - - uses: actions/cache@v3 - name: Cache plugin dir - with: - path: ~/.tflint.d/plugins - key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} - - - run: tflint --init - - - run: | - # efs/file_system_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - # kms/grant_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - # lambda/permission_test.go: format verb as resource name ("%s"). https://github.com/katbyte/terrafmt/issues/48 - # quicksight/user_test.go: format verb as resource name (%[1]q). https://github.com/katbyte/terrafmt/issues/48 - # sns/platform_application_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - - # resource_aws_efs_file_system_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - # resource_aws_kms_grant_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - # resource_aws_quicksight_user_test.go: format verb as resource name (%[1]q). https://github.com/katbyte/terrafmt/issues/48 - # resource_aws_sns_platform_application_test.go: argument name is format verb and replaced with quoted string. https://github.com/katbyte/terrafmt/issues/47 - find ./internal/service -type f -name '*_test.go' \ - | sort -u \ - | grep -v efs/file_system_test.go \ - | grep -v kms/grant_test.go \ - | grep -v lambda/permission_test.go \ - | grep -v quicksight/user_test.go \ - | grep -v sns/platform_application_test.go \ - | ./scripts/validate-terraform.sh diff --git a/.github/workflows/autoremove_labels.yml b/.github/workflows/autoremove_labels.yml deleted file mode 100644 index ade5fbd5522..00000000000 --- a/.github/workflows/autoremove_labels.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: Autoremove Labels - -on: - issues: - types: [closed] - pull_request_target: - types: [closed] - -jobs: - RemoveTriagingLabelsFromClosedIssueOrPR: - runs-on: ubuntu-latest - steps: - - name: Remove triaging labels from closed issues and PRs - uses: actions-ecosystem/action-remove-labels@v1 - with: - labels: | - needs-triage - waiting-response diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml deleted file mode 100644 index 84957695cf4..00000000000 --- a/.github/workflows/changelog.yml +++ /dev/null @@ -1,74 +0,0 @@ -name: CHANGELOG Checks -on: - push: - branches: - - main - - 'release/**' - pull_request: - paths: - - .changelog/* - - .go-version - - CHANGELOG.md - pull_request_target: - -env: - IN_MAINTAINER_LIST: ${{ contains(secrets.MAINTAINER_LIST, github.actor) }} - -jobs: - changes: - name: Filter Changes - runs-on: ubuntu-latest - outputs: - changed: ${{ steps.filter.outputs.changed }} - steps: - - uses: dorny/paths-filter@v2 - if: github.event_name == 'pull_request_target' && env.IN_MAINTAINER_LIST == 'false' - id: filter - with: - filters: | - changed: - - CHANGELOG.md - comment: - needs: changes - if: ${{ needs.changes.outputs.changed == 'true' }} - name: Comment - runs-on: ubuntu-latest - steps: - - name: Find Existing PR Comment - id: prc - uses: peter-evans/find-comment@v2 - with: - issue-number: ${{ github.event.pull_request.number }} - comment-author: "github-actions[bot]" - body-includes: "Please note that the `CHANGELOG.md` file contents are handled by the maintainers during merge" - - run: echo ${{ steps.prc.outputs.comment-id }} - - name: PR Comment - if: ${{ steps.prc.outputs.comment-id == '' }} - uses: peter-evans/create-or-update-comment@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - issue-number: ${{ github.event.pull_request.number }} - body: |- - Thank you for your contribution! :rocket: - - Please note that the `CHANGELOG.md` file contents are handled by the maintainers during merge. This is to prevent pull request merge conflicts, especially for contributions which may not be merged immediately. Please see the [Contributing Guide](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing) for additional pull request review items. - - Remove any changes to the `CHANGELOG.md` file and commit them in this pull request to prevent delays with reviewing and potentially merging this pull request. - misspell: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/client9/misspell/cmd/misspell - - run: misspell -error -source text CHANGELOG.md .changelog diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml deleted file mode 100644 index 742588b46e0..00000000000 --- a/.github/workflows/dependencies.yml +++ /dev/null @@ -1,77 +0,0 @@ -name: Dependency Checks - -on: - push: - branches: - - main - - 'release/**' - pull_request_target: - -env: - IN_MAINTAINER_LIST: ${{ contains(secrets.MAINTAINER_LIST, github.actor) }} - -jobs: - changes: - name: Filter Changes - runs-on: ubuntu-latest - outputs: - changed: ${{ steps.filter.outputs.changed }} - steps: - - uses: dorny/paths-filter@v2 - if: github.event_name == 'pull_request_target' && env.IN_MAINTAINER_LIST == 'false' - id: filter - with: - filters: | - changed: - - providerlint/** - - go.mod - - go.sum - comment: - needs: changes - if: ${{ needs.changes.outputs.changed == 'true' }} - name: Comment - runs-on: ubuntu-latest - steps: - - name: Find Existing PR Comment - id: prc - uses: peter-evans/find-comment@v2 - with: - issue-number: ${{ github.event.pull_request.number }} - comment-author: "github-actions[bot]" - body-includes: "Please note that typically Go dependency changes" - - run: echo ${{ steps.prc.outputs.comment-id }} - - name: PR Comment - if: ${{ steps.prc.outputs.comment-id == '' }} - uses: peter-evans/create-or-update-comment@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - issue-number: ${{ github.event.pull_request.number }} - body: |- - Thank you for your contribution! :rocket: - - Please note that typically Go dependency changes are handled in this repository by dependabot or the maintainers. This is to prevent pull request merge conflicts and further delay reviews of contributions. Remove any changes to the `go.mod` or `go.sum` files and commit them into this pull request. - - Additional details: - - * Check [open pull requests with the `dependencies` label](https://github.com/hashicorp/terraform-provider-aws/pulls?q=is%3Aopen+is%3Apr+label%3Adependencies) to view other dependency updates. - * If this pull request includes an update the AWS Go SDK (or any other dependency) version, only updates submitted via dependabot will be merged. This pull request will need to remove these changes and will need to be rebased after the existing dependency update via dependabot has been merged for this pull request to be reviewed. - * If this pull request is for supporting a new AWS service: - * Ensure the new AWS service changes are following the [Contributing Guide section on new services](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing/contribution-checklists.md#new-service), in particular that the dependency addition and initial provider support are in a separate pull request from other changes (e.g. new resources). Contributions not following this item will not be reviewed until the changes are split. - * If this pull request is already a separate pull request from the above item, you can ignore this message. - go_mod: - name: go mod - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - name: go mod - run: | - echo "==> Checking source code with go mod tidy..." - go mod tidy - git diff --exit-code -- go.mod go.sum || \ - (echo; echo "Unexpected difference in go.mod/go.sum files. Run 'go mod tidy' command or revert any go.mod/go.sum changes and commit."; exit 1) diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml deleted file mode 100644 index 8854b89f322..00000000000 --- a/.github/workflows/documentation.yml +++ /dev/null @@ -1,54 +0,0 @@ -name: Documentation Checks -on: - push: - branches: - - main - pull_request: - paths: - - .markdownlinkcheck.json - - .markdownlint.yml - - .github/workflows/documentation.yml - - .go-version - - docs/** - -jobs: - markdown-link-check: - runs-on: ubuntu-latest - env: - UV_THREADPOOL_SIZE: 128 - steps: - - uses: actions/checkout@v3 - - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - use-quiet-mode: 'yes' - use-verbose-mode: 'yes' - config-file: '.markdownlinkcheck.json' - folder-path: 'docs' - file-extension: '.md' - base-branch: "main" - check-modified-files-only: "yes" - markdown-lint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: avto-dev/markdown-lint@v1 - with: - config: '.markdownlint.yml' - args: 'docs' - misspell: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/client9/misspell/cmd/misspell - - run: misspell -error -source text docs/ diff --git a/.github/workflows/examples.yml b/.github/workflows/examples.yml deleted file mode 100644 index 0c190fe145f..00000000000 --- a/.github/workflows/examples.yml +++ /dev/null @@ -1,88 +0,0 @@ -name: Examples Checks -on: - push: - branches: - - main - pull_request: - paths: - - .github/workflows/examples.yml - - .go-version - - .tflint.hcl - - examples/** - - tools/go.mod - -env: - AWS_DEFAULT_REGION: us-west-2 - -jobs: - validate-terraform: - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - terraform_version: ["0.12.31", "1.0.6"] - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: actions/cache@v3 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - name: go build - run: go build -o terraform-plugin-dir/terraform-provider-aws_v99.99.99_x5 . - - name: override plugin - run: | - # For Terraform v0.12 - mkdir -p ~/.terraform.d/plugins - cp terraform-plugin-dir/terraform-provider-aws_v99.99.99_x5 ~/.terraform.d/plugins - # For newer versions - mkdir -p ~/.terraform.d/plugins/registry.terraform.io/hashicorp/aws/99.99.99/$(go env GOOS)_$(go env GOARCH)/ - cp terraform-plugin-dir/terraform-provider-aws_v99.99.99_x5 ~/.terraform.d/plugins/registry.terraform.io/hashicorp/aws/99.99.99/$(go env GOOS)_$(go env GOARCH)/ - - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ matrix.terraform_version }} - # Needed to use the output of `terraform validate -json` - terraform_wrapper: false - - - name: install tflint - run: cd tools && go install github.com/terraform-linters/tflint - - - uses: actions/cache@v3 - name: Cache plugin dir - with: - path: ~/.tflint.d/plugins - key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} - - - name: terraform - run: | - TFLINT_CONFIG="$(pwd -P)/.tflint.hcl" - for DIR in $(find ./examples -type f -name '*.tf' -exec dirname {} \; | sort -u); do - pushd "$DIR" - if [ -f terraform.template.tfvars ]; then - cp terraform.template.tfvars terraform.tfvars - fi - echo; echo -e "\e[1;35m===> Initializing Example: $DIR <===\e[0m"; echo - terraform init - echo; echo -e "\e[1;35m===> Format Checking Example: $DIR <===\e[0m"; echo - terraform fmt -check - echo; echo -e "\e[1;35m===> Validating Example: $DIR <===\e[0m"; echo - # Catch errors - terraform validate - # Terraform syntax checks - # We don't want to exit on the first tflint error - set +e - tflint --config=$TFLINT_CONFIG \ - --enable-rule=terraform_deprecated_interpolation \ - --enable-rule=terraform_deprecated_index \ - --enable-rule=terraform_unused_declarations \ - --enable-rule=terraform_comment_syntax \ - --enable-rule=terraform_required_version - set -e - popd - done diff --git a/.github/workflows/firewatch.yml b/.github/workflows/firewatch.yml deleted file mode 100644 index f4d264ed0cd..00000000000 --- a/.github/workflows/firewatch.yml +++ /dev/null @@ -1,26 +0,0 @@ - -on: - schedule: - - cron: '0 * * * *' - workflow_dispatch: -name: Firewatch -jobs: - FirewatchJob: - if: github.repository_owner == 'hashicorp' - runs-on: ubuntu-latest - steps: - - name: Firewatch - uses: breathingdust/firewatch@v2 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - alert_threshold: 10 - issue_age_months: 3 - slack_token: ${{ secrets.SLACK_BOT_TOKEN }} - slack_channel: ${{ secrets.SLACK_CHANNEL }} - - name: UploadArtifact - uses: actions/upload-artifact@v2 - with: - name: firewatch - path: firewatch.data - if-no-files-found: error - retention-days: 1 diff --git a/.github/workflows/generate_changelog.yml b/.github/workflows/generate_changelog.yml deleted file mode 100644 index f0005a79792..00000000000 --- a/.github/workflows/generate_changelog.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: Generate CHANGELOG -on: - pull_request: - types: [closed] - workflow_dispatch: -jobs: - GenerateChangelog: - if: github.event.pull_request.merged || github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - run: cd tools && go install github.com/hashicorp/go-changelog/cmd/changelog-build - - run: ./scripts/generate-changelog.sh - - run: | - if [[ `git status --porcelain` ]]; then - if ${{github.event_name == 'workflow_dispatch'}}; then - MSG="Update CHANGELOG.md (Manual Trigger)" - else - MSG="Update CHANGELOG.md for #${{ github.event.pull_request.number }}" - fi - git config --local user.email changelogbot@hashicorp.com - git config --local user.name changelogbot - git add CHANGELOG.md - git commit -m "$MSG" - git push - fi diff --git a/.github/workflows/issue-comment-created.yml b/.github/workflows/issue-comment-created.yml deleted file mode 100644 index 98aa7686eaf..00000000000 --- a/.github/workflows/issue-comment-created.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Issue Comment Created Triage - -on: - issue_comment: - types: [created] - -env: - IN_MAINTAINER_LIST: ${{ contains(secrets.MAINTAINER_LIST, github.actor) }} - -jobs: - issue_comment_triage: - runs-on: ubuntu-latest - steps: - - uses: actions-ecosystem/action-remove-labels@v1 - if: github.event_name == 'issue_comment' && env.IN_MAINTAINER_LIST == 'false' - with: - labels: | - stale - waiting-response diff --git a/.github/workflows/issues.yml b/.github/workflows/issues.yml deleted file mode 100644 index 1814796496b..00000000000 --- a/.github/workflows/issues.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Issue triage - -on: - issues: - types: [opened] - -env: - IN_MAINTAINER_LIST: ${{ contains(secrets.MAINTAINER_LIST, github.actor) }} - -jobs: - markIssuesForTriage: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Apply Issue needs-triage Label - if: github.event.action == 'opened' && env.IN_MAINTAINER_LIST == 'false' - uses: github/issue-labeler@v2.4 - with: - repo-token: "${{ secrets.GITHUB_TOKEN }}" - configuration-path: .github/labeler-issue-needs-triage.yml - enable-versioned-regex: 0 - - name: Apply Issue Triage Labels - uses: github/issue-labeler@v2.4 - with: - repo-token: "${{ secrets.GITHUB_TOKEN }}" - configuration-path: .github/labeler-issue-triage.yml - enable-versioned-regex: 0 diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml deleted file mode 100644 index 3f7a969d889..00000000000 --- a/.github/workflows/lock.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: 'Lock Threads' - -on: - schedule: - - cron: '50 1 * * *' - -jobs: - lock: - runs-on: ubuntu-latest - steps: - - uses: dessant/lock-threads@v3 - with: - github-token: ${{ github.token }} - issue-lock-comment: > - I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues. - - If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. - issue-lock-inactive-days: '30' - pr-lock-comment: > - I'm going to lock this pull request because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues. - - If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. - pr-lock-inactive-days: '30' diff --git a/.github/workflows/maintainer-edit.yml b/.github/workflows/maintainer-edit.yml deleted file mode 100644 index 3b29d99bc87..00000000000 --- a/.github/workflows/maintainer-edit.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: "Check Maintainer Edit Permissions" -on: - pull_request_target: - types: - - opened -jobs: - PermissionsCheck: - env: - MAINTAINER_CAN_MODIFY: ${{ github.event.pull_request.maintainer_can_modify }} - IN_MAINTAINER_LIST: ${{ contains( secrets.MAINTAINER_LIST, github.actor) }} - runs-on: ubuntu-latest - steps: - - name: Comment if maintainers cannot edit - if: ${{ ( env.IN_MAINTAINER_LIST == 'false' ) && ( env.MAINTAINER_CAN_MODIFY == 'false' ) }} - uses: peter-evans/create-or-update-comment@v2 - with: - issue-number: ${{ github.event.pull_request.number }} - body: | - Hey @${{ github.actor }} :wave: Thank you very much for your contribution! At times, our maintainers need to make direct edits to pull requests in order to help get it ready to be merged. Your current settings do not allow maintainers to make such edits. To help facilitate this, update your pull request to allow such edits as described in GitHub's [Allowing changes to a pull request branch created from a fork][1] documentation. (If you're using a fork owned by an organization, your organization may not allow you to change this setting. If that is the case, let us know.) - - [1]: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork - diff --git a/.github/workflows/milestone-closed.yml b/.github/workflows/milestone-closed.yml deleted file mode 100644 index 2ac8888bf9f..00000000000 --- a/.github/workflows/milestone-closed.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Closed Milestones - -on: - milestone: - types: [closed] - -permissions: - issues: write - pull-requests: write - -jobs: - Comment: - runs-on: ubuntu-latest - steps: - - uses: bflad/action-milestone-comment@v1 - with: - body: | - This functionality has been released in [${{ github.event.milestone.title }} of the Terraform AWS Provider](https://github.com/${{ github.repository }}/blob/${{ github.event.milestone.title }}/CHANGELOG.md). Please see the [Terraform documentation on provider versioning](https://www.terraform.io/docs/configuration/providers.html#provider-versions) or reach out if you need any assistance upgrading. - - For further feature requests or bug reports with this functionality, please create a [new GitHub issue](https://github.com/${{ github.repository }}/issues/new/choose) following the template. Thank you! diff --git a/.github/workflows/milestone.yml b/.github/workflows/milestone.yml deleted file mode 100644 index 5a791ff9398..00000000000 --- a/.github/workflows/milestone.yml +++ /dev/null @@ -1,25 +0,0 @@ -on: - pull_request_target: - types: [closed] -name: Add merged PR and linked issues to current milestone of target branch -jobs: - AddMergedToCurrentMilestone: - if: github.event.pull_request.merged - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.base.ref }} - - id: get-current-milestone - run: | - echo ::set-output name=current_milestone::v$(head -1 CHANGELOG.md | cut -d " " -f 2) - - run: echo ${{ steps.get-current-milestone.outputs.current_milestone }} - - id: get-milestone-id - run: | - echo ::set-output name=milestone_id::$(curl -H "Authorization: Bearer ${{secrets.GITHUB_TOKEN}}" https://api.github.com/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/milestones | jq 'map(select(.title == "${{ steps.get-current-milestone.outputs.current_milestone }}"))[0].number') - - run: echo ${{ steps.get-milestone-id.outputs.milestone_id }} - - uses: breathingdust/current-milestone-action@v4 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - pull_number: ${{ github.event.pull_request.number }} - milestone_number: ${{ steps.get-milestone-id.outputs.milestone_id }} diff --git a/.github/workflows/post_publish.yml b/.github/workflows/post_publish.yml deleted file mode 100644 index 4870e1040ab..00000000000 --- a/.github/workflows/post_publish.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Post Publish -on: - release: - types: [published] -jobs: - tidy: - name: Tidy Asana - runs-on: ubuntu-latest - steps: - - uses: breathingdust/github-asana-tidy@v1 - with: - asana_pat: ${{ secrets.asana_pat }} - asana_target_section_gid: '1141945723817371' - asana_workspace_gid: '90955849329269' - asana_project_gid: '632425409545160' - asana_github_url_field_gid: '1134594824474912' - github_release_name: ${{ github.event.release.tag_name }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - project-archive: - name: Archive Released Cards - runs-on: ubuntu-latest - steps: - - uses: breathingdust/github-project-archive@v1 - with: - github_done_column_id: 11513756 - github_release_name: ${{ github.event.release.tag_name }} - github_token: ${{ secrets.ORGSCOPED_GITHUB_TOKEN }} diff --git a/.github/workflows/project.yml b/.github/workflows/project.yml deleted file mode 100644 index 9e8681b78e4..00000000000 --- a/.github/workflows/project.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Pull Request Project Automation - -on: - pull_request_target: - types: [opened, ready_for_review] - -env: - IN_MAINTAINER_LIST: ${{ contains(secrets.MAINTAINER_LIST, github.actor) }} - -jobs: - WorkingBoardReview: - runs-on: ubuntu-latest - steps: - - name: Move team PRs to Review column - uses: alex-page/github-project-automation-plus@v0.8.1 - if: env.IN_MAINTAINER_LIST == 'true' && github.event.pull_request.draft == false - with: - project: AWS Provider Working Board - column: Open Maintainer PR - repo-token: ${{ secrets.ORGSCOPED_GITHUB_TOKEN}} diff --git a/.github/workflows/pull_requests.yml b/.github/workflows/pull_requests.yml deleted file mode 100644 index 1b45d9f375b..00000000000 --- a/.github/workflows/pull_requests.yml +++ /dev/null @@ -1,61 +0,0 @@ -on: - - pull_request_target - -name: Pull Request Target (All types) - -env: - IN_MAINTAINER_LIST: ${{ contains(secrets.MAINTAINER_LIST, github.actor) }} - -jobs: - Labeler: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Apply Labels - uses: actions/labeler@v4 - with: - configuration-path: .github/labeler-pr-triage.yml - repo-token: ${{ secrets.GITHUB_TOKEN }} - NeedsTriageLabeler: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Apply needs-triage Label - uses: actions/labeler@v4 - if: github.event.action == 'opened' && env.IN_MAINTAINER_LIST == 'false' - with: - configuration-path: .github/labeler-pr-needs-triage.yml - repo-token: ${{ secrets.GITHUB_TOKEN }} - SizeLabeler: - runs-on: ubuntu-latest - steps: - # See also: https://github.com/CodelyTV/pr-size-labeler/pull/26 - - name: Apply Size Label - uses: bflad/pr-size-labeler@7df62b12a176513631973abfe151d2b6213c3f12 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - xs_label: 'size/XS' - xs_max_size: '30' - s_label: 'size/S' - s_max_size: '60' - m_label: 'size/M' - m_max_size: '150' - l_label: 'size/L' - l_max_size: '300' - xl_label: 'size/XL' - message_if_xl: '' - PullRequestComments: - runs-on: ubuntu-latest - steps: - - name: Add comment to add helpful context for new contributors - uses: actions/first-interaction@v1 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - pr-message: |- - Welcome @${{github.actor}} :wave: - - It looks like this is your first Pull Request submission to the [Terraform AWS Provider](https://github.com/hashicorp/terraform-provider-aws)! If you haven’t already done so please make sure you have checked out our [CONTRIBUTING](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing) guide and [FAQ](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing/faq.md) to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval. - - Also take a look at our [FAQ](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing/faq.md) which details how we prioritize Pull Requests for inclusion. - - Thanks again, and welcome to the community! :smiley: diff --git a/.github/workflows/regressions.yml b/.github/workflows/regressions.yml deleted file mode 100644 index 3a2341f6f70..00000000000 --- a/.github/workflows/regressions.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: "Regressions Slack Notifier" -on: - issues: - types: - - labeled - pull_request: - types: - - labeled -jobs: - slack-notification: - if: ${{ github.event.label.name == 'regression' }} - runs-on: ubuntu-latest - steps: - - name: Issues - if: ${{ github.event_name == 'issues' }} - uses: actions-ecosystem/action-slack-notifier@v1 - with: - slack_token: ${{ secrets.SLACK_BOT_TOKEN }} - channel: ${{ secrets.SLACK_CHANNEL }} - color: red - verbose: false - message: | - :warning: The following issue has been labeled as a regression: - https://github.com/${{ github.repository }}/issues/${{ github.event.issue.number }} - - name: Pull Requests - if: ${{ github.event_name == 'pull_request' }} - uses: actions-ecosystem/action-slack-notifier@v1 - with: - slack_token: ${{ secrets.SLACK_BOT_TOKEN }} - channel: ${{ secrets.SLACK_CHANNEL }} - color: red - verbose: false - message: | - :warning: The following pull request has been labeled as a regression: - https://github.com/${{ github.repository }}/pull/${{ github.event.pull_request.number }} - AddToWorkingBoard: - if: ${{ github.event.label.name == 'regression' }} - runs-on: ubuntu-latest - steps: - - name: Add regressions to To Do column - uses: alex-page/github-project-automation-plus@v0.8.1 - with: - project: AWS Provider Working Board - column: To Do - repo-token: ${{ secrets.ORGSCOPED_GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1e4da19af4e..6d7456b5e16 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,88 +1,61 @@ -name: Release +name: Build TF Provider -on: - push: - tags: - - 'v[0-9]+.[0-9]+.[0-9]+*' - -permissions: - contents: write +on: [push] jobs: - go-version: - runs-on: macos-latest - outputs: - version: ${{ steps.go-version.outputs.version }} + build: + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - id: go-version - run: echo "::set-output name=version::$(cat ./.go-version)" - release-notes: - runs-on: macos-latest + - uses: actions/checkout@v4 + - name: Setup Go + uses: actions/setup-go@v4 + with: + go-version: 1.21.3 + - name: Install C toolchain + run: | + sudo apt-get update + sudo apt install -y gcc-x86-64-linux-gnu + mkdir bin + - name: Cache Binaries + uses: actions/cache@v2 + env: + cache-name: cache-binaries + with: + path: bin + key: ${{ github.sha }} + restore-keys: ${{ github.sha }} + - name: Build Linux binary with Boringcrypto + run: | + CC=x86_64-linux-gnu-gcc CGO_ENABLED=1 GOARCH=amd64 GOOS=linux GOEXPERIMENT=boringcrypto \ + go build -o bin/terraform-provider-azurerm.linux.amd64 . + - name: Verify Boringcrypto + run: | + go run rsc.io/goversion@master -crypto bin/terraform-provider-azurerm.linux.amd64 | grep -q '(boring crypto)' + # boringcrypto isn't available for darwin, so we can also disable CGO. + - name: Build Darwin binary without Boringcrypto + run: | + CGO_ENABLED=0 GOARCH=arm64 GOOS=darwin \ + go build -o bin/terraform-provider-azurerm.darwin.arm64 . + release: + runs-on: ubuntu-latest + needs: build + if: github.ref == 'refs/heads/snyk' + permissions: + contents: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 + - name: Cache Binaries + uses: actions/cache@v2 + env: + cache-name: cache-binaries with: - fetch-depth: 0 - - name: Generate Release Notes - run: sed -n -e "1{/# /d;}" -e "2{/^$/d;}" -e "/# \[$(git describe --abbrev=0 --exclude="$(git describe --abbrev=0 --match='v*.*.*' --tags)" --match='v*.*.*' --tags | tr -d v)/q;p" CHANGELOG.md > release-notes.txt - - uses: actions/upload-artifact@v2 + path: bin + key: ${{ github.sha }} + restore-keys: ${{ github.sha }} + - name: Create Release + uses: ncipollo/release-action@v1 with: - name: release-notes - path: release-notes.txt - retention-days: 1 - terraform-provider-release: - name: 'Terraform Provider Release' - needs: [go-version, release-notes] - uses: hashicorp/ghaction-terraform-provider-release/.github/workflows/hashicorp.yml@v1 - secrets: - hc-releases-aws-access-key-id: '${{ secrets.TF_PROVIDER_RELEASE_AWS_ACCESS_KEY_ID }}' - hc-releases-aws-secret-access-key: '${{ secrets.TF_PROVIDER_RELEASE_AWS_SECRET_ACCESS_KEY }}' - hc-releases-aws-role-arn: '${{ secrets.TF_PROVIDER_RELEASE_AWS_ROLE_ARN }}' - hc-releases-fastly-api-token: '${{ secrets.HASHI_FASTLY_PURGE_TOKEN }}' - hc-releases-github-token: '${{ secrets.HASHI_RELEASES_GITHUB_TOKEN }}' - hc-releases-terraform-registry-sync-token: '${{ secrets.TF_PROVIDER_RELEASE_TERRAFORM_REGISTRY_SYNC_TOKEN }}' - setup-signore-github-token: '${{ secrets.HASHI_SIGNORE_GITHUB_TOKEN }}' - signore-client-id: '${{ secrets.SIGNORE_CLIENT_ID }}' - signore-client-secret: '${{ secrets.SIGNORE_CLIENT_SECRET }}' - with: - goreleaser-release-args: --timeout 2h - hc-releases-aws-role-duration-seconds: 7200 - release-notes: true - setup-go-version: '${{ needs.go-version.outputs.version }}' - changelog-newversion: - needs: [terraform-provider-release] - runs-on: macos-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: Update Changelog Header - id: changelog - run: | - CHANGELOG_FILE_NAME="CHANGELOG.md" - PREVIOUS_RELEASE_TAG=$(git describe --abbrev=0 --match='v*.*.*' --tags) - - # Add Release Date - RELEASE_DATE=`date +%B' '%e', '%Y` - sed -i -e "1 s/Unreleased/$RELEASE_DATE/" $CHANGELOG_FILE_NAME - - # Prepend next release line - echo Previous release is: $PREVIOUS_RELEASE_TAG - - NEW_RELEASE_LINE=$(echo $PREVIOUS_RELEASE_TAG | awk -F. '{ - $1 = substr($1,2) - $2 += 1 - printf("%s.%01d.0\n\n", $1, $2); - }') - - echo New minor version is: v$NEW_RELEASE_LINE - - echo -e "## $NEW_RELEASE_LINE (Unreleased)\n$(cat $CHANGELOG_FILE_NAME)" > $CHANGELOG_FILE_NAME - - echo ::set-output name=prev_release_tag::$PREVIOUS_RELEASE_TAG - - run: | - git config --local user.email changelogbot@hashicorp.com - git config --local user.name changelogbot - git add CHANGELOG.md - git commit -m "Update CHANGELOG.md after ${{ steps.changelog.outputs.prev_release_tag }}" - git push + tag: v0.0.0-${{ github.sha }} + commit: ${{ github.sha }} + artifacts: bin/terraform-provider-azurerm.*.* + makeLatest: true diff --git a/.github/workflows/roadmap_milestone.yml b/.github/workflows/roadmap_milestone.yml deleted file mode 100644 index 41d53c5e673..00000000000 --- a/.github/workflows/roadmap_milestone.yml +++ /dev/null @@ -1,15 +0,0 @@ -name: If roadmap milestone is assigned, add to working board. -on: - issues: - types: [milestoned] -jobs: - AddRoadmapItemsToBoard: - runs-on: ubuntu-latest - steps: - - name: Move Roadmap Items To Working Board - uses: alex-page/github-project-automation-plus@v0.8.1 - if: github.event.issue.milestone.title == 'Roadmap' - with: - project: AWS Provider Working Board - column: To Do - repo-token: ${{ secrets.ORGSCOPED_GITHUB_TOKEN}} diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml deleted file mode 100644 index 9d2bedcda09..00000000000 --- a/.github/workflows/snapshot.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: Snapshot - -on: - schedule: - - cron: '15 5 * * *' - workflow_dispatch: - -jobs: - goreleaser: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - name: goreleaser release - uses: goreleaser/goreleaser-action@v2 - with: - args: release --rm-dist --skip-sign --snapshot --timeout 2h - - name: artifact naming - id: naming - run: | - case $GITHUB_REF in - refs/heads/*) - ARTIFACT="${GITHUB_REF#refs/heads/}";; - refs/pull/*) - ARTIFACT="pr-${GITHUB_REF#refs/pull/}" - ARTIFACT="${ARTIFACT%/merge}";; - *) - ARTIFACT="${GITHUB_REF}";; - esac - echo "::set-output name=artifact::$ARTIFACT-$(date -u +'%Y-%m-%dT%H-%M')" - - uses: actions/upload-artifact@v2 - with: - name: ${{steps.naming.outputs.artifact}} - path: dist/*.zip diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml deleted file mode 100644 index dd0f8129af3..00000000000 --- a/.github/workflows/stale.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: "Stale issues and pull requests" -on: - schedule: - - cron: "40 17 * * *" - -jobs: - stale: - runs-on: ubuntu-latest - steps: - - uses: actions/stale@v4 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - days-before-stale: 720 - days-before-close: 30 - exempt-issue-labels: 'needs-triage' - exempt-pr-labels: 'needs-triage' - operations-per-run: 125 - stale-issue-label: 'stale' - stale-issue-message: | - Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label. - - If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you! - stale-pr-label: 'stale' - stale-pr-message: | - Marking this pull request as stale due to inactivity. This helps our maintainers find and focus on the active pull requests. If this pull request receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label. - - If this pull request was automatically closed and you feel this pull request should be reopened, we encourage creating a new pull request linking back to this one for added context. Thank you! diff --git a/.github/workflows/team_slack_bot.yml b/.github/workflows/team_slack_bot.yml deleted file mode 100644 index 4dbfc3e4f46..00000000000 --- a/.github/workflows/team_slack_bot.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: team-slack-bot - -on: - schedule: - - cron: '0 15 * * 1-5' - -jobs: - open-pr-stats: - runs-on: ubuntu-latest - name: open-pr-stats - if: github.repository_owner == 'hashicorp' - steps: - - name: open-pr-stats - uses: breathingdust/github-team-slackbot@v17 - with: - github_token: ${{ secrets.ORGSCOPED_GITHUB_TOKEN}} - org: hashicorp - repo: terraform-provider-aws - team_slug: terraform-aws - slack_token: ${{ secrets.SLACK_BOT_TOKEN }} - slack_channel: ${{ secrets.SLACK_CHANNEL }} diff --git a/.github/workflows/terraform_provider.yml b/.github/workflows/terraform_provider.yml deleted file mode 100644 index 5caf2b2dd42..00000000000 --- a/.github/workflows/terraform_provider.yml +++ /dev/null @@ -1,401 +0,0 @@ -name: Terraform Provider Checks - -on: - push: - branches: - - main - - 'release/**' - pull_request: - paths: - - .github/workflows/terraform_provider.yml - - .go-version - - .golangci.yml - - .semgrep.yml - - internal/** - - providerlint/** - - docs/index.md - - docs/data-sources/** - - docs/guides/** - - docs/resources/** - - go.sum - - GNUmakefile - - main.go - - staticcheck.conf - - tools/** - - website/** - -env: - AWS_DEFAULT_REGION: us-west-2 - TERRAFORM_VERSION: "1.0.6" - -jobs: - go_mod_download: - name: go mod download - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - id: cache-go-pkg-mod - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure' - run: go mod download - - go_build: - name: go build - needs: [go_mod_download] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: actions/cache@v3 - continue-on-error: true - id: cache-terraform-plugin-dir - timeout-minutes: 2 - with: - path: terraform-plugin-dir - key: ${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - # See also: https://github.com/actions/setup-go/issues/54 - - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' - name: go env - run: | - echo "GOCACHE=$(go env GOCACHE)" >> $GITHUB_ENV - - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' - uses: actions/cache@v3 - with: - path: ${{ env.GOCACHE }} - key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' - uses: actions/cache@v3 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' - name: go build - run: go build -o terraform-plugin-dir/registry.terraform.io/hashicorp/aws/99.99.99/$(go env GOOS)_$(go env GOARCH)/terraform-provider-aws . - - terraform_providers_schema: - name: terraform providers schema - needs: [go_build] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: actions/cache@v3 - continue-on-error: true - id: cache-terraform-providers-schema - timeout-minutes: 2 - with: - path: terraform-providers-schema - key: ${{ runner.os }}-terraform-providers-schema-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' - uses: actions/cache@v3 - timeout-minutes: 2 - with: - path: terraform-plugin-dir - key: ${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ env.TERRAFORM_VERSION }} - terraform_wrapper: false - - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' - name: terraform init - run: | - # We need a file to initialize the provider - echo 'data "aws_partition" "example" {}' > example.tf - terraform init -plugin-dir terraform-plugin-dir - - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' - name: terraform providers schema - run: | - mkdir terraform-providers-schema - terraform providers schema -json > terraform-providers-schema/schema.json - - providerlint: - # needs: [go_build] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - # See also: https://github.com/actions/setup-go/issues/54 - - name: go env - run: | - echo "GOCACHE=$(go env GOCACHE)" >> $GITHUB_ENV - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ${{ env.GOCACHE }} - key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd providerlint && go install . - - name: providerlint - run: make providerlint - - go_generate: - name: go generate - needs: [go_build] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - # See also: https://github.com/actions/setup-go/issues/54 - - name: go env - run: | - echo "GOCACHE=$(go env GOCACHE)" >> $GITHUB_ENV - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ${{ env.GOCACHE }} - key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: go install golang.org/x/tools/cmd/goimports@latest - - run: make gen - - name: Check for Git Differences - run: | - git diff --compact-summary --exit-code || \ - (echo; echo "Unexpected difference in directories after code generation. Run 'make gen' command and commit."; exit 1) - - go_test: - name: go test - needs: [go_build] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - # See also: https://github.com/actions/setup-go/issues/54 - - name: go env - run: | - echo "GOCACHE=$(go env GOCACHE)" >> $GITHUB_ENV - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ${{ env.GOCACHE }} - key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - name: Get all changed files - id: changed-files - uses: tj-actions/changed-files@v18 - - name: Get changed packages - run: | - touch /tmp/dirs_changed_all - for file in ${{ steps.changed-files.outputs.all_changed_files }}; do - if [[ "${file}" == internal/* ]]; then - echo $( dirname "${file}" | xargs ) >> /tmp/dirs_changed_all - fi - done - cat /tmp/dirs_changed_all | sort | uniq > /tmp/pkgs_changed - echo "All packages changed:" - cat /tmp/pkgs_changed - while read pkg; do - if [ "${pkg}" = "" ]; then - continue - fi - if [[ "${pkg}" == */test-fixtures ]]; then - continue - fi - if [[ "${pkg}" == internal/generate/* ]]; then - continue - fi - while read file; do - if [ "${file}" = "" ]; then - continue - fi - echo $( dirname "${file}" | xargs ) >> /tmp/dep_dirs_all - done <<< $( grep -l "github.com/hashicorp/terraform-provider-aws/${pkg}" internal/**/*.go ) - done > /tmp/dep_dirs_all - cat /tmp/dep_dirs_all | sort | uniq > /tmp/dep_pkgs - echo "All dependent packages:" - cat /tmp/dep_pkgs - id: changed-packages - - name: Run tests for changed packages - run: | - while read pkg; do - if [ "${pkg}" = "internal/sweep" ]; then - continue - fi - if [[ "${pkg}" == */test-fixtures ]]; then - continue - fi - if [[ "${pkg}" == internal/generate/* ]]; then - continue - fi - go test -run ^Test[^A][^c][^c] "github.com/hashicorp/terraform-provider-aws/${pkg}" - done > $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - # See also: https://github.com/actions/setup-go/issues/54 - - name: go env - run: | - echo "GOCACHE=$(go env GOCACHE)" >> $GITHUB_ENV - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ${{ env.GOCACHE }} - key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/golangci/golangci-lint/cmd/golangci-lint - - run: golangci-lint run ./internal/... - - run: cd providerlint && golangci-lint run ./... - - importlint: - needs: [go_build] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - # See also: https://github.com/actions/setup-go/issues/54 - - name: go env - run: | - echo "GOCACHE=$(go env GOCACHE)" >> $GITHUB_ENV - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ${{ env.GOCACHE }} - key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/pavius/impi/cmd/impi - - run: impi --local . --scheme stdThirdPartyLocal ./... - - semgrep: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: semgrep - uses: returntocorp/semgrep-action@v1 - - tfproviderdocs: - needs: [terraform_providers_schema] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/bflad/tfproviderdocs - - uses: actions/cache@v3 - timeout-minutes: 2 - with: - path: terraform-providers-schema - key: ${{ runner.os }}-terraform-providers-schema-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - name: tfproviderdocs check - run: | - tfproviderdocs check \ - -allowed-resource-subcategories-file website/allowed-subcategories.txt \ - -enable-contents-check \ - -ignore-file-missing-data-sources aws_alb,aws_alb_listener,aws_alb_target_group \ - -ignore-file-missing-resources aws_alb,aws_alb_listener,aws_alb_listener_certificate,aws_alb_listener_rule,aws_alb_target_group,aws_alb_target_group_attachment \ - -provider-source registry.terraform.io/hashicorp/aws \ - -providers-schema-json terraform-providers-schema/schema.json \ - -require-resource-subcategory - - compile_sweepers: - name: Compile sweepers - needs: [go_build] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - # See also: https://github.com/actions/setup-go/issues/54 - - name: go env - run: | - echo "GOCACHE=$(go env GOCACHE)" >> $GITHUB_ENV - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ${{ env.GOCACHE }} - key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('internal/**') }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - name: Try building - run: go build -tags=sweep diff --git a/.github/workflows/website.yml b/.github/workflows/website.yml deleted file mode 100644 index c5d47c0b172..00000000000 --- a/.github/workflows/website.yml +++ /dev/null @@ -1,178 +0,0 @@ -## These checks will be superseded by documentation.yml -## when the provider documentation layout is moved to -## the Terraform Registry layout. -name: Website Checks -on: - push: - branches: - - main - - "release/**" - pull_request: - paths: - - .github/workflows/website.yml - - .go-version - - .markdownlinkcheck.json - - .markdownlint.yml - - .tflint.hcl - - website/docs/** - - tools/go.mod - -jobs: - markdown-link-check: - runs-on: ubuntu-latest - env: - UV_THREADPOOL_SIZE: 128 - steps: - - uses: actions/checkout@v3 - - uses: gaurav-nelson/github-action-markdown-link-check@v1 - name: markdown-link-check website/docs/**/*.markdown - with: - use-quiet-mode: "yes" - use-verbose-mode: "yes" - config-file: ".markdownlinkcheck.json" - folder-path: "website/docs" - file-extension: ".markdown" - base-branch: "main" - check-modified-files-only: "yes" - - uses: gaurav-nelson/github-action-markdown-link-check@v1 - name: markdown-link-check website/docs/**/*.md - with: - use-quiet-mode: "yes" - use-verbose-mode: "yes" - config-file: ".markdownlinkcheck.json" - folder-path: "website/docs" - file-extension: ".md" - base-branch: "main" - check-modified-files-only: "yes" - markdown-lint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: avto-dev/markdown-lint@v1 - with: - config: ".markdownlint.yml" - args: "website/docs" - misspell: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/client9/misspell/cmd/misspell - - run: misspell -error -source text website/ - terrafmt: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/katbyte/terrafmt - - run: terrafmt diff ./website --check --pattern '*.markdown' - validate-terraform: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # See also: https://github.com/actions/setup-go/pull/62 - - run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV - - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v3 - continue-on-error: true - timeout-minutes: 2 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - - run: cd tools && go install github.com/katbyte/terrafmt - - - run: cd tools && go install github.com/terraform-linters/tflint - - - uses: actions/cache@v3 - name: Cache plugin dir - with: - path: ~/.tflint.d/plugins - key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} - - - run: tflint --init - - - run: | - exit_code=0 - - # Configure the rules for tflint. - # The *_invalid_* rules disabled here prevent evaluation of expressions. - # Do not disable *_invalid_name rules, since these are good checks for e.g. "%s" formatting verbs - # being carried over from test cases. - shared_rules=( - "--enable-rule=terraform_comment_syntax" - "--disable-rule=aws_cloudwatch_event_target_invalid_arn" - "--disable-rule=aws_db_instance_default_parameter_group" - "--disable-rule=aws_elasticache_cluster_default_parameter_group" - "--disable-rule=aws_elasticache_replication_group_default_parameter_group" - "--disable-rule=aws_iam_policy_sid_invalid_characters" - "--disable-rule=aws_iam_saml_provider_invalid_saml_metadata_document" - "--disable-rule=aws_iam_server_certificate_invalid_certificate_body" - "--disable-rule=aws_iam_server_certificate_invalid_private_key" - "--disable-rule=aws_lb_invalid_load_balancer_type" - "--disable-rule=aws_lb_target_group_invalid_protocol" - "--disable-rule=aws_transfer_ssh_key_invalid_body" - "--disable-rule=aws_worklink_website_certificate_authority_association_invalid_certificate" - "--disable-rule=aws_iot_certificate_invalid_csr" - "--disable-rule=aws_networkfirewall_rule_group_invalid_rules" - "--disable-rule=aws_appsync_function_invalid_request_mapping_template" - "--disable-rule=aws_appsync_function_invalid_response_mapping_template" - "--disable-rule=aws_appsync_resolver_invalid_request_template" - "--disable-rule=aws_appsync_resolver_invalid_response_template" - "--disable-rule=aws_servicecatalog_portfolio_share_invalid_type" - "--disable-rule=aws_s3_object_copy_invalid_source" - ) - while read -r filename; do - rules=("${shared_rules[@]}") - if [[ "$filename" == "./website/docs/guides/version-2-upgrade.html.md" ]]; then - # ./website/docs/guides/version-2-upgrade.html.md should still include pre-0.12 syntax, - # since v1.0 does not support Terraform 0.12. - rules+=( - "--disable-rule=terraform_deprecated_interpolation" - "--disable-rule=terraform_deprecated_index" - ) - elif [[ "$filename" == "./website/docs/guides/version-3-upgrade.html.md" ]]; then - # ./website/docs/guides/version-3-upgrade.html.md has one example showing migration from - # pre-0.12 syntax to 0.12 syntax. We can't customize rules per block, and adding a - # tflint-ignore directive to documentation is not ideal. - rules+=( - "--disable-rule=terraform_deprecated_interpolation" - "--enable-rule=terraform_deprecated_index" - ) - else - rules+=( - "--enable-rule=terraform_deprecated_interpolation" - "--enable-rule=terraform_deprecated_index" - ) - fi - - # We need to capture the output and error code here. We don't want to exit on the first error - set +e - ./scripts/validate-terraform-file.sh "$filename" "${rules[@]}" - lint_exitcode=$? - set -e - if [ $lint_exitcode -ne 0 ]; then exit_code=1; fi - done < <(find ./website/docs -type f \( -name '*.md' -o -name '*.markdown' \) | sort -u) - - exit $exit_code