-
Notifications
You must be signed in to change notification settings - Fork 9.6k
199 lines (170 loc) · 6.81 KB
/
checks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
# This workflow is a collection of "quick checks" that should be reasonable
# to run for any new commit to this repository in principle.
#
# The main purpose of this workflow is to represent checks that we want to
# run prior to reviewing and merging a pull request. We should therefore aim
# for these checks to complete in no more than a few minutes in the common
# case.
#
# The build.yml workflow includes some additional checks we run only for
# already-merged changes to release branches and tags, as a compromise to
# keep the PR feedback relatively fast. The intent is that checks.yml should
# catch most problems but that build.yml might occasionally by the one to catch
# more esoteric situations, such as architecture-specific or OS-specific
# misbehavior.
name: Quick Checks
on:
pull_request:
types:
- opened
- ready_for_review
- reopened
- synchronize
push:
branches:
- '*'
tags:
- 'v[0-9]+.[0-9]+.[0-9]+*'
# This workflow runs for not-yet-reviewed external contributions and so it
# intentionally has no write access and only limited read access to the
# repository.
permissions:
contents: read
jobs:
unit-tests:
name: "Unit Tests"
runs-on: ubuntu-latest
steps:
- name: "Fetch source code"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Determine Go version
id: go
uses: ./.github/actions/go-version
- name: Install Go toolchain
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.go.outputs.version }}
# NOTE: This cache is shared so the following step must always be
# identical across the unit-tests, e2e-tests, and consistency-checks
# jobs, or else weird things could happen.
- name: Cache Go modules
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: "~/go/pkg"
key: go-mod-${{ hashFiles('go.sum') }}
restore-keys: |
go-mod-
- name: "Unit tests"
run: |
# We run tests for all packages from all modules in this repository.
for dir in $(go list -m -f '{{.Dir}}' github.com/hashicorp/terraform/...); do
(cd $dir && go test "./...")
done
race-tests:
name: "Race Tests"
runs-on: ubuntu-latest
steps:
- name: "Fetch source code"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Determine Go version
id: go
uses: ./.github/actions/go-version
- name: Install Go toolchain
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.go.outputs.version }}
# NOTE: This cache is shared so the following step must always be
# identical across the unit-tests, e2e-tests, and consistency-checks
# jobs, or else weird things could happen.
- name: Cache Go modules
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: "~/go/pkg"
key: go-mod-${{ hashFiles('go.sum') }}
restore-keys: |
go-mod-
# The race detector add significant time to the unit tests, so only run
# it for select packages.
- name: "Race detector"
run: |
go test -race ./internal/terraform ./internal/command ./internal/states
e2e-tests:
# This is an intentionally-limited form of our E2E test run which only
# covers Terraform running on Linux. The build.yml workflow runs these
# tests across various other platforms in order to catch the rare exception
# that might leak through this.
name: "End-to-end Tests"
runs-on: ubuntu-latest
steps:
- name: "Fetch source code"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Determine Go version
id: go
uses: ./.github/actions/go-version
- name: Install Go toolchain
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.go.outputs.version }}
# NOTE: This cache is shared so the following step must always be
# identical across the unit-tests, e2e-tests, and consistency-checks
# jobs, or else weird things could happen.
- name: Cache Go modules
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: "~/go/pkg"
key: go-mod-${{ hashFiles('go.sum') }}
restore-keys: |
go-mod-
- name: "End-to-end tests"
run: |
TF_ACC=1 go test -v ./internal/command/e2etest
consistency-checks:
name: "Code Consistency Checks"
runs-on: ubuntu-latest
steps:
- name: "Fetch source code"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0 # We need to do comparisons against the main branch.
- name: Determine Go version
id: go
uses: ./.github/actions/go-version
- name: Install Go toolchain
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.go.outputs.version }}
# NOTE: This cache is shared so the following step must always be
# identical across the unit-tests, e2e-tests, and consistency-checks
# jobs, or else weird things could happen.
- name: Cache Go modules
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: "~/go/pkg"
key: go-mod-${{ hashFiles('go.sum') }}
restore-keys: |
go-mod-
- name: "go.mod and go.sum consistency check"
run: |
make syncdeps
CHANGED="$(git status --porcelain)"
if [[ -n "$CHANGED" ]]; then
git diff
echo >&2 "ERROR: go.mod/go.sum files are not up-to-date. Run 'make syncdeps' and then commit the updated files."
echo >&2 $'Affected files:\n'"$CHANGED"
exit 1
fi
- name: Cache protobuf tools
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: "tools/protobuf-compile/.workdir"
key: protobuf-tools-${{ hashFiles('tools/protobuf-compile/protobuf-compile.go') }}
restore-keys: |
protobuf-tools-
- name: "Code consistency checks"
run: |
make fmtcheck importscheck copyright generate staticcheck exhaustive protobuf
if [[ -n "$(git status --porcelain)" ]]; then
echo >&2 "ERROR: Generated files are inconsistent. Run 'make generate' and 'make protobuf' locally and then commit the updated files."
git >&2 status --porcelain
exit 1
fi