diff --git a/.github/workflows/add_to_octokit_project.yml b/.github/workflows/add-to-octokit-project.yaml similarity index 61% rename from .github/workflows/add_to_octokit_project.yml rename to .github/workflows/add-to-octokit-project.yaml index 8621996e47..4a3fe11300 100644 --- a/.github/workflows/add_to_octokit_project.yml +++ b/.github/workflows/add-to-octokit-project.yaml @@ -1,4 +1,4 @@ -name: Add PRs and issues to Octokit org project +name: Add PRs & Issues to Octokit Org Project on: issues: @@ -6,13 +6,19 @@ on: pull_request_target: types: [reopened, opened] +permissions: read-all + jobs: add-to-project: - name: Add issue to project + name: Add to Project runs-on: ubuntu-latest continue-on-error: true + defaults: + run: + shell: bash steps: - - uses: actions/add-to-project@v1.0.2 + - name: Add to project + uses: actions/add-to-project@244f685bbc3b7adfa8466e08b698b5577571133e # v1.0.2 with: project-url: https://github.com/orgs/octokit/projects/10 github-token: ${{ secrets.OCTOKITBOT_PROJECT_ACTION_TOKEN }} diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000000..454942122a --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,32 @@ +name: GitHub Actions CI + +on: + workflow_dispatch: + push: + branches: [main] + pull_request: {} + +permissions: read-all + +jobs: + ci: + name: CI + runs-on: ubuntu-latest + defaults: + run: + shell: bash + env: + GITHUB_TEST_ORGANIZATION: kfcampbell-terraform-provider + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Set-up Go + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + with: + go-version-file: go.mod + cache: true + - run: make tools + - run: make lint + - run: make website-lint + - run: make build + - run: make test diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index f62bdfd353..0000000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: GitHub Actions CI - -on: - push: - branches: [main] - pull_request: {} - -jobs: - ci: - runs-on: ubuntu-latest - env: - GITHUB_TEST_ORGANIZATION: 'kfcampbell-terraform-provider' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - run: make tools - - run: make lint - - run: make website-lint - - run: make build - - run: make test diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yaml similarity index 84% rename from .github/workflows/codeql.yml rename to .github/workflows/codeql.yaml index b78f487ffc..0fbc6fbd95 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yaml @@ -1,6 +1,7 @@ -name: "CodeQL" +name: CodeQL on: + workflow_dispatch: push: branches: [ "main" ] pull_request: @@ -9,6 +10,8 @@ on: schedule: - cron: '16 7 * * 5' +permissions: read-all + jobs: analyze: name: Analyze @@ -17,17 +20,19 @@ jobs: actions: read contents: read security-events: write - strategy: fail-fast: false matrix: language: [ 'go' ] - + defaults: + run: + shell: bash steps: - - name: Checkout repository + - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - name: Set-up Go + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version-file: 'go.mod' cache: true diff --git a/.github/workflows/dotcom-acceptance-tests-all.yml b/.github/workflows/dotcom-acceptance-tests-all.yml deleted file mode 100644 index 3d9c35918c..0000000000 --- a/.github/workflows/dotcom-acceptance-tests-all.yml +++ /dev/null @@ -1,97 +0,0 @@ -name: Dotcom Acceptance Tests (All) - -on: - schedule: - # ┌───────────── minute (0 - 59) - # │ ┌───────────── hour (0 - 23) - # │ │ ┌───────────── day of the month (1 - 31) - # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) - # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) - # * * * * * - - cron: '0 0 * * 3' - -jobs: - - acceptance-tests-anonymous: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Anonymous) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALL: true - - acceptance-tests-individual: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - - name: Acceptance Tests (Individual) - id: acceptance-tests-individual - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALL: true - GITHUB_OWNER: github-terraform-test-user - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_ORGANIZATION: terraformtesting - - - name: Failed Acceptance Tests (Individual) - if: ${{ failure() }} - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: DEBUG - RUN_ALLOWED: ${{ steps.acceptance-tests-individual.outputs.failed }} - GITHUB_OWNER: github-terraform-test-user - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_ORGANIZATION: terraformtesting - - acceptance-tests-organization: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - - name: Acceptance Tests (Organization) - id: acceptance-tests-organization - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALL: true - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_OWNER: github-terraform-test-user - - - name: Failed Acceptance Tests (Organization) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - if: ${{ failure() }} - with: - TF_LOG: DEBUG - RUN_ALLOWED: ${{ steps.acceptance-tests-organization.outputs.failed }} - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_OWNER: github-terraform-test-user diff --git a/.github/workflows/dotcom-acceptance-tests-manual.yml b/.github/workflows/dotcom-acceptance-tests-manual.yml deleted file mode 100644 index d607d9cd3a..0000000000 --- a/.github/workflows/dotcom-acceptance-tests-manual.yml +++ /dev/null @@ -1,115 +0,0 @@ -name: Dotcom Acceptance Tests (manual) - -on: - pull_request: - types: [labeled] - -jobs: - - acceptance-tests-anonymous: - runs-on: ubuntu-latest - if: contains(join(github.event.pull_request.labels.*.name, ', '), 'test/') - steps: - - name: Parse Args - id: args - run: | - echo "::set-output name=run_allowed::$( - jq -rc .label.name $GITHUB_EVENT_PATH | cut -d/ -f 2 - )" - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Anonymous) - id: acceptance-tests-anonymous - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALLOWED: ${{ steps.args.outputs.run_allowed }} - - name: Failed Acceptance Tests (Anonymous) - if: ${{ failure() }} - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: DEBUG - RUN_ALLOWED: ${{ steps.acceptance-tests-anonymous.outputs.run_allowed }} - - - acceptance-tests-individual: - runs-on: ubuntu-latest - if: contains(join(github.event.pull_request.labels.*.name, ', '), 'test') - steps: - - name: Parse Args - id: args - run: | - echo "::set-output name=run_allowed::$( - jq -rc .label.name $GITHUB_EVENT_PATH | cut -d/ -f 2 - )" - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Individual) - id: acceptance-tests-individual - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALLOWED: ${{ steps.args.outputs.run_allowed }} - GITHUB_OWNER: github-terraform-test-user - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_ORGANIZATION: terraformtesting - - name: Failed Acceptance Tests (Individual) - if: ${{ failure() }} - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: DEBUG - RUN_ALLOWED: ${{ steps.args.outputs.run_allowed }} - GITHUB_OWNER: github-terraform-test-user - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_ORGANIZATION: terraformtesting - - acceptance-tests-organization: - runs-on: ubuntu-latest - if: contains(join(github.event.pull_request.labels.*.name, ', '), 'test') - steps: - - name: Parse Args - id: args - run: | - echo "::set-output name=run_allowed::$( - jq -rc .label.name $GITHUB_EVENT_PATH | cut -d/ -f 2 - )" - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - - name: Acceptance Tests (Organization) - id: acceptance-tests-organization - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALLOWED: ${{ steps.args.outputs.run_allowed }} - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_OWNER: github-terraform-test-user - - - name: Failed Acceptance Tests (Organization) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - if: ${{ failure() }} - with: - TF_LOG: DEBUG - RUN_ALLOWED: ${{ steps.args.outputs.run_allowed }} - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_OWNER: github-terraform-test-user diff --git a/.github/workflows/dotcom-acceptance-tests.yaml b/.github/workflows/dotcom-acceptance-tests.yaml new file mode 100644 index 0000000000..89b656f0cd --- /dev/null +++ b/.github/workflows/dotcom-acceptance-tests.yaml @@ -0,0 +1,76 @@ +name: Acceptance Tests (github.com) + +on: + workflow_dispatch: + pull_request_target: + types: + - opened + - synchronize + - reopened + - labeled + branches: + - main + +permissions: read-all + +jobs: + test: + name: Test ${{ matrix.mode }} + if: github.event_name != 'pull_request_target' || contains(github.event.pull_request.labels.*.name, 'acctest') + # environment: + # name: dotcom + runs-on: ubuntu-latest + permissions: + contents: read + strategy: + matrix: + mode: [anonymous, individual, organization] # team, enterprise + fail-fast: false + defaults: + run: + shell: bash + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Set-up Go + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + with: + go-version-file: go.mod + cache: true + + - name: Check credentials + if: matrix.mode != 'anonymous' + id: credentials + run: | + set -eou pipefail + + token="${{ secrets.DOTCOM_TEST_USER_TOKEN }}" + + if [[ -z "${token}" ]]; then + echo "Missing credentials" >&2 + exit 1 + fi + + echo "token=${token}" >> "${GITHUB_OUTPUT}" + + - name: Run tests + env: + TF_ACC: "1" + TF_LOG: INFO + GITHUB_BASE_URL: https://api.github.com/ + GITHUB_TEST_TYPE: ${{ matrix.mode }} + GITHUB_OWNER: ${{ (matrix.mode == 'individual' && 'github-terraform-test-user') || (matrix.mode == 'organization' && 'terraformtesting') || '' }} + GITHUB_USERNAME: github-terraform-test-user + GITHUB_TOKEN: ${{ matrix.mode != 'anonymous' && steps.credentials.outputs.token || '' }} + GITHUB_ENTERPRISE_SLUG: "" + GITHUB_TEST_USER_REPOSITORY: test-xk24f + GITHUB_TEST_ORG_USER: "" + GITHUB_TEST_ORG_REPOSITORY: test-repo + GITHUB_TEST_ORG_TEMPLATE_REPOSITORY: terraform-template-module + GITHUB_TEST_ORG_APP_INSTALLATION_ID: "" + GITHUB_TEST_EXTERNAL_USER: "" + GITHUB_TEST_EXTERNAL_USER_TOKEN: "" + GITHUB_TEST_EXTERNAL_USER2: "" + GITHUB_TEST_ADVANCED_SECURITY: "true" + run: go test -run "^TestAcc*" ./github -v -race -coverprofile=coverage.txt -covermode=atomic -sweep=tf-acc- -timeout 120m -count=1 diff --git a/.github/workflows/dotcom-acceptance-tests.yml b/.github/workflows/dotcom-acceptance-tests.yml deleted file mode 100644 index 28aa777c42..0000000000 --- a/.github/workflows/dotcom-acceptance-tests.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: Dotcom Acceptance Tests - -on: - push: - branches: - - test/** - -jobs: - - acceptance-tests-anonymous: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - name: Acceptance Tests (Anonymous) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - - acceptance-tests-individual: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Individual) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - GITHUB_OWNER: github-terraform-test-user - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_ORGANIZATION: terraformtesting - - acceptance-tests-organization: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Organization) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.DOTCOM_TEST_USER_TOKEN }} - GITHUB_TEST_OWNER: github-terraform-test-user diff --git a/.github/workflows/ghes-acceptance-tests-all.yml b/.github/workflows/ghes-acceptance-tests-all.yml deleted file mode 100644 index 78d064ba82..0000000000 --- a/.github/workflows/ghes-acceptance-tests-all.yml +++ /dev/null @@ -1,112 +0,0 @@ -name: GHES Acceptance Tests (All) - -on: - schedule: - # ┌───────────── minute (0 - 59) - # │ ┌───────────── hour (0 - 23) - # │ │ ┌───────────── day of the month (1 - 31) - # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) - # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) - # * * * * * - - cron: '0 0 * * 3' - -jobs: - runtime: - runs-on: ubuntu-latest - steps: - - name: Query server address - id: server-address - run: | - SERVER_ADDRESS=$(dig +short terraformtesting-ghe.eastus.cloudapp.azure.com) - echo "::set-output name=server-address::${SERVER_ADDRESS}" - outputs: - server-address: ${{ steps.server-address.outputs.server-address }} - - acceptance-tests-anonymous: - needs: [runtime] - if: ${{ needs.runtime.outputs.server-address != '255.255.255.255' }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Anonymous) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - - acceptance-tests-individual: - needs: [runtime] - if: ${{ needs.runtime.outputs.server-address != '255.255.255.255' }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - - name: Acceptance Tests (Individual) - id: acceptance-tests-individual - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALL: true - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - GITHUB_OWNER: administrator - GITHUB_TEST_USER_TOKEN: ${{ secrets.GHES_TEST_USER_TOKEN }} - - - name: Failed Acceptance Tests (Individual) - if: ${{ failure() }} - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: DEBUG - RUN_ALLOWED: ${{ steps.acceptance-tests-individual.outputs.failed }} - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - GITHUB_OWNER: administrator - GITHUB_TEST_USER_TOKEN: ${{ secrets.GHES_TEST_USER_TOKEN }} - - acceptance-tests-organization: - needs: [runtime] - if: ${{ needs.runtime.outputs.server-address != '255.255.255.255' }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - - name: Acceptance Tests (Organization) - id: acceptance-tests-organization - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - TF_LOG: INFO - RUN_ALL: true - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.GHES_TEST_USER_TOKEN }} - - - name: Failed Acceptance Tests (Organization) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - if: ${{ failure() }} - with: - TF_LOG: DEBUG - RUN_ALLOWED: ${{ steps.acceptance-tests-organization.outputs.failed }} - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.GHES_TEST_USER_TOKEN }} diff --git a/.github/workflows/ghes-acceptance-tests.yaml b/.github/workflows/ghes-acceptance-tests.yaml new file mode 100644 index 0000000000..6c84c988be --- /dev/null +++ b/.github/workflows/ghes-acceptance-tests.yaml @@ -0,0 +1,92 @@ +name: Acceptance Tests (GHES) + +on: + workflow_dispatch: + # pull_request_target: + # types: + # - opened + # - synchronize + # - reopened + # - labeled + # branches: + # - main + +permissions: read-all + +jobs: + test: + name: Test GHES + # if: github.event_name != 'pull_request_target' || contains(github.event.pull_request.labels.*.name, 'acctest') + # environment: + # name: ghes + runs-on: ubuntu-latest + permissions: + contents: read + defaults: + run: + shell: bash + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Set-up Go + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + with: + go-version-file: go.mod + cache: true + + - name: Check server address + id: server + run: | + set -eou pipefail + + host="${{ secrets.GHES_TEST_SERVER_HOST }}" + + if [[ -z "${host}" ]]; then + echo "Missing server address" >&2 + exit 1 + fi + + test="$(dig +short "${host}")" + + if [[ "${test}" != "255.255.255.255" ]]; then + echo "Invalid server address" >&2 + exit 1 + fi + + echo "address=https://${host}/" >> "${GITHUB_OUTPUT}" + + - name: Check credentials + id: credentials + run: | + set -eou pipefail + + token="${{ secrets.GHES_TEST_USER_TOKEN }}" + + if [[ -z "${token}" ]]; then + echo "Missing credentials" >&2 + exit 1 + fi + + echo "token=${token}" >> "${GITHUB_OUTPUT}" + + - name: Run tests + env: + TF_ACC: "1" + TF_LOG: INFO + TESTARGS: "-race -coverprofile=coverage.txt -covermode=atomic -sweep=tf-acc-" + GITHUB_BASE_URL: ${{ steps.server.outputs.address }} + GITHUB_TEST_TYPE: enterprise + GITHUB_OWNER: "" + GITHUB_USERNAME: "" + GITHUB_TOKEN: ${{ steps.credentials.outputs.token }} + GITHUB_ENTERPRISE_SLUG: "" + GITHUB_TEST_USER_REPOSITORY: "" + GITHUB_TEST_ORG_USER: "" + GITHUB_TEST_ORG_REPOSITORY: "" + GITHUB_TEST_ORG_TEMPLATE_REPOSITORY: "" + GITHUB_TEST_ORG_APP_INSTALLATION_ID: "" + GITHUB_TEST_EXTERNAL_USER: "" + GITHUB_TEST_EXTERNAL_USER_TOKEN: "" + GITHUB_TEST_EXTERNAL_USER2: "" + run: go test -run "^TestAcc*" ./github -v -race -coverprofile=coverage.txt -covermode=atomic -sweep=tf-acc- -timeout 120m -count=1 diff --git a/.github/workflows/ghes-acceptance-tests.yml b/.github/workflows/ghes-acceptance-tests.yml deleted file mode 100644 index 78318088b4..0000000000 --- a/.github/workflows/ghes-acceptance-tests.yml +++ /dev/null @@ -1,79 +0,0 @@ -name: GHES Acceptance Tests - -on: - push: - branches: - - test/** - -jobs: - runtime: - runs-on: ubuntu-latest - steps: - - name: Query server address - id: server-address - run: | - SERVER_ADDRESS=$(dig +short terraformtesting-ghe.eastus.cloudapp.azure.com) - echo "::set-output name=server-address::${SERVER_ADDRESS}" - outputs: - server-address: ${{ steps.server-address.outputs.server-address }} - - acceptance-tests-anonymous: - needs: [runtime] - if: ${{ needs.runtime.outputs.server-address != '255.255.255.255' }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Anonymous) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - - acceptance-tests-individual: - needs: [runtime] - if: ${{ needs.runtime.outputs.server-address != '255.255.255.255' }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Individual) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - GITHUB_OWNER: administrator - GITHUB_TEST_USER_TOKEN: ${{ secrets.GHES_TEST_USER_TOKEN }} - - acceptance-tests-organization: - needs: [runtime] - if: ${{ needs.runtime.outputs.server-address != '255.255.255.255' }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ github.event.pull_request.head.ref }} - fetch-depth: 2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 - with: - go-version-file: 'go.mod' - cache: true - - name: Acceptance Tests (Organization) - uses: terraformtesting/acceptance-tests@66f4842d934555dde0f59bf1a00abd0fc710ece4 # v2.2.0 - with: - GITHUB_BASE_URL: "https://terraformtesting-ghe.eastus.cloudapp.azure.com/" - GITHUB_ORGANIZATION: terraformtesting - GITHUB_TEST_USER_TOKEN: ${{ secrets.GHES_TEST_USER_TOKEN }} diff --git a/.github/workflows/immediate-response.yml b/.github/workflows/immediate-response.yaml similarity index 64% rename from .github/workflows/immediate-response.yml rename to .github/workflows/immediate-response.yaml index 8a29b200fc..2fd4789537 100644 --- a/.github/workflows/immediate-response.yml +++ b/.github/workflows/immediate-response.yaml @@ -1,7 +1,4 @@ -name: Issue/PR response -permissions: - issues: write - pull-requests: write +name: Issue/PR Response on: issues: types: @@ -9,21 +6,27 @@ on: pull_request_target: types: - opened + +permissions: read-all + jobs: - respond-to-issue: + respond: + name: Respond to Issue or PR if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' && github.actor != 'githubactions[bot]' && github.actor != 'octokitbot' }} runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + defaults: + run: + shell: bash steps: - - name: Determine issue or PR number - id: extract - run: echo "NUMBER=${{ github.event.issue.number || github.event.pull_request.number }}" >> "$GITHUB_OUTPUT" - - - name: Respond to issue or PR - uses: peter-evans/create-or-update-comment@v4 + - name: Comment + uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 with: - issue-number: ${{ steps.extract.outputs.NUMBER }} + issue-number: ${{ github.event.issue.number || github.event.pull_request.number }} body: > 👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! - We have a [process in place](https://github.com/octokit/.github/blob/main/community/prioritization_response.md#overview) for prioritizing and responding to your input. + We have a [process in place](https://github.com/octokit/.github/blob/main/community/prioritization_response.md#overview) for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with `Status: Up for grabs`. You & others like you are the reason all of this works! So thank you & happy coding! 🚀 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yaml similarity index 71% rename from .github/workflows/release.yml rename to .github/workflows/release.yaml index 58111722a9..850ffa747c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yaml @@ -8,21 +8,28 @@ on: tags: - 'v*' -# Releases need permissions to read and write the repository contents. -# GitHub considers creating releases and uploading assets as writing contents. -permissions: - contents: write +permissions: read-all jobs: goreleaser: + name: GoReleaser runs-on: ubuntu-latest + # Releases need permissions to read and write the repository contents. + # GitHub considers creating releases and uploading assets as writing contents. + permissions: + contents: write + defaults: + run: + shell: bash steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: # Allow goreleaser to access older tag information. fetch-depth: 0 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - name: Set-up Go + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version-file: 'go.mod' cache: true @@ -36,10 +43,10 @@ jobs: - name: Run GoReleaser uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0 - with: - args: release --clean - version: latest env: # GitHub sets the GITHUB_TOKEN secret automatically. GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + with: + args: release --clean + version: latest diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yaml similarity index 78% rename from .github/workflows/stale.yml rename to .github/workflows/stale.yaml index c94fc36e3d..0c7ad6ff35 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yaml @@ -1,14 +1,26 @@ -name: 'Close stale issues and PRs' +name: Close Stale Issues & PRs + on: workflow_dispatch: schedule: - cron: '30 1 * * *' +permissions: read-all + jobs: stale: + name: Stale runs-on: ubuntu-latest + permissions: + contents: write # only for delete-branch option + issues: write + pull-requests: write + defaults: + run: + shell: bash steps: - - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 + - name: Check for stale issues & PRs + uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 with: stale-issue-message: > 👋 Hey Friends, this issue has been automatically marked as `stale` because it has no recent activity. diff --git a/.golangci.yml b/.golangci.yml index 1b2e11d4f5..c6f350e1a8 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -2,11 +2,11 @@ # and information on other useful linters run: - deadline: 3m + timeout: 3m modules-download-mode: vendor issues: - max-per-linter: 0 + max-issues-per-linter: 0 max-same-issues: 0 linters: @@ -14,7 +14,7 @@ linters: enable: - durationcheck - errcheck - - exportloopref + - copyloopvar # - forcetypeassert # - godot - gofmt @@ -29,8 +29,8 @@ linters: - unconvert # - unparam - unused - - vet - + - govet linters-settings: errcheck: - ignore: github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema:ForceNew|Set,fmt:.*,io:Close + exclude-functions: + - (*github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.ResourceData).Set diff --git a/GNUmakefile b/GNUmakefile index 3ad7c52274..e9ade49ef1 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -3,11 +3,13 @@ GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor) WEBSITE_REPO=github.com/hashicorp/terraform-website PKG_NAME=github +export TESTARGS=-race -coverprofile=coverage.txt -covermode=atomic + default: build tools: - go install github.com/client9/misspell/cmd/misspell@v0.3.4 - go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.51.1 + go install github.com/client9/misspell/cmd/misspell + go install github.com/golangci/golangci-lint/cmd/golangci-lint build: fmtcheck go build ./... @@ -27,8 +29,8 @@ test: go test ./... # commenting this out for release tooling, please run testacc instead -testacc: fmtcheck - TF_ACC=1 go test $(TEST) -v $(TESTARGS) -timeout 120m +testacc: + TF_ACC=1 go test -run "^TestAcc*" ./github -v $(TESTARGS) -timeout 120m -count=1 test-compile: @if [ "$(TEST)" = "./..." ]; then \