Skip to content

Commit 802ee75

Browse files
Merge pull request #150 from amandahla/OCM-24672
OCM-24672: chore: consolidate checks under make pre-push-checks
2 parents 70b5862 + a7a99a1 commit 802ee75

35 files changed

Lines changed: 625 additions & 552 deletions

File tree

.coderabbit.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,6 +80,6 @@ reviews:
8080
tflint:
8181
enabled: true
8282
trivy:
83-
enabled: true
83+
enabled: false
8484
yamllint:
8585
enabled: true

.dockerignore

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
.git
2+
bin/
3+
**/.terraform/
4+
.terraform-docs-cache/

.github/pull_request_template.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,6 @@ Examples: variable rename/removal, output rename/removal, default value change,
8383
- [ ] Relevant Jira/GitHub issues and related PRs are linked.
8484
- [ ] Tests were added/updated where appropriate.
8585
- [ ] I manually tested the change.
86-
- [ ] `make verify` passes.
87-
- [ ] `make verify-gen` passes.
86+
- [ ] `make pre-push-checks` passes (or each step: `verify`, `verify-gen`, `lint`, `unit-tests`, `license-check`, `docs-lint`).
8887
- [ ] Documentation was added/updated where appropriate (see `make terraform-docs`).
8988
- [ ] Any risk, limitation, or follow-up work is documented.

.github/workflows/check-commit-format.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ jobs:
1414
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1515
with:
1616
fetch-depth: 0
17+
persist-credentials: false
1718
- name: Validate Commit Message(s)
1819
env:
1920
PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }}

.github/workflows/generate_terraform_docs.yaml renamed to .github/workflows/generate-terraform-docs.yaml

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -28,15 +28,7 @@ jobs:
2828
ref: ${{ github.head_ref }}
2929

3030
- name: Install terraform-docs
31-
run: |
32-
set -euo pipefail
33-
TERRAFORM_DOCS_VERSION="$(grep -E '^ARG TERRAFORM_DOCS_VERSION=' Dockerfile | cut -d= -f2)"
34-
curl -sSLo ./terraform-docs.tar.gz "https://terraform-docs.io/dl/v${TERRAFORM_DOCS_VERSION}/terraform-docs-v${TERRAFORM_DOCS_VERSION}-linux-amd64.tar.gz"
35-
tar -xzf terraform-docs.tar.gz terraform-docs
36-
chmod +x terraform-docs
37-
sudo mv terraform-docs /usr/local/bin/terraform-docs
38-
rm -f terraform-docs.tar.gz
39-
terraform-docs version
31+
run: make terraform-docs-bin
4032

4133
# Commits are created via the GitHub Git Database API (not git commit) so GitHub can
4234
# attribute and verify them for the authenticated GitHub App installation.

.github/workflows/license-check.yaml

Lines changed: 0 additions & 24 deletions
This file was deleted.

.github/workflows/test.yml

Lines changed: 0 additions & 24 deletions
This file was deleted.
Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
# Validates examples at the minimum Terraform version (root versions.tf required_version).
2+
# The Prow client Dockerfile pins the newest Terraform release; this job guards module minimum compatibility.
3+
name: Verify (minimum Terraform)
4+
5+
on:
6+
pull_request:
7+
8+
jobs:
9+
verify-terraform-1-5-7:
10+
runs-on: ubuntu-latest
11+
permissions:
12+
contents: read
13+
steps:
14+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
15+
with:
16+
persist-credentials: false
17+
18+
- uses: hashicorp/setup-terraform@dfe3c3f87815947d99a8997f908cb6525fc44e9e # v4.0.1
19+
with:
20+
terraform_version: "1.5.7"
21+
terraform_wrapper: false
22+
23+
- name: Validate examples (minimum supported Terraform)
24+
run: make verify

.gitignore

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# terraform-docs.sh pinned binary cache (version from Dockerfile)
1+
# terraform-docs local cache (version from Makefile)
22
.terraform-docs-cache/
33

44
# Local tool binaries (for example Vale installed via make docs-lint)

.gitleaks.toml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,4 +14,8 @@ description = "Terraform CLI test configs may contain mock tokens/placeholders."
1414
paths = [
1515
# e.g. modules/*/tests/*.tftest.hcl
1616
'''\.tftest''',
17+
# Pinned CLI binaries and Terraform/plugin caches (not source secrets)
18+
'''^bin/''',
19+
'''(?:^|/)\.terraform(?:/|$)''',
20+
'''(?:^|/)\.terraform-docs-cache(?:/|$)''',
1721
]

0 commit comments

Comments
 (0)