SEC-090: Automated trusted workflow pinning (2024-05-20) #663
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Terraform Provider testing workflow. | |
| name: Tests | |
| # This GitHub action runs your tests for each pull request and push. | |
| # Optionally, you can turn it on using a schedule for regular testing. | |
| on: | |
| pull_request: | |
| paths-ignore: | |
| - 'README.md' | |
| push: | |
| paths-ignore: | |
| - 'README.md' | |
| # Testing only needs permissions to read the repository contents. | |
| permissions: | |
| contents: read | |
| jobs: | |
| # Ensure project builds before running testing matrix | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - run: go mod download | |
| - run: go build -v . | |
| - name: Run linters | |
| uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1 | |
| with: | |
| version: latest | |
| generate: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| # Temporarily download Terraform 1.8 prerelease for function documentation support. | |
| # When Terraform 1.8.0 final is released, this can be removed. | |
| - uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1 | |
| with: | |
| terraform_version: '1.8.0-alpha20240216' | |
| terraform_wrapper: false | |
| - run: go generate ./... | |
| - name: git diff | |
| run: | | |
| git diff --compact-summary --exit-code || \ | |
| (echo; echo "Unexpected difference in directories after code generation. Run 'go generate ./...' command and commit."; exit 1) | |
| # Run acceptance tests in a matrix with Terraform CLI versions | |
| test: | |
| name: Terraform Provider Acceptance Tests | |
| needs: build | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # list whatever Terraform versions here you would like to support | |
| terraform: | |
| - '1.0.*' | |
| - '1.1.*' | |
| - '1.2.*' | |
| - '1.3.*' | |
| - '1.4.*' | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1 | |
| with: | |
| terraform_version: ${{ matrix.terraform }} | |
| terraform_wrapper: false | |
| - run: go mod download | |
| - env: | |
| TF_ACC: "1" | |
| run: go test -v -cover ./internal/provider/ | |
| timeout-minutes: 10 |