From 613c17c7d05c47d022a6534906d1bd280d70023e Mon Sep 17 00:00:00 2001 From: Kirill Kulikov Date: Mon, 12 Apr 2021 12:57:48 +0600 Subject: [PATCH 1/2] Added github actions to check Terraform code --- .github/workflows/terraform-ci.yml | 67 ++++++++++++++++++++++++ terraform/modules/aws-ec2-pritunl/efs.tf | 6 +-- 2 files changed, 70 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/terraform-ci.yml diff --git a/.github/workflows/terraform-ci.yml b/.github/workflows/terraform-ci.yml new file mode 100644 index 00000000..958f7fd6 --- /dev/null +++ b/.github/workflows/terraform-ci.yml @@ -0,0 +1,67 @@ +name: 'Terraform-ci' + +on: [push, pull_request] + +defaults: + run: + shell: sh + +jobs: + # Terraform init and validate configuration + terraform-init: + name: 'Terraform-init' + runs-on: ubuntu-latest + environment: dev + container: + image: hashicorp/terraform:0.14.6 + env: + PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Terraform Init l1 + working-directory: ./terraform/layer1-aws + run: terraform init -backend=false + - name: Terraform Init l2 + working-directory: ./terraform/layer2-k8s + run: terraform init -backend=false + - name: Terraform Validate l1 + working-directory: ./terraform/layer1-aws + run: terraform validate -no-color . + - name: Terraform Validate l2 + working-directory: ./terraform/layer2-k8s + run: terraform validate -no-color . + + # Checks that all Terraform configuration files format + terraform-format: + name: 'Terraform-format' + runs-on: ubuntu-latest + environment: dev + container: + image: hashicorp/terraform:0.14.6 + env: + PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Terraform Format + run: terraform fmt -recursive -write=false -check . + + # Checks that all Terraform configuration files tflint + terraform-tflint: + name: 'Terraform-tflint' + runs-on: ubuntu-latest + environment: dev + container: + image: wata727/tflint + env: + PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Terraform tflint l1 + working-directory: ./terraform/layer1-aws + run: tflint --no-color + - name: Terraform tflint l2 + working-directory: ./terraform/layer2-k8s + run: tflint --no-color diff --git a/terraform/modules/aws-ec2-pritunl/efs.tf b/terraform/modules/aws-ec2-pritunl/efs.tf index 2242148b..3f0a9f87 100644 --- a/terraform/modules/aws-ec2-pritunl/efs.tf +++ b/terraform/modules/aws-ec2-pritunl/efs.tf @@ -7,8 +7,8 @@ resource "aws_efs_file_system" "this" { kms_key_id = var.kms_key_id tags = { - "Name" = var.name - } + "Name" = var.name + } lifecycle { ignore_changes = [ tags, @@ -17,7 +17,7 @@ resource "aws_efs_file_system" "this" { } resource "aws_efs_mount_target" "this" { - count = length(var.public_subnets) + count = length(var.public_subnets) file_system_id = aws_efs_file_system.this.id subnet_id = var.public_subnets[count.index] security_groups = [ From 2fe5c46e524ce9fc6478306146fcc1d7b2c98a26 Mon Sep 17 00:00:00 2001 From: Kirill Kulikov Date: Sat, 17 Apr 2021 12:45:43 +0600 Subject: [PATCH 2/2] Remove ci env and rename init job Remove ci environment deleted because it is not used Rename `init` job to `validate` because main purpose of this stage - terraform validate --- .github/workflows/terraform-ci.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/terraform-ci.yml b/.github/workflows/terraform-ci.yml index 958f7fd6..04c90d4b 100644 --- a/.github/workflows/terraform-ci.yml +++ b/.github/workflows/terraform-ci.yml @@ -7,11 +7,10 @@ defaults: shell: sh jobs: - # Terraform init and validate configuration - terraform-init: - name: 'Terraform-init' + # Terraform validate configuration + terraform-validate: + name: 'Terraform-validate' runs-on: ubuntu-latest - environment: dev container: image: hashicorp/terraform:0.14.6 env: @@ -36,7 +35,6 @@ jobs: terraform-format: name: 'Terraform-format' runs-on: ubuntu-latest - environment: dev container: image: hashicorp/terraform:0.14.6 env: @@ -51,7 +49,6 @@ jobs: terraform-tflint: name: 'Terraform-tflint' runs-on: ubuntu-latest - environment: dev container: image: wata727/tflint env: