rancher · matttrach · Jul 23, 2025 · Jul 23, 2025
@@ -102,7 +102,6 @@ jobs:
           IDENTIFIER: ${{github.run_id}}
           ZONE: ${{secrets.ZONE}}
           ACME_SERVER_URL: https://acme-v02.api.letsencrypt.org/directory
-          RANCHER_INSECURE: false
         run: |
           ./run_tests.sh
       - uses: actions/github-script@v7

@@ -87,13 +87,14 @@ jobs:
           # This format enables automatic generation of changelogs and versioning
           filter() {
             COMMIT="$1"
-            ouput="$(echo "$COMMIT" | grep -e '^fix: ' -e '^feature: ' -e '^feat: ' -e 'refactor!: ' -e 'feature!: ' -e 'feat!: ' -e '^chore(main): ')"
+            output="$(echo "$COMMIT" | grep -e '^fix: ' -e '^feature: ' -e '^feat: ' -e '^refactor!: ' -e '^feature!: ' -e '^feat!: ' -e '^chore(main): ' -e '^Merge branch ')"
             echo "$output"
           }
           prefix_check() {
             message="$1"
-            if [ "" != "$(filter "$message")" ]; then
-              echo "...Commit message does not start with the required prefix.
+            if [ -z "$(filter "$message")" ]; then
+              echo "
+              ...Commit message does not start with the required prefix.
               Please use one of the following prefixes: fix:, feature:, feat:, refactor!:, feature!:, feat:!.
               'chore(main): ' is also allowed for release PRs.
               This enables release-please to automatically determine the type of release (major, minor, patch) based on the commit message.
@@ -105,7 +106,7 @@ jobs:
           }
           empty_check() {
             message="$1"
-            if [ "" == "$message" ]; then
+            if [ -z "$message" ]; then
               echo "...Empty commit message."
               exit 1
             else
@@ -123,7 +124,7 @@ jobs:
           }
           spell_check() {
             message="$1"
-            WORDS="$(aspell list <<<"$message")"
+            WORDS="$(aspell list --dont-validate-words <<<"$message")"
             if [ "" != "$WORDS" ]; then
               echo "...Commit message contains spelling errors on: ^$WORDS\$"
               echo "...Also try updating the PR title."
@@ -141,9 +142,9 @@ jobs:
 
           while read -r message; do
             echo "checking message ^$message\$"
-            prefix_check "$message"
             empty_check "$message"
             length_check "$message"
+            prefix_check "$message"
             spell_check "$message"
             echo "message ^$message\$ passed all checks"
           done <<<"$COMMIT_MESSAGES"
@@ -208,3 +209,21 @@ jobs:
             echo "Error: Let's Encrypt CA is not being used for verification."
             exit 1
           fi
+
+  test-compile-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: install-nix
+        run: |
+          curl -L https://nixos.org/nix/install | sh
+          source /home/runner/.nix-profile/etc/profile.d/nix.sh
+          nix --version
+          which nix
+      - name: compile-check
+        shell: /home/runner/.nix-profile/bin/nix develop --ignore-environment --extra-experimental-features nix-command --extra-experimental-features flakes --keep HOME --keep SSH_AUTH_SOCK --keep GITHUB_TOKEN --keep AWS_ROLE --keep AWS_REGION --keep AWS_DEFAULT_REGION --keep AWS_ACCESS_KEY_ID --keep AWS_SECRET_ACCESS_KEY --keep AWS_SESSION_TOKEN --keep UPDATECLI_GPGTOKEN --keep UPDATECLI_GITHUB_TOKEN --keep UPDATECLI_GITHUB_ACTOR --keep GPG_SIGNING_KEY --keep NIX_SSL_CERT_FILE --keep NIX_ENV_LOADED --keep TERM --command bash -e {0}
+        run: |
+          cd test/tests
+          go test -c
@@ -0,0 +1,14 @@
+kubernetes
+config
+git
+variablize
+rke2
+rke
+rancher
+oci
+eks
+aks
+readme
+aws
+cert
+info
@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -17,5 +17,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,7 +14,8 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
 output "subnet_map" {
   value = module.this.subnet_map

@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -14,5 +14,6 @@ output "domain" {
   value = module.this.domain
 }
 output "certificate" {
-  value = module.this.certificate
+  value     = module.this.certificate
+  sensitive = true
 }
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     local = {
       source  = "hashicorp/local"
-      version = ">= 2.4"
+      version = ">= 2.5"
     }
     aws = {
       source  = "hashicorp/aws"

@@ -87,6 +87,7 @@
           devShells.default = pkgs.mkShell {
             buildInputs = [ devShellPackage ];
             shellHook = ''
+              while read word; do echo -e "*$word\n#" | aspell -a --dont-validate-words >/dev/null; done < aspell_custom.txt
               homebin=$HOME/bin;
               install -d $homebin;
               tfswitch -b $homebin/terraform 1.5.7 &>/dev/null;

@@ -160,35 +160,3 @@ data "aws_iam_server_certificate" "select" {
   name_prefix = "${local.content}-"
   latest      = true
 }
-
-resource "aws_secretsmanager_secret" "private_key_new" {
-  depends_on = [
-    data.aws_route53_zone.select,
-    aws_route53_record.ipv4,
-    aws_route53_record.ipv6,
-    acme_registration.reg,
-    tls_private_key.private_key,
-    tls_private_key.cert_private_key,
-    tls_cert_request.req,
-    acme_certificate.new,
-  ]
-  count = local.create_cert
-  name  = "${local.content}-private-key"
-}
-
-resource "aws_secretsmanager_secret_version" "private_key_value_new" {
-  depends_on = [
-    data.aws_route53_zone.select,
-    aws_route53_record.ipv4,
-    aws_route53_record.ipv6,
-    acme_registration.reg,
-    tls_private_key.private_key,
-    tls_private_key.cert_private_key,
-    tls_cert_request.req,
-    acme_certificate.new,
-    aws_secretsmanager_secret.private_key_new,
-  ]
-  count         = local.create_cert
-  secret_id     = aws_secretsmanager_secret.private_key_new[0].id
-  secret_string = tls_private_key.cert_private_key[0].private_key_pem
-}