Merge pull request #7 from tomarv2/develop

Develop

Author: tomarv2

.github/workflows/pre-commit.yml

@@ -4,11 +4,10 @@ on:
   pull_request:
   push:
     branches:
-      - main
       - develop
+      - main
 
 jobs:
-# Min Terraform version(s)
   getDirectories:
     name: Get root directories
     runs-on: ubuntu-latest
@@ -25,13 +24,13 @@ jobs:
       - name: Build matrix
         id: matrix
         run: |
-          DIRS=$(python -c "import json; import glob; print(json.dumps([x.replace('/versions.tf', '') for x in glob.glob('./**/versions.tf', recursive=True)]))")
+          DIRS=$(python -c "import json; import glob; print(json.dumps([x.replace('/providers.tf', '') for x in glob.glob('./**/providers.tf', recursive=True)]))")
           echo "::set-output name=directories::$DIRS"
     outputs:
       directories: ${{ steps.matrix.outputs.directories }}
 
   preCommitMinVersions:
-    name: Min TF validate
+    name: Min validate
     needs: getDirectories
     runs-on: ubuntu-latest
     strategy:
@@ -58,11 +57,9 @@ jobs:
         with:
           terraform_version: ${{ steps.minMax.outputs.minVersion }}
 
-      - name: Install pre-commit dependencies
+      - name: Install pre-commit
         run: pip install pre-commit
 
-
-# Max Terraform version
   getBaseVersion:
     name: Module max TF version
     runs-on: ubuntu-latest
@@ -78,7 +75,7 @@ jobs:
       maxVersion: ${{ steps.minMax.outputs.maxVersion }}
 
   preCommitMaxVersion:
-    name: Max TF pre-commit
+    name: Max pre-commit
     runs-on: ubuntu-latest
     needs: getBaseVersion
     strategy:
@@ -105,10 +102,59 @@ jobs:
         run: |
           pip install pre-commit
           pip install checkov
-          curl -L "$(curl -s https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | grep -o -E "https://.+?-v1.0.1-linux-amd64" | head -n1)" > terraform-docs && chmod +x terraform-docs && sudo mv terraform-docs /usr/bin/
           curl -L "$(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" > tflint.zip && unzip tflint.zip && rm tflint.zip && sudo mv tflint /usr/bin/
 
       - name: Execute pre-commit
-        # Run all pre-commit checks on max version supported
-        if: ${{ matrix.version ==  needs.getBaseVersion.outputs.maxVersion }}
-        run: pre-commit run --color=always --show-diff-on-failure --all-files
+        continue-on-error: true # To avoid pre-commit failure
+        run: |
+          pre-commit run --color=always --show-diff-on-failure --all-files
+
+      - name: Get current branch name
+        id: vars
+        run: |
+          echo ::set-output name=branch_name::${GITHUB_REF##*/}
+
+      - name: "Get branch name and save to env"
+        env:
+          IS_PR: ${{ github.EVENT_NAME == 'pull_request' }}
+        run: |
+          if ${IS_PR}; then
+            BRANCH_NAME="${GITHUB_HEAD_REF}"
+          else
+            BRANCH_NAME="${GITHUB_REF##*/}"
+          fi
+          echo "BRANCH_NAME=${BRANCH_NAME}" >> $GITHUB_ENV
+
+      - uses: actions/checkout@v2
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+
+      - name: Render terraform docs and commit changes
+        if: ${{ env.BRANCH_NAME }}  == 'develop'
+        uses: terraform-docs/gh-actions@main
+        with:
+          working-dir: .
+          output-file: README.md
+          output-method: inject
+          git-push: "true"
+
+      - name: Commit pre-commit modified files
+        if: ${{ env.BRANCH_NAME }} == 'develop'
+        run: |
+          git config --local user.email "terraform+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+          git diff-index --quiet HEAD || (git add -A && git commit -m'[bot] update files' --allow-empty && git push -f)
+
+      - uses: actions/checkout@v2
+      - name: Create PR
+        continue-on-error: true
+        uses: repo-sync/pull-request@v2
+        if: ${{ env.BRANCH_NAME }}  == 'develop'
+        with:
+          source_branch: "develop"
+          destination_branch: "main"
+          pr_title: "Pulling ${{ github.ref }} into main"
+          pr_body: ":crown: *Automated PR*"
+          pr_label: "auto-pr"
+          pr_allow_empty: false
+          github_token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/stale-actions.yml

@@ -0,0 +1,32 @@
+name: "Mark or close stale issues and PRs"
+on:
+  schedule:
+  - cron: "0 0 10 * *"
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/stale@v4
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        # Staling issues and PR's
+        days-before-stale: 30
+        stale-issue-label: stale
+        stale-pr-label: stale
+        stale-issue-message: |
+          This issue has been automatically marked as stale because it has been open 30 days
+          with no activity. Remove stale label or comment or this issue will be closed in 10 days
+        stale-pr-message: |
+          This PR has been automatically marked as stale because it has been open 30 days
+          with no activity. Remove stale label or comment or this PR will be closed in 10 days
+        # Not stale if have this labels or part of milestone
+        exempt-issue-labels: bug,wip,on-hold
+        exempt-pr-labels:    bug,wip,on-hold
+        exempt-all-milestones: true
+        # Close issue operations
+        # Label will be automatically removed if the issues are no longer closed nor locked.
+        days-before-close: 10
+        delete-branch: false
+        close-issue-message: This issue was automatically closed because of stale in 10 days
+        close-pr-message: This PR was automatically closed because of stale in 10 days

.github/workflows/synced-bump-version.yml

@@ -0,0 +1,22 @@
+name: Bump version
+on:
+  push:
+    branches:
+      - main
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Bump version and push tag
+        id: tag_version
+        uses: mathieudutour/[email protected]
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Create a GitHub release
+        uses: ncipollo/release-action@v1
+        with:
+          tag: ${{ steps.tag_version.outputs.new_tag }}
+          name: Release ${{ steps.tag_version.outputs.new_tag }}
+          body: ${{ steps.tag_version.outputs.changelog }}

.gitignore

@@ -79,7 +79,136 @@ _testmain.go
 /test/run.out
 /test/times.out
 
+# Python
+# Editors
+.vscode/
+.idea/
+
+# Vagrant
+.vagrant/
+
+# Mac/OSX
+.DS_Store
+
+# Windows
+Thumbs.db
+
+# Source for the following rules: https://raw.githubusercontent.com/github/gitignore/master/Python.gitignore
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+.hypothesis/
+.pytest_cache/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+.python-version
+
+# celery beat schedule file
+celerybeat-schedule
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
 # ignore test related file(s)
 **/test**
 **.
+
+# ignore terraform external modules
 **/.external_modules

.pre-commit-config.yaml

@@ -1,32 +1,38 @@
 repos:
-  - repo: git://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.48.0
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.64.0
     hooks:
       - id: terraform_fmt
       - id: terraform_tflint
         args:
           - '--args=--only=terraform_deprecated_interpolation'
           - '--args=--only=terraform_deprecated_index'
+          - '--args=--only=terraform_unused_declarations'
           - '--args=--only=terraform_comment_syntax'
           - '--args=--only=terraform_documented_outputs'
           - '--args=--only=terraform_documented_variables'
           - '--args=--only=terraform_typed_variables'
-          - '--args=--only=terraform_module_pinned_source'
+          #- '--args=--only=terraform_module_pinned_source'
           - '--args=--only=terraform_naming_convention'
           - '--args=--only=terraform_required_providers'
+          - '--args=--only=terraform_standard_module_structure'
           - '--args=--only=terraform_workspace_remote'
 
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v3.4.0
+    rev: v4.1.0
     hooks:
       - id: trailing-whitespace
-      - id: check-merge-conflict
       - id: end-of-file-fixer
+      - id: check-docstring-first
       - id: check-yaml
+      - id: debug-statements
+      - id: double-quote-string-fixer
+      - id: name-tests-test
+      - id: requirements-txt-fixer
 
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: '2.0.531'
+    rev: '2.0.914'
     hooks:
     - id: checkov
       verbose: true
-      args: [-d, '.', --framework, 'terraform', --download-external-modules, 'True']
+      args: [-d, '.', --framework,'terraform']

README.md

@@ -110,6 +110,7 @@ Please refer to examples directory [link](examples) for references.
 
 ##### - Terraform module for [Databricks AWS Workspace](https://github.com/tomarv2/terraform-databricks-aws-workspace)
 
+<!-- BEGIN_TF_DOCS -->
 ## Requirements
 
 | Name | Version |
@@ -124,11 +125,11 @@ Please refer to examples directory [link](examples) for references.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | 2.94.0 |
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | ~> 2.94 |
 | <a name="provider_databricks"></a> [databricks](#provider\_databricks) | 0.3.5 |
 | <a name="provider_databricks.created_workspace"></a> [databricks.created\_workspace](#provider\_databricks.created\_workspace) | 0.3.5 |
-| <a name="provider_external"></a> [external](#provider\_external) | 2.2.0 |
-| <a name="provider_random"></a> [random](#provider\_random) | 3.1.0 |
+| <a name="provider_external"></a> [external](#provider\_external) | ~> 2.2 |
+| <a name="provider_random"></a> [random](#provider\_random) | ~> 3.1 |
 
 ## Modules
 
@@ -180,3 +181,4 @@ Please refer to examples directory [link](examples) for references.
 | <a name="output_managed_resource_group_name"></a> [managed\_resource\_group\_name](#output\_managed\_resource\_group\_name) | databricks managed resource group name |
 | <a name="output_nonsensitive_databricks_token"></a> [nonsensitive\_databricks\_token](#output\_nonsensitive\_databricks\_token) | Value of the newly-created token |
 | <a name="output_resource_group_name"></a> [resource\_group\_name](#output\_resource\_group\_name) | databricks resource group name |
+<!-- END_TF_DOCS -->

examples/azure_databricks/outputs.tf

@@ -30,7 +30,7 @@ output "sensitive_databricks_token" {
 }
 
 output "databricks_token" {
-  description = "Value of the newly-created token (nonsensitive)"
+  description = "Value of the newly created token (nonsensitive)"
   value       = module.azure_databricks.nonsensitive_databricks_token
 }