feat: added terraform-docs to image to check README.md is updated

devops-consultants · Jul 25, 2024 · a245d9d · a245d9d
1 parent 8899e07
commit a245d9d
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 6 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,21 +1,35 @@
-FROM alpine:3.20.2
+FROM ghcr.io/aquasecurity/trivy:0.52.0 AS trivy
 
-RUN apk add --update --no-cache bash git curl gpgv tflint && apk upgrade
+FROM ghcr.io/terraform-linters/tflint:v0.51.0 AS tflint
+
+FROM quay.io/terraform-docs/terraform-docs:0.17.0 AS terraform-docs
+
+FROM alpine:3.20.2 AS build
+
+RUN apk add --update --no-cache bash git curl gpgv && apk upgrade
 
 # Install tfenv to manage Terraform versions
 ENV TFENV_INSTALL_DIR=/usr/local/tfenv
+ENV TF_PLUGIN_CACHE_DIR=/root/.terraform.d/plugin-cache
+RUN mkdir -p ${TFENV_INSTALL_DIR} && \
+    mkdir -p ${TF_PLUGIN_CACHE_DIR}
 RUN git clone --depth=1 https://github.com/tfutils/tfenv.git ${TFENV_INSTALL_DIR} && \
     echo 'export PATH="${TFENV_INSTALL_DIR}/bin:$PATH"' >> ~/.bash_profile && \
-    echo 'trust-tfenv: yes' > ${TFENV_INSTALL_DIR}/use-gpgv && \
-    echo "plugin_cache_dir = \"/root/.terraform.d/plugin-cache\"" > /root/.terraformrc
+    echo 'trust-tfenv: yes' > ${TFENV_INSTALL_DIR}/use-gpgv 
 ENV PATH=${TFENV_INSTALL_DIR}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
 
 
 # Install the latest version of Terraform
 RUN tfenv install latest && tfenv use latest
 
+# Install tflint to lint Terraform code
+COPY --from=tflint /usr/local/bin/tflint /usr/local/bin/tflint
+
 # Install trivy to security scan Terraform code
-RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
+COPY --from=trivy /usr/local/bin/trivy /usr/local/bin/trivy
+
+# Install Terraform-docs to generate documentation for Terraform code
+COPY --from=terraform-docs /usr/local/bin/terraform-docs /usr/local/bin/terraform-docs
 
 RUN wget --no-verbose -P / https://bitbucket.org/bitbucketpipelines/bitbucket-pipes-toolkit-bash/raw/0.6.0/common.sh
 

diff --git a/pipe.sh b/pipe.sh
@@ -15,6 +15,7 @@ RUN_TFLINT=${RUN_TFLINT:="true"}
 RUN_TRIVY=${RUN_TRIVY:="true"}
 RUN_VALIDATE=${RUN_VALIDATE:="true"}
 RUN_FMT=${RUN_FMT:="true"}
+RUN_DOCS=${RUN_DOCS:="true"}
 
 enable_debug() {
   if [[ "${DEBUG}" == "true" ]]; then
@@ -25,10 +26,11 @@ enable_debug() {
 enable_debug
 
 cd ${TF_MODULE_PATH}
+terraform init
 
 if [[ "${RUN_FMT}" == "true" ]]; then
   info "Checking module formatting"
-  run terraform init && terraform fmt -check
+  run terraform fmt -check -diff
 
   if [[ "${status}" == "0" ]]; then
     success "Success!"
@@ -70,3 +72,15 @@ if [[ "${RUN_TRIVY}" == "true" ]]; then
     fail "Error!"
   fi
 fi
+
+if [[ "${RUN_DOCS}" == "true" ]]; then
+  info "Checking module documentation"
+  touch README.md && cp README.md README.md.new
+  run terraform-docs markdown --output-file README.md.new . && diff -bw README.md README.md.new
+
+  if [[ "${status}" == "0" ]]; then
+    success "Success!"
+  else
+    fail "Error!"
+  fi
+fi