From cec2b902f41762c019ebcd66fcbd49a7e567e17b Mon Sep 17 00:00:00 2001 From: Daniel Flook Date: Fri, 20 Dec 2024 20:36:56 +0000 Subject: [PATCH] Update test-validate workflow --- .github/workflows/test-validate.yaml | 48 +++++++++++++++++++++------- 1 file changed, 36 insertions(+), 12 deletions(-) diff --git a/.github/workflows/test-validate.yaml b/.github/workflows/test-validate.yaml index ab95d099..f7be0418 100644 --- a/.github/workflows/test-validate.yaml +++ b/.github/workflows/test-validate.yaml @@ -3,13 +3,18 @@ name: Test terraform-validate on: - pull_request +permissions: + contents: read + jobs: valid: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: valid steps: - name: Checkout uses: actions/checkout@v4 + with: + persist-credentials: false - name: validate uses: ./terraform-validate @@ -18,18 +23,22 @@ jobs: path: tests/workflows/test-validate/valid - name: Check valid + env: + FAILURE_REASON: ${{ steps.validate.outputs.failure-reason }} run: | - if [[ "${{ steps.validate.outputs.failure-reason }}" != "" ]]; then + if [[ "$FAILURE_REASON" != "" ]]; then echo "::error:: failure-reason not set correctly" exit 1 fi invalid: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Invalid terraform configuration steps: - name: Checkout uses: actions/checkout@v4 + with: + persist-credentials: false - name: validate uses: ./terraform-validate @@ -39,23 +48,28 @@ jobs: path: tests/workflows/test-validate/invalid - name: Check invalid + env: + OUTCOME: ${{ steps.validate.outcome }} + FAILURE_REASON: ${{ steps.validate.outputs.failure-reason }} run: | - if [[ "${{ steps.validate.outcome }}" != "failure" ]]; then + if [[ "$OUTCOME" != "failure" ]]; then echo "Validate did not fail correctly" exit 1 fi - if [[ "${{ steps.validate.outputs.failure-reason }}" != "validate-failed" ]]; then + if [[ "$FAILURE_REASON" != "validate-failed" ]]; then echo "::error:: failure-reason not set correctly" exit 1 fi validate_workspace: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Use workspace name during validation steps: - name: Checkout uses: actions/checkout@v4 + with: + persist-credentials: false - name: validate prod uses: ./terraform-validate @@ -77,23 +91,28 @@ jobs: path: tests/workflows/test-validate/workspace_eval - name: Check invalid + env: + OUTCOME: ${{ steps.validate.outcome }} + FAILURE_REASON: ${{ steps.validate.outputs.failure-reason }} run: | - if [[ "${{ steps.validate.outcome }}" != "failure" ]]; then + if [[ "$OUTCOME" != "failure" ]]; then echo "Validate did not fail correctly" exit 1 fi - if [[ "${{ steps.validate.outputs.failure-reason }}" != "validate-failed" ]]; then + if [[ "$FAILURE_REASON" != "validate-failed" ]]; then echo "::error:: failure-reason not set correctly" exit 1 fi validate_remote_workspace: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Use workspace name during validation steps: - name: Checkout uses: actions/checkout@v4 + with: + persist-credentials: false - name: validate prod uses: ./terraform-validate @@ -102,11 +121,13 @@ jobs: workspace: prod validate_unterminated_string: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Validate with unterminated string steps: - name: Checkout uses: actions/checkout@v4 + with: + persist-credentials: false - name: validate uses: ./terraform-validate @@ -116,13 +137,16 @@ jobs: continue-on-error: true - name: Check invalid + env: + OUTCOME: ${{ steps.validate.outcome }} + FAILURE_REASON: ${{ steps.validate.outputs.failure-reason }} run: | - if [[ "${{ steps.validate.outcome }}" != "failure" ]]; then + if [[ "$OUTCOME" != "failure" ]]; then echo "Validate did not fail correctly" exit 1 fi - if [[ "${{ steps.validate.outputs.failure-reason }}" != "validate-failed" ]]; then + if [[ "$FAILURE_REASON" != "validate-failed" ]]; then echo "::error:: failure-reason not set correctly" exit 1 fi