|
1 | 1 | version: 2 |
2 | 2 |
|
| 3 | +# TODO: centralize full configuration. Figure out how |
| 4 | +# ?? Each step as a separate script that is downloaded and run ?? |
| 5 | +# ?? CircleCI feature request to supoort include from remote sources |
| 6 | +# More Markdown terraform_testing |
| 7 | +# Python testing. Add doc and test that too |
| 8 | +# circleci/python: Both 2 and 3? |
| 9 | +# if src/requirements.txt get version from *.tf and test |
| 10 | +# Style+: flake8 + hacking?, prospector? |
| 11 | +# Security: bandit, RATS, |
| 12 | + |
| 13 | +# This file uses YAML anchors to deduplicate steps |
| 14 | +# see https://circleci.com/blog/circleci-hacks-reuse-yaml-in-your-circleci-config-with-yaml/ |
| 15 | +# and https://learnxinyminutes.com/docs/yaml/ |
| 16 | + |
| 17 | +.steps_template: &steps_terraform_static_analysis |
| 18 | + steps: |
| 19 | + - checkout |
| 20 | + - run: |
| 21 | + name: "Check: Validate tf files (terraform validate)" |
| 22 | + command: | |
| 23 | + find . -type f -name "*.tf" -exec dirname {} \;|sort -u | while read m; do (terraform validate -check-variables=false "$m" && echo "√ $m") || exit 1 ; done |
| 24 | + - run: |
| 25 | + name: "Check: Terraform formatting (terraform fmt)" |
| 26 | + command: | |
| 27 | + if [ `terraform fmt --list=true -diff=true -write=false | tee format-issues | wc -c` -ne 0 ]; then |
| 28 | + echo "Some terraform files need be formatted, run 'terraform fmt' to fix" |
| 29 | + echo "Formatting issues:" |
| 30 | + cat format-issues |
| 31 | + exit 1 |
| 32 | + fi |
| 33 | + - run: |
| 34 | + name: "Install: tflint" |
| 35 | + command: | |
| 36 | + apk update |
| 37 | + apk add jq wget |
| 38 | + # Get latest version of tflint (v0.7.0 test if still need to exclude modules. Any other changes) |
| 39 | + pkg_arch=linux_amd64 |
| 40 | + dl_url=$(curl -s https://api.github.com/repos/wata727/tflint/releases/latest | jq -r ".assets[] | select(.name | test(\"${pkg_arch}\")) | .browser_download_url") |
| 41 | + wget ${dl_url} |
| 42 | + unzip tflint_linux_amd64.zip |
| 43 | + mkdir -p /usr/local/tflint/bin |
| 44 | + # Setup PATH for later run steps - ONLY for Bash and not in Bash |
| 45 | + #echo 'export PATH=/usr/local/tflint/bin:$PATH' >> $BASH_ENV |
| 46 | + echo "Installing tflint..." |
| 47 | + install tflint /usr/local/tflint/bin |
| 48 | + echo "Configuring tflint..." |
| 49 | + tf_ver=$(terraform version | awk 'FNR <= 1' | cut -dv -f2) |
| 50 | + echo -e "\tConfig for terraform version: ${tf_ver}" |
| 51 | + if [ -f '.tflint.hcl' ]; then |
| 52 | + sed -i "/terraform_version =/s/\".*\"/\"${tf_ver}\"/" .tflint.hcl |
| 53 | + else |
| 54 | + { |
| 55 | + echo -e "config {\nterraform_version = \"${tf_ver}\"\ndeep_check = true\nignore_module = {" |
| 56 | + for module in $(grep -h '[^a-zA-Z]source[ =]' *.tf | sed -r 's/.*=\s+//' | sort -u); do |
| 57 | + # if not ^"../ |
| 58 | + echo "${module} = true" |
| 59 | + done |
| 60 | + echo -e "}\n}\n" |
| 61 | + } > .tflint.hcl |
| 62 | + fi |
| 63 | + echo "tflint configuration:" |
| 64 | + cat .tflint.hcl |
| 65 | + - run: |
| 66 | + # Not supporting modules from registry ?? v0.5.4 |
| 67 | + # For now, must ignore in config file |
| 68 | + name: "Check: tflint" |
| 69 | + command: | |
| 70 | + #echo "Initializing terraform..." |
| 71 | + #terraform init -input=false |
| 72 | + echo "Running tflint..." |
| 73 | + /usr/local/tflint/bin/tflint --version |
| 74 | + /usr/local/tflint/bin/tflint |
| 75 | +
|
3 | 76 | jobs: |
4 | | - build: |
| 77 | + ### |
| 78 | + ### Documentation testing: Markdown |
| 79 | + ### |
| 80 | + # Markdown Lint https://github.com/DavidAnson/markdownlint |
| 81 | + # CLI https://github.com/igorshubovych/markdownlint-cli |
| 82 | + # https://hub.docker.com/r/circleci/node/tags/ |
| 83 | + markdown_lint_node: |
5 | 84 | docker: |
6 | | - - image: hashicorp/terraform:0.11.3 |
7 | | - entrypoint: /bin/sh |
| 85 | + - image: circleci/node:10.5.0 |
8 | 86 | steps: |
9 | 87 | - checkout |
10 | 88 | - run: |
11 | | - name: "Validate tf files (terraform validate)" |
| 89 | + name: "Install: markdown lint (node.js)" |
12 | 90 | command: | |
13 | | - find . -type f -name "*.tf" -exec dirname {} \;|sort -u | while read m; do (terraform validate -check-variables=false "$m" && echo "√ $m") || exit 1 ; done |
| 91 | + sudo npm install -g markdownlint-cli |
14 | 92 | - run: |
15 | | - name: "Check: Terraform formatting (terraform fmt)" |
| 93 | + name: "Check: markdown lint (node.js)" |
16 | 94 | command: | |
17 | | - if [ `terraform fmt --list=true -diff=true -write=false | tee format-issues | wc -c` -ne 0 ]; then |
18 | | - echo "Some terraform files need be formatted, run 'terraform fmt' to fix" |
19 | | - echo "Formatting issues:" |
20 | | - cat format-issues |
21 | | - exit 1 |
22 | | - fi |
| 95 | + #markdownlint --help |
| 96 | + echo -n "markdownlint version: " |
| 97 | + markdownlint --version |
| 98 | + markdownlint ./ |
| 99 | + # Markdown Lint https://github.com/markdownlint/markdownlint |
| 100 | + # https://hub.docker.com/r/circleci/ruby/tags/ |
| 101 | + markdown_lint_ruby: |
| 102 | + docker: |
| 103 | + - image: circleci/ruby:2.5.1 |
| 104 | + steps: |
| 105 | + - checkout |
| 106 | + - run: |
| 107 | + name: "Install: markdown lint (ruby)" |
| 108 | + command: | |
| 109 | + gem install mdl |
| 110 | + - run: |
| 111 | + name: "Check: markdown lint (ruby)" |
| 112 | + command: | |
| 113 | + #mdl --help |
| 114 | + echo -n "mdl version: " |
| 115 | + mdl --version |
| 116 | + mdl . |
| 117 | + markdown_proofer: |
| 118 | + docker: |
| 119 | + - image: circleci/golang:1.10 |
| 120 | + entrypoint: /bin/sh |
| 121 | + steps: |
| 122 | + - checkout |
23 | 123 | - run: |
24 | | - name: "Install: tflint" |
| 124 | + name: "Install: markdown proofer" |
25 | 125 | command: | |
26 | | - apk add jq wget |
27 | | - # Get latest version of tflint |
| 126 | + # Get latest version |
28 | 127 | pkg_arch=linux_amd64 |
29 | | - dl_url=$(curl -s https://api.github.com/repos/wata727/tflint/releases/latest | jq -r ".assets[] | select(.name | test(\"${pkg_arch}\")) | .browser_download_url") |
| 128 | + # Prerelease, so latest doesn't work yet |
| 129 | + #dl_url=$(curl -s https://api.github.com/repos/felicianotech/md-proofer/releases/latest | jq -r ".assets[] | select(.name | test(\"${pkg_arch}\")) | .browser_download_url") |
| 130 | + dl_url='https://github.com/felicianotech/md-proofer/releases/download/v0.2.0/md-proofer--v0.2.0--linux-amd64.tar.gz' |
30 | 131 | wget ${dl_url} |
31 | | - unzip tflint_linux_amd64.zip |
32 | | - mkdir -p /usr/local/tflint/bin |
33 | | - # Setup PATH for later run steps - ONLY for Bash and not in Bash |
34 | | - #echo 'export PATH=/usr/local/tflint/bin:$PATH' >> $BASH_ENV |
35 | | - echo "Installing tflint..." |
36 | | - install tflint /usr/local/tflint/bin |
37 | | - echo "Configuring tflint..." |
38 | | - tf_ver=$(terraform version | awk 'FNR <= 1' | cut -dv -f2) |
39 | | - echo -e "\tConfig for terraform version: ${tf_ver}" |
40 | | - if [ -f '.tflint.hcl' ]; then |
41 | | - sed -i "/terraform_version =/s/\".*\"/\"${tf_ver}\"/" .tflint.hcl |
42 | | - else |
43 | | - { |
44 | | - echo -e "config {\nterraform_version = \"${tf_ver}\"\ndeep_check = true\nignore_module = {" |
45 | | - for module in $(grep -h '[^a-zA-Z]source[ =]' *.tf | sed -r 's/.*=\s+//' | sort -u); do |
46 | | - echo "${module} = true" |
47 | | - done |
48 | | - echo "}}" |
49 | | - } > .tflint.hcl |
50 | | - fi |
51 | | - echo "tflint configuration:" |
52 | | - cat .tflint.hcl |
| 132 | + tar xzf md-proofer--v0.2.0--linux-amd64.tar.gz |
53 | 133 | - run: |
54 | | - # Not supporting modules from registry ?? v0.5.4 |
55 | | - # For now, must ignore in config file |
56 | | - name: "Check: tflint" |
| 134 | + name: "Check: markdown proofer" |
57 | 135 | command: | |
58 | | - #echo "Initializing terraform..." |
59 | | - #terraform init -input=false |
60 | | - echo "Running tflint..." |
61 | | - /usr/local/tflint/bin/tflint --version |
62 | | - /usr/local/tflint/bin/tflint |
| 136 | + ./md-proofer version |
| 137 | + #./md-proofer lint --help |
| 138 | + # Will this find all *.md in directory structure or need to run in each directory ? |
| 139 | + if ./md-proofer lint ./; then |
| 140 | + echo "md-proofer passed" |
| 141 | + else |
| 142 | + echo "md-proofer failed" |
| 143 | + fi |
| 144 | + ### |
| 145 | + ### Terraform testing |
| 146 | + ### |
| 147 | + terraform_0_11_3: |
| 148 | + docker: |
| 149 | + - image: hashicorp/terraform:0.11.3 |
| 150 | + entrypoint: /bin/sh |
| 151 | + <<: *steps_terraform_static_analysis |
| 152 | + |
| 153 | + terraform_0_11_7: |
| 154 | + docker: |
| 155 | + - image: hashicorp/terraform:0.11.7 |
| 156 | + entrypoint: /bin/sh |
| 157 | + <<: *steps_terraform_static_analysis |
| 158 | + |
| 159 | + terraform_latest: |
| 160 | + docker: |
| 161 | + - image: hashicorp/terraform:latest |
| 162 | + entrypoint: /bin/sh |
| 163 | + <<: *steps_terraform_static_analysis |
63 | 164 |
|
64 | 165 | workflows: |
65 | 166 | version: 2 |
66 | | - build: |
| 167 | + terraform_testing: |
67 | 168 | jobs: |
68 | | - - build |
| 169 | + - markdown_lint_node |
| 170 | + - markdown_lint_ruby |
| 171 | + # Currently doesn't do anything that markdownlint node doesn't do |
| 172 | + #- markdown_proofer |
| 173 | + - terraform_0_11_3 |
| 174 | + - terraform_0_11_7 |
| 175 | + - terraform_latest |
0 commit comments