Merge pull request #4 from getindata/feat/add-tf-pre-commit-workflow

feat: Add Terraform pre commit validation workflow

Author: kacpermuda

.github/workflows/gh-create-release.yml

@@ -43,7 +43,7 @@ jobs:
         if: ${{ steps.bump-semver.outputs.new_version != null }}
         with:
           token: "${{ secrets.GITHUB_TOKEN }}"
-          exclude: '^meta|^docs|^document|^lint|^ci|^refactor|readme|workflow|bump|dependencies|yml|^v?\d+\.\d+\.\d+'
+          exclude: '^meta|^docs|^document|^lint|^ci|^refactor|readme|bump|dependencies|^v?\d+\.\d+\.\d+'
           tag: "${{ steps.bump-semver.outputs.new_version }}"
           title: "Version ${{ steps.bump-semver.outputs.new_version }}"
           commit-template: "- {title} ← {hash}"

.github/workflows/tf-pre-commit.yml

@@ -0,0 +1,85 @@
+name: Terraform Pre-Commit
+
+on:
+  workflow_call:
+    inputs:
+      terraform-docs-version:
+        type: string
+        required: false
+        default: v0.16.0
+      tflint-version:
+        type: string
+        required: false
+        default: v0.48.0
+
+jobs:
+  collectInputs:
+    name: Collect workflow inputs
+    runs-on: ubuntu-latest
+    outputs:
+      directories: ${{ steps.dirs.outputs.directories }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Get root directories
+        id: dirs
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+
+  preCommitMinVersions:
+    name: Min TF pre-commit
+    needs: collectInputs
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        directory: ${{ fromJson(needs.collectInputs.outputs.directories) }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Terraform min/max versions
+        id: minMax
+        uses: clowdhaus/[email protected]
+        with:
+          directory: ${{ matrix.directory }}
+
+      - name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
+        # Run only validate pre-commit check on min version supported
+        if: ${{ matrix.directory !=  '.' }}
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+        with:
+          terraform-version: ${{ steps.minMax.outputs.minVersion }}
+          args: 'terraform-validate --color=always --show-diff-on-failure --files ${{ matrix.directory }}/*'
+
+      - name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
+        # Run only validate pre-commit check on min version supported
+        if: ${{ matrix.directory ==  '.' }}
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+        with:
+          terraform-version: ${{ steps.minMax.outputs.minVersion }}
+          args: 'terraform-validate --color=always --show-diff-on-failure --files $(ls *.tf)'
+
+  preCommitMaxVersion:
+    name: Max TF pre-commit
+    runs-on: ubuntu-latest
+    needs: collectInputs
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+
+      - name: Terraform min/max versions
+        id: minMax
+        uses: clowdhaus/[email protected]
+
+        # Step required as tflint pre-commit hook requires module to be initialised
+      - run: terraform init
+
+      - name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }}
+        uses: clowdhaus/terraform-composite-actions/[email protected]
+        with:
+          terraform-version: ${{ steps.minMax.outputs.maxVersion }}
+          terraform-docs-version: ${{ inputs.terraform-docs-version }}
+          tflint-version: ${{ inputs.tflint-version }}