New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Get docker image running in github action #655
Comments
Are you sure that it's the Would you please try and run Probably related: actions/runner#3000 |
Because to check bash hooks you need different hooks and deps than we provide in this repo. |
btw, if that will help you, that's what I use as GHA in my infraname: Common issues check
on: [pull_request]
env:
# Prevent GH API rate-limit issue
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
jobs:
pre-commit:
runs-on: [self-hosted]
container: python:3.12-slim@sha256:36d57d7f9948fefe7b6092cfe8567da368033e71ba281b11bb9eeffce3d45bc6
steps:
- name: Install container pre-requirements
run: |
apt update
apt install -y \
git \
curl \
unzip \
jq \
shellcheck \
nodejs # Needed for Terraform installation
curl -L https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 > /usr/bin/yq &&\
chmod +x /usr/bin/yq
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ github.base_ref }}
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- run: |
git config --global --add safe.directory /__w/infrastructure/infrastructure
git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/*
- name: Get changed files
id: file_changes
run: |
export DIFF=$(git diff --name-only origin/${{ github.base_ref }} ${{ github.sha }})
echo "Diff between ${{ github.base_ref }} and ${{ github.sha }}"
echo "files=$( echo "$DIFF" | xargs echo )" >> $GITHUB_OUTPUT
- name: TFLint cache plugin dir
uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1
with:
path: ~/.tflint.d/plugins
key: ubuntu-latest-tflint-${{ hashFiles('.tflint.hcl') }}
- name: Setup TFLint
uses: terraform-linters/setup-tflint@19a52fbac37dacb22a09518e4ef6ee234f2d4987 # v4.0.0
with:
github_token: "${{ secrets.GITHUB_TOKEN }}"
- name: Init TFLint
run: tflint --init
- name: Setup Terraform docs
env:
# renovate: datasource=github-releases depName=terraform-docs lookupName=terraform-docs/terraform-docs
TERRAFORM_DOCS_VERSION: '0.17.0'
run: |
curl -L https://github.com/terraform-docs/terraform-docs/releases/download/v${TERRAFORM_DOCS_VERSION}/terraform-docs-v${TERRAFORM_DOCS_VERSION}-linux-amd64.tar.gz > terraform-docs.tgz \
&& tar -xzf terraform-docs.tgz terraform-docs && rm terraform-docs.tgz \
&& chmod +x terraform-docs && mv terraform-docs /usr/bin/
- name: Setup tfupdate
env:
# renovate: datasource=github-releases depName=tfupdate lookupName=minamijoyo/tfupdate
TFUPDATE_VERSION: '0.8.1'
run: |
curl -L https://github.com/minamijoyo/tfupdate/releases/download/v${TFUPDATE_VERSION}/tfupdate_${TFUPDATE_VERSION}_linux_amd64.tar.gz > tfupdate.tgz \
&& tar -xzf tfupdate.tgz tfupdate && rm tfupdate.tgz \
&& chmod +x tfupdate && mv tfupdate /usr/bin/
- name: Install shfmt
env:
# renovate: datasource=github-releases depName=shfmt lookupName=mvdan/sh
SHFMT_VERSION: '3.8.0'
run: |
curl -L https://github.com/mvdan/sh/releases/download/v${SHFMT_VERSION}/shfmt_v${SHFMT_VERSION}_linux_amd64 > shfmt \
&& chmod +x shfmt && mv shfmt /usr/bin/
- uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
with:
terraform_version: 1.5.4
- name: Setup OPA
uses: open-policy-agent/setup-opa@34a30e8a924d1b03ce2cf7abe97250bbb1f332b5 # v2.2.0
with:
version: latest
# Need to success pre-commit fix push
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.ref }}
# Need to trigger pre-commit workflow on autofix commit
# Guide: https://web.archive.org/web/20210731173012/https://github.community/t/required-check-is-expected-after-automated-push/187545/
ssh-key: "${{ secrets.GHA_AUTOFIX_COMMIT_KEY }}"
- name: Execute pre-commit
uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1
timeout-minutes: 30
env:
SKIP: no-commit-to-branch,manual-apply-warning
with:
extra_args: --color=always --show-diff-on-failure --files ${{ steps.file_changes.outputs.files }}
# Need to trigger pre-commit workflow on autofix commit.
- name: Push fixes
if: failure()
uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
with:
# Determines the way the action fills missing author name and email. Three options are available:
# - github_actor -> UserName <[email protected]>
# - user_info -> Your Display Name <[email protected]>
# - github_actions -> github-actions <email associated with the github logo>
# Default: github_actor
default_author: github_actor
# The message for the commit.
# Default: 'Commit from GitHub Actions (name of the workflow)'
message: '[pre-commit] Autofix violations' |
I've seen your approach, but these bloats up the gha action for every tool, which is not self-installed via pre-commit. (Which should be solved via the docker image) |
I've changed the workflow to call
Error:
Will try to check if git binary is available. |
Workflow step added with these debug steps:
result:
|
the fix is to run this, before running pre-commit
final workflow ( basically rebuilding pre-commit action without input parameter ) name: pre-commit
on:
pull_request:
push:
branches: [main]
jobs:
pre-commit:
runs-on: ubuntu-latest
container:
image: ghcr.io/antonbabenko/pre-commit-terraform:v1.88.4
steps:
- uses: actions/checkout@v4
- name: fix tar dependency
shell: bash
run: |
apk --no-cache add tar
# check python modules installed versions
python -m pip freeze --local
- uses: actions/cache@v4
with:
path: ~/.cache/pre-commit
key: pre-commit-3|${{ hashFiles('.pre-commit-config.yaml') }}
- shell: bash
run: |
pre-commit --version
git config --global --add safe.directory $GITHUB_WORKSPACE
pre-commit run --show-diff-on-failure --color=always || cat $HOME/.cache/pre-commit/pre-commit.log
Suggestion: |
Good point. Would you be up to contribute via PR please? |
Yeah, Also, It's not very useful just to get information that something is wrong, especially if it can be fixed automatically. |
Describe the bug
We are trying to run pre-commit/action within github action.
To make sure dependencies are installed we use the managed docker image in the github action.
Despite other pre-commit hooks, pre-commit-terraform doesn't take care of tool installation (probably due to multiple tool approach)
But we get errors runing pre-commit inside this image.
Snippet from the github action logs
Why don't you use the docker image within your gha workflow? https://github.com/antonbabenko/pre-commit-terraform/blob/master/.github/workflows/pre-commit.yaml
How can we reproduce it?
our workflow looks like this.
We added the uid:gid to make sure permissions are aligned with github actions, but this makes no difference.
Environment information
Current runner version: '2.315.0'
docker info
:command output
Docker image tag/git commit:
Digest: sha256:802440d81ee1409184dbc91425319814c42495e04f41e95f9f47c18724533284
ghcr.io/antonbabenko/pre-commit-terraform:latest
Tools versions. Don't forget to specify right tag in command -
TAG=latest && docker run --entrypoint cat pre-commit:$TAG /usr/bin/tools_versions_info
.pre-commit-config.yaml
:file content
The text was updated successfully, but these errors were encountered: