feat: add skip-fmt config option (#275)

Add a new `skip-fmt` option that allows a user to skip the `terraform fmt` check. This option will default to `false`.
cds-snc · Dec 7, 2023 · b84f6e8 · b84f6e8
1 parent 308a30c
commit b84f6e8
Show file tree

Hide file tree

Showing 11 changed files with 252 additions and 6 deletions.
diff --git a/.github/workflows/pr-test.yaml b/.github/workflows/pr-test.yaml
@@ -1,6 +1,14 @@
 name: Test action
 on: pull_request
 
+env:
+ AWS_REGION: ca-central-1
+
+permissions:
+ id-token: write
+ pull-requests: write
+ contents: read
+
 jobs:
  terraform-plan:
  runs-on: ubuntu-latest
@@ -20,7 +28,10 @@ jobs:
  allow-failure: true
  - test: skip-conftest
  allow-failure: false
- skip-conftest: true 
+ skip-conftest: true
+ - test: skip-fmt
+ allow-failure: false
+ skip-fmt: true 
  - test: skip-plan
  allow-failure: false
  skip-plan: true
@@ -43,10 +54,14 @@ jobs:
  && chmod +x tf-summarize \
  && mv tf-summarize /usr/local/bin
 
+ - name: Configure AWS credentials using OIDC
+ uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
+ with:
+ role-to-assume: arn:aws:iam::124044056575:role/terraform-plan-plan
+ role-session-name: TFPlan
+ aws-region: ${{ env.AWS_REGION }}
+
  - name: Test ${{ matrix.test }}
- env:
- AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
- AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
  uses: ./
  with:
  directory: test/${{ matrix.test }}
@@ -55,6 +70,7 @@ jobs:
  comment-delete: true
  github-token: ${{ secrets.GITHUB_TOKEN }}
  skip-conftest: ${{ matrix.skip-conftest || 'false' }}
+ skip-fmt: ${{ matrix.skip-fmt || 'false' }}
  skip-plan: ${{ matrix.skip-plan || 'false' }}
 
  test-action-comments:
@@ -91,7 +107,11 @@ jobs:
  },{
  exist: false,
  title: /Test skip-conftest/g,
- state: /Conftest:\*\*/gm 
+ state: /Conftest:\*\*/gm
+ },{
+ exist: true,
+ title: /Test skip-fmt/g,
+ state: /Terraform Validate:\*\* `success`\n\*\*✅ &nbsp; Terraform Plan/gm 
  },{
  exist: true,
  title: /Test skip-plan/g,

diff --git a/README.md b/README.md
@@ -26,6 +26,7 @@ Use the following to control the action:
 | `terraform-init` | Custom Terraform init args | |
 | `terragrunt` | Use Terragrunt instead of Terraform | false |
 | `skip-conftest` | Skip the Conftest step | false |
+| `skip-fmt` | Skip the Terraform format check | false |
 | `skip-plan` | Skip the Terraform plan for projects without a remote state | false |
 
 

diff --git a/action.yaml b/action.yaml
@@ -51,6 +51,10 @@ inputs:
  description: 'Skip the conftest step'
  required: false
  default: 'false'
+ skip-fmt:
+ description: 'Skip the terraform fmt check'
+ required: false
+ default: 'false' 
  skip-plan:
  description: 'Skip the planning step, used for repos that do not specifically have a remote backend'
  required: false

diff --git a/dist/index.js b/dist/index.js
@@ -38005,6 +38005,7 @@ const action = async () => {
  const isComment = core.getBooleanInput("comment");
  const isCommentDelete = core.getBooleanInput("comment-delete");
  const isTerragrunt = core.getBooleanInput("terragrunt");
+ const skipFormat = core.getBooleanInput("skip-fmt");
  const skipPlan = core.getBooleanInput("skip-plan");
  const skipConftest = core.getBooleanInput("skip-conftest");
 
@@ -38093,6 +38094,11 @@ const action = async () => {
  }
  }
 
+ if (skipFormat && command.key === "fmt") {
+ results[command.key] = { isSuccess: true, output: "" };
+ continue;
+ }
+
  if (skipConftest && command.key === "conftest") {
  results[command.key] = { isSuccess: true, output: "" };
  continue;
@@ -38139,6 +38145,7 @@ const action = async () => {
  changes,
  planLimit,
  conftestLimit,
+ skipFormat,
  skipPlan,
  skipConftest,
  );
@@ -38223,7 +38230,9 @@ const nunjucks = __nccwpck_require__(7006);
 const commentTemplate = `## {{ title }}
 **{{ "✅" if results.init.isSuccess else "❌" }} &nbsp; Terraform Init:** \`{{ "success" if results.init.isSuccess else "failed" }}\`
 **{{ "✅" if results.validate.isSuccess else "❌" }} &nbsp; Terraform Validate:** \`{{ "success" if results.validate.isSuccess else "failed" }}\`
+{% if not skipFormat -%}
 **{{ "✅" if results.fmt.isSuccess else "❌" }} &nbsp; Terraform Format:** \`{{ "success" if results.fmt.isSuccess else "failed" }}\`
+{% endif -%}
 {% if not skipPlan -%}
 **{{ "✅" if results.plan.isSuccess else "❌" }} &nbsp; Terraform Plan:** \`{{ "success" if results.plan.isSuccess else "failed" }}\`
 {% if not skipConftest -%}
@@ -38315,6 +38324,7 @@ Plan: {{ changes.resources.create }} to add, {{ changes.resources.update }} to c
  * @param {Object} changes Resource and output changes for the plan
  * @param {number} planLimit the number of characters to render
  * @param {number} conftestPlanLimit the nubmer of characters to render
+ * @param {boolean} skipFormat Skip runnting terraform fmt check
  * @param {boolean} skipPlan Skip the rendering of the plan output
  */
 const addComment = async (
@@ -38325,6 +38335,7 @@ const addComment = async (
  changes,
  planLimit,
  conftestLimit,
+ skipFormat,
  skipPlan,
  skipConftest,
 ) => {
@@ -38338,6 +38349,7 @@ const addComment = async (
  title: title,
  planLimit: planLimit,
  conftestLimit: conftestLimit,
+ skipFormat: skipFormat,
  skipPlan: skipPlan,
  skipConftest: skipConftest,
  runLink: `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`,

diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/src/action.js b/src/action.js
@@ -23,6 +23,7 @@ const action = async () => {
  const isComment = core.getBooleanInput("comment");
  const isCommentDelete = core.getBooleanInput("comment-delete");
  const isTerragrunt = core.getBooleanInput("terragrunt");
+ const skipFormat = core.getBooleanInput("skip-fmt");
  const skipPlan = core.getBooleanInput("skip-plan");
  const skipConftest = core.getBooleanInput("skip-conftest");
 
@@ -111,6 +112,11 @@ const action = async () => {
  }
  }
 
+ if (skipFormat && command.key === "fmt") {
+ results[command.key] = { isSuccess: true, output: "" };
+ continue;
+ }
+
  if (skipConftest && command.key === "conftest") {
  results[command.key] = { isSuccess: true, output: "" };
  continue;
@@ -157,6 +163,7 @@ const action = async () => {
  changes,
  planLimit,
  conftestLimit,
+ skipFormat,
  skipPlan,
  skipConftest,
  );

diff --git a/src/github.js b/src/github.js
@@ -4,7 +4,9 @@ const nunjucks = require("nunjucks");
 const commentTemplate = `## {{ title }}
 **{{ "✅" if results.init.isSuccess else "❌" }} &nbsp; Terraform Init:** \`{{ "success" if results.init.isSuccess else "failed" }}\`
 **{{ "✅" if results.validate.isSuccess else "❌" }} &nbsp; Terraform Validate:** \`{{ "success" if results.validate.isSuccess else "failed" }}\`
+{% if not skipFormat -%}
 **{{ "✅" if results.fmt.isSuccess else "❌" }} &nbsp; Terraform Format:** \`{{ "success" if results.fmt.isSuccess else "failed" }}\`
+{% endif -%}
 {% if not skipPlan -%}
 **{{ "✅" if results.plan.isSuccess else "❌" }} &nbsp; Terraform Plan:** \`{{ "success" if results.plan.isSuccess else "failed" }}\`
 {% if not skipConftest -%}
@@ -96,6 +98,7 @@ Plan: {{ changes.resources.create }} to add, {{ changes.resources.update }} to c
  * @param {Object} changes Resource and output changes for the plan
  * @param {number} planLimit the number of characters to render
  * @param {number} conftestPlanLimit the nubmer of characters to render
+ * @param {boolean} skipFormat Skip runnting terraform fmt check
  * @param {boolean} skipPlan Skip the rendering of the plan output
  */
 const addComment = async (
@@ -106,6 +109,7 @@ const addComment = async (
  changes,
  planLimit,
  conftestLimit,
+ skipFormat,
  skipPlan,
  skipConftest,
 ) => {
@@ -119,6 +123,7 @@ const addComment = async (
  title: title,
  planLimit: planLimit,
  conftestLimit: conftestLimit,
+ skipFormat: skipFormat,
  skipPlan: skipPlan,
  skipConftest: skipConftest,
  runLink: `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`,

diff --git a/test/action.test.js b/test/action.test.js
@@ -230,6 +230,7 @@ describe("action", () => {
  .calledWith("comment-title")
  .mockReturnValue("raspberries");
  when(core.getInput).calledWith("github-token").mockReturnValue("mellow");
+ when(core.getBooleanInput).calledWith("skip-fmt").mockReturnValue(false);
  when(core.getBooleanInput).calledWith("skip-plan").mockReturnValue(false);
  github.getOctokit.mockReturnValue("octokit");
  github.context = "context";
@@ -257,6 +258,7 @@ describe("action", () => {
  30000,
  2000,
  false,
+ false,
  ]);
  });
 
@@ -348,6 +350,7 @@ conftest test plan.json --no-color --update git::https://github.com/cds-snc/opa_
  .calledWith("comment-title")
  .mockReturnValue("raspberries");
  when(core.getInput).calledWith("github-token").mockReturnValue("mellow");
+ when(core.getBooleanInput).calledWith("skip-fmt").mockReturnValue(false);
  when(core.getBooleanInput).calledWith("skip-plan").mockReturnValue(true);
  github.getOctokit.mockReturnValue("octokit");
  github.context = "context";
@@ -373,6 +376,7 @@ conftest test plan.json --no-color --update git::https://github.com/cds-snc/opa_
  {},
  30000,
  2000,
+ false,
  true,
  ]);
  });

diff --git a/test/github.test.js b/test/github.test.js
@@ -304,6 +304,7 @@ Hello there
  {},
  1000,
  1000,
+ false,
  true,
  );
  expect(octomock.rest.issues.createComment.mock.calls.length).toBe(1);
@@ -315,6 +316,84 @@ Hello there
  });
  });
 
+ test("don't render format results if skip-fmt is true", async () => {
+ const results = {
+ init: { isSuccess: true, output: "" },
+ validate: { isSuccess: true, output: "" },
+ fmt: { isSuccess: true, output: "" },
+ plan: { isSuccess: true, output: "< Hello there >" },
+ summary: { isSuccess: true, output: "" },
+ conftest: { isSuccess: true, output: "< General Kenobi >" },
+ };
+ const changes = {
+ isChanges: true,
+ isDeletes: true,
+ resources: {
+ update: 0,
+ delete: 0,
+ create: 1,
+ },
+ };
+ const comment = `## Foobar
+**✅ &nbsp; Terraform Init:** \`success\`
+**✅ &nbsp; Terraform Validate:** \`success\`
+**✅ &nbsp; Terraform Plan:** \`success\`
+**✅ &nbsp; Conftest:** \`success\` 
+
+**⚠️ &nbsp; Warning:** resources will be destroyed by this change!
+\`\`\`terraform
+Plan: 1 to add, 0 to change, 0 to destroy
+\`\`\`
+
+<details>
+<summary>Show summary</summary>
+
+
+
+</details>
+
+
+<details>
+<summary>Show plan</summary>
+
+\`\`\`terraform
+< Hello there >
+\`\`\`
+
+</details>
+
+<details>
+<summary>Show Conftest results</summary>
+
+\`\`\`sh
+< General Kenobi >
+\`\`\`
+
+</details>
+`;
+
+ await addComment(
+ octomock,
+ context,
+ "Foobar",
+ results,
+ changes,
+ 10000,
+ 10000,
+ true,
+ false,
+ );
+ expect(octomock.rest.issues.createComment.mock.calls.length).toBe(1);
+ expect(octomock.rest.issues.createComment.mock.calls[0]).toEqual([
+ {
+ owner: "foo",
+ repo: "bar",
+ issue_number: 42,
+ body: comment,
+ },
+ ]);
+ });
+
  test("add a truncated plan comment", async () => {
  const results = {
  init: { isSuccess: true, output: "" },
@@ -382,6 +461,7 @@ Plan: 1 to add, 0 to change, 0 to destroy
  10,
  10000,
  false,
+ false,
  );
  expect(octomock.rest.issues.createComment.mock.calls.length).toBe(1);
  expect(octomock.rest.issues.createComment.mock.calls[0]).toEqual([

diff --git a/test/skip-fmt/skip-fmt.tf b/test/skip-fmt/skip-fmt.tf
@@ -0,0 +1,17 @@
+terraform {
+required_providers {
+test = {
+source = "hashicorp/random"
+version = "~> 3.5.0"
+}
+}
+required_version = ">= 1.0.0"
+}
+
+resource "random_id" "id" {
+byte_length = 8
+}
+
+output "id" {
+value = random_id.id.hex
+}