diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 49ca66c8..00000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,13 +0,0 @@ -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "weekly" - # Dependabot only updates hashicorp GHAs, external GHAs are managed by internal tooling (tsccr) - - package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: "daily" - allow: - - dependency-name: "hashicorp/*" diff --git a/.github/workflows/ci-changie.yml b/.github/workflows/ci-changie.yml deleted file mode 100644 index a59f1992..00000000 --- a/.github/workflows/ci-changie.yml +++ /dev/null @@ -1,23 +0,0 @@ -# Continuous integration handling for changie -name: ci-changie - -on: - pull_request: - paths: - - .changes/unreleased/*.yaml - - .changie.yaml - - .github/workflows/ci-changie.yml - -permissions: - contents: read - -jobs: - check: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0 - with: - version: latest - args: batch patch --dry-run - diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml deleted file mode 100644 index f745aa05..00000000 --- a/.github/workflows/compliance.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: compliance - -on: - pull_request: - -permissions: - contents: read - -jobs: - # Reference: ENGSRV-059 - copywrite: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: hashicorp/setup-copywrite@32638da2d4e81d56a0764aa1547882fc4d209636 # v1.1.3 - - run: copywrite headers --plan - - run: copywrite license --plan \ No newline at end of file diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml deleted file mode 100644 index e5198d9c..00000000 --- a/.github/workflows/continuous-integration.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: 'Continuous Integration' - -on: - push: - branches: - - main - pull_request: - -jobs: - check-dist: - name: Check dist/ directory - uses: actions/reusable-workflows/.github/workflows/check-dist.yml@a8533f184b279cfc1b2dd6a96ed2f097ccf81189 - with: - node-version: 20.x - node-caching: npm - - test: - name: Test - uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@a8533f184b279cfc1b2dd6a96ed2f097ccf81189 - with: - node-version: 20.x - node-caching: npm diff --git a/.github/workflows/data/failure/main.tf b/.github/workflows/data/failure/main.tf new file mode 100644 index 00000000..700d8a3a --- /dev/null +++ b/.github/workflows/data/failure/main.tf @@ -0,0 +1,7 @@ +resource "random_pet" "pet" { + 1bad_key = "" +} + +output "pet" { + value = random_pet.pet.id +} diff --git a/.github/workflows/issue-comment-triage.yml b/.github/workflows/issue-comment-triage.yml deleted file mode 100644 index 00017cdf..00000000 --- a/.github/workflows/issue-comment-triage.yml +++ /dev/null @@ -1,21 +0,0 @@ -# DO NOT EDIT - This GitHub Workflow is managed by automation -# https://github.com/hashicorp/terraform-devex-repos -name: Issue Comment Triage - -on: - issue_comment: - types: [created] - -jobs: - issue_comment_triage: - runs-on: ubuntu-latest - env: - # issue_comment events are triggered by comments on issues and pull requests. Checking the - # value of github.event.issue.pull_request tells us whether the issue is an issue or is - # actually a pull request, allowing us to dynamically set the gh subcommand: - # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#issue_comment-on-issues-only-or-pull-requests-only - COMMAND: ${{ github.event.issue.pull_request && 'pr' || 'issue' }} - GH_TOKEN: ${{ github.token }} - steps: - - name: 'Remove waiting-response on comment' - run: gh ${{ env.COMMAND }} edit ${{ github.event.issue.html_url }} --remove-label waiting-response diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml deleted file mode 100644 index 34df733b..00000000 --- a/.github/workflows/lock.yml +++ /dev/null @@ -1,21 +0,0 @@ -# DO NOT EDIT - This GitHub Workflow is managed by automation -# https://github.com/hashicorp/terraform-devex-repos -name: 'Lock Threads' - -on: - schedule: - - cron: '0 10 * * *' - -jobs: - lock: - runs-on: ubuntu-latest - steps: - # NOTE: When TSCCR updates the GitHub action version, update the template workflow file to avoid drift: - # https://github.com/hashicorp/terraform-devex-repos/blob/main/modules/repo/workflows/lock.tftpl - - uses: dessant/lock-threads@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 # v5.0.1 - with: - github-token: ${{ github.token }} - issue-inactive-days: '30' - issue-lock-reason: resolved - pr-inactive-days: '30' - pr-lock-reason: resolved diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 342ad022..00000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,134 +0,0 @@ -name: release - -on: - workflow_dispatch: - inputs: - versionNumber: - description: 'Release version number (v#.#.#)' - type: string - required: true - -permissions: - contents: read # Changelog commit operations use service account PAT - -jobs: - major-version: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.major-version.outputs.version }} - steps: - - id: major-version - run: echo "version=$(echo "${{ inputs.versionNumber }}" | cut -d. -f1)" >> "$GITHUB_OUTPUT" - - changelog-version: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.changelog-version.outputs.version }} - steps: - - id: changelog-version - run: echo "version=$(echo "${{ inputs.versionNumber }}" | cut -c 2-)" >> "$GITHUB_OUTPUT" - - changelog: - needs: changelog-version - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - fetch-depth: 0 - # Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations - # More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials - persist-credentials: false - - name: Batch changes - uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0 - with: - version: latest - args: batch ${{ needs.changelog-version.outputs.version }} - - name: Merge changes - uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0 - with: - version: latest - args: merge - - name: Git push changelog - run: | - git config --global user.name "${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}" - git config --global user.email "${{ vars.TF_DEVEX_CI_COMMIT_EMAIL }}" - git add . - git commit -a -m "Update changelog" - git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" - - update-package-version: - needs: changelog - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - fetch-depth: 0 - # Default input is the SHA that initially triggered the workflow. As we created a new commit in the previous job, - # to ensure we get the latest commit we use the ref for checkout: 'refs/heads/' - ref: ${{ github.ref }} - # Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations - # More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials - persist-credentials: false - - - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 - with: - node-version: 20 - - name: Update package version - run: npm version "${{ inputs.versionNumber }}" --git-tag-version false - - name: Git push - run: | - git config --global user.name "${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}" - git config --global user.email "${{ vars.TF_DEVEX_CI_COMMIT_EMAIL }}" - git add . - git commit -a -m "Update package version" - git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" - - release-tag: - needs: [ update-package-version, major-version ] - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - fetch-depth: 0 - # Default input is the SHA that initially triggered the workflow. As we created a new commit in the previous job, - # to ensure we get the latest commit we use the ref for checkout: 'refs/heads/' - ref: ${{ github.ref }} - # Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations - # More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials - persist-credentials: false - - - name: Git push release tag - run: | - git config --global user.name "${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}" - git config --global user.email "${{ vars.TF_DEVEX_CI_COMMIT_EMAIL }}" - - git tag "${{ inputs.versionNumber }}" - git tag -f "${{ needs.major-version.outputs.version }}" - git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" "${{ inputs.versionNumber }}" - git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" -f "${{ needs.major-version.outputs.version }}" - - release: - needs: [ changelog-version, release-tag ] - runs-on: ubuntu-latest - permissions: - contents: write # Needed to create GitHub release - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - ref: ${{ inputs.versionNumber }} - fetch-depth: 0 - - - name: Generate Release Notes - run: | - cd .changes - sed -e "1{/# /d;}" -e "2{/^$/d;}" ${{ needs.changelog-version.outputs.version }}.md > /tmp/release-notes.txt - - - name: GH Release - run: | - gh release create "${{ inputs.versionNumber }}" --notes-file /tmp/release-notes.txt --title "${{ inputs.versionNumber }}" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/setup-terraform.yml b/.github/workflows/setup-terraform.yml index 6b172cbf..0aa631c3 100644 --- a/.github/workflows/setup-terraform.yml +++ b/.github/workflows/setup-terraform.yml @@ -11,250 +11,16 @@ defaults: shell: bash jobs: - terraform-versions: - name: 'Terraform Versions' + terraform-run-local-failure: + name: 'Terraform Run Local Failures' runs-on: ${{ matrix.os }} strategy: matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - terraform-versions: [0.11.14, latest] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - ${{ matrix['terraform-versions'] }} - uses: ./ - with: - terraform_version: ${{ matrix['terraform-versions'] }} - - - name: Validate Teraform Version - ${{ matrix['terraform-versions'] }} - if: ${{ matrix['terraform-versions'] != 'latest' }} - run: terraform version | grep ${{ matrix['terraform-versions']}} - - - name: Validate Teraform Version - ${{ matrix['terraform-versions'] }} - if: ${{ matrix['terraform-versions'] == 'latest' }} - run: terraform version | grep 'Terraform v' - - terraform-versions-no-wrapper: - name: 'Terraform Versions No Wrapper' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - terraform-versions: [0.11.14, latest] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform (no wrapper) - ${{ matrix['terraform-versions'] }} - uses: ./ - with: - terraform_version: ${{ matrix['terraform-versions'] }} - terraform_wrapper: false - - - name: Validate Teraform Version - ${{ matrix['terraform-versions'] }} - if: ${{ matrix['terraform-versions'] != 'latest' }} - run: terraform version | grep ${{ matrix['terraform-versions']}} - - - name: Validate Teraform Version - ${{ matrix['terraform-versions'] }} - if: ${{ matrix['terraform-versions'] == 'latest' }} - run: terraform version | grep 'Terraform v' - - terraform-versions-constraints: - name: 'Terraform Versions Constraints' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - terraform-versions: [~0.12, 0.12.x, <0.13.0] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - ${{ matrix['terraform-versions'] }} - uses: ./ - with: - terraform_version: ${{ matrix['terraform-versions'] }} - - - name: Validate Teraform Version - ${{ matrix['terraform-versions'] }} - run: terraform version | grep 'Terraform v0\.12' - - terraform-versions-constraints-no-wrapper: - name: 'Terraform Versions Constraints No Wrapper' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - terraform-versions: [~0.12, 0.12.x, <0.13.0] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform (no wrapper) - ${{ matrix['terraform-versions'] }} - uses: ./ - with: - terraform_version: ${{ matrix['terraform-versions'] }} - terraform_wrapper: false - - - name: Validate Teraform Version - ${{ matrix['terraform-versions'] }} - run: terraform version | grep 'Terraform v0\.12' - - terraform-credentials-cloud: - name: 'HCP Terraform Credentials' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - env: - TF_CLOUD_API_TOKEN: 'XXXXXXXXXXXXXX.atlasv1.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - with: - cli_config_credentials_token: ${{ env.TF_CLOUD_API_TOKEN }} - - - name: Validate Terraform Credentials (Windows) - if: runner.os == 'Windows' - run: | - cat ${APPDATA}/terraform.rc | grep 'credentials "app.terraform.io"' - cat ${APPDATA}/terraform.rc | grep 'token = "${{ env.TF_CLOUD_API_TOKEN }}"' - - - name: Validate Teraform Credentials (Linux & macOS) - if: runner.os != 'Windows' - run: | - cat ${HOME}/.terraformrc | grep 'credentials "app.terraform.io"' - cat ${HOME}/.terraformrc | grep 'token = "${{ env.TF_CLOUD_API_TOKEN }}"' - - terraform-credentials-enterprise: - name: 'Terraform Enterprise Credentials' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - env: - TF_CLOUD_API_TOKEN: 'XXXXXXXXXXXXXX.atlasv1.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - with: - cli_config_credentials_hostname: 'terraform.example.com' - cli_config_credentials_token: ${{ env.TF_CLOUD_API_TOKEN }} - - - name: Validate Terraform Credentials (Windows) - if: runner.os == 'Windows' - run: | - cat ${APPDATA}/terraform.rc | grep 'credentials "terraform.example.com"' - cat ${APPDATA}/terraform.rc | grep 'token = "${{ env.TF_CLOUD_API_TOKEN }}"' - - - name: Validate Teraform Credentials (Linux & macOS) - if: runner.os != 'Windows' - run: | - cat ${HOME}/.terraformrc | grep 'credentials "terraform.example.com"' - cat ${HOME}/.terraformrc | grep 'token = "${{ env.TF_CLOUD_API_TOKEN }}"' - - terraform-credentials-none: - name: 'Terraform No Credentials' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - - - name: Validate Terraform Credentials (Windows) - if: runner.os == 'Windows' - run: | - [[ -f ${APPDATA}/terraform.rc ]] || exit 0 - - - name: Validate Teraform Credentials (Linux & macOS) - if: runner.os != 'Windows' - run: | - [[ -f ${HOME}/.terraformrc ]] || exit 0 - - terraform-arguments: - name: 'Terraform Arguments' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - - - name: Check No Arguments - run: terraform || exit 0 - - - name: Check Single Argument - run: terraform help || exit 0 - - - name: Check Single Argument Hyphen - run: terraform -help - - - name: Check Single Argument Double Hyphen - run: terraform --help - - - name: Check Single Argument Subcommand - run: terraform fmt -check - - - name: Check Multiple Arguments Subcommand - run: terraform fmt -check -list=true -no-color - - terraform-arguments-no-wrapper: - name: 'Terraform Arguments No Wrapper' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - with: - terraform_wrapper: false - - - name: Check No Arguments - run: terraform || exit 0 - - - name: Check Single Argument - run: terraform help || exit 0 - - - name: Check Single Argument Hyphen - run: terraform -help - - - name: Check Single Argument Double Hyphen - run: terraform --help - - - name: Check Single Argument Subcommand - run: terraform fmt -check - - - name: Check Multiple Arguments Subcommand - run: terraform fmt -check -list=true -no-color - - terraform-run-local: - name: 'Terraform Run Local' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] + os: [ubuntu-latest] defaults: run: shell: bash - working-directory: ./.github/workflows/data/local + working-directory: ./.github/workflows/data/failure steps: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 @@ -262,140 +28,22 @@ jobs: - name: Setup Terraform uses: ./ + # coerce initial command exit code into: + # 0 -> 5 + # anything else -> 10 - name: Terraform Init - run: terraform init + run: terraform init || $(exit 10) && $(exit 5) || [ $? -eq 10 ] - name: Terraform Format - run: terraform fmt -check + run: terraform fmt -check || $(exit 10) && $(exit 5) || [ $? -eq 5 ] - name: Terraform Plan id: plan - run: terraform plan + run: terraform plan --detailed-exitcode || $(exit 10) && $(exit 5) || [ $? -eq 10 ] + + - name: Terraform Plan2 + id: plan2 + run: terraform plan -no-color -detailed-exitcode || $(exit 10) && $(exit 5) || [ $? -eq 10 ] - name: Print Terraform Plan run: echo "${{ steps.plan.outputs.stdout }}" - - terraform-run-local-no-wrapper: - name: 'Terraform Run Local No Wrapper' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - defaults: - run: - shell: bash - working-directory: ./.github/workflows/data/local - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - with: - terraform_wrapper: false - - - name: Terraform Init - run: terraform init - - - name: Terraform Format - run: terraform fmt -check - - - name: Terraform Plan - id: plan - run: terraform plan - - terraform-stdout-wrapper: - name: 'Terraform STDOUT' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - defaults: - run: - shell: bash - working-directory: ./.github/workflows/data/local - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - with: - terraform_wrapper: true - - - name: Terraform Init - run: terraform init - - - name: Terraform Format - run: terraform fmt -check - - - name: Terraform Apply - id: apply - run: terraform apply -auto-approve - - - name: Terraform Output to JQ - id: output - run: terraform output -json | jq '.pet.value' - - terraform-stdout-no-wrapper: - name: 'Terraform STDOUT No Wrapper' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - defaults: - run: - shell: bash - working-directory: ./.github/workflows/data/local - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - with: - terraform_wrapper: false - - - name: Terraform Init - run: terraform init - - - name: Terraform Format - run: terraform fmt -check - - - name: Terraform Apply - id: apply - run: terraform apply -auto-approve - - - name: Terraform Output to JQ - id: output - run: terraform output -json | jq '.pet.value' - - # This test has an artificial delay for testing the streaming of STDOUT - terraform-wrapper-delayed-apply: - name: 'Terraform Delayed Apply' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - defaults: - run: - shell: bash - working-directory: ./.github/workflows/data/delay - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Setup Terraform - uses: ./ - with: - terraform_wrapper: true - - - name: Terraform Init - run: terraform init - - - name: Terraform Format - run: terraform fmt -check - - - name: Terraform Apply - id: apply - run: terraform apply -auto-approve diff --git a/dist/index1.js b/dist/index1.js index c6f4bdd3..68f3bf00 100755 --- a/dist/index1.js +++ b/dist/index1.js @@ -27967,13 +27967,14 @@ async function checkTerraform () { silent: true // avoid printing command in stdout: https://github.com/actions/toolkit/issues/649 }; const exitCode = await exec(pathToCLI, args, options); + const usingDetailedExitcode = args.filter(arg => arg.toLowerCase().endsWith('-detailed-exitcode')) // Set outputs, result, exitcode, and stderr core.setOutput('stdout', stdout.contents); core.setOutput('stderr', stderr.contents); core.setOutput('exitcode', exitCode.toString(10)); - if (exitCode === 0 || exitCode === 2) { + if (exitCode === 0 || (exitCode === 2 && usingDetailedExitcode)) { // A exitCode of 0 is considered a success // An exitCode of 2 may be returned when the '-detailed-exitcode' option // is passed to plan. This denotes Success with non-empty diff --git a/wrapper/terraform.js b/wrapper/terraform.js index 7350dc45..1970bed2 100755 --- a/wrapper/terraform.js +++ b/wrapper/terraform.js @@ -36,14 +36,16 @@ async function checkTerraform () { ignoreReturnCode: true, silent: true // avoid printing command in stdout: https://github.com/actions/toolkit/issues/649 }; + core.info(args); const exitCode = await exec(pathToCLI, args, options); + const usingDetailedExitcode = args.filter(arg => arg.toLowerCase().endsWith('-detailed-exitcode')) // Set outputs, result, exitcode, and stderr core.setOutput('stdout', stdout.contents); core.setOutput('stderr', stderr.contents); core.setOutput('exitcode', exitCode.toString(10)); - if (exitCode === 0 || exitCode === 2) { + if (exitCode === 0 || (exitCode === 2 && false)) { // A exitCode of 0 is considered a success // An exitCode of 2 may be returned when the '-detailed-exitcode' option // is passed to plan. This denotes Success with non-empty