Skip to content

[Enhancement]: Check for duplicate keys in IAM policy JSON arguments #11178

[Enhancement]: Check for duplicate keys in IAM policy JSON arguments

[Enhancement]: Check for duplicate keys in IAM policy JSON arguments #11178

Workflow file for this run

name: Examples Checks
on:
push:
branches:
- main
pull_request:
paths:
- .github/workflows/examples.yml
- .ci/.tflint.hcl
- .ci/tools/go.mod
- examples/**
- go.mod
env:
AWS_DEFAULT_REGION: us-west-2
jobs:
tflint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
fetch-depth: 0
- uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }}
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: go.mod
- name: install tflint
run: cd .ci/tools && go install github.com/terraform-linters/tflint
- uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
name: Cache plugin dir
with:
path: ~/.tflint.d/plugins
key: ${{ runner.os }}-tflint-${{ hashFiles('.ci/.tflint.hcl') }}
- run: tflint --config .ci/.tflint.hcl --init
- name: tflint
run: |
exit_code=0
TFLINT_CONFIG="$(pwd -P)/.ci/.tflint.hcl"
for DIR in $(find ./examples -type f -name '*.tf' -exec dirname {} \; | sort -u); do
pushd "$DIR"
tflint --config="$TFLINT_CONFIG" \
--enable-rule=terraform_comment_syntax \
--enable-rule=terraform_deprecated_index \
--enable-rule=terraform_deprecated_interpolation \
--enable-rule=terraform_required_version \
--disable-rule=terraform_required_providers \
--disable-rule=terraform_typed_variables \
|| exit_code=1
popd
done
exit $exit_code
validate-terraform:
runs-on: [custom, linux, large]
strategy:
fail-fast: false
matrix:
terraform_version: ["0.12.31", "1.0.6"]
env:
TF_IN_AUTOMATION: "1"
steps:
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
fetch-depth: 0
- uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }}
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: go.mod
- name: go build
run: go build -o terraform-plugin-dir/terraform-provider-aws_v99.99.99_x5 .
- name: override plugin
run: |
# For Terraform v0.12
mkdir -p ~/.terraform.d/plugins
cp terraform-plugin-dir/terraform-provider-aws_v99.99.99_x5 ~/.terraform.d/plugins
# For newer versions
mkdir -p ~/.terraform.d/plugins/registry.terraform.io/hashicorp/aws/99.99.99/"$(go env GOOS)"_"$(go env GOARCH)"/
cp terraform-plugin-dir/terraform-provider-aws_v99.99.99_x5 ~/.terraform.d/plugins/registry.terraform.io/hashicorp/aws/99.99.99/"$(go env GOOS)"_"$(go env GOARCH)"/
- uses: hashicorp/setup-terraform@633666f66e0061ca3b725c73b2ec20cd13a8fdd1
with:
terraform_version: ${{ matrix.terraform_version }}
# Needed to use the output of `terraform validate -json`
terraform_wrapper: false
- name: terraform
run: |
for DIR in $(find ./examples -type f -name '*.tf' -exec dirname {} \; | sort -u); do
pushd "$DIR"
if [ -f terraform.template.tfvars ]; then
cp terraform.template.tfvars terraform.tfvars
fi
echo; echo -e "\e[1;35m===> Initializing Example: $DIR <===\e[0m"; echo
terraform init
echo; echo -e "\e[1;35m===> Format Checking Example: $DIR <===\e[0m"; echo
terraform fmt -check
echo; echo -e "\e[1;35m===> Validating Example: $DIR <===\e[0m"; echo
# Catch errors
terraform validate
popd
done