forked from github/pre-commit-opentofu
feat: Add --retry-once-with-cleanup to terraform_validate (#441)
This commit is contained in:
Bjorn Olsen
GitHub
parent
a15204beed
commit
96fe3ef657
3 changed files with 140 additions and 22 deletions
|
|
@ -299,13 +299,15 @@ function common::terraform_init {
|
|||
TF_INIT_ARGS+=("-no-color")
|
||||
fi
|
||||
|
||||
if [ ! -d .terraform ]; then
|
||||
if [ ! -d .terraform/modules ] || [ ! -d .terraform/providers ]; then
|
||||
init_output=$(terraform init -backend=false "${TF_INIT_ARGS[@]}" 2>&1)
|
||||
exit_code=$?
|
||||
|
||||
if [ $exit_code -ne 0 ]; then
|
||||
common::colorify "red" "'terraform init' failed, '$command_name' skipped: $dir_path"
|
||||
echo -e "$init_output\n\n"
|
||||
else
|
||||
common::colorify "green" "Command 'terraform init' successfully done: $dir_path"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -24,6 +24,43 @@ function main {
|
|||
common::per_dir_hook "$HOOK_ID" "${#ARGS[@]}" "${ARGS[@]}" "${FILES[@]}"
|
||||
}
|
||||
|
||||
#######################################################################
|
||||
# Run `terraform validate` and match errors. Requires `jq`
|
||||
# Arguments:
|
||||
# validate_output (string with json) output of `terraform validate` command
|
||||
# Outputs:
|
||||
# Returns integer:
|
||||
# - 0 (no errors)
|
||||
# - 1 (matched errors; retry)
|
||||
# - 2 (no matched errors; do not retry)
|
||||
#######################################################################
|
||||
function match_validate_errors {
|
||||
local validate_output=$1
|
||||
|
||||
local valid
|
||||
local summary
|
||||
|
||||
valid=$(jq -rc '.valid' <<< "$validate_output")
|
||||
|
||||
if [ "$valid" == "true" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
# Parse error message for retry-able errors.
|
||||
while IFS= read -r error_message; do
|
||||
summary=$(jq -rc '.summary' <<< "$error_message")
|
||||
case $summary in
|
||||
"missing or corrupted provider plugins") return 1 ;;
|
||||
"Module source has changed") return 1 ;;
|
||||
"Module version requirements have changed") return 1 ;;
|
||||
"Module not installed") return 1 ;;
|
||||
"Could not load plugin") return 1 ;;
|
||||
esac
|
||||
done < <(jq -rc '.diagnostics[]' <<< "$validate_output")
|
||||
|
||||
return 2 # Some other error; don't retry
|
||||
}
|
||||
|
||||
#######################################################################
|
||||
# Unique part of `common::per_dir_hook`. The function is executed in loop
|
||||
# on each provided dir path. Run wrapped tool with specified arguments
|
||||
|
|
@ -43,16 +80,68 @@ function per_dir_hook_unique_part {
|
|||
local -a -r args=("$@")
|
||||
|
||||
local exit_code
|
||||
local validate_output
|
||||
#
|
||||
# Get hook settings
|
||||
#
|
||||
local retry_once_with_cleanup
|
||||
|
||||
IFS=";" read -r -a configs <<< "${HOOK_CONFIG[*]}"
|
||||
|
||||
for c in "${configs[@]}"; do
|
||||
|
||||
IFS="=" read -r -a config <<< "$c"
|
||||
key=${config[0]}
|
||||
value=${config[1]}
|
||||
|
||||
case $key in
|
||||
--retry-once-with-cleanup)
|
||||
if [ $retry_once_with_cleanup ]; then
|
||||
common::colorify "yellow" 'Invalid hook config. Make sure that you specify not more than one "--retry-once-with-cleanup" flag'
|
||||
exit 1
|
||||
fi
|
||||
retry_once_with_cleanup=$value
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
common::terraform_init 'terraform validate' "$dir_path" || {
|
||||
exit_code=$?
|
||||
return $exit_code
|
||||
}
|
||||
|
||||
# pass the arguments to hook
|
||||
validate_output=$(terraform validate "${args[@]}" 2>&1)
|
||||
exit_code=$?
|
||||
if [ "$retry_once_with_cleanup" != "true" ]; then
|
||||
# terraform validate only
|
||||
validate_output=$(terraform validate "${args[@]}" 2>&1)
|
||||
exit_code=$?
|
||||
else
|
||||
# terraform validate, plus capture possible errors
|
||||
validate_output=$(terraform validate -json "${args[@]}" 2>&1)
|
||||
exit_code=$?
|
||||
|
||||
# Match specific validation errors
|
||||
local -i validate_errors_matched
|
||||
match_validate_errors "$validate_output"
|
||||
validate_errors_matched=$?
|
||||
|
||||
# Errors matched; Retry validation
|
||||
if [ "$validate_errors_matched" -eq 1 ]; then
|
||||
common::colorify "yellow" "Validation failed. Removing cached providers and modules from \"$dir_path/.terraform\" directory"
|
||||
# `.terraform` dir may comprise some extra files, like `environment`
|
||||
# which stores info about current TF workspace, so we can't just remove
|
||||
# `.terraform` dir completely.
|
||||
rm -rf .terraform/{modules,providers}/
|
||||
|
||||
common::colorify "yellow" "Re-validating: $dir_path"
|
||||
|
||||
common::terraform_init 'terraform validate' "$dir_path" || {
|
||||
exit_code=$?
|
||||
return $exit_code
|
||||
}
|
||||
|
||||
validate_output=$(terraform validate "${args[@]}" 2>&1)
|
||||
exit_code=$?
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ $exit_code -ne 0 ]; then
|
||||
common::colorify "red" "Validation failed: $dir_path"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue