tvl-depot/tools/checks/default.nix

# Utilities for CI checks that work with the readTree-based CI.
{ pkgs, ... }:

let
  inherit (pkgs.lib.strings) sanitizeDerivationName;
in
{
  # Utility for verifying Terraform configuration.
  #
  # Expects to be passed a pre-configured Terraform derivation and a
  # source path, and will do a dummy-initialisation and config
  # validation inside of that Terraform configuration.
  validateTerraform =
    {
      # Environment name to use (inconsequential, only for drv name)
      name ? "main"
    , # Terraform package to use. Should be pre-configured with the
      # correct providers.
      terraform ? pkgs.terraform
    , # Source path for Terraform configuration. Be careful about
      # relative imports. Use the 'subDir' parameter to optionally cd
      # into a subdirectory of source, e.g. if there is a flat structure
      # with modules.
      src
    , # Sub-directory of $src from which to run the check. Useful in
      # case of relative Terraform imports from a code tree
      subDir ? "."
    , # Environment variables to pass to Terraform. Necessary in case of
      # dummy environment variables that need to be set.
      env ? { }
    }:
    pkgs.runCommand "tf-validate-${sanitizeDerivationName name}" env ''
      cp -r ${src}/* . && chmod -R u+w .
      cd ${subDir}
      ${terraform}/bin/terraform init -upgrade -backend=false -input=false
      ${terraform}/bin/terraform validate | tee $out
    '';
}
feat(tools/checks): Add factored-out Terraform config check This can be re-used across Terraform environments. Change-Id: I3d964a17d1cda1aff1df12bd4c0c3ee84b7f7748 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5850 Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com> 2022-06-06 23:09:06 +02:00			`# Utilities for CI checks that work with the readTree-based CI.`
			`{ pkgs, ... }:`

			`let`
			`inherit (pkgs.lib.strings) sanitizeDerivationName;`
			`in`
			`{`
			`# Utility for verifying Terraform configuration.`
			`#`
			`# Expects to be passed a pre-configured Terraform derivation and a`
			`# source path, and will do a dummy-initialisation and config`
			`# validation inside of that Terraform configuration.`
			`validateTerraform =`
			`{`
			`# Environment name to use (inconsequential, only for drv name)`
			`name ? "main"`
fix(tools/checks): Minor typo fix Change-Id: I5cfd6223a3bd0bb4cc650b53af36193185354062 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5859 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI 2022-06-07 12:43:33 +02:00			`, # Terraform package to use. Should be pre-configured with the`
feat(tools/checks): Add factored-out Terraform config check This can be re-used across Terraform environments. Change-Id: I3d964a17d1cda1aff1df12bd4c0c3ee84b7f7748 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5850 Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com> 2022-06-06 23:09:06 +02:00			`# correct providers.`
			`terraform ? pkgs.terraform`
			`, # Source path for Terraform configuration. Be careful about`
			`# relative imports. Use the 'subDir' parameter to optionally cd`
			`# into a subdirectory of source, e.g. if there is a flat structure`
			`# with modules.`
			`src`
			`, # Sub-directory of $src from which to run the check. Useful in`
			`# case of relative Terraform imports from a code tree`
			`subDir ? "."`
			`, # Environment variables to pass to Terraform. Necessary in case of`
			`# dummy environment variables that need to be set.`
			`env ? { }`
			`}:`
			`pkgs.runCommand "tf-validate-${sanitizeDerivationName name}" env ''`
			`cp -r ${src}/* . && chmod -R u+w .`
			`cd ${subDir}`
			`${terraform}/bin/terraform init -upgrade -backend=false -input=false`
			`${terraform}/bin/terraform validate \| tee $out`
			`'';`
			`}`