diff options
author | Vincent Ambo <mail@tazj.in> | 2022-06-06T21·09+0000 |
---|---|---|
committer | tazjin <tazjin@tvl.su> | 2022-06-07T09·32+0000 |
commit | e0c6198d582970fa7b03fd885ca151ec4964f670 (patch) | |
tree | 76281b150e9942ac29a97880ebf62225b7056740 /tools/checks/default.nix | |
parent | 45458207df0815f0f3bb050a3fc5f5a83debe7b6 (diff) |
feat(tools/checks): Add factored-out Terraform config check r/4224
This can be re-used across Terraform environments. Change-Id: I3d964a17d1cda1aff1df12bd4c0c3ee84b7f7748 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5850 Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
Diffstat (limited to 'tools/checks/default.nix')
-rw-r--r-- | tools/checks/default.nix | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/tools/checks/default.nix b/tools/checks/default.nix new file mode 100644 index 000000000000..618405d3ae67 --- /dev/null +++ b/tools/checks/default.nix @@ -0,0 +1,38 @@ +# Utilities for CI checks that work with the readTree-based CI. +{ pkgs, ... }: + +let + inherit (pkgs.lib.strings) sanitizeDerivationName; +in +{ + # Utility for verifying Terraform configuration. + # + # Expects to be passed a pre-configured Terraform derivation and a + # source path, and will do a dummy-initialisation and config + # validation inside of that Terraform configuration. + validateTerraform = + { + # Environment name to use (inconsequential, only for drv name) + name ? "main" + , # Terraform package to use. Should be pre-onfigured with the + # correct providers. + terraform ? pkgs.terraform + , # Source path for Terraform configuration. Be careful about + # relative imports. Use the 'subDir' parameter to optionally cd + # into a subdirectory of source, e.g. if there is a flat structure + # with modules. + src + , # Sub-directory of $src from which to run the check. Useful in + # case of relative Terraform imports from a code tree + subDir ? "." + , # Environment variables to pass to Terraform. Necessary in case of + # dummy environment variables that need to be set. + env ? { } + }: + pkgs.runCommand "tf-validate-${sanitizeDerivationName name}" env '' + cp -r ${src}/* . && chmod -R u+w . + cd ${subDir} + ${terraform}/bin/terraform init -upgrade -backend=false -input=false + ${terraform}/bin/terraform validate | tee $out + ''; +} |