# Utilities for CI checks that work with the readTree-based CI. { pkgs, ... }: let inherit (pkgs.lib.strings) sanitizeDerivationName; in { # Utility for verifying Terraform configuration. # # Expects to be passed a pre-configured Terraform derivation and a # source path, and will do a dummy-initialisation and config # validation inside of that Terraform configuration. validateTerraform = { # Environment name to use (inconsequential, only for drv name) name ? "main" , # Terraform package to use. Should be pre-configured with the # correct providers. terraform ? pkgs.terraform , # Source path for Terraform configuration. Be careful about # relative imports. Use the 'subDir' parameter to optionally cd # into a subdirectory of source, e.g. if there is a flat structure # with modules. src , # Sub-directory of $src from which to run the check. Useful in # case of relative Terraform imports from a code tree subDir ? "." , # Environment variables to pass to Terraform. Necessary in case of # dummy environment variables that need to be set. env ? { } }: pkgs.runCommand "tf-validate-${sanitizeDerivationName name}" env '' cp -r ${src}/* . && chmod -R u+w . cd ${subDir} ${terraform}/bin/terraform init -upgrade -backend=false -input=false ${terraform}/bin/terraform validate | tee $out ''; }