Add terraform-config-inspect for apk and deb

.github/auto-label.yml

@@ -338,6 +338,9 @@ vendor/terraform-0.13:
 vendor/terraform-0.14:
 - any: ["vendor/terraform-0.14/**"]
   all: ["!bin/**", "!tasks/**"]
+vendor/terraform-config-inspect:
+- any: ["vendor/terraform-config-inspect/**"]
+  all: ["!bin/**", "!tasks/**"]
 vendor/terraform-docs:
 - any: ["vendor/terraform-docs/**"]
   all: ["!bin/**", "!tasks/**"]

.github/workflows/auto-update-packages.yml

@@ -117,6 +117,7 @@ jobs:
         - terraform-0.12
         - terraform-0.13
         - terraform-0.14
+        - terraform-config-inspect
         - terraform-docs
         - terraform_0.11
         - terraform_0.12

.github/workflows/terraform-config-inspect.yml

@@ -0,0 +1,220 @@
+#
+# This workflow was created automatically from the `package-template.yml` by running `make -C .github workflows`
+# DO NOT EDIT THIS WORKFLOW, changes will be lost on the next update.
+#
+
+name: "terraform-config-inspect"
+on:
+  push:
+    branches:
+      - master
+
+    paths:
+      - apk/**
+      - deb/**
+      - rpm/**
+      - tasks/**
+      - vendor/terraform-config-inspect/**
+      - .github/workflows/terraform-config-inspect.yml
+
+
+  pull_request:
+    types: [opened, synchronize, reopened]
+    paths:
+      - apk/**
+      - deb/**
+      - rpm/**
+      - tasks/**
+      - vendor/terraform-config-inspect/**
+      - .github/workflows/terraform-config-inspect.yml
+
+jobs:
+  matrix:
+    if: github.event_name != 'schedule'
+    runs-on: ubuntu-latest
+    outputs:
+      package-enabled: ${{ steps.info.outputs.package_enabled }}
+      package-matrix:  ${{steps.info.outputs.package_matrix}}
+      apk-enabled: ${{ steps.info.outputs.package_enabled == 'true' && steps.info.outputs.apk_package_enabled == 'true' }}
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Export package build matrix
+      shell: bash
+      id: info
+      env:
+        GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+      run: |
+        echo setting ouputs
+        make -C vendor/terraform-config-inspect info/github
+        echo
+        echo outputs set
+        make -C vendor/terraform-config-inspect info/github | sed s'/::set-output name=//' | sed 's/::/=/'
+
+
+  # Build for alpine linux
+  # Kept separate because it is old and slightly different than the other package builds
+  alpine:
+    needs: matrix
+    if: github.event_name != 'schedule' && needs.matrix.outputs.apk-enabled != 'false'
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # These versions must be strings. E.g. Otherwise `3.10` -> `3.1`
+        alpine:
+          - '3.12'
+    env:
+      APK_KEY_RSA: "${{ secrets.APK_KEY_RSA }}"
+      APK_PACKAGES_PATH: ${{github.workspace}}/artifacts/${{matrix.alpine}}
+      PACKAGER: [email protected]
+      PACKAGER_PRIVKEY: /dev/shm/[email protected]
+      PACKAGER_PUBKEY: ${{github.workspace}}/artifacts/[email protected]
+
+    container: cloudposse/packages-apkbuild:${{matrix.alpine}}
+    steps:
+      # Checkout the packages repo so we can build the packages as a monorepo
+      - name: "Checkout source code at current commit"
+        uses: actions/checkout@v2
+
+      # Export the apk keys as files from secrets
+      - name: "Export keys"
+        run: "make -C .github/ export"
+
+      # Build the alpine packages for the matrix version of alpine
+      - name: "Build alpine packages"
+        run: "make -C vendor/${{github.workflow}} apk"
+
+      # Verify the packages were built or error
+      - name: "List packages"
+        run: 'find ${APK_PACKAGES_PATH} -type f -name \*.apk | xargs --no-run-if-empty ls -l | grep .'
+
+      # Export the artifact filename including path
+      # Path must be relative to workdir for Cloudsmith action to be able to find it
+      - name: "Set output path to artifact"
+        id: artifact
+        shell: bash
+        run: |
+          artifact=$(find artifacts/${{matrix.alpine}} -type f -name \*.apk)
+          echo "::set-output name=path::$artifact"
+          echo "set output path=$artifact"
+          echo creating '"pip"' cache directory for Cloudsmith
+          mkdir -p $HOME/.cache/pip && chmod -R 777 $HOME/.cache || echo Ignoring error creating '"pip"' cache directory
+
+
+      # Determine which package organization we should use (e.g. dev or prod)
+      - name: "Determine package repo"
+        shell: bash
+        id: repo
+        run: |
+          if [[ ${GITHUB_REF} == 'refs/heads/master' ]]; then
+              echo "::set-output name=org::${{github.repository_owner}}"
+          else
+              echo "::set-output name=org::${{github.repository_owner}}-dev"
+          fi
+        env:
+          GITHUB_REF: ${{ github.ref }}
+
+      # Publish the artifacts
+      - name: "Push artifact to package repository"
+        uses: cloudsmith-io/[email protected]
+        with:
+          api-key: ${{ secrets.CLOUDSMITH_API_KEY }}
+          command: 'push'
+          format: 'alpine'
+          owner: '${{steps.repo.outputs.org}}'              # Your Cloudsmith account name or org name (namespace)
+          repo: 'packages'                                  # Your Cloudsmith Repository name (slug)
+          distro: 'alpine'                                  # Your Distribution  (i.e debian, ubuntu, alpine)
+          release: 'any-version'                            # Use "any-version" if your package is compatible with more than one version of alpine linux
+          republish: 'true'                                 # Needed if version is not changing
+          file: '${{steps.artifact.outputs.path}}'          # Package filename (including path)
+          no-wait-for-sync: 'true'                          # Skip the waiting for package synchronisation (i.e. upload only)
+
+  # Build packages with fpm package manager
+  package:
+    needs: matrix
+    # Should not be needed, but without these conditions, this job would fail with an error if the matrix is []
+    # and would run with package-type empty if matrix is ["apk"]
+    if: >
+      github.event_name != 'schedule' && needs.matrix.outputs.package-enabled != 'false'
+      && needs.matrix.outputs.package-matrix != '[]' && needs.matrix.outputs.package-matrix != '["apk"]'
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        package-type: ${{ fromJSON(needs.matrix.outputs.package-matrix) }}
+        exclude:
+        - package-type: 'apk'
+    env:
+      # We are in a bit of a bind here because of how GitHub actions work as of 2020-11-19
+      # Although the "workspace" is mounted to the container, it is not mounted
+      # at `/github/workspace` or ${{github.workspace}}, although through some
+      # mechanism, an environment variable whose value starts with ${{github.workspace}}
+      # will have ${{github.workspace}} replaced with the correct mount point.
+      #
+      # We need an absolute path for the package build system, since every build happens
+      # in a different directory, but because the mount point changes, we also
+      # need a path relative to the initial working directory to communicate between
+      # the package building container and the cloudsmith action.
+      PACKAGES_PATH: ${{github.workspace}}/artifacts/${{matrix.package-type}}/any-version
+      PACKAGE_RELPATH: artifacts/${{matrix.package-type}}/any-version
+
+    # Unfortunately, there is no reasonable way to configure the docker image tag based on the package-type
+    container: cloudposse/packages-${{matrix.package-type}}build:latest
+    steps:
+      # Checkout the packages repo so we can build the packages as a monorepo
+      - name: "Checkout source code at current commit"
+        uses: actions/checkout@v2
+
+      # Build the packages for the matrix version
+      - name: "Build ${{matrix.package-type}} packages"
+        shell: bash
+        run: |
+          echo Current directory is $(pwd)
+          [[ $PACKAGES_PATH =~ ^$(pwd) ]] || { echo Package dir \"$PACKAGES_PATH\" not beneath workdir \"$(pwd)\" >&2; exit 1; }
+          make -C vendor/${{github.workflow}} ${{matrix.package-type}}
+
+      # Export the artifact filename including path
+      - name: "Set output path to artifact"
+        id: artifact
+        shell: bash
+        run: |
+          [[ -n $PACKAGE_RELPATH ]] || { echo Error: PACKAGE_RELPATH is not set >&2; exit 1; }
+          packages=($(find ${PACKAGE_RELPATH} -type f -name \*.${{matrix.package-type}}))
+          echo List packages found:
+          printf "%s\n" "${packages[@]}" | xargs --no-run-if-empty ls -l
+          echo Error if not exactly 1 package found
+          (( ${#packages[@]} == 1 )) || { echo "Error: other than 1 package found (${#packages[@]})" >&2; exit 1; }
+
+          echo "setting output name=path::$packages"
+          echo "::set-output name=path::$packages"
+
+          echo creating '"pip"' cache directory for Cloudsmith
+          mkdir -p $HOME/.cache/pip && chmod -R 777 $HOME/.cache || echo Ignoring error creating '"pip"' cache directory
+
+      # Determine which package organization we should use (e.g. dev or prod)
+      - name: "Determine package repo"
+        shell: bash
+        id: repo
+        run: |
+          if [[ ${GITHUB_REF} == 'refs/heads/master' ]]; then
+              echo "::set-output name=org::${{github.repository_owner}}"
+          else
+              echo "::set-output name=org::${{github.repository_owner}}-dev"
+          fi
+        env:
+          GITHUB_REF: ${{ github.ref }}
+
+      # Publish the artifacts
+      - name: "Push artifact to package repository"
+        uses: cloudsmith-io/[email protected]
+        with:
+          api-key: ${{ secrets.CLOUDSMITH_API_KEY }}
+          command: 'push'
+          format: '${{matrix.package-type}}'
+          owner: '${{steps.repo.outputs.org}}'              # Your Cloudsmith account name or org name (namespace)
+          repo: 'packages'                                  # Your Cloudsmith Repository name (slug)
+          distro: 'any-distro'                              # Use "any-distro" since our package is compatible with more than more distribution
+          release: 'any-version'                            # Use "any-version" since our package is compatible with more than more version
+          republish: 'true'                                 # Needed if version is not changing
+          file: '${{steps.artifact.outputs.path}}'          # Package filename (including path)
+          no-wait-for-sync: 'true'                          # Skip the waiting for package synchronisation (i.e. upload only)

README.md

@@ -348,6 +348,7 @@ exit
 [![terraform-0.12](https://github.com/cloudposse/packages/workflows/terraform-0.12/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-0.12) | 0.12.29    | Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
 [![terraform-0.13](https://github.com/cloudposse/packages/workflows/terraform-0.13/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-0.13) | 0.13.5     | Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
 [![terraform-0.14](https://github.com/cloudposse/packages/workflows/terraform-0.14/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-0.14) | 0.14.0     | Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
+[![terraform-config-inspect](https://github.com/cloudposse/packages/workflows/terraform-config-inspect/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-config-inspect) | 0.0.20201102131242+git0c45ba392e51 | A helper library for shallow inspection of Terraform configurations
 [![terraform-docs](https://github.com/cloudposse/packages/workflows/terraform-docs/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-docs) | 0.10.1     | Generate docs from terraform modules
 [![terraform_0.11](https://github.com/cloudposse/packages/workflows/terraform_0.11/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform_0.11) | 0.11.14    | Terraform (Deprecated package. Use terraform-0.11 instead)
 [![terraform_0.12](https://github.com/cloudposse/packages/workflows/terraform_0.12/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform_0.12) | 0.12.29    | Terraform (Deprecated package. Use terraform-0.12 instead)

docs/badges.md

@@ -103,6 +103,7 @@
 [![terraform-0.12](https://github.com/cloudposse/packages/workflows/terraform-0.12/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-0.12) | 0.12.29    | Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
 [![terraform-0.13](https://github.com/cloudposse/packages/workflows/terraform-0.13/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-0.13) | 0.13.5     | Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
 [![terraform-0.14](https://github.com/cloudposse/packages/workflows/terraform-0.14/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-0.14) | 0.14.0     | Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
+[![terraform-config-inspect](https://github.com/cloudposse/packages/workflows/terraform-config-inspect/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-config-inspect) | 0.0.20201102131242+git0c45ba392e51 | A helper library for shallow inspection of Terraform configurations
 [![terraform-docs](https://github.com/cloudposse/packages/workflows/terraform-docs/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform-docs) | 0.10.1     | Generate docs from terraform modules
 [![terraform_0.11](https://github.com/cloudposse/packages/workflows/terraform_0.11/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform_0.11) | 0.11.14    | Terraform (Deprecated package. Use terraform-0.11 instead)
 [![terraform_0.12](https://github.com/cloudposse/packages/workflows/terraform_0.12/badge.svg?branch=master)](https://github.com/cloudposse/packages/actions?query=workflow%3Aterraform_0.12) | 0.12.29    | Terraform (Deprecated package. Use terraform-0.12 instead)

docs/targets.md

@@ -108,6 +108,7 @@ terraform-0.11            0.11.14    Terraform is a tool for building, changing,
 terraform-0.12            0.12.29    Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
 terraform-0.13            0.13.5     Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
 terraform-0.14            0.14.0     Terraform is a tool for building, changing, and combining infrastructure safely and efficiently.
+terraform-config-inspect  0.0.20201102131242+git0c45ba392e51 A helper library for shallow inspection of Terraform configurations
 terraform-docs            0.10.1     Generate docs from terraform modules
 terraform_0.11            0.11.14    Terraform (Deprecated package. Use terraform-0.11 instead)
 terraform_0.12            0.12.29    Terraform (Deprecated package. Use terraform-0.12 instead)

tasks/Makefile.apk

@@ -26,7 +26,8 @@ export APK_PACKAGE_ENABLED := $(shell $(LOCAL_BIN)/package-filter apk-enabled "$
 export APK_TEMPLATE_PATH ?= ../../apk/templates/
 export APK_BUILD_TEMPLATE ?= APKBUILD.github-binary
 export APK_PACKAGES_PATH ?= /tmp/packages
-export APK_TMP_DIR := $(realpath $(shell mktemp -d ../../tmp/build.XXXXXX))
+APK_DEFAULT_TMP_DIR := $(realpath $(shell mktemp -d ../../tmp/build.XXXXXX))
+export APK_TMP_DIR ?= $(APK_DEFAULT_TMP_DIR)
 export APK_PACKAGE_NAME ?= $(PACKAGE_NAME)
 export APK_NORMALIZED_PACKAGE_VERSION := $(if $(subst false,,$(PACKAGE_PRERELEASE_ENABLED)),$(shell printf "%s" "$(PACKAGE_VERSION)" | sed -E 's/-([a-z]*)\.?/_\1/'),$(PACKAGE_VERSION))
 export APK_PACKAGE_VERSION ?= $(APK_NORMALIZED_PACKAGE_VERSION)

vendor/terraform-config-inspect/DESCRIPTION

@@ -0,0 +1 @@
+A helper library for shallow inspection of Terraform configurations

vendor/terraform-config-inspect/LICENSE

@@ -0,0 +1 @@
+MPL-2.0

vendor/terraform-config-inspect/Makefile

@@ -0,0 +1,42 @@
+## Package - terraform-config-inspect
+export VENDOR = hashicorp
+export PACKAGE_NAME = terraform-config-inspect
+export DOWNLOAD_URL ?= $(PACKAGE_EXE)
+export APK_BUILD_TEMPLATE ?= APKBUILD.github-binary
+export APK_PACKAGE_VERSION := $(shell cat VERSION | sed s/\+.*//)
+export INSTALL_PATH=/usr/local/bin
+
+# RPM should be relatively easy, but we will get to it later
+export PACKAGE_TYPES_DISABLED = rpm
+
+# Custom auto-update target
+export PACKAGE_VERSION_TARGET := go-update
+
+include ../../tasks/Makefile.vendor_includes
+
+version.go: VERSION
+	go generate
+
+$(INSTALL_PATH)/$(PACKAGE_EXE): main.go version.go VERSION
+	mkdir -p $(INSTALL_PATH)
+	go build -o $(INSTALL_PATH)/$(PACKAGE_EXE)
+
+test:
+	@echo Test: expecting exe version like $(APK_PACKAGE_VERSION) or $(DEB_PACKAGE_VERSION) from VERSION $(shell cat VERSION)
+	@echo Running: $(PACKAGE_EXE) --version && $(PACKAGE_EXE) --version
+	$(PACKAGE_EXE) --version | grep -q -F $(APK_PACKAGE_VERSION)
+
+## This may be required for apk building and varies from package to package
+# Custom post-package processing (Note the double colon to append to current inherited package/prepare task)
+#package/prepare::
+# 	echo cp src/gh_$(PACKAGE_VERSION)_$(OS)_$(ARCH)/bin/$(PACKAGE_EXE) src
+
+apk/prepare:: $(INSTALL_PATH)/$(PACKAGE_EXE)
+	cp -p $(INSTALL_PATH)/$(PACKAGE_EXE) $(APK_TMP_DIR)
+	chown nobody $(APK_TMP_DIR)/$(PACKAGE_EXE)
+
+install: $(INSTALL_PATH)/$(PACKAGE_EXE)
+
+go-update:
+	go get -u github.com/hashicorp/terraform-config-inspect
+	printf "%s" $$(grep -F github.com/hashicorp/terraform-config-inspect go.mod| sed -e 's/.* v//' -e 's/\.0-/./' -e 's/-/+git/') > VERSION

vendor/terraform-config-inspect/RELEASE

@@ -0,0 +1 @@
+0

vendor/terraform-config-inspect/VERSION

@@ -0,0 +1 @@
+0.0.20201102131242+git0c45ba392e51

vendor/terraform-config-inspect/go.mod

@@ -0,0 +1,15 @@
+module github.com/cloudposse/packages
+
+go 1.13
+
+require (
+	github.com/agext/levenshtein v1.2.3 // indirect
+	github.com/google/go-cmp v0.5.4 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/hashicorp/hcl/v2 v2.8.0 // indirect
+	github.com/hashicorp/terraform-config-inspect v0.0.0-20201102131242-0c45ba392e51
+	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/spf13/pflag v1.0.5
+	github.com/zclconf/go-cty v1.7.0 // indirect
+	golang.org/x/text v0.3.4 // indirect
+)