schmalz/shared-actions
15
0
Fork 0
Code Issues Pull requests 1 Releases Packages Activity Actions

feat: add mock-files input to create empty files for Terraform validation
All checks were successful
validate-shared-actions / validate-shared-actions (pull_request) Successful in 1m18s
Details
Aikido Security PR Check / Aikido Security Scan (pull_request) Successful in 2m27s
Details

Browse source
This commit is contained in:
Michael.Seele@schmalz.de 2026-05-21 13:00:14 +00:00
parent 038b488a6b
commit bd5e3add23
2 changed files with 35 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

17
terraform-validate/README.md
View file

@ -10,6 +10,7 @@ Validate Terraform configuration files using the official Terraform CLI.
| `terraform-version` | No | `~1.15` | Terraform version to use |
| `workspace` | No | `""` | Terraform workspace to use |
| `jfrog-token` | No | `""` | JFrog Artifactory token for the Terraform provider registry (`TF_TOKEN_schmalz_jfrog_io`) |
| `mock-files` | No | `""` | Newline-separated list of file paths (relative to repo root) to create as empty files before validation. Useful when Terraform uses `file()` references that do not exist in CI. |
## Usage
@ -20,8 +21,22 @@ Validate Terraform configuration files using the official Terraform CLI.
jfrog-token: ${{ secrets.JFROG_TOKEN }}
```
With mock files for `file()` dependencies:
```yaml
- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/terraform-validate@terraform-validate-v1
with:
workspace: stage
jfrog-token: ${{ secrets.JFROG_TOKEN }}
mock-files: |
config/app.json
secrets/tls.crt
secrets/tls.key
```
## Notes
- Runs `terraform init -backend=false`, `terraform fmt -check -recursive`, and `terraform validate`.
- Sets `TF_WORKSPACE` during validate if `workspace` is provided.
- Sets `TF_TOKEN_schmalz_jfrog_io` on both `init` and `validate` steps if `jfrog-token` is provided.
- Sets `TF_TOKEN_schmalz_jfrog_io` on both `init` and `validate` steps if `jfrog-token` is provided.
- When `mock-files` is set, empty files are created at the given paths (including any missing parent directories) before `terraform init` runs. This allows validation of configurations that reference external files via `file()`.

19
terraform-validate/action.yml
View file

@ -19,6 +19,13 @@ inputs:
description: JFrog Artifactory token used for Terraform provider registry (sets TF_TOKEN_schmalz_jfrog_io)
required: false
default: ""
mock-files:
description: |-
Newline-separated list of file paths to create as empty files before validation.
Useful when Terraform configurations reference external files via file() that do not exist in CI.
Paths are relative to the repository root.
required: false
default: ""
runs:
using: composite
@ -43,6 +50,18 @@ runs:
key: ${{ runner.os }}-terraform-providers-${{ inputs.terraform-version }}-${{ hashFiles(format('{0}/.terraform.lock.hcl', inputs.terraform-dir)) }}
restore-keys: ${{ runner.os }}-terraform-providers-${{ inputs.terraform-version }}-
- name: Create mock files
if: ${{ inputs.mock-files != '' }}
shell: bash
env:
MOCK_FILES: ${{ inputs.mock-files }}
run: |
while IFS= read -r mock_file; do
[ -z "$mock_file" ] && continue
mkdir -p "$(dirname "$mock_file")"
touch "$mock_file"
done <<< "$MOCK_FILES"
- name: Terraform Init
shell: bash
env: