From b0ed21ca6374222d5275099d0785a268bd1d0425 Mon Sep 17 00:00:00 2001 From: Jonny Browning Date: Tue, 29 Nov 2022 09:21:52 +0000 Subject: [PATCH] ci: PR checks CI --- .github/workflows/pr-checks.yml | 121 ++++++++++++++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 .github/workflows/pr-checks.yml diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml new file mode 100644 index 0000000..e18c22b --- /dev/null +++ b/.github/workflows/pr-checks.yml @@ -0,0 +1,121 @@ +name: PR checks + +on: + pull_request: + branches: + - main + +jobs: + pre-commit: + runs-on: ubuntu-latest + steps: + - uses: hashicorp/setup-terraform@v2 + + - name: Check out repository + uses: actions/checkout@v2 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - uses: actions/cache@v2 + name: Cache plugin dir + with: + path: ~/.tflint.d/plugins + key: tflint-${{ hashFiles('.tflint.hcl') }} + + - uses: terraform-linters/setup-tflint@v2.0.0 + name: Setup TFLint + + - uses: pre-commit/action@v3.0.0 + name: Pre-commit checks + + terratest: + runs-on: ubuntu-latest + steps: + - uses: hashicorp/setup-terraform@v2 + with: + terraform_wrapper: false + + - name: Check out repository + uses: actions/checkout@v2 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Set up Go 1.18 + uses: actions/setup-go@v1 + with: + go-version: 1.18 + + - id: 'auth' + name: 'Authenticate to Google Cloud' + uses: 'google-github-actions/auth@v0' + with: + credentials_json: '${{ secrets.GOOGLE_CREDENTIALS }}' + + - name: 'Set up Cloud SDK' + uses: 'google-github-actions/setup-gcloud@v0' + + - name: Copy pipeline.json to GCS + run: "gsutil cp test/pipeline.json gs://${{ secrets.TEST_BUCKET }}/terraform-google-scheduled-vertex-pipelines/${{ github.run_id }}/pipeline.json" + + - name: Copy pipeline.yaml to AR + run: > + curl -X POST + -H "Authorization: Bearer $(gcloud auth print-access-token)" + -F tags=latest + -F content=@test/pipeline.yaml + "https://europe-west2-kfp.pkg.dev/${{ secrets.TEST_PROJECT_ID }}/${{ secrets.TEST_AR_REPO }}" + + - name: Run Terratest + run: make test + env: + TF_VAR_project: ${{ secrets.TEST_PROJECT_ID }} + TF_VAR_gcs_bucket: ${{ secrets.TEST_BUCKET }} + TF_VAR_object_name: "terraform-google-scheduled-vertex-pipelines/${{ github.run_id }}/pipeline.json" + TF_VAR_ar_repository: ${{ secrets.TEST_AR_REPO }} + + - name: Delete pipeline.json from GCS after test + if: always() + run: "gsutil rm gs://${{ secrets.TEST_BUCKET }}/terraform-google-scheduled-vertex-pipelines/${{ github.run_id }}/pipeline.json" + + generate-readme: + runs-on: ubuntu-latest + steps: + + - name: Check out repository + uses: actions/checkout@v2 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Render terraform docs and push changes back to PR + uses: terraform-docs/gh-actions@main + with: + working-dir: . + output-file: README.md + output-method: replace + template: |- + # Vertex AI Custom Code Service Agent + + This repo contains a Terraform module that enables the [Vertex AI Custom Code Service Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents). + + This is done by running a simple custom training job (CustomJob), because the Service Agent is created the first time it is used. + + This module relies on the `curl` tool being available on the system running Terraform. + + This module is available in the [Datatonic Terraform Registry](https://registry.terraform.io/namespaces/teamdatatonic). + + ## Development + + ### Local setup + + - Install [pre-commit](https://pre-commit.com/) + - Install the pre-commit hooks - `pre-commit install` + + ### README + + The README file is autogenerated using [`terraform-docs`](https://github.com/terraform-docs/terraform-docs). This is done when you create a pull request (or push to an existing PR). + + You can customise the template (including this text for example) in `.github/workflows/pr-checks.yml`. + + {{ .Content }} + + git-push: "true"