--- name: lint-enos on: pull_request: paths: - enos/** jobs: metadata: # Only run this workflow on pull requests from hashicorp/vault branches # as we need secrets to install enos. if: "! github.event.pull_request.head.repo.fork" name: metadata runs-on: ubuntu-latest outputs: runs-on: ${{ steps.metadata.outputs.runs-on }} version: ${{ steps.metadata.outputs.version }} steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - id: set-product-version uses: hashicorp/actions-set-product-version@v2 - id: metadata run: | echo "version=${{ steps.set-product-version.outputs.product-version }}" >> "$GITHUB_OUTPUT" github_repository="${{ github.repository }}" if [ "${github_repository##*/}" == "vault-enterprise" ] ; then echo 'runs-on=["self-hosted","ondemand","linux","type=c6a.4xlarge"]' >> "$GITHUB_OUTPUT" else echo 'runs-on="custom-linux-xl-vault-latest"' >> "$GITHUB_OUTPUT" fi lint: needs: metadata runs-on: ${{ fromJSON(needs.metadata.outputs.runs-on) }} env: GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: cache: false # save cache space for vault builds: https://github.com/hashicorp/vault/pull/21764 go-version-file: .go-version - uses: ./.github/actions/install-external-tools - uses: hashicorp/setup-terraform@v3 with: terraform_wrapper: false - uses: hashicorp/action-setup-enos@v1 with: github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} - name: Ensure shellcheck is available for linting run: which shellcheck || (sudo apt update && sudo apt install -y shellcheck) - name: lint working-directory: ./enos env: ENOS_VAR_vault_product_version: ${{ needs.metadata.outputs.version }} run: make lint