[MAINT]: Add a CI workflow that runs terraform configuration validation on a generic config to ensure no regressions happenΒ #2856
Description
Describe the need
In light of both #2843 and #2855 and the v6.7.x releases we need a way to continually validate that fundamental things such as secret destroy on drift workflows and other fundamental mechanisms of how the provider initializes don't regress.
ex.
# Build validation
- name: Build Provider
run: |
go build -o terraform-provider-github
# Terraform validation with actual binary
- name: Terraform Init and Validate
run: |
# Create test configuration
cat > test.tf << 'EOF'
terraform {
required_providers {
github = {
source = "integrations/github"
}
}
}
provider "github" {
token = "fake_token_for_validation"
}
# Test both resources with different configurations
resource "github_actions_secret" "test" {
repository = "test_repo"
secret_name = "test_secret"
plaintext_value = "test_value"
destroy_on_drift = true
}
resource "github_actions_organization_secret" "test" {
secret_name = "org_secret"
encrypted_value = "dGVzdA=="
visibility = "private"
destroy_on_drift = false
}
EOF
# Setup dev overrides
mkdir -p ~/.terraformrc
cat > ~/.terraformrc << 'EOF'
provider_installation {
dev_overrides {
"integrations/github" = "$(pwd)"
}
direct {}
}
EOF
# Test with terraform (this should NOT fail with SDK validation errors)
terraform init || echo "Init failed - expected for dev overrides"
terraform validate
# Clean up
rm -f test.tf ~/.terraformrc terraform-provider-github
SDK Version
No response
API Version
No response
Relevant log output
Code of Conduct
- I agree to follow this project's Code of Conduct