From 5e8bc4b7f03e1c466f5e8b9c4c2748a2f3212944 Mon Sep 17 00:00:00 2001 From: "Marcel S. Henselin" Date: Fri, 30 Jan 2026 12:27:46 +0100 Subject: [PATCH 1/6] fix: fix publisher command fix: fix ci pipeline to include publish testing --- .github/workflows/ci.yaml | 94 ++++++++++++++++++++++++++++++++++++- cmd/cmd/publish/provider.go | 13 +++++ cmd/cmd/publishCmd.go | 7 ++- 3 files changed, 112 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index bbd69400..12278cab 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -13,6 +13,99 @@ env: CODE_COVERAGE_ARTIFACT_NAME: "code-coverage" jobs: + publish_test: + name: "Test readiness for publishing provider" + needs: config + runs-on: ubuntu-latest + permissions: + actions: read # Required to identify workflow run. + checks: write # Required to add status summary. + contents: read # Required to checkout repository. + pull-requests: write # Required to add PR comment. + steps: + - name: Install needed tools + run: | + apt-get -y -qq update + apt-get -y -qq install jq python3 python3-pip python-is-python3 s3cmd git make wget + + - name: Setup Go + uses: actions/setup-go@v6 + with: + go-version: ${{ env.GO_VERSION }} + + - name: Install go tools + run: | + go install golang.org/x/tools/cmd/goimports@latest + go install github.com/hashicorp/terraform-plugin-codegen-framework/cmd/tfplugingen-framework@latest + go install github.com/hashicorp/terraform-plugin-codegen-openapi/cmd/tfplugingen-openapi@latest + + - name: Setup JAVA + uses: actions/setup-java@v5 + with: + distribution: 'temurin' # See 'Supported distributions' for available options + java-version: '21' + + - name: Checkout + uses: actions/checkout@v6 + + - name: Run build pkg directory + run: | + go run cmd/main.go build + + - name: Set up s3cfg + run: | + cat <<'EOF' >> ~/.s3cfg + [default] + host_base = https://object.storage.eu01.onstackit.cloud + host_bucket = https://%(bucket).object.storage.eu01.onstackit.cloud + check_ssl_certificate = False + access_key = ${{ secrets.S3_ACCESS_KEY }} + secret_key = ${{ secrets.S3_SECRET_KEY }} + EOF + + - name: Import GPG key + run: | + echo "${{ secrets.PRIVATE_KEY_PEM }}" > ~/private.key.pem + gpg --import ~/private.key.pem + rm ~/private.key.pem + + - name: Run GoReleaser with SNAPSHOT + if: github.event_name == 'workflow_dispatch' + id: goreleaser + env: + GITHUB_TOKEN: ${{ env.FORGEJO_TOKEN }} + GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + uses: goreleaser/goreleaser-action@v6 + with: + args: release --skip publish --clean --snapshot + + - name: Run GoReleaser + if: github.event_name != 'workflow_dispatch' + id: goreleaser + env: + GITHUB_TOKEN: ${{ env.FORGEJO_TOKEN }} + GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + uses: goreleaser/goreleaser-action@v6 + with: + args: release --skip publish --clean + + - name: Prepare key file + run: | + echo "${{ secrets.PUBLIC_KEY_PEM }}" >public_key.pem + + - name: Prepare provider directory structure + run: | + VERSION=$(jq -r .version < dist/metadata.json) + go run cmd/main.go \ + publish \ + --namespace=mhenselin \ + --providerName=stackitprivatepreview \ + --repoName=terraform-provider-stackitprivatepreview \ + --domain=tfregistry.sysops.stackit.rocks \ + --gpgFingerprint=${{ secrets.GPG_FINGERPRINT }} \ + --gpgPubKeyFile=public_key.pem \ + --version=${VERSION} + main: name: CI runs-on: ubuntu-latest @@ -57,7 +150,6 @@ jobs: name: ${{ env.CODE_COVERAGE_ARTIFACT_NAME }} path: "stackit/${{ env.CODE_COVERAGE_FILE_NAME }}" - config: name: Check GoReleaser config if: github.event_name == 'pull_request' diff --git a/cmd/cmd/publish/provider.go b/cmd/cmd/publish/provider.go index 73f12ab0..947a42ff 100644 --- a/cmd/cmd/publish/provider.go +++ b/cmd/cmd/publish/provider.go @@ -8,11 +8,13 @@ import ( "io/fs" "log" "os" + "os/exec" "path" "strings" ) type Provider struct { + RootPath string Namespace string Provider string DistPath string @@ -23,6 +25,17 @@ type Provider struct { Domain string } +func (p *Provider) GetRoot() error { + cmd := exec.Command("git", "rev-parse", "--show-toplevel") + out, err := cmd.Output() + if err != nil { + return err + } + lines := strings.Split(string(out), "\n") + p.RootPath = lines[0] + return nil +} + func (p *Provider) CreateV1Dir() error { // Path to semantic version dir versionPath := p.providerDirs() diff --git a/cmd/cmd/publishCmd.go b/cmd/cmd/publishCmd.go index 0f595009..9930aa65 100644 --- a/cmd/cmd/publishCmd.go +++ b/cmd/cmd/publishCmd.go @@ -6,6 +6,7 @@ import ( "io/fs" "log" "os" + "path" "path/filepath" publish2 "github.com/mhenselin/terraform-provider-stackitprivatepreview/cmd/cmd/publish" @@ -96,10 +97,14 @@ func publish() error { GpgPubKeyFile: gpgPubKeyFile, Domain: domain, } + err := p.GetRoot() + if err != nil { + return err + } // Create release dir - only the contents of this need to be uploaded to S3 log.Printf("* Creating reelase directory") - err := os.Mkdir("release", os.ModePerm) + err = os.Mkdir(path.Join(p.RootPath, "release"), os.ModePerm) if !errors.Is(err, fs.ErrExist) { return fmt.Errorf("error creating 'release' dir: %w", err) } -- 2.49.1 From ff1b53acb74c0c792f666ca250baaab4d3077e53 Mon Sep 17 00:00:00 2001 From: "Marcel S. Henselin" Date: Fri, 30 Jan 2026 12:29:30 +0100 Subject: [PATCH 2/6] fix: order dependencies in ci pipeline --- .github/workflows/ci.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 12278cab..0ee00153 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -106,9 +106,11 @@ jobs: --gpgPubKeyFile=public_key.pem \ --version=${VERSION} + main: name: CI runs-on: ubuntu-latest + needs: config steps: - name: Checkout uses: actions/checkout@v4 @@ -152,7 +154,6 @@ jobs: config: name: Check GoReleaser config - if: github.event_name == 'pull_request' runs-on: ubuntu-latest steps: - name: Checkout -- 2.49.1 From 31df8355dfe546edbc88fed51ea71399642118a7 Mon Sep 17 00:00:00 2001 From: "Marcel S. Henselin" Date: Fri, 30 Jan 2026 12:29:46 +0100 Subject: [PATCH 3/6] fix: order dependencies in ci pipeline --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 0ee00153..76bf02f7 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,7 +5,7 @@ on: workflow_dispatch: push: branches: - - main + - '!main' env: GO_VERSION: "1.25" -- 2.49.1 From 49c84c6d074fd5424146aaaed8d102f7f66a89ca Mon Sep 17 00:00:00 2001 From: "Marcel S. Henselin" Date: Fri, 30 Jan 2026 13:25:43 +0100 Subject: [PATCH 4/6] fix: order dependencies in ci pipeline --- cmd/cmd/publish/provider.go | 38 ++++++++++++++++++++++++++++++++++--- cmd/cmd/publish/shasums.go | 2 +- cmd/cmd/publishCmd.go | 36 +++++++---------------------------- 3 files changed, 43 insertions(+), 33 deletions(-) diff --git a/cmd/cmd/publish/provider.go b/cmd/cmd/publish/provider.go index 947a42ff..c3974e22 100644 --- a/cmd/cmd/publish/provider.go +++ b/cmd/cmd/publish/provider.go @@ -140,11 +140,21 @@ func (p *Provider) createVersionsFile() error { } // Build the versions file... - version := Version{} + version := Version{ + Version: p.Version, + Protocols: []string{"5.1"}, + Platforms: nil, + } for _, sum := range shasums { // get os and arch from filename removeFileExtension := strings.Split(sum.Path, ".zip") + if len(removeFileExtension) < 1 { + log.Fatalf("error: %s does not have .zip extension", sum.Path) + } fileNameSplit := strings.Split(removeFileExtension[0], "_") + if len(fileNameSplit) < 4 { + log.Fatalf("filename does not match our regex: %s", removeFileExtension[0]) + } // Get build target and architecture from the zip file name target := fileNameSplit[2] @@ -178,9 +188,9 @@ func (p *Provider) createVersionsFile() error { } func (p *Provider) providerDirs() string { - log.Println("* Creating release/v1/providers/[namespace]/[repo]/[version] directories") + log.Println("* Creating release/v1/providers/[namespace]/[provider]/[version] directories") - target := path.Join("release", "v1", "providers", p.Namespace, p.RepoName, p.Version) + target := path.Join("release", "v1", "providers", p.Namespace, p.Provider, p.Version) err := CreateDir(target) if err != nil { @@ -189,6 +199,28 @@ func (p *Provider) providerDirs() string { return target } +func (p *Provider) CreateWellKnown() error { + log.Println("* Creating .well-known directory") + pathString := path.Join(p.RootPath, "release", ".well-known") + + err := os.MkdirAll(pathString, os.ModePerm) + if err != nil && !errors.Is(err, fs.ErrExist) { + return fmt.Errorf("error creating '%s' dir: %w", pathString, err) + } + + log.Println(" - Writing to .well-known/terraform.json file") + err = os.WriteFile( + fmt.Sprintf("%s/terraform.json", pathString), + []byte(`{"providers.v1": "/v1/providers/"}`), + 0644, + ) + if err != nil { + return err + } + + return nil +} + func CreateDir(path string) error { log.Printf("* Creating %s directory", path) err := os.MkdirAll(path, os.ModePerm) diff --git a/cmd/cmd/publish/shasums.go b/cmd/cmd/publish/shasums.go index 973b3769..a7e71617 100644 --- a/cmd/cmd/publish/shasums.go +++ b/cmd/cmd/publish/shasums.go @@ -33,7 +33,7 @@ func GetShaSumContents(distPath, repoName, version string) (ShaSums, error) { slog.Warn("unable to parse SHA sum line", "line", line) continue } - shaSums = append(shaSums, ShaSum{Sum: matches[0][0], Path: matches[0][1]}) + shaSums = append(shaSums, ShaSum{Sum: matches[0][1], Path: matches[0][2]}) } return shaSums, nil } diff --git a/cmd/cmd/publishCmd.go b/cmd/cmd/publishCmd.go index 9930aa65..1e3ce140 100644 --- a/cmd/cmd/publishCmd.go +++ b/cmd/cmd/publishCmd.go @@ -28,7 +28,7 @@ var publishCmd = &cobra.Command{ Use: "publish", Short: "Publish terraform provider", Long: `...`, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { return publish() }, } @@ -104,44 +104,22 @@ func publish() error { // Create release dir - only the contents of this need to be uploaded to S3 log.Printf("* Creating reelase directory") - err = os.Mkdir(path.Join(p.RootPath, "release"), os.ModePerm) - if !errors.Is(err, fs.ErrExist) { - return fmt.Errorf("error creating 'release' dir: %w", err) + err = os.MkdirAll(path.Join(p.RootPath, "release"), os.ModePerm) + if err != nil && !errors.Is(err, fs.ErrExist) { + return fmt.Errorf("error creating '%s' dir: %w", path.Join(p.RootPath, "release"), err) } // Create .wellKnown directory and terraform.json file - err = wellKnown() + err = p.CreateWellKnown() if err != nil { - return fmt.Errorf("error creating '.wellKnown' dir: %s", err) + return fmt.Errorf("error creating '.well-known' dir: %w", err) } err = p.CreateV1Dir() if err != nil { - return fmt.Errorf("error creating 'v1' dir: %s", err) + return fmt.Errorf("error creating 'v1' dir: %w", err) } log.Println("📦 Packaged Terraform Provider for private registry.") return nil } - -// This establishes the "API" as a TF provider by responding with the correct JSON payload, by using static files -func wellKnown() error { - log.Println("* Creating .well-known directory") - - err := os.Mkdir("release/.well-known", os.ModePerm) - if !errors.Is(err, fs.ErrExist) { - return fmt.Errorf("error creating 'release' dir: %w", err) - } - - log.Println(" - Writing to .well-known/terraform.json file") - err = os.WriteFile( - "release/.well-known/terraform.json", - []byte(`{"providers.v1": "/v1/providers/"}`), - 0644, - ) - if err != nil { - return err - } - - return nil -} -- 2.49.1 From 96acb504338e734df919233a27dd52465f449c2d Mon Sep 17 00:00:00 2001 From: "Marcel S. Henselin" Date: Fri, 30 Jan 2026 13:35:36 +0100 Subject: [PATCH 5/6] fix: typo in publish command fix: refactor build action --- .github/actions/build/action.yaml | 52 ++++++++++++++++++++++++------- cmd/cmd/publishCmd.go | 2 +- 2 files changed, 42 insertions(+), 12 deletions(-) diff --git a/.github/actions/build/action.yaml b/.github/actions/build/action.yaml index 9da06b1a..fe544618 100644 --- a/.github/actions/build/action.yaml +++ b/.github/actions/build/action.yaml @@ -6,14 +6,24 @@ inputs: description: "Go version to install" default: '1.25' required: true - golang-cilint-version: - description: "Golangci-lint version to install" - default: "2.7.2" - required: true + java-distribution: + description: "JAVA distribution to use (default: temurin)" + default: 'temurin' + java-version: + description: "JAVA version to use (default: 21)" + default: '21' runs: using: "composite" steps: + - name: Install needed tools + shell: bash + run: | + set -e + apt-get -y -qq update + apt-get -y -qq install jq python3 python3-pip python-is-python3 s3cmd git make wget + + - name: Install Go ${{ inputs.go-version }} uses: actions/setup-go@v6 with: @@ -21,14 +31,34 @@ runs: check-latest: true go-version-file: 'go.mod' - # - name: Run golangci-lint - # uses: golangci/golangci-lint-action@v9 - # with: - # version: ${{ inputs.golang-cilint-version }} - - - name: Install needed tools + - name: Install go tools shell: bash run: | set -e - go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@${{ inputs.golang-cilint-version }} + go install golang.org/x/tools/cmd/goimports@latest + go install github.com/hashicorp/terraform-plugin-codegen-framework/cmd/tfplugingen-framework@latest + go install github.com/hashicorp/terraform-plugin-codegen-openapi/cmd/tfplugingen-openapi@latest go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs@v0.24.0 + + + - name: Setup JAVA ${{ inputs.java-distribution }} ${{ inputs.go-version }} + uses: actions/setup-java@v5 + with: + distribution: ${{ inputs.java-distribution }} # See 'Supported distributions' for available options + java-version: ${{ inputs.java-version }} + + - name: Checkout + uses: actions/checkout@v6 + + - name: Run build pkg directory + shell: bash + run: | + set -e + go run cmd/main.go build + + + - name: Run make to build app + shell: bash + run: | + set -e + make build diff --git a/cmd/cmd/publishCmd.go b/cmd/cmd/publishCmd.go index 1e3ce140..2c9dbc62 100644 --- a/cmd/cmd/publishCmd.go +++ b/cmd/cmd/publishCmd.go @@ -103,7 +103,7 @@ func publish() error { } // Create release dir - only the contents of this need to be uploaded to S3 - log.Printf("* Creating reelase directory") + log.Printf("* Creating release directory") err = os.MkdirAll(path.Join(p.RootPath, "release"), os.ModePerm) if err != nil && !errors.Is(err, fs.ErrExist) { return fmt.Errorf("error creating '%s' dir: %w", path.Join(p.RootPath, "release"), err) -- 2.49.1 From 1227e824ce82a8ec5fb2a7d11185a9e5b4ebf118 Mon Sep 17 00:00:00 2001 From: "Marcel S. Henselin" Date: Fri, 30 Jan 2026 13:46:58 +0100 Subject: [PATCH 6/6] fix: fix pipelines to reduce parallel runs --- .github/workflows/ci.yaml | 4 ++++ .github/workflows/publish.yaml | 4 ---- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 76bf02f7..f8ee06b9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -2,10 +2,14 @@ name: CI Workflow on: pull_request: + branches: + - alpha + - main workflow_dispatch: push: branches: - '!main' + - '!alpha' env: GO_VERSION: "1.25" diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index e6736da4..a0211e0b 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -3,10 +3,6 @@ name: Publish run-name: Publish by @${{ github.actor }} on: - pull_request: - branches: - - alpha - - main workflow_dispatch: push: tags: -- 2.49.1