Target module callers when local path module is updated #1528
Conversation
There was a problem hiding this comment.
Thank you for your contribution!
I have several comments.
First, I really appreciate it if you write an issue or a discussion before sending a pull request.
Second, I'm sorry that the description of #245 isn't enough, but this issue is about not local-path modules but GitHub Source modules. As we mentioned in the blog post and the document, we're recommending GitHub Source Modules rather than local-path modules
Third, I don't think changes of local-path modules should be applied to all callers on the same pull request.
Sometimes youSome users would like to apply changes by separated pull requests and apply changes one by one.- The code owners may be different per caller.
YouSome users may want to apply changes to the specific callers first. For example,youthey may want to apply changes to develop environments first and apply changes to production environments later.- If the local-path module is used by a lot of callers, it may be hard to review the result of
terraform plan
Maybe you're aware, but you can also use |
No, we want to apply changes to all callers in a single PR, in my organization.
When we need to update callers granularly, we use GitHub module or other version-controlled options. source = "github.com/my-org/terraform-module-fooo?ref=v1.2.3"I can understand other users may not need this new behavior. |
I understand your motivation.
Yes, so I don't want to apply this change by default. Users would be surprised if we change the default behaviour.
One of ideas is to add the setting like |
|
@suzuki-shunsuke Added a new extensible configuration object: update_local_path_module_caller: z.optional(
z.object({
enabled: z.optional(z.boolean()),
}),
),as same as |
list-targets/action.yaml
Outdated
| @@ -39,15 +39,26 @@ runs: | |||
| env: | |||
| HEAD_SHA: ${{github.event.pull_request.head.sha}} | |||
|
|
|||
| - run: go install github.com/hashicorp/terraform-config-inspect@latest | |||
There was a problem hiding this comment.
We should pin the version. latest is unstable and insecure.
And this step requires Go, so we should clarify the requirement.
We can also install this tool by aqua.
https://github.com/aquaproj/aqua-registry/tree/main/pkgs/hashicorp/terraform-config-inspect
In that case, we need to ask users to update aqua.yaml, which isn't ideal.
There was a problem hiding this comment.
Pinned the version a7d4635
I did not touch aqua, since I am not familiar with aqua and you said it is not ideal.
There was a problem hiding this comment.
Golang dpendency declared in 1aba475
list-module-callers/src/index.ts
Outdated
| } | ||
|
|
||
| const tfDir = path.dirname(tfFile); | ||
| const inspection = JSON.parse(child_process.execSync(`/home/runner/go/bin/terraform-config-inspect --json ${tfDir}`).toString("utf-8")); |
There was a problem hiding this comment.
The path to terraform-config-inspect depends on the environment.
There was a problem hiding this comment.
Added GOBIN/GOPATH detection.
3acf082
| @@ -153,16 +153,22 @@ export const run = (input: Input): TargetConfig[] => { | |||
| } | |||
| } | |||
|
|
|||
| const moduleCallerMap = JSON.parse(core.getInput("module_callers") || "{}"); | |||
There was a problem hiding this comment.
Please don't call core.getInput here to make the function easy to test.
Please call core.getInput in main instead.
There was a problem hiding this comment.
Ah, that is nice.
Fixed in e150731
|
Does the current implementation support nested modules? |
list-targets/action.yaml
Outdated
| id: global-config | ||
| - uses: suzuki-shunsuke/tfaction/list-module-callers@main | ||
| id: list-module-callers | ||
| if: steps.global-config.outputs.disable_update_local_path_module_caller == 'false' |
There was a problem hiding this comment.
It seems the feature is enabled by default, but as I said I want to disable this feature by default.
And I think the output name should be update_local_path_module_caller because the feature is disabled by default.
exoego
force-pushed
the
update-module-use-site
branch
from
d061624 to
e150731
Compare
Yes, it does support nested module calls. |
I see. Thank you. |
|
@suzuki-shunsuke Could you take a look again on this |
list-module-callers/package.json
Outdated
| "@types/node": "20.11.8", | ||
| "@vercel/ncc": "0.38.1", | ||
| "typescript": "5.3.3", | ||
| "vitest": "^1.2.2" |
There was a problem hiding this comment.
We use jest, not vitest.
I'm not familiar with vitest.
So we should unify the library to jest if there is no special reason.
There was a problem hiding this comment.
Replaced with jest 8b1f1ca
Vitest is a very fast testing framework and its API/config is highly compatible with Jest.
https://vitest.dev/
There was a problem hiding this comment.
I see. Thank you for your explanation.
I think it's okay to replace Jest with Vitest if Vitest is better than Jest.
But we should not do this in this pull request.
We should open another pull request.
|
8d83b3e Specify the install path of terraform-config-inspect |
Release NoteFeatures#1528 Support running CI against working directories where depend on a updated local path module By default, tfaction runs CI on only working directories where any code is updated. e.g.
This update enables you to run CI on the working directory A too. tfaction-root.yaml update_local_path_module_caller:
enabled: trueThis feature depends on terraform-config-inspect, so you have to install it. e.g. packages:
- name: hashicorp/terraform-config-inspect
version: a34142ec2a72dd916592afd3247dd354f1cc7e5cIn that case, Go is required. If this feature is enabled, when a module is updated in a pull request, CI is run on working directories depending on the module. |
…t to a temporal directory It seems that action can't refer files on other actions
You have to install terraform-config-inspect yourself
…ate-module-use-site # Conflicts: # list-module-callers/test/lib.test.ts
|
@suzuki-shunsuke Replaced Vitest with Jest |
|
I changed how to install terraform-config-inspect. I said,
But this feature is disabled by default so users have to configure tfaction explicitly. This has both pros and cons.
|
Thank you so much! |
|
v1.3.0 is out 🎉 |
Probably adresses #245 partially.
Issue
Let's say we have directory structures below:
Workspaces
prod,staginganddevelopmentuse local-path modulesmodules/fooandmodules/bar.If the module
modules/foo/main.tfis updated, unfortunately, tfaction can not plan/apply on its use-sites (production,staginganddevelopment).Users need to update
workspace/production/main.tfand such slightly.Solution
After this PR, tfaction can plan and apply on module callers (use-site) even if each caller is not changed.
This new behavior is disabled by default.
Users needs to configure it in
trfaction-root.yaml:Implementation detail
list-module-callersaction creates a mapping from a module name to its caller.