GitHub API rate-limit may cause tflint without .tflint.hcl to fail
$ tflint_default_config
[INFO] No tflint config found, injecting default one
wget: server returned error: HTTP/1.1 403 rate limit exceededWithout .tflint.hcl file, template need to call api.github.com to guess latest versions.
Those calls are subject to GitHub rate-limiting causing job to fail.
Original title: fails to retrive the tflint report in $TF_PROJECT_DIR/reports/tflint.xunit.xml
Describe the bug
Using the version 9.0 the TFlint job fails. The file $TF_PROJECT_DIR/reports/tflint.xunit.xml can't be
WARNING: examples/basic/reports/tflint.xunit.xml: no matching files. Ensure that the artifact path is relative to the working directory (/builds/multicloud-patterns/terraform-modules/google-cloud/gke-addons) Expected behavior
report in my artifact
Actual behavior
cd "$TF_PROJECT_DIR"
$ mkdir -p -m 777 reports
$ tflint_default_config
[INFO] No tflint config found, injecting default one
wget: server returned error: HTTP/1.1 403 rate limit exceeded
Saving cache for failed job 00:01
Creating cache fix-issue-7-no-eip-tflint-16-protected...
/builds/multicloud-patterns/terraform-modules/google-cloud/gke-addons/examples/basic/.plugins: found 12 matching artifact files and directories
Archive is up to date!
Created cache
Uploading artifacts for failed job 00:05
Uploading artifacts...
WARNING: examples/basic/reports/tflint.xunit.xml: no matching files. Ensure that the artifact path is relative to the working directory (/builds/multicloud-patterns/terraform-modules/google-cloud/gke-addons)
ERROR: No files to upload Context & Configuration
- Version of the template: (type in the version) 9.1
- orange corporate on premise gitlab 18.7
- GitLab runner(s): Running with gitlab-runner 18.7.2 (1c855082) Using Kubernetes executor with image ghcr.io/terraform-linters/tflint:latest
Here is the .gitlab-ci.yml file:
include:
- component: $CI_SERVER_FQDN/to-be-continuous/gitleaks/gitlab-ci-gitleaks@2.9
inputs:
args: "--verbose" # full Gitleaks analysis (on master or develop branches)
- component: $CI_SERVER_FQDN/to-be-continuous/terraform/gitlab-ci-terraform@8.1
inputs:
gitlab-backend-disabled: true
project-dir: "examples/basic"
review-enabled: true
review-autostop-duration: 15 minutes
review-init-opts: "-reconfigure -backend-config=bucket=tfstate-$GCP_REVIEW_PROJECT -backend-config=prefix=tfstate-$CI_PROJECT_ID-addons-$ENV_TYPE-$CI_COMMIT_REF_SLUG"
integ-enabled: false # No integration environment in this tool/module i.e no develop branch
staging-enabled: true
staging-autostop-duration: 15 minutes
staging-init-opts: "-reconfigure -backend-config=bucket=tfstate-$GCP_STAGING_PROJECT -backend-config=prefix=tfstate-$CI_PROJECT_ID-addons-$ENV_TYPE"
prod-enabled: false
tfsec-enabled: false
checkov-enabled: true
trivy-disabled: true
tftest-strategy: "disabled"
publish-enabled: false
validate-enabled: true
tflint-disabled: false
- component: $CI_SERVER_FQDN/to-be-continuous/terraform/gitlab-ci-terraform-gcp@9.0
inputs:
gcp-oidc-aud: $GCP_OIDC_AUD
gcp-review-oidc-provider: $GCP_REVIEW_OIDC_PROVIDER
gcp-review-oidc-account: $GCP_REVIEW_OIDC_ACCOUNT
gcp-integ-oidc-provider: $GCP_INTEG_OIDC_PROVIDER
gcp-integ-oidc-account: $GCP_INTEG_OIDC_ACCOUNT
gcp-staging-oidc-provider: $GCP_STAGING_OIDC_PROVIDER
gcp-staging-oidc-account: $GCP_STAGING_OIDC_ACCOUNT
gcp-prod-oidc-provider: $GCP_PROD_OIDC_PROVIDER
gcp-prod-oidc-account: $GCP_PROD_OIDC_ACCOUNT
- project: "multicloud-patterns/tools/gitlab-templates/gcp/prerequisites"
ref: '2.12'
file: "/templates/gitlab-ci-gcp-prerequisites.yml"
- project: "multicloud-patterns/tools/gitlab-templates/gcp/wif-orange-configuration"
ref: "2.9"
file: "/templates/gitlab-ci-wif-orange-configuration.yml"
# ==================================================
# Pipeline variables
# ==================================================
variables:
# no production environment for terraform module in app foundation
GCP_STAGING_PROJECT: "ino-app-fdn-gke-qua-ppr"
GCP_STAGING_PROJECT_NUMBER: "1087671122590"
GKE_STAGING_CLUSTER_NAME: "addons"
# No integration environment for terraform module in app foundation
GCP_REVIEW_PROJECT: "ino-app-fdn-gke-dev"
GCP_REVIEW_PROJECT_NUMBER: "415489591879"
GKE_REVIEW_CLUSTER_NAME: "addons"
stages:
- ".pre"
- prerequisites
- build
- test
- infra
- publish
- infra-prod
- ".post"
# auto cleanup review environments (when MR is merged or closed)
tf-review:
environment:
on_stop: tf-destroy-review
auto_stop_in: 30 minutes # lifetime of the review environment, finops consideration
tf-staging:
environment:
on_stop: tf-destroy-staging
auto_stop_in: 30 minutes # lifetime of the staging environment, finops consideration
Edited by Clement Bois