feat: Add GH checks and templates (antonbabenko#222)

Author: MaxymVlasov

.github/ISSUE_TEMPLATE/bug_report_docker.md

@@ -0,0 +1,81 @@
+---
+name: Local installation bug report
+about: Create a bug report
+labels:
+- kind/bug
+- area/docker
+---
+
+<!--
+Thank you for helping to improve pre-commit-terraform!
+
+Please be sure to search for open issues before raising a new one. We use issues
+for bug reports and feature requests. Please note, this template is for bugs
+report, not feature requests.
+-->
+
+### Describe the bug
+
+<!--
+Please let us know what behavior you expected and how terraform-docs diverged
+from that behavior.
+-->
+
+
+### How can we reproduce it?
+
+<!--
+Help us to reproduce your bug as succinctly and precisely as possible. Any and
+all steps or script that triggers the issue are highly appreciated!
+
+Do you have long logs to share? Please use collapsible sections, that can be created via:
+
+<details><summary>SECTION_NAME</summary>
+
+```bash
+YOUR_LOG_HERE
+```
+
+</details>
+-->
+
+
+### Environment information
+
+* OS:  
+
+<!-- I.e.:
+OS: Windows 10
+OS: Win10 with Ubuntu 20.04 on WSL2
+OS: MacOS
+OS: Ubuntu 20.04
+-->
+
+* `docker info`:
+
+<details><summary><code>command output</summary>
+
+```bash
+INSERT_OUTPUT_HERE
+```
+
+</details>
+
+* Docker image tag/git commit:  
+
+* Tools versions. Don't forget to specify right tag in command -  
+  `TAG=latest && docker run --entrypoint cat pre-commit:$TAG /usr/bin/tools_versions_info`
+
+```bash
+INSERT_OUTPUT_HERE
+```
+
+* `.pre-commit-config.yaml`:
+
+<details><summary>file content</summary>
+
+```bash
+INSERT_FILE_CONTENT_HERE
+```
+
+</details>

.github/ISSUE_TEMPLATE/bug_report_local_install.md

@@ -0,0 +1,106 @@
+---
+name: Docker bug report
+about: Create a bug report
+labels:
+- kind/bug
+- area/local_installation
+---
+
+<!--
+Thank you for helping to improve pre-commit-terraform!
+
+Please be sure to search for open issues before raising a new one. We use issues
+for bug reports and feature requests. Please note, this template is for bugs
+report, not feature requests.
+-->
+
+### Describe the bug
+
+<!--
+Please let us know what behavior you expected and how terraform-docs diverged
+from that behavior.
+-->
+
+
+### How can we reproduce it?
+
+<!--
+Help us to reproduce your bug as succinctly and precisely as possible. Any and
+all steps or script that triggers the issue are highly appreciated!
+
+Do you have long logs to share? Please use collapsible sections, that can be created via:
+
+<details><summary>SECTION_NAME</summary>
+
+```bash
+YOUR_LOG_HERE
+```
+
+</details>
+-->
+
+
+### Environment information
+
+* OS:  
+<!-- I.e.:
+OS: Windows 10
+OS: Win10 with Ubuntu 20.04 on WSL2
+OS: MacOS
+OS: Ubuntu 20.04
+-->
+
+* `uname -a` and/or `systeminfo | Select-String "^OS"` output:
+
+```bash
+INSERT_OUTPUT_HERE
+```
+
+<!-- I.e.:
+```bash
+PS C:\Users\vm> systeminfo | Select-String "^OS"
+
+OS Name:                   Microsoft Windows 10 Pro
+OS Version:                10.0.19043 N/A Build 19043
+OS Manufacturer:           Microsoft Corporation
+OS Configuration:          Standalone Workstation
+OS Build Type:             Multiprocessor Free
+
+$ uname -a
+Linux DESKTOP-C7315EF 5.4.72-microsoft-standard-WSL2 #1 SMP Wed Oct 28 23:40:43 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
+```
+-->
+
+* Tools availability and versions:
+
+<!--  For check all needed version run next script:
+
+$0 << EOF
+pre-commit --version                      2>/dev/null || echo "pre-commit SKIPPED"
+terraform --version | head -n 1           2>/dev/null || echo "terraform SKIPPED"
+python --version                          2>/dev/null || echo "python SKIPPED"
+python3 --version                         2>/dev/null || echo "python3 SKIPPED"
+echo -n "checkov " && checkov --version   2>/dev/null || echo "checkov SKIPPED"
+terraform-docs --version                  2>/dev/null || echo "terraform-docs SKIPPED"
+terragrunt --version                      2>/dev/null || echo "terragrunt SKIPPED"
+echo -n "terrascan " && terrascan version 2>/dev/null || echo "terrascan SKIPPED"
+tflint --version                          2>/dev/null || echo "tflint SKIPPED"
+echo -n "tfsec " && tfsec --version       2>/dev/null || echo "tfsec SKIPPED"
+EOF
+
+-->
+
+```bash
+INSERT_TOOLS_VERSIONS_HERE
+```
+
+
+* `.pre-commit-config.yaml`:
+
+<details><summary>file content</summary>
+
+```bash
+INSERT_FILE_CONTENT_HERE
+```
+
+</details>

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,29 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+labels:
+- kind/feature
+---
+
+<!--
+Thank you for helping to improve pre-commit-terraform!
+
+Please be sure to search for open issues before raising a new one. We use issues
+for bug reports and feature requests. Please note, this template is for feature
+requests, not bugs report.
+-->
+
+### What problem are you facing?
+
+<!--
+Please tell us a little about your use case - it's okay if it's hypothetical!
+Leading with this context helps frame the feature request so we can ensure we
+implement it sensibly.
+--->
+
+
+### How could pre-commit-terraform help solve your problem?
+
+<!--
+Let us know how you think pre-commit-terraform could help with your use case.
+-->

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,31 @@
+<!--
+Thank you for helping to improve pre-commit-terraform!
+-->
+
+Put an `x` into the box if that apply:
+
+- [ ] This PR introduces breaking change.
+- [ ] This PR fixes a bug.
+- [ ] This PR adds new functionality.
+- [ ] This PR enhances existing functionality.
+
+### Description of your changes
+
+<!--
+Briefly describe what this pull request does. Be sure to direct your reviewers'
+attention to anything that needs special consideration.
+
+We love pull requests that resolve an open pre-commit-terraform issue. If yours does, you
+can uncomment the below line to indicate which issue your PR fixes, for example
+"Fixes #123":
+-->
+
+<!-- Fixes # -->
+
+### How has this code been tested
+
+<!--
+Before reviewers can be confident in the correctness of this pull request, it
+needs to tested and shown to be correct. Briefly describe the testing that has
+already been done or which is planned for this change.
+-->

.github/workflows/pre-commit.yaml

@@ -0,0 +1,27 @@
+name: Common issues check
+
+on: [pull_request]
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - run: |
+        git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/*
+    - name: Get changed files
+      id: file_changes
+      run: |
+        export DIFF=$(git diff --name-only origin/${{ github.base_ref }} ${{ github.sha }})
+        echo "Diff between ${{ github.base_ref }} and ${{ github.sha }}"
+        echo "::set-output name=files::$( echo "$DIFF" | xargs echo )"
+    - uses: actions/setup-python@v2
+      with:
+        python-version: '3.9'
+    - name: Execute pre-commit
+      uses: pre-commit/[email protected]
+      env:
+        SKIP: no-commit-to-branch
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        extra_args: --color=always --show-diff-on-failure --files ${{ steps.file_changes.outputs.files }}

.github/workflows/stale-actions.yaml

@@ -0,0 +1,34 @@
+name: "Mark or close stale issues and PRs"
+on:
+  schedule:
+  - cron: "0 0 * * *"
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/stale@v3
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        # Staling issues and PR's
+        days-before-stale: 30
+        stale-issue-label: lifecycle/stale
+        stale-pr-label: lifecycle/stale
+        stale-issue-message: |
+          This issue has been automatically marked as stale because it has been open 30 days
+          with no activity. Remove stale label or comment or this issue will be closed in 10 days
+        stale-pr-message: |
+          This PR has been automatically marked as stale because it has been open 30 days
+          with no activity. Remove stale label or comment or this PR will be closed in 10 days
+        # Not stale if have this labels
+        exempt-issue-labels: kind/bug,lifecycle/active,lifecycle/frozen
+        exempt-pr-labels:    kind/bug,lifecycle/active,lifecycle/frozen
+        # If unstale
+        labels-to-remove-when-unstale: lifecycle/stale
+        # Close issue operations
+        # Label will be automatically removed if the issues are no longer closed nor locked.
+        days-before-close: 10
+        close-issue-label: lifecycle/rotten
+        delete-branch: true
+        close-issue-message: This issue was automatically closed because of stale in 10 days
+        close-pr-message: This PR was automatically closed because of stale in 10 days

Dockerfile

@@ -123,18 +123,18 @@ RUN . /.env && \
     ) && chmod +x tfsec \
     ; fi
 
-# Checking binaries versions
+# Checking binaries versions and write it to debug file
 RUN . /.env && \
-    echo "\n\n" && \
-    pre-commit --version && \
-    terraform --version | head -n 1 && \
-    (if [ "$CHECKOV_VERSION"        != "false" ]; then echo -n "checkov " && checkov --version;     else echo "checkov SKIPPED"       ; fi) && \
-    (if [ "$TERRAFORM_DOCS_VERSION" != "false" ]; then ./terraform-docs --version;                  else echo "terraform-docs SKIPPED"; fi) && \
-    (if [ "$TERRAGRUNT_VERSION"     != "false" ]; then ./terragrunt --version;                      else echo "terragrunt SKIPPED"    ; fi) && \
-    (if [ "$TERRASCAN_VERSION"      != "false" ]; then echo -n "terrascan " && ./terrascan version; else echo "terrascan SKIPPED"     ; fi) && \
-    (if [ "$TFLINT_VERSION"         != "false" ]; then ./tflint --version;                          else echo "tflint SKIPPED"        ; fi) && \
-    (if [ "$TFSEC_VERSION"          != "false" ]; then echo -n "tfsec " && ./tfsec --version;       else echo "tfsec SKIPPED"         ; fi) && \
-    echo "\n\n"
+    F=tools_versions_info && \
+    pre-commit --version >> $F && \
+    terraform --version | head -n 1 >> $F && \
+    (if [ "$CHECKOV_VERSION"        != "false" ]; then echo "checkov $(checkov --version)" >> $F;     else echo "checkov SKIPPED" >> $F       ; fi) && \
+    (if [ "$TERRAFORM_DOCS_VERSION" != "false" ]; then ./terraform-docs --version >> $F;              else echo "terraform-docs SKIPPED" >> $F; fi) && \
+    (if [ "$TERRAGRUNT_VERSION"     != "false" ]; then ./terragrunt --version >> $F;                  else echo "terragrunt SKIPPED" >> $F    ; fi) && \
+    (if [ "$TERRASCAN_VERSION"      != "false" ]; then echo "terrascan $(./terrascan version)" >> $F; else echo "terrascan SKIPPED" >> $F     ; fi) && \
+    (if [ "$TFLINT_VERSION"         != "false" ]; then ./tflint --version >> $F;                      else echo "tflint SKIPPED" >> $F        ; fi) && \
+    (if [ "$TFSEC_VERSION"          != "false" ]; then echo "tfsec $(./tfsec --version)" >> $F;       else echo "tfsec SKIPPED" >> $F         ; fi) && \
+    echo "\n\n" && cat $F && echo "\n\n"
 
 # based on debian:buster-slim
 # https://github.com/docker-library/python/blob/master/3.9/buster/slim/Dockerfile

README.md

@@ -37,6 +37,7 @@
   </sup></sub></sup></sub></sup></sub></sup></sub></sup></sub></sup></sub></sup></sub></sup></sub></sup></sub><br><br>
 * [`checkov`](https://github.com/bridgecrewio/checkov) required for `checkov` hook.
 * [`terraform-docs`](https://github.com/terraform-docs/terraform-docs) required for `terraform_docs` hooks.
+* [`terragrunt`](https://terragrunt.gruntwork.io/docs/getting-started/install/) required for `terragrunt_validate` hook.
 * [`terrascan`](https://github.com/accurics/terrascan) required for `terrascan` hook.
 * [`TFLint`](https://github.com/terraform-linters/tflint) required for `terraform_tflint` hook.
 * [`TFSec`](https://github.com/liamg/tfsec) required for `terraform_tfsec` hook.
@@ -163,6 +164,12 @@ Docker:
 docker run -v $(pwd):/lint -w /lint pre-commit run -a
 ```
 
+> You be able list tools versions when needed
+>
+> ```bash
+> TAG=latest && docker run --entrypoint cat pre-commit:$TAG /usr/bin/tools_versions_info
+> ```
+
 ## Available Hooks
 
 There are several [pre-commit](https://pre-commit.com/) hooks to keep Terraform configurations (both `*.tf` and `*.tfvars`) and Terragrunt configurations (`*.hcl`) in a good shape: