Makefile

#!/usr/bin/env make -f

# Get the set versions of Terraform and OpenTofu.
TERRAFORM_VERSION:=$(shell cat .terraform-version)
TOFU_VERSION:=$(shell cat .terraform-version)

# Select the engine: opentofu or terraform.
# make validate TF_ENGINE=opentofu
# This will switch the engine for all actions, including testing.
TF_ENGINE:=terraform
ifeq ($(TF_ENGINE), terraform)
	TF_BINARY:=terraform
	TF_VERSION:=$(TERRAFORM_VERSION)
else ifeq ($(TF_ENGINE), opentofu)
	TF_BINARY:=tofu
	TF_VERSION:=$(TOFU_VERSION)
endif

ifeq ($(CI), )
	TFENV_COMMAND:=tenv use $(TF_BINARY) $(TF_VERSION)
else
	TFENV_COMMAND:=echo "skipping tenv use in CI"
endif


# Packages to install based on different package managers.
BREW_PACKAGES := cosign tenv terraform-docs tflint checkov trivy pre-commit golang
CHOCOLATEY_PACKAGES := cosign tenv terraform-docs tflint trivy golang
APT_PACKAGES :=
APK_PACKAGES := cosign

# Autogenerated based off on the system itself.
# Github Actions installs homebrew on linux machines, so we check for apt first.
INSTALLER_PATH := $(shell { command -v apt || command -v brew || command -v choco ; } 2>/dev/null)
INSTALLER := $(shell { basename $(INSTALLER_PATH) ; } 2>/dev/null)
MODULE_DIRECTORY_NAME := $(shell { pwd | rev | cut -d"/" -f 1 | rev ; } 2>/dev/null)
TERRATEST_FILES:=$(wildcard tests/*_test.go)

# Empty variables primarily used to allow users to pass in their own options.
CHECKOV_OPTS:=
GO_TEST_OPTS:=

# General
all:

chores: documentation formatting

test: test_documentation test_lint test_security test_validation test_formatting

#
# Install
#

install: install_$(INSTALLER)

install_brew:
	brew tap tofuutils/tap
	brew install $(BREW_PACKAGES)

install_choco:
	choco install $(CHOCOLATEY_PACKAGES)
	# checkov


#
# Testing Workspace Setup
#
.terraform:
	$(TF_BINARY) init -backend=false #ANNO This command creates the .terraform directory.


#
# Terraform Formatting
#

.PHONY: formatting
formatting:
	$(TF_BINARY) fmt -recursive .

.PHONY: test_formatting
test_formatting:
	$(TF_BINARY) fmt -check -recursive .


#
# Terraform Docs
#

.PHONY: documentation
documentation:
	terraform-docs -c .terraform-docs.yml .

.PHONY: test_documentation
test_documentation:
	terraform-docs -c .terraform-docs.yml --output-check .


#
# Linting
#

.PHONY: fix_tflint
fix_tflint:
	tflint --init
	tflint --fix

.PHONY: test_tflint
test_tflint:
	tflint --init
	tflint


#
# Security
#

.PHONY: test_security
test_security: test_checkov test_trivy

.PHONY: test_checkov
test_checkov:
	checkov  --directory . $(CHECKOV_OPTS)

.PHONY: test_trivy
test_trivy:
	trivy config .


#
# Terratest
#

tests/go.mod:
	cd tests && \
	go mod init "testing_terraform"

tests/go.sum: tests/go.mod $(TERRATEST_FILES)
	cd tests && \
	go mod tidy

.PHONY: terratest
terratest: tests/go.sum
	cd tests && \
	TERRATEST_BINARY=$(TF_BINARY) go test -v -timeout 60m $(GO_TEST_OPTS)


#
# Terraform Test Framework
#

TERRAFORM_EXAMPLES:=$(wildcard examples/*)


.PHONY: $(TERRAFORM_EXAMPLES)
$(TERRAFORM_EXAMPLES):
	@echo "Testing $@"
	cd $@ && \
	$(TFENV_COMMAND) && \
	$(TF_BINARY) init -backend=false && \
	$(TF_BINARY) test $(TF_TEST_OPTS)

.PHONY: terraform_test
terraform_test: $(TERRAFORM_EXAMPLES)
	@echo "Testing Root Module"
	$(TFENV_COMMAND) && \
	$(TF_BINARY) test $(TF_TEST_OPTS)

#
# Validation
#

.PHONY: test_validation
test_validation: .terraform
	$(TF_BINARY) validate


#
# Local Tools
#

.PHONY: precommit_install
precommit_install:
	pre-commit install