ci: add PR validation checks and fix workflows for go-unifi dependency

- CI: run gofmt, go vet, and golangci-lint on PRs; full build on merge to main - Release: checkout go-unifi alongside provider, add manual dispatch trigger, make GPG signing optional Both workflows now checkout shadyeip/go-unifi to satisfy the replace directive in go.mod. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-09 12:29:37 -05:00
parent a56df16830
commit ff67359ba4
2 changed files with 107 additions and 23 deletions
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -1,34 +1,79 @@
 ---
+name: ci
+
 on:
  pull_request: {}
  push:
    branches:
-      - "main"
-    tags:
-      - "v*"
+      - main

 jobs:
-  build:
-    runs-on: "ubuntu-latest"
+  # Runs on PRs: fast validation checks
+  validate:
+    if: github.event_name == 'pull_request'
+    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v5
+      - name: Checkout provider
+        uses: actions/checkout@v4
        with:
-          go-version-file: "go.mod"
+          path: terraform-provider-unifi
+
+      - name: Checkout go-unifi dependency
+        uses: actions/checkout@v4
+        with:
+          repository: shadyeip/go-unifi
+          path: go-unifi
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: terraform-provider-unifi/go.mod
          cache: true
          check-latest: true

-      - run: "go build ./..."
+      - name: Check formatting
+        working-directory: terraform-provider-unifi
+        run: |
+          unformatted=$(gofmt -l .)
+          if [ -n "$unformatted" ]; then
+            echo "::error::Files not formatted with gofmt:"
+            echo "$unformatted"
+            exit 1
+          fi

-  lint:
-    runs-on: "ubuntu-latest"
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v5
+      - name: Vet
+        working-directory: terraform-provider-unifi
+        run: go vet ./...
+
+      - name: Lint
+        uses: golangci/golangci-lint-action@v6.5.2
        with:
-          go-version-file: "go.mod"
+          working-directory: terraform-provider-unifi
+          skip-pkg-cache: true
+
+  # Runs on merge to main: full build
+  build:
+    if: github.event_name == 'push'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout provider
+        uses: actions/checkout@v4
+        with:
+          path: terraform-provider-unifi
+
+      - name: Checkout go-unifi dependency
+        uses: actions/checkout@v4
+        with:
+          repository: shadyeip/go-unifi
+          path: go-unifi
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: terraform-provider-unifi/go.mod
+          cache: true
          check-latest: true

-      - uses: "golangci/golangci-lint-action@v6.5.2"
-        with:
-          skip-pkg-cache: true
+      - name: Build
+        working-directory: terraform-provider-unifi
+        run: go build ./...
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,35 +1,74 @@
-name: goreleaser
+name: release

 on:
  push:
    tags:
      - "v*"
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Version tag to release (e.g. v1.0.0)"
+        required: true
+        type: string
+
 jobs:
-  goreleaser:
+  release:
    runs-on: ubuntu-latest
    concurrency: release
    permissions:
      contents: write
    steps:
-      - name: Checkout
+      - name: Checkout provider
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
+          path: terraform-provider-unifi
+
+      - name: Checkout go-unifi dependency
+        uses: actions/checkout@v4
+        with:
+          repository: shadyeip/go-unifi
+          path: go-unifi
+
      - name: Set up Go
        uses: actions/setup-go@v5
        with:
-          go-version-file: "go.mod"
+          go-version-file: "terraform-provider-unifi/go.mod"
          check-latest: false
+
+      - name: Determine version
+        id: version
+        working-directory: terraform-provider-unifi
+        run: |
+          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+            echo "tag=${{ inputs.tag }}" >> "$GITHUB_OUTPUT"
+          else
+            echo "tag=${GITHUB_REF#refs/tags/}" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Create tag (workflow_dispatch only)
+        if: github.event_name == 'workflow_dispatch'
+        working-directory: terraform-provider-unifi
+        run: |
+          git tag "${{ steps.version.outputs.tag }}"
+
      - name: Import GPG key
+        if: env.GPG_PRIVATE_KEY != ''
        id: import_gpg
        uses: crazy-max/ghaction-import-gpg@v6
        with:
          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+        env:
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+
      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v6
        with:
          version: latest
-          args: release --parallelism 2 --clean
+          args: >-
+            release --parallelism 2 --clean
+            ${{ steps.import_gpg.outputs.fingerprint == '' && '--skip=sign' || '' }}
+          workdir: terraform-provider-unifi
        env:
          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}