hashicorp · SarahFrench · Dec 13, 2024 · Dec 13, 2024 · Feb 3, 2025 · Feb 3, 2025
@@ -0,0 +1,78 @@
+# This workflow is intended to run on PRs for preparing a new release. Those PRs contain
+# diffs for only change-related and version/VERSION files, so we skip running
+# the complete set of 'Quick Checks'.
+# 
+# This workflow runs the unit tests for the version package.
+# This is only triggered if the push or PR contains no other code changes other than in
+# version/***. When PRs have additional changes the full Quick Checks workflow will run instead.
+
+name: Check version package
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types:
+      - opened
+      - ready_for_review
+      - reopened
+      - synchronize
+    paths:
+      # Allow list
+      - 'version/**'
+      # Disallow list
+      - '!docs/**'
+      - '!internal/**'
+      - '!scripts/**'
+      - '!testing/**'
+      - '!tools/**'
+      - '!website/**'
+  push:
+    branches:
+      - '*'
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+*'
+    paths:
+      # Allow list
+      - 'version/**'
+      # Disallow list
+      - '!docs/**'
+      - '!internal/**'
+      - '!scripts/**'
+      - '!testing/**'
+      - '!tools/**'
+      - '!website/**'
+
+permissions:
+  contents: read
+
+jobs:
+  check-version-package:
+    name: "Check version/VERSION value"
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: "Fetch source code"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Determine Go version
+        id: go
+        uses: ./.github/actions/go-version
+
+      - name: Install Go toolchain
+        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
+        with:
+          go-version: ${{ steps.go.outputs.version }}
+
+      # NOTE: This cache is shared so the following step must always be
+      # identical across the unit-tests, e2e-tests, and consistency-checks
+      # jobs, or else weird things could happen.
+      - name: Cache Go modules
+        uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
+        with:
+          path: "~/go/pkg"
+          key: go-mod-${{ hashFiles('go.sum') }}
+          restore-keys: |
+            go-mod-
+      - name: "Test version package"
+        run: |
+          go test -v github.com/hashicorp/terraform/version
@@ -0,0 +1,28 @@
+name: 'Quick Checks: unprotected feature branches'
+
+on:
+  # We only run checks when pushing to a feature branch:
+  # - If there are changes outside the ignored, non-code paths below
+  push:
+    branches:
+      #  Allow list
+      - '*'
+      # Disallow list
+      - '!main'
+      - '!v[0-9]+.[0-9]+'
+
+    paths-ignore:
+      - 'CHANGELOG.md'
+      - '.changes/**'
+      - 'version/VERSION'
+      - 'docs/**'
+
+# This workflow runs for not-yet-reviewed external contributions and so it
+# intentionally has no write access and only limited read access to the
+# repository.
+permissions:
+  contents: read
+
+jobs:
+ quick-checks:
+  uses: ./.github/workflows/checks.yml
@@ -0,0 +1,22 @@
+name: 'Quick Checks: protected branches & tags'
+
+on:
+  # We always run checks on:
+  # - PR merges to main
+  # - PR merges to release branches
+  push:
+    branches:
+      - 'main'
+      - 'v[0-9]+.[0-9]+'
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+*'
+
+# This workflow runs for not-yet-reviewed external contributions and so it
+# intentionally has no write access and only limited read access to the
+# repository.
+permissions:
+  contents: read
+
+jobs:
+ quick-checks:
+  uses: ./.github/workflows/checks.yml
@@ -0,0 +1,26 @@
+name: 'Quick Checks: pull requests'
+
+on:
+  # We only run checks on pull request events:
+  # - If there are changes outside the ignored, non-code paths below
+  pull_request:
+    types:
+      - opened
+      - ready_for_review
+      - reopened
+      - synchronize
+    paths-ignore:
+      - 'CHANGELOG.md'
+      - '.changes/**'
+      - 'version/VERSION'
+      - 'docs/**'
+
+# This workflow runs for not-yet-reviewed external contributions and so it
+# intentionally has no write access and only limited read access to the
+# repository.
+permissions:
+  contents: read
+
+jobs:
+ quick-checks:
+  uses: ./.github/workflows/checks.yml
@@ -15,18 +15,9 @@
 
 name: Quick Checks
 
+# This workflow is reusable and called from multiple, scenario-specific workflows.
 on:
-  pull_request:
-    types:
-      - opened
-      - ready_for_review
-      - reopened
-      - synchronize
-  push:
-    branches:
-      - '*'
-    tags:
-      - 'v[0-9]+.[0-9]+.[0-9]+*'
+  workflow_call:
 
 # This workflow runs for not-yet-reviewed external contributions and so it
 # intentionally has no write access and only limited read access to the