Add additional linting rules

.config/.markdownlint.yaml

@@ -5,4 +5,3 @@ no-inline-html:
   allowed_elements: ['p', 'img']
 ul-style:
   style: sublist
-

.config/.v8rrc.yaml

@@ -0,0 +1,15 @@
+customCatalog:
+  schemas:
+    - name: Example Workflow
+      fileMatch: ["example_workflows/*.yaml"]
+      location: https://json.schemastore.org/github-workflow.json
+
+    - name: Markdown Lint
+      fileMatch: ["changelog.markdownlint.yaml"]
+      location: "https://raw.githubusercontent.com/DavidAnson/markdownlint/main/schema/markdownlint-config-schema.json"
+
+    - name: GitHub Issue Template configuration
+      fileMatch: [".github/ISSUE_TEMPLATE/config.yml"]
+      location: "https://json.schemastore.org/github-issue-config.json"
+
+patterns: ['**/*.yaml', '**/*.yml']

.config/.yamllint.yaml

@@ -0,0 +1,14 @@
+---
+extends: default
+
+rules:
+  document-start: disable
+  line-length:
+    max: 255
+  truthy:
+    check-keys: false
+  comments:
+    min-spaces-from-content: 1
+  octal-values:
+    forbid-implicit-octal: true
+    forbid-explicit-octal: true

.config/ruff.toml

@@ -0,0 +1,29 @@
+line-length = 120
+
+target-version = "py39"
+
+src = ["docs-gen", "image/src"]
+
+include = [
+    "docs-gen/*.py",
+    "image/src/*.py",
+    "image/src/setup.py",
+    "tools/*.py",
+]
+
+[lint]
+# Allow fix for all enabled rules (when `--fix`) is provided.
+fixable = ["ALL"]
+unfixable = []
+
+# Allow unused variables when underscore-prefixed.
+dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$"
+
+[lint.flake8-quotes]
+inline-quotes = "single"
+multiline-quotes = "single"
+docstring-quotes = "double"
+
+[format]
+quote-style = "single"
+docstring-code-format = true

.github/ISSUE_TEMPLATE/problem.yml

@@ -49,6 +49,6 @@ body:
     id: debugging-enabled
     attributes:
       label: Has debug logging been enabled?
-      options: 
-        - label: Yes, the `ACTIONS_STEP_DEBUG` secret was set to `true` when capturing the workflow log above. I understand that if I have not done this, I may not recieve a response.
+      options:
+        - label: Yes, the `ACTIONS_STEP_DEBUG` secret was set to `true` when capturing the workflow log above. I understand that if I have not done this, I may not receive a response.
           required: true

.github/workflows/release.yaml

@@ -52,11 +52,11 @@ jobs:
         run: |
           BASE_TAG=$(docker buildx imagetools inspect danielflook/terraform-github-actions-base:latest --format '{{json .}}' | jq -r '.manifest.annotations."ref.tag"')
           BASE_DIGEST=$(docker buildx imagetools inspect "danielflook/terraform-github-actions-base:$BASE_TAG" --format '{{json .}}' | jq -r '.manifest.digest')
-          
+
           gh attestation verify --repo dflook/terraform-github-actions "oci://index.docker.io/danielflook/terraform-github-actions-base@$BASE_DIGEST"
-          
+
           sed -i "s|FROM danielflook/terraform-github-actions-base:latest|FROM danielflook/terraform-github-actions-base@$BASE_DIGEST|" "image/Dockerfile"
-          
+
           docker buildx build \
             --build-arg FETCH_CHECKSUMS=yes \
             --build-arg VERSION="${RELEASE_TAG:1}" \
@@ -156,12 +156,12 @@ jobs:
               git -C "$HOME/$action" tag --force -a -m"$RELEASE_TAG" "$major.$minor-dockerhub"
               git -C "$HOME/$action" push --force
               git -C "$HOME/$action" push --force --tags
-          
+
               # git tags that use GitHub Container Registry for the image
               git -C "$HOME/$action" checkout ghcr || git -C "$HOME/$action" checkout -b ghcr
               prepare_release
               sed -i "s|  image:.*|  image: docker://ghcr.io/dflook/terraform-github-actions@$IMAGE_DIGEST|" "$HOME/$action/action.yaml"
-          
+
               git -C "$HOME/$action" add -A
               git -C "$HOME/$action" commit -m "$RELEASE_TAG-ghcr"
               git -C "$HOME/$action" tag --force -a -m"$RELEASE_TAG" "$RELEASE_TAG-ghcr"

.github/workflows/test-apply.yaml

@@ -878,7 +878,7 @@ jobs:
       contents: read
       pull-requests: write
     env:
-      GITHUB_TOKEN: No
+      GITHUB_TOKEN: "No"
       TERRAFORM_ACTIONS_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
       - name: Checkout
@@ -1029,7 +1029,7 @@ jobs:
             echo "::error:: output changes not set correctly"
             exit 1
           fi
-          
+
           if [[ "$TO_ADD" -ne 1 ]]; then
             echo "::error:: to_add not set correctly"
             exit 1

.github/workflows/test-binary-plan.yaml

@@ -137,4 +137,4 @@ jobs:
           if [[ "$FAILURE_REASON" != "plan-changed" ]]; then
             echo "::error:: failure-reason not set correctly"
             exit 1
-          fi
+          fi

.github/workflows/test-changes-only.yaml

@@ -229,4 +229,3 @@ jobs:
             echo "::error:: failure-reason not set correctly"
             exit 1
           fi
-

.github/workflows/test-cloud.yaml

@@ -265,7 +265,7 @@ jobs:
             echo "::error:: Variables not set correctly"
             exit 1
           fi
-          
+
           if ! grep -q "Terraform will perform the following actions" "$TEXT_PLAN_PATH"; then
             echo "::error:: text_plan_path not set correctly"
             exit 1
@@ -275,7 +275,7 @@ jobs:
             echo "::error:: json_plan_path should not be set"
             exit 1
           fi
-          
+
           if [[ "$RUN_ID" != "run-"* ]]; then
             echo "::error:: output run_id not set correctly"
             exit 1
@@ -358,7 +358,7 @@ jobs:
             echo "::error:: output not set correctly"
             exit 1
           fi
-          
+
           if ! grep -q "Terraform will perform the following actions" "$TEXT_PLAN_PATH"; then
             echo "::error:: text_plan_path not set correctly"
             exit 1
@@ -448,7 +448,7 @@ jobs:
             echo "::error:: output changes not set correctly"
             exit 1
           fi
-          
+
           if ! grep -q "Terraform will perform the following actions" "$TEXT_PLAN_PATH"; then
             echo "::error:: text_plan_path not set correctly"
             exit 1
@@ -458,7 +458,7 @@ jobs:
             echo "::error:: json_plan_path should be set"
             exit 1
           fi
-          
+
           if [[ "$RUN_ID" != "run-"* ]]; then
             echo "::error:: output run_id not set correctly"
             exit 1
@@ -485,12 +485,12 @@ jobs:
             echo "::error:: Variables not set correctly"
             exit 1
           fi
-          
+
           if ! grep -q "Terraform will perform the following actions" "$TEXT_PLAN_PATH"; then
             echo "::error:: text_plan_path not set correctly"
             exit 1
           fi
-          
+
           if [[ ! -f "$JSON_PLAN_PATH" ]]; then
             echo "::error:: json_plan_path should be set"
             exit 1
@@ -536,7 +536,7 @@ jobs:
             echo "::error:: changes output not set correctly"
             exit 1
           fi
-          
+
           if [[ "$APPLY_OUTPUT_LEN" != "5" ]]; then
             echo "::error:: Variables not set correctly"
             exit 1
@@ -610,7 +610,7 @@ jobs:
             echo "::error:: changes output not set correctly"
             exit 1
           fi
-          
+
           if [[ "$SAVED_APPLY_OUTPUT_LEN" != "8" ]]; then
             echo "::error:: Variables not set correctly"
             exit 1
@@ -620,7 +620,7 @@ jobs:
             echo "::error:: text_plan_path not set correctly"
             exit 1
           fi
-          
+
           if [[ ! -f "$SAVED_PLAN_JSON_PLAN_PATH" ]]; then
             echo "::error:: json_plan_path should be set"
             exit 1
@@ -630,7 +630,7 @@ jobs:
             echo "::error:: output run_id not set correctly"
             exit 1
           fi
-          
+
           if [[ "$SAVED_APPLY_RUN_ID" != "run-"* ]]; then
             echo "::error:: output run_id not set correctly"
             exit 1
@@ -674,7 +674,7 @@ jobs:
             echo "::error:: changes output not set correctly"
             exit 1
           fi
-          
+
           if [[ "$SAVED_APPLY_OUTPUT_LEN" != "8" ]]; then
             echo "::error:: Variables not set correctly"
             exit 1

.github/workflows/test-http.yaml

@@ -162,7 +162,7 @@ jobs:
             echo "::error:: output not set correctly"
             exit 1
           fi
-          
+
           # Check the credential file is as before
           diff tests/workflows/test-http/http-module/netrc "$RUNNER_TEMP_D/_github_home/.netrc"
 

.github/workflows/test-new-workspace.yaml

@@ -32,7 +32,7 @@ jobs:
               key    = "terraform-new-workspace-${{ matrix.tf_version }}"
               region = "eu-west-2"
             }
-          
+
             required_version = "${{ matrix.tf_version }}"
           }
           EOF

.github/workflows/test-plan.yaml

@@ -52,7 +52,7 @@ jobs:
             echo "::error:: text_plan_path not set correctly"
             exit 1
           fi
-          
+
           if ! [[ -f "$PLAN_PATH" ]]; then
             echo "::error:: plan_path not set correctly"
             exit 1
@@ -232,7 +232,7 @@ jobs:
             echo "::error:: text_plan_path not set correctly"
             exit 1
           fi
-          
+
           if [[ "$TO_ADD" -ne 1 ]]; then
             echo "::error:: to_add not set correctly"
             exit 1
@@ -864,7 +864,7 @@ jobs:
           path: tests/workflows/test-plan/single_sensitive_variable
           variables: |
             my_sensitive_string = "password123"
-     
+
 
   plan_sensitive_variables:
     runs-on: ubuntu-24.04
@@ -904,7 +904,7 @@ jobs:
                 protocol = "udp"
                 fruits = ["apple", "banana"]
               }
-            ]   
+            ]
 
   plan_sensitive_var:
     runs-on: ubuntu-24.04
@@ -999,7 +999,7 @@ jobs:
         with:
           path: tests/workflows/test-plan/plan
           var_file: |
-              var_file/doesnt/exist.tfvars   
+              var_file/doesnt/exist.tfvars
               var_file/doesnt/exist2.tfvars
           add_github_comment: false
 
@@ -1027,11 +1027,11 @@ jobs:
             echo "Non existant var_file did not fail correctly"
             exit 1
           fi
-          
+
           if [[ "$BACKEND_CONFIG_FILE_OUTCOME" != "failure" ]]; then
             echo "Non existant backend_config_file did not fail correctly"
             exit 1
-          fi          
+          fi
 
   test_plan_1_4:
     runs-on: ubuntu-24.04

.github/workflows/test-registry.yaml

@@ -56,7 +56,7 @@ jobs:
             echo "::error:: output not set correctly"
             exit 1
           fi
-          
+
           # Check that terraformrc is as before
           diff tests/workflows/test-registry/terraformrc "$RUNNER_TEMP_D/_github_home/.terraformrc"
 

.github/workflows/test-test.yaml

@@ -33,7 +33,7 @@ jobs:
             echo "::error:: failure-reason not set correctly"
             exit 1
           fi
-          
+
           if [[ "$JUNIT_XML_PATH" != "" ]]; then
             echo "::error:: junit-xml-path should not be set"
             exit 1
@@ -65,7 +65,7 @@ jobs:
             echo "::error:: failure-reason not set correctly"
             exit 1
           fi
-          
+
           if [[ "$JUNIT_XML_PATH" == "" ]]; then
             echo "::error:: junit-xml-path should be set"
             exit 1
@@ -76,7 +76,7 @@ jobs:
               echo "::error:: junit-xml-path does not point to a file"
               exit 1
           fi
-          
+
           if [[ "$(grep -c '<testsuites' "$JUNIT_XML_PATH")" -ne 1 ]]; then
               echo "::error:: junit-xml-path does not contain a testsuites tag"
               exit 1
@@ -229,7 +229,7 @@ jobs:
             echo "Test did not fail correctly"
             exit 1
           fi
-          
+
           if [[ "$FAILURE_REASON" != "tests-failed" ]]; then
             echo "::error:: failure-reason not set correctly"
             exit 1