Skip to content

chore(deps): update terragrunt dependency github.com/managedkube/kubernetes-ops to v2.0.85 - autoclosed #5

chore(deps): update terragrunt dependency github.com/managedkube/kubernetes-ops to v2.0.85 - autoclosed

chore(deps): update terragrunt dependency github.com/managedkube/kubernetes-ops to v2.0.85 - autoclosed #5

Workflow file for this run

# The name of the pipeline. Must be unique.
name: "Terragrunt-dev - AWS"
on:
push:
# only run when files in this path changes
# https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#example-using-positive-and-negative-patterns-1
paths:
- 'terraform-environments/aws/terragrunt-dev/**/*.hcl'
- 'terraform-environments/aws/terragrunt-dev/**/*.yaml'
- '!terraform-environments/aws/terragrunt-dev/terragrunt.hcl'
- '!terraform-environments/aws/terragrunt-dev/common.hcl'
- '!terraform-environments/aws/terragrunt-dev/us-east-1/terragrunt-dev/us-east-1/region.hcl'
- '!terraform-environments/aws/terragrunt-dev/us-east-1/terragrunt-dev/us-east-1/terragrunt-dev/environment.hcl'
branches:
- main
pull_request:
# only run when files in this path changes
# https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#example-using-positive-and-negative-patterns-1
paths:
- 'terraform-environments/aws/terragrunt-dev/**/*.hcl'
- 'terraform-environments/aws/terragrunt-dev/**/*.yaml'
- '!terraform-environments/aws/terragrunt-dev/terragrunt.hcl'
- '!terraform-environments/aws/terragrunt-dev/common.hcl'
- '!terraform-environments/aws/terragrunt-dev/us-east-1/terragrunt-dev/us-east-1/region.hcl'
- '!terraform-environments/aws/terragrunt-dev/us-east-1/terragrunt-dev/us-east-1/terragrunt-dev/environment.hcl'
env:
AWS_REGION: us-east-1
tf_version: '1.2.3'
tg_version: 'v0.37.4'
ENVIRONMENT_NAME: terragrunt-dev
# Used for getting permissions to AWS resources through an OIDC federation
permissions:
id-token: write
contents: read # This is required for actions/checkout@v1
jobs:
## This generates a matrix of changed directory to run Terraform on
generate_matrix:
runs-on: ubuntu-latest
env:
# The path that you want to construct the matrix on. Only files in this
# path that has changed will be included in.
TERRAFORM_CHECK_PATH: terraform-environments/aws/terragrunt-dev
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 2
- name: get parent directory and set matrix
id: set-matrix
run: |
# A list of files that changed
git diff --name-only HEAD^ HEAD $TERRAFORM_CHECK_PATH > files1.txt
# Output a list of parent folder stripping out the file name
# leaving only the parent dir name
while IFS= read -r file
do
parent_dir=$(dirname -- "$file")
echo "xx parent_dir: $parent_dir"
echo "xx file: $file"
if [[ "$parent_dir" != "terraform-environments/aws/terragrunt-dev/us-west-2/dev01" ]] && [[ "$parent_dir" != "terraform-environments/aws/terragrunt-dev" ]] && [[ "$parent_dir" != "terraform-environments/aws/terragrunt-dev/us-west-2" ]]; then
echo "aa: $parent_dir"
echo $parent_dir >> file2.txt
fi
done < files1.txt
echo "## All changed directories"
cat file2.txt
# There can be duplicates in the parent dir name if multiple
# files changed in that parent dir. This is to output a list
# that is unqiue so that we don't run the plan on the same
# folder multiple times.
cat file2.txt | uniq > file3.txt
echo "## Unique list of changed dirs only"
cat file3.txt
echo "##"
# Set the parent dir into the Github Actions json matrix
# https://docs.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#fromjson
tf_config=''
while IFS= read -r file
do
echo "file = $file"
# parent_dir=$(dirname -- "$file")
# echo "parent_dir = $parent_dir"
if [[ -z $tf_config ]]; then
tf_config="{\"tf_config\":\"$file\"}"
else
tf_config="$tf_config, {\"tf_config\":\"$file\"}"
fi
done < file3.txt
tf_config="{\"include\":[$tf_config]}"
echo "::set-output name=matrix::$tf_config"
terragrunt:
name: 'Terragrunt'
needs: [generate_matrix]
strategy:
matrix: ${{fromJson(needs.generate_matrix.outputs.matrix)}}
## https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast
## Prevents the entire matrix to stop when one fails
## If Github Actions stops a run mid-run, the TF state file sometime might not be written out before it fails or stops
fail-fast: false
runs-on: ubuntu-latest
env:
tf_working_dir: ${{matrix.tf_config}}
TF_VAR_key_name: ${{ secrets.KEY_NAME }}
steps:
- name: 'Checkout'
uses: actions/checkout@master
- name: 'Download kubergrunt'
run: |
wget https://github.com/gruntwork-io/kubergrunt/releases/download/v0.9.0/kubergrunt_linux_amd64
chmod 755 kubergrunt_linux_amd64
mkdir ${{ github.workspace }}/tmp_bin
cp kubergrunt_linux_amd64 ${{ github.workspace }}/tmp_bin/kubergrunt
- name: 'Download kubectl'
run: |
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod 755 kubectl
- name: 'Configure AWS credentials'
uses: aws-actions/[email protected]
with:
############################################################################
## This role is an output from the 050-github-aws-permissions Terraform/Terragrunt
## instantitation/apply.
##
## It will be in the form of: arn:aws:iam::xxxxxxxxx:role/github_oidc_<posible more to the name>
############################################################################
role-to-assume: ${{ secrets.AWS_GITHUB_OIDC_TERRAFORM_DEV }}
role-session-name: githubAWSSession
role-duration-seconds: 900
aws-region: ${{ env.AWS_REGION }}
- name: 'Terragrunt Format'
uses: the-commons-project/terragrunt-github-actions@master
with:
tf_actions_version: ${{ env.tf_version }}
tg_actions_version: ${{ env.tg_version }}
tf_actions_cli_credentials_token: ${{ secrets.TF_API_TOKEN_DEV }}
tf_actions_binary: 'terraform'
tf_actions_subcommand: 'fmt'
tf_actions_working_dir: ${{ env.tf_working_dir }}
tf_actions_comment: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: 'Terragrunt Init'
uses: the-commons-project/terragrunt-github-actions@master
with:
tf_actions_version: ${{ env.tf_version }}
tg_actions_version: ${{ env.tg_version }}
tf_actions_cli_credentials_token: ${{ secrets.TF_API_TOKEN_DEV }}
tf_actions_subcommand: 'init'
tf_actions_working_dir: ${{ env.tf_working_dir }}
# This will answer yes to all the terragrunt questions, such as do you want to create
# the S3 bucket
# args: --terragrunt-non-interactive
tf_actions_comment: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: 'Output .terraform.lock.hcl file'
run: |
cd ${{ env.tf_working_dir }}
cat .terraform.lock.hcl
# - name: 'Terragrunt Validate'
# uses: the-commons-project/terragrunt-github-actions@master
# with:
# tf_actions_version: ${{ env.tf_version }}
# tg_actions_version: ${{ env.tg_version }}
# tf_actions_cli_credentials_token: ${{ secrets.TF_API_TOKEN_DEV }}
# tf_actions_binary: 'terraform'
# tf_actions_subcommand: 'validate'
# tf_actions_working_dir: ${{ env.tf_working_dir }}
# tf_actions_comment: true
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: 'Terragrunt Plan'
uses: the-commons-project/terragrunt-github-actions@master
with:
tf_actions_version: ${{ env.tf_version }}
tg_actions_version: ${{ env.tg_version }}
tf_actions_cli_credentials_token: ${{ secrets.TF_API_TOKEN_DEV }}
tf_actions_subcommand: 'plan'
tf_actions_working_dir: ${{ env.tf_working_dir }}
tf_actions_comment: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
KUBERGRUNT_EXEC: ${{ github.workspace }}/tmp_bin/kubergrunt
# TF_LOG: DEBUG
- name: Testkube Pre-Apply
# if: github.ref == 'refs/heads/main' && github.event_name == 'push'
id: testkube
uses: ManagedKube/[email protected]
with:
test-suite-name: 'infra-base'
cluster-name: ${{ env.ENVIRONMENT_NAME }}
- name: Terragrunt Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
uses: the-commons-project/terragrunt-github-actions@master
with:
tf_actions_version: ${{ env.tf_version }}
tg_actions_version: ${{ env.tg_version }}
tf_actions_cli_credentials_token: ${{ secrets.TF_API_TOKEN_DEV }}
tf_actions_subcommand: 'apply'
tf_actions_working_dir: ${{ env.tf_working_dir }}
tf_actions_comment: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
KUBERGRUNT_EXEC: ${{ github.workspace }}/tmp_bin/kubergrunt
- name: Testkube Post-Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
id: testkube2
uses: ManagedKube/[email protected]
with:
test-suite-name: 'infra-base'
cluster-name: ${{ env.ENVIRONMENT_NAME }}