Terraform Vanilla Test #594
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Terraform Vanilla Test | |
| on: | |
| # Run on PR configuration | |
| push: | |
| paths: | |
| - deployments/vanilla/terraform/** | |
| - iaac/terraform/apps/** | |
| - iaac/terraform/common/** | |
| - iaac/terraform/utils/** | |
| branches: | |
| - main | |
| # Run on schedule (every 4 hours) | |
| schedule: | |
| - cron: '0 0/4 * * *' | |
| workflow_dispatch: | |
| # Ensure that only a single workflow which deploy tf build related stack will be run at a time. TODO: enable parallel runs | |
| concurrency: tf-build | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| # environment enables protection rules (e.g. need approval to run the workflow) | |
| environment: gh-actions-test | |
| permissions: | |
| # needed to interact with GitHub's OIDC Token endpoint | |
| id-token: write | |
| # needed to checkout repository | |
| contents: read | |
| env: | |
| CLUSTER_REGION: ${{ github.event_name == 'schedule' && 'us-west-2' || secrets.AWS_REGION }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Configure AWS credentials from Test account | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: ${{ secrets.PR_BUILD_ROLE }} | |
| role-session-name: prrolesession-${{ github.run_id }}-${{ github.run_attempt }} | |
| aws-region: ${{ github.event_name == 'schedule' && 'us-west-2' || secrets.AWS_REGION }} | |
| role-duration-seconds: 14400 | |
| - name: Install Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.2.7 | |
| terraform_wrapper: false | |
| - name: Install Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.8' | |
| - name: Plan and apply terraform | |
| run: | | |
| cd tests/e2e | |
| pip install -r requirements.txt | |
| pytest tests/terraform/test_vanilla.py -s -q --region $CLUSTER_REGION | |
| - name: Clean up terraform | |
| if: failure() | |
| # retry delete if flakiness present | |
| run: | | |
| cd deployments/vanilla/terraform | |
| make delete || make delete || make delete |