upgrade-terraform #69
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: upgrade-terraform | |
on: | |
schedule: | |
- cron: 32 21 * * 0 | |
workflow_dispatch: {} | |
concurrency: ${{ github.workflow }}-${{ github.ref }} | |
jobs: | |
upgrade: | |
name: Upgrade Terraform | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Install | |
run: yarn install | |
- name: Get current Terraform version | |
id: current_version | |
run: |- | |
CURRENT_VERSION=$(npm pkg get terraform.version | tr -d '"') | |
CURRENT_VERSION_MINOR=$(cut -d "." -f 2 <<< "$CURRENT_VERSION") | |
echo "value=$CURRENT_VERSION" >> $GITHUB_OUTPUT | |
echo "minor=$CURRENT_VERSION_MINOR" >> $GITHUB_OUTPUT | |
- name: Get latest Terraform version | |
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
with: | |
script: |- | |
const script = require('./scripts/check-terraform-version.js') | |
await script({github, context, core}) | |
- name: Parse latest Terraform version into variables | |
id: latest_version | |
run: |- | |
TERRAFORM_VERSION_MINOR=$(cut -d "." -f 2 <<< "$NEW_TERRAFORM_VERSION") | |
echo "NEW_TERRAFORM_VERSION_MINOR=$TERRAFORM_VERSION_MINOR" >> $GITHUB_ENV | |
echo "value=$NEW_TERRAFORM_VERSION" >> $GITHUB_OUTPUT | |
echo "minor=$TERRAFORM_VERSION_MINOR" >> $GITHUB_OUTPUT | |
- name: Update the Terraform version used in GitHub Actions workflows | |
run: |- | |
find ./.github/workflows -type f -name "*.yml" ! -path "./.github/workflows/upgrade-terraform.yml" -print0 | xargs -0 sed -i "s/terraform_version: .*/terraform_version: $NEW_TERRAFORM_VERSION/g" | |
- name: Save the new version in package.json | |
run: npm pkg set terraform.version="$NEW_TERRAFORM_VERSION" | |
- name: Create pull request for a new patch release | |
if: steps.current_version.outputs.minor == steps.latest_version.outputs.minor | |
uses: peter-evans/create-pull-request@d121e62763d8cc35b5fb1710e887d6e69a52d3a4 # v7.0.2 | |
with: | |
base: main | |
branch: auto/upgrade-terraform-1-${{ steps.latest_version.outputs.minor }} | |
commit-message: "chore: upgrade Terraform to ${{ steps.latest_version.outputs.value }}" | |
title: "chore: upgrade Terraform to ${{ steps.latest_version.outputs.value }}" | |
body: |- | |
This PR upgrades the version of Terraform used by this project's `diff` and `deploy` workflows to `${{ steps.latest_version.outputs.value }}`. | |
labels: auto-approve,automerge,dependencies | |
token: ${{ secrets.GH_TOKEN_ACTIONS_UPDATER }} | |
author: team-tf-cdk <github-team-tf-cdk@hashicorp.com> | |
committer: team-tf-cdk <github-team-tf-cdk@hashicorp.com> | |
signoff: true | |
delete-branch: true | |
- name: Create pull request for a new minor version | |
if: steps.current_version.outputs.minor != steps.latest_version.outputs.minor | |
uses: peter-evans/create-pull-request@d121e62763d8cc35b5fb1710e887d6e69a52d3a4 # v7.0.2 | |
with: | |
base: main | |
branch: auto/upgrade-terraform-1-${{ steps.latest_version.outputs.minor }} | |
commit-message: "chore: upgrade Terraform to ${{ steps.latest_version.outputs.value }}" | |
title: "chore: upgrade Terraform to ${{ steps.latest_version.outputs.value }}" | |
body: |- | |
This PR initiates the upgrade of the version of Terraform used by this project's `diff` and `deploy` workflows to `${{ steps.latest_version.outputs.value }}`. | |
Unfortunately, not everything can be automated, and the following steps need to be completed manually: | |
- Set the _Terraform Version_ to `~>${{ steps.latest_version.outputs.value }} latest` in the TFC web UI in the following workspaces: | |
- [ ] [custom-constructs](https://app.terraform.io/app/cdktf-team/workspaces/custom-constructs/settings/general) | |
- [ ] [prebuilt-providers](https://app.terraform.io/app/cdktf-team/workspaces/prebuilt-providers/settings/general) | |
- [ ] [prebuilt-providers-official-new](https://app.terraform.io/app/cdktf-team/workspaces/prebuilt-providers-official-new/settings/general) | |
- [ ] [prebuilt-providers-partners](https://app.terraform.io/app/cdktf-team/workspaces/prebuilt-providers-partners/settings/general) | |
- Rerun the checks and carefully inspect the diff output before merging this PR. | |
labels: automated,dependencies | |
token: ${{ secrets.GH_TOKEN_ACTIONS_UPDATER }} | |
author: team-tf-cdk <github-team-tf-cdk@hashicorp.com> | |
committer: team-tf-cdk <github-team-tf-cdk@hashicorp.com> | |
signoff: true | |
delete-branch: true | |
draft: true |