From da4e3a9b31dd2dfaa178751a9cb5561ce04443f0 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 18:03:38 +0000 Subject: [PATCH 01/31] Git permissions setting as root --- src/main.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main.sh b/src/main.sh index a8f9c37..f76d491 100755 --- a/src/main.sh +++ b/src/main.sh @@ -83,9 +83,9 @@ function comment { function setup_git { # Avoid git permissions warnings - git config --global --add safe.directory /github/workspace + sudo git config --global --add safe.directory /github/workspace # Also trust any subfolder within workspace - git config --global --add safe.directory "*" + sudo git config --global --add safe.directory "*" } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 62f3e6643aedb318b8f1ceaab06848b1da48d6f4 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 18:50:02 +0000 Subject: [PATCH 02/31] Github output permissions --- src/main.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/main.sh b/src/main.sh index f76d491..2193bba 100755 --- a/src/main.sh +++ b/src/main.sh @@ -88,6 +88,11 @@ function setup_git { sudo git config --global --add safe.directory "*" } +function setup_permissions { + # Set permissions for the output file + sudo chown -R $(whoami) "${GITHUB_OUTPUT}" +} + # Run INPUT_PRE_EXEC_* environment variables as Bash code function setup_pre_exec { # Get all environment variables that match the pattern INPUT_PRE_EXEC_* From 9e8d453f4fbe7a850d476328a7eea06c5937fd82 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 18:51:34 +0000 Subject: [PATCH 03/31] Add setup_permissions --- src/main.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main.sh b/src/main.sh index 2193bba..1029ca4 100755 --- a/src/main.sh +++ b/src/main.sh @@ -147,6 +147,7 @@ function main { exit 1 fi setup_git + setup_permissions setup_pre_exec install_terraform "${tf_version}" From 8d3fc64ac3fa13b522c4c969ba4a1c9f67d2cb36 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 18:57:29 +0000 Subject: [PATCH 04/31] Permissions setting --- src/main.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 1029ca4..52439d3 100755 --- a/src/main.sh +++ b/src/main.sh @@ -89,6 +89,9 @@ function setup_git { } function setup_permissions { + local working_dir=$1 + # Set permissions for current user + sudo chown -R $(whoami) "${working_dir}" # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } @@ -147,7 +150,7 @@ function main { exit 1 fi setup_git - setup_permissions + setup_permissions "${tg_dir}" setup_pre_exec install_terraform "${tf_version}" From 1d3bf2683320c37601d3981d1493787ddc8d3d1c Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:05:37 +0000 Subject: [PATCH 05/31] Post execution permissions setting --- src/main.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 52439d3..063da5d 100755 --- a/src/main.sh +++ b/src/main.sh @@ -92,6 +92,7 @@ function setup_permissions { local working_dir=$1 # Set permissions for current user sudo chown -R $(whoami) "${working_dir}" + sudo chmod -R o+r "${working_dir}" # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } @@ -163,7 +164,8 @@ function main { export TF_IN_AUTOMATION=1 fi run_terragrunt "${tg_dir}" "${tg_command}" - + # setup permissions for the output files + setup_permissions "${tg_dir}" setup_post_exec local -r log_file="${terragrunt_log_file}" From f91d6df7f2197aa31e73938f67a2667438ecc2a1 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:12:27 +0000 Subject: [PATCH 06/31] Permissions update --- src/main.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/main.sh b/src/main.sh index 063da5d..1fc4bc1 100755 --- a/src/main.sh +++ b/src/main.sh @@ -33,7 +33,7 @@ function install_terraform { return fi tfenv install "${version}" - tfenv use "${version}" + sudo tfenv use "${version}" } # install passed terragrunt version @@ -89,10 +89,9 @@ function setup_git { } function setup_permissions { - local working_dir=$1 # Set permissions for current user - sudo chown -R $(whoami) "${working_dir}" - sudo chmod -R o+r "${working_dir}" + sudo chown -R $(whoami) . + sudo chmod -R o+r . # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } @@ -151,7 +150,7 @@ function main { exit 1 fi setup_git - setup_permissions "${tg_dir}" + setup_permissions setup_pre_exec install_terraform "${tf_version}" @@ -165,7 +164,7 @@ function main { fi run_terragrunt "${tg_dir}" "${tg_command}" # setup permissions for the output files - setup_permissions "${tg_dir}" + setup_permissions setup_post_exec local -r log_file="${terragrunt_log_file}" From e570bb6c4e4c1148cbaf8cdcbf6358c590531abd Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:14:14 +0000 Subject: [PATCH 07/31] tfenv fix --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 1fc4bc1..f344c35 100755 --- a/src/main.sh +++ b/src/main.sh @@ -33,7 +33,7 @@ function install_terraform { return fi tfenv install "${version}" - sudo tfenv use "${version}" + tfenv use "${version}" } # install passed terragrunt version From 2e3cdccbc39ba537a75480670d89eda38ca72b9b Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:23:45 +0000 Subject: [PATCH 08/31] other rw --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index f344c35..b23c14c 100755 --- a/src/main.sh +++ b/src/main.sh @@ -91,7 +91,7 @@ function setup_git { function setup_permissions { # Set permissions for current user sudo chown -R $(whoami) . - sudo chmod -R o+r . + sudo chmod -R o+rw . # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } From caf42d9c3e2d36ac5224c8bb907487596040349f Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:26:17 +0000 Subject: [PATCH 09/31] Add setup_permissions --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index b23c14c..a13cc30 100755 --- a/src/main.sh +++ b/src/main.sh @@ -151,6 +151,7 @@ function main { fi setup_git setup_permissions + trap setup_permissions EXIT setup_pre_exec install_terraform "${tf_version}" @@ -164,7 +165,6 @@ function main { fi run_terragrunt "${tg_dir}" "${tg_command}" # setup permissions for the output files - setup_permissions setup_post_exec local -r log_file="${terragrunt_log_file}" From 0fa77ca34efc7332681f70994186129ba9e22c02 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:34:28 +0000 Subject: [PATCH 10/31] Update permissions --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index a13cc30..a09ba15 100755 --- a/src/main.sh +++ b/src/main.sh @@ -91,7 +91,7 @@ function setup_git { function setup_permissions { # Set permissions for current user sudo chown -R $(whoami) . - sudo chmod -R o+rw . + sudo chmod -R o+rwx . # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } From 1dabbe617e91ecb54bf383d5971c12890829aed4 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:43:08 +0000 Subject: [PATCH 11/31] setup permissions fix --- src/main.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/main.sh b/src/main.sh index a09ba15..aaf9bf2 100755 --- a/src/main.sh +++ b/src/main.sh @@ -89,9 +89,11 @@ function setup_git { } function setup_permissions { + local dir=$1 # Set permissions for current user - sudo chown -R $(whoami) . - sudo chmod -R o+rwx . + sudo chown -R $(whoami) "${dir}" + ls -lahrt "${dir}" + sudo chmod -R 777 "${dir}" # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } @@ -150,8 +152,8 @@ function main { exit 1 fi setup_git - setup_permissions - trap setup_permissions EXIT + setup_permissions "${tg_dir}" + trap setup_permissions "${tg_dir}" EXIT setup_pre_exec install_terraform "${tf_version}" From 6826ad98f95dc4f4fa1c9e523145f5d1cb683298 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:44:34 +0000 Subject: [PATCH 12/31] local runner test --- src/main.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/main.sh b/src/main.sh index aaf9bf2..506ed80 100755 --- a/src/main.sh +++ b/src/main.sh @@ -89,11 +89,10 @@ function setup_git { } function setup_permissions { - local dir=$1 # Set permissions for current user - sudo chown -R $(whoami) "${dir}" - ls -lahrt "${dir}" - sudo chmod -R 777 "${dir}" + sudo chown -R $(whoami) . + pwd + sudo chmod -R 777 . # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } @@ -152,8 +151,8 @@ function main { exit 1 fi setup_git - setup_permissions "${tg_dir}" - trap setup_permissions "${tg_dir}" EXIT + setup_permissions + trap setup_permissions EXIT setup_pre_exec install_terraform "${tf_version}" From 32c3f439c61696fb803eec49473afc1e51c2f21f Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 19:56:27 +0000 Subject: [PATCH 13/31] permissions set debug print --- src/main.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main.sh b/src/main.sh index 506ed80..65d4b6c 100755 --- a/src/main.sh +++ b/src/main.sh @@ -90,6 +90,7 @@ function setup_git { function setup_permissions { # Set permissions for current user + echo "Setting permissions for $(whoami) in $(pwd)" sudo chown -R $(whoami) . pwd sudo chmod -R 777 . From ad8ff4a61c28520a067c65a22d6a32d150d67b5f Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:02:53 +0000 Subject: [PATCH 14/31] Post execution permission --- src/main.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main.sh b/src/main.sh index 65d4b6c..de29ca5 100755 --- a/src/main.sh +++ b/src/main.sh @@ -166,6 +166,7 @@ function main { export TF_IN_AUTOMATION=1 fi run_terragrunt "${tg_dir}" "${tg_command}" + setup_permissions # setup permissions for the output files setup_post_exec From 17d28738b7c4f649812d96b20fbdef6602edec05 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:12:44 +0000 Subject: [PATCH 15/31] Auto approve injection --- src/main.sh | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/main.sh b/src/main.sh index de29ca5..3e6048e 100755 --- a/src/main.sh +++ b/src/main.sh @@ -90,10 +90,8 @@ function setup_git { function setup_permissions { # Set permissions for current user - echo "Setting permissions for $(whoami) in $(pwd)" sudo chown -R $(whoami) . - pwd - sudo chmod -R 777 . + sudo chmod -R o+rw . # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } @@ -160,10 +158,18 @@ function main { install_terragrunt "${tg_version}" # add auto approve for apply and destroy commands + local tg_arg_and_commands="${tg_command}" if [[ "$tg_command" == "apply"* || "$tg_command" == "destroy"* || "$tg_command" == "run-all apply"* || "$tg_command" == "run-all destroy"* ]]; then export TERRAGRUNT_NON_INTERACTIVE=true export TF_INPUT=false export TF_IN_AUTOMATION=1 + if [[ $tg_arg_and_commands == *" "* ]]; then + local -r prefix="${tg_arg_and_commands%% *}" + local -r suffix="${tg_arg_and_commands#* }" + tg_arg_and_commands="${prefix} -auto-approve ${suffix}" + else + tg_arg_and_commands="${tg_arg_and_commands} -auto-approve" + fi fi run_terragrunt "${tg_dir}" "${tg_command}" setup_permissions From 007e1ccd66b6f4f643c66faeebd1ef315fcdd990 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:20:34 +0000 Subject: [PATCH 16/31] Action split --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 3e6048e..82cf401 100755 --- a/src/main.sh +++ b/src/main.sh @@ -171,7 +171,7 @@ function main { tg_arg_and_commands="${tg_arg_and_commands} -auto-approve" fi fi - run_terragrunt "${tg_dir}" "${tg_command}" + run_terragrunt "${tg_dir}" "${tg_arg_and_commands}" setup_permissions # setup permissions for the output files setup_post_exec From 536a92ffbb590ec8a685a1b8b91c1a0f5b0e89c8 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:37:57 +0000 Subject: [PATCH 17/31] Add auto approve --- src/main.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/main.sh b/src/main.sh index 82cf401..5b81a55 100755 --- a/src/main.sh +++ b/src/main.sh @@ -163,12 +163,12 @@ function main { export TERRAGRUNT_NON_INTERACTIVE=true export TF_INPUT=false export TF_IN_AUTOMATION=1 - if [[ $tg_arg_and_commands == *" "* ]]; then - local -r prefix="${tg_arg_and_commands%% *}" - local -r suffix="${tg_arg_and_commands#* }" - tg_arg_and_commands="${prefix} -auto-approve ${suffix}" - else - tg_arg_and_commands="${tg_arg_and_commands} -auto-approve" + + local approvePattern="^(apply|destroy|run-all apply|run-all destroy)" + if [[ $tg_arg_and_commands =~ $approvePattern ]]; then + local matchedCommand="${BASH_REMATCH[0]}" + local remainingArgs="${tg_arg_and_commands#$matchedCommand}" + tg_arg_and_commands="${matchedCommand} -auto-approve ${remainingArgs}" fi fi run_terragrunt "${tg_dir}" "${tg_arg_and_commands}" From 52d1ccf366a7dc1d0473708c24a48ed73f900894 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:44:46 +0000 Subject: [PATCH 18/31] Add flag to add approve to commands --- README.md | 15 ++++++++------- action.yml | 4 ++++ src/main.sh | 13 ++++++++----- 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index ec7564e..7847d4a 100644 --- a/README.md +++ b/README.md @@ -6,13 +6,14 @@ A GitHub Action for installing and running Terragrunt Supported GitHub action inputs: -| Input Name | Description | Required | Example values | -|:-----------|:--------------------------------------------------|:--------:|:--------------:| -| tf_version | Terraform version to be used in Action execution | `true` | 1.4.6 | -| tg_version | Terragrunt version to be user in Action execution | `true` | 0.50.8 | -| tg_dir | Directory in which Terragrunt will be invoked | `true` | work | -| tg_command | Terragrunt command to execute | `true` | plan/apply | -| tg_comment | Add comment to Pull request with execution output | `false` | 0/1 | +| Input Name | Description | Required | Example values | +|:---------------|:------------------------------------------------------------------|:--------:|:--------------:| +| tf_version | Terraform version to be used in Action execution | `true` | 1.4.6 | +| tg_version | Terragrunt version to be user in Action execution | `true` | 0.50.8 | +| tg_dir | Directory in which Terragrunt will be invoked | `true` | work | +| tg_command | Terragrunt command to execute | `true` | plan/apply | +| tg_comment | Add comment to Pull request with execution output | `false` | 0/1 | +| tg_add_approve | Automatically add "-auto-approve" to commands, enabled by default | `false` | 0/1 | ## Environment Variables diff --git a/action.yml b/action.yml index ce1b123..765fc59 100644 --- a/action.yml +++ b/action.yml @@ -23,6 +23,10 @@ inputs: description: 'Include execution output as comment' default: '0' required: false + tg_add_approve: + description: 'Add -auto-approve to commands which require changes to be applied' + default: '1' + required: false outputs: tg_action_output: description: 'Terragrunt execution output' diff --git a/src/main.sh b/src/main.sh index 5b81a55..0757ee3 100755 --- a/src/main.sh +++ b/src/main.sh @@ -133,6 +133,7 @@ function main { local -r tg_version=${INPUT_TG_VERSION} local -r tg_command=${INPUT_TG_COMMAND} local -r tg_comment=${INPUT_TG_COMMENT:-0} + local -r tg_add_approve=${INPUT_TG_ADD_APPROVE:-1} local -r tg_dir=${INPUT_TG_DIR:-.} if [[ -z "${tf_version}" ]]; then @@ -164,11 +165,13 @@ function main { export TF_INPUT=false export TF_IN_AUTOMATION=1 - local approvePattern="^(apply|destroy|run-all apply|run-all destroy)" - if [[ $tg_arg_and_commands =~ $approvePattern ]]; then - local matchedCommand="${BASH_REMATCH[0]}" - local remainingArgs="${tg_arg_and_commands#$matchedCommand}" - tg_arg_and_commands="${matchedCommand} -auto-approve ${remainingArgs}" + if [[ "${tg_add_approve}" == "1" ]]; then + local approvePattern="^(apply|destroy|run-all apply|run-all destroy)" + if [[ $tg_arg_and_commands =~ $approvePattern ]]; then + local matchedCommand="${BASH_REMATCH[0]}" + local remainingArgs="${tg_arg_and_commands#$matchedCommand}" + tg_arg_and_commands="${matchedCommand} -auto-approve ${remainingArgs}" + fi fi fi run_terragrunt "${tg_dir}" "${tg_arg_and_commands}" From 9772f50d7d07c9fc9044a314c924a4766c53e8ab Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:45:16 +0000 Subject: [PATCH 19/31] Description update --- src/main.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main.sh b/src/main.sh index 0757ee3..60ad32c 100755 --- a/src/main.sh +++ b/src/main.sh @@ -167,6 +167,7 @@ function main { if [[ "${tg_add_approve}" == "1" ]]; then local approvePattern="^(apply|destroy|run-all apply|run-all destroy)" + # split command and arguments to insert -auto-approve if [[ $tg_arg_and_commands =~ $approvePattern ]]; then local matchedCommand="${BASH_REMATCH[0]}" local remainingArgs="${tg_arg_and_commands#$matchedCommand}" From 4d317112c9c07e6918beb16bf25acec63649a50d Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:50:18 +0000 Subject: [PATCH 20/31] Permissions set --- src/main.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/main.sh b/src/main.sh index 60ad32c..3109d82 100755 --- a/src/main.sh +++ b/src/main.sh @@ -89,9 +89,10 @@ function setup_git { } function setup_permissions { + local -r dir="${1}" # Set permissions for current user - sudo chown -R $(whoami) . - sudo chmod -R o+rw . + sudo chown -R $(whoami) "${dir}" + sudo chmod -R o+rw "${dir}" # Set permissions for the output file sudo chown -R $(whoami) "${GITHUB_OUTPUT}" } @@ -151,8 +152,8 @@ function main { exit 1 fi setup_git - setup_permissions - trap setup_permissions EXIT + setup_permissions "${tg_dir}" + trap 'setup_permissions $tg_dir ' EXIT setup_pre_exec install_terraform "${tf_version}" @@ -176,7 +177,7 @@ function main { fi fi run_terragrunt "${tg_dir}" "${tg_arg_and_commands}" - setup_permissions + setup_permissions "${tg_dir}" # setup permissions for the output files setup_post_exec From 0ef2361e22972338cf550970ae80cf8d9136eb97 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:54:51 +0000 Subject: [PATCH 21/31] working directory setup --- src/main.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/main.sh b/src/main.sh index 3109d82..7bfb980 100755 --- a/src/main.sh +++ b/src/main.sh @@ -90,11 +90,15 @@ function setup_git { function setup_permissions { local -r dir="${1}" - # Set permissions for current user - sudo chown -R $(whoami) "${dir}" - sudo chmod -R o+rw "${dir}" + # Set permissions for the working directory + if [[ -f "${dir}" ]]; then + sudo chown -R $(whoami) "${dir}" + sudo chmod -R o+rw "${dir}" + fi # Set permissions for the output file - sudo chown -R $(whoami) "${GITHUB_OUTPUT}" + if [[ -f "${GITHUB_OUTPUT}" ]]; then + sudo chown -R $(whoami) "${GITHUB_OUTPUT}" + fi } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 77c6edfab21a047aaf688d2df4ffd6770a63e6fc Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 20:56:51 +0000 Subject: [PATCH 22/31] Permissions update --- src/main.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main.sh b/src/main.sh index 7bfb980..61bf0b0 100755 --- a/src/main.sh +++ b/src/main.sh @@ -99,6 +99,8 @@ function setup_permissions { if [[ -f "${GITHUB_OUTPUT}" ]]; then sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi + # set permissions for .terraform directories, if any + find . -name ".terraform*" -exec chmod sudo chown -R $(whoami) {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From db44adc2f883c0bc6d13c0aa73ff1da993b84f68 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:03:38 +0000 Subject: [PATCH 23/31] Add .terraform files permisions --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 61bf0b0..e7d4417 100755 --- a/src/main.sh +++ b/src/main.sh @@ -100,7 +100,7 @@ function setup_permissions { sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi # set permissions for .terraform directories, if any - find . -name ".terraform*" -exec chmod sudo chown -R $(whoami) {} \; + find . -name ".terraform*" -exec chmod sudo chown -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 6bde0707f1375dc1d7de83b1db6fc8886d0f5d6d Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:08:30 +0000 Subject: [PATCH 24/31] Permissions set --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index e7d4417..3357378 100755 --- a/src/main.sh +++ b/src/main.sh @@ -100,7 +100,7 @@ function setup_permissions { sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi # set permissions for .terraform directories, if any - find . -name ".terraform*" -exec chmod sudo chown -R 777 {} \; + find . -name ".terraform" -exec sudo chown -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From dada474154de5aad8332db72f9dc29682051c75c Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:10:49 +0000 Subject: [PATCH 25/31] Matching .terraform --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 3357378..5b4cbca 100755 --- a/src/main.sh +++ b/src/main.sh @@ -100,7 +100,7 @@ function setup_permissions { sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi # set permissions for .terraform directories, if any - find . -name ".terraform" -exec sudo chown -R 777 {} \; + find . -name ".terraform*" -exec sudo chmod -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From ab3a21532d50b0df0c1cdd9268afa3a7f237bdbe Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:13:32 +0000 Subject: [PATCH 26/31] Updated chmod flag --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 5b4cbca..6a8a28d 100755 --- a/src/main.sh +++ b/src/main.sh @@ -100,7 +100,7 @@ function setup_permissions { sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi # set permissions for .terraform directories, if any - find . -name ".terraform*" -exec sudo chmod -R 777 {} \; + find . -name ".terraform" -exec sudo chmod -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 00f808dc12cd7b888a8e29d809da821c6ac37f7e Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:17:32 +0000 Subject: [PATCH 27/31] Permissions setting on github workspace --- src/main.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 6a8a28d..4374bad 100755 --- a/src/main.sh +++ b/src/main.sh @@ -90,6 +90,7 @@ function setup_git { function setup_permissions { local -r dir="${1}" + sudo chown -R $(whoami) /github/workspace # Set permissions for the working directory if [[ -f "${dir}" ]]; then sudo chown -R $(whoami) "${dir}" @@ -100,7 +101,7 @@ function setup_permissions { sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi # set permissions for .terraform directories, if any - find . -name ".terraform" -exec sudo chmod -R 777 {} \; + sudo find . -name ".terraform" -exec chmod -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 18b4edfea9f1f5810ca5a5cae61009c119955d30 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:21:00 +0000 Subject: [PATCH 28/31] Disabled permissions setting --- src/main.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/main.sh b/src/main.sh index 4374bad..8b68f1d 100755 --- a/src/main.sh +++ b/src/main.sh @@ -100,8 +100,6 @@ function setup_permissions { if [[ -f "${GITHUB_OUTPUT}" ]]; then sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi - # set permissions for .terraform directories, if any - sudo find . -name ".terraform" -exec chmod -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 3220e5174a5377522606295e5365b33200dd453b Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:25:05 +0000 Subject: [PATCH 29/31] TF --- src/main.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main.sh b/src/main.sh index 8b68f1d..5514d29 100755 --- a/src/main.sh +++ b/src/main.sh @@ -100,6 +100,8 @@ function setup_permissions { if [[ -f "${GITHUB_OUTPUT}" ]]; then sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi + # set permissions for .terraform directories, if any + sudo find . -name ".terraform*" -exec chmod -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 4e6ae761633b9f07d76eba3d98689f58189389c2 Mon Sep 17 00:00:00 2001 From: Denis O Date: Thu, 15 Feb 2024 21:27:30 +0000 Subject: [PATCH 30/31] Workspace path update --- src/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.sh b/src/main.sh index 5514d29..e12316d 100755 --- a/src/main.sh +++ b/src/main.sh @@ -101,7 +101,7 @@ function setup_permissions { sudo chown -R $(whoami) "${GITHUB_OUTPUT}" fi # set permissions for .terraform directories, if any - sudo find . -name ".terraform*" -exec chmod -R 777 {} \; + sudo find /github/workspace -name ".terraform*" -exec chmod -R 777 {} \; } # Run INPUT_PRE_EXEC_* environment variables as Bash code From 54dd127939dccec776492d47e725aab12128d410 Mon Sep 17 00:00:00 2001 From: Denis O Date: Fri, 16 Feb 2024 12:20:47 +0000 Subject: [PATCH 31/31] Add tests for auto approve --- test/action_run_test.go | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/test/action_run_test.go b/test/action_run_test.go index b289d82..f4f932e 100644 --- a/test/action_run_test.go +++ b/test/action_run_test.go @@ -32,6 +32,41 @@ func TestOutputPlanIsUsedInApply(t *testing.T) { assert.Contains(t, output, "1 added, 0 changed, 0 destroyed") } +func TestRunAllIsExecuted(t *testing.T) { + t.Parallel() + tag := buildActionImage(t) + fixturePath := prepareFixture(t, "fixture-dependencies-project") + + output := runAction(t, tag, fixturePath, "run-all plan") + assert.Contains(t, output, "1 to add, 0 to change, 0 to destroy") + + output = runAction(t, tag, fixturePath, "run-all apply") + assert.Contains(t, output, "1 to add, 0 to change, 0 to destroy") + + output = runAction(t, tag, fixturePath, "run-all destroy") + assert.Contains(t, output, "0 to add, 0 to change, 1 to destroy") + assert.Contains(t, output, "Destroy complete! Resources: 1 destroyed") +} + +func TestAutoApproveDelete(t *testing.T) { + t.Parallel() + tag := buildActionImage(t) + fixturePath := prepareFixture(t, "fixture-dependencies-project") + + output := runAction(t, tag, fixturePath, "run-all plan -out=plan.out") + assert.Contains(t, output, "1 to add, 0 to change, 0 to destroy") + + output = runAction(t, tag, fixturePath, "run-all apply plan.out") + assert.Contains(t, output, "1 added, 0 changed, 0 destroyed") + + // run destroy with auto-approve + output = runAction(t, tag, fixturePath, "run-all plan -destroy -out=destroy.out") + assert.Contains(t, output, "0 to add, 0 to change, 1 to destroy") + + output = runAction(t, tag, fixturePath, "run-all apply -destroy destroy.out") + assert.Contains(t, output, "Resources: 0 added, 0 changed, 1 destroyed") +} + func runAction(t *testing.T, tag, fixturePath, command string) string { opts := &docker.RunOptions{ EnvironmentVariables: []string{