Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update actions for node 20 #10

Merged
merged 2 commits into from
Apr 23, 2024
Merged

Update actions for node 20 #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bd4dd28
Update actions versions for node20
reijoh Apr 23, 2024
586007f
Ensure state file is created if not exist on /plan comment
reijoh Apr 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 33 additions & 43 deletions .github/workflows/terraform-init.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,7 @@ jobs:
if: >
github.event_name == 'issue_comment' &&
contains(github.event.comment.body, '/apply')
uses: innofactororg/check-pull-request@v1
uses: innofactororg/check-pull-request@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
require_codeowners_file: ${{ inputs.require_codeowners_file_for_apply }}
Expand Down Expand Up @@ -451,7 +451,7 @@ jobs:
-o tsv)
if [ "${rg_exists}" == 'true' ]; then
echo "Found resource group ${state_resource_group_name}"
elif [[ '${{ github.event_name }}' == 'pull_request'* ]]; then
elif [[ "${GITHUB_EVENT_NAME}" == 'pull_request'* || $COMMENT_BODY == *'/plan'* ]]; then
echo "Create resource group ${state_resource_group_name}"
+cmdstd az group create \
--name $state_resource_group_name \
Expand Down Expand Up @@ -513,7 +513,7 @@ jobs:
typeset -l state_storage_account_name
state_storage_account_name=$(echo '${{ steps.az_state_rg.outputs.state_resource_group_name }}${{ inputs.level }}x${{ steps.az_state_rg.outputs.rg_random }}' | sed -E 's/[^ a-zA-Z0-9]//g' | head -c 24)
fi
if [[ '${{ github.event_name }}' == 'pull_request'* ]]; then
if [[ "${GITHUB_EVENT_NAME}" == 'pull_request'* || $COMMENT_BODY == *'/plan'* ]]; then
if [ -n '${{ steps.find_az_state_sa.outputs.state_storage_account_id }}' ]; then
state_storage_account_id='${{ steps.find_az_state_sa.outputs.state_storage_account_id }}'
else
Expand Down Expand Up @@ -628,7 +628,7 @@ jobs:
typeset -l state_key_vault_name
state_key_vault_name="$(echo '${{ steps.az_state_rg.outputs.state_resource_group_name }}${{ inputs.level }}x${{ steps.az_state_rg.outputs.rg_random }}' | sed -E 's/[^ a-zA-Z0-9\-]//g' | head -c 21 | sed -E 's/-+$//g')-kv"
fi
if [[ '${{ github.event_name }}' == 'pull_request'* ]]; then
if [[ "${GITHUB_EVENT_NAME}" == 'pull_request'* || $COMMENT_BODY == *'/plan'* ]]; then
if [ -n '${{ steps.login.outputs.state_key_vault_id }}' ]; then
state_key_vault_id='${{ steps.login.outputs.state_key_vault_id }}'
else
Expand Down Expand Up @@ -719,7 +719,7 @@ jobs:
eval "$@" 2> >(tee -a $log_file >&2)
return ${PIPESTATUS[0]}
}
if [[ '${{ github.event_name }}' == 'pull_request'* ]]; then
if [[ "${GITHUB_EVENT_NAME}" == 'pull_request'* || $COMMENT_BODY == *'/plan'* ]]; then
query="\"where type =~ 'microsoft.dataprotection/backupvaults' and name == '${{ steps.az_state_rg.outputs.state_resource_group_name }}-bv' | project id\""
if [[ '${{ inputs.log_severity }}' == 'DEBUG' || '${{ inputs.log_severity }}' == 'TRACE' ]]; then
echo "Run query: ${query}"
Expand Down Expand Up @@ -990,7 +990,7 @@ jobs:
github.event_name == 'pull_request' ||
github.event_name == 'pull_request_target'
) && steps.saved_plan.outputs.sha != ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
path: src
ref: ${{ inputs.pull_request_head_ref }}
Expand Down Expand Up @@ -1085,7 +1085,7 @@ jobs:

- name: Parse terraform command and arguments
id: parse_command
uses: actions/github-script@v6
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
result-encoding: string
Expand Down Expand Up @@ -1152,7 +1152,7 @@ jobs:
- name: Comment when done
id: comment_when_done
if: always()
uses: actions/github-script@v6
uses: actions/github-script@v7
env:
VERIFY_PERMISSION_MESSAGE: ${{ steps.verify_permission.outputs.message }}
with:
Expand Down Expand Up @@ -1234,46 +1234,36 @@ jobs:
- name: Upload logs
id: upload_logs
if: always()
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: init_logs
path: logs/
if-no-files-found: ignore
retention-days: 0

- name: Dump github context
id: dump_github_context
- name: Show debug info
if: >
failure() || (
success() &&
!contains(
fromJSON('["ERROR", "WARN"]'), inputs.log_severity
)
)
env:
GH_CONTEXT: ${{ toJson(github) }}
run: echo "${GH_CONTEXT}"

- name: Dump steps context
id: dump_steps_context
if: >
failure() || (
success() &&
!contains(
fromJSON('["ERROR", "WARN"]'), inputs.log_severity
)
)
env:
STEPS_CONTEXT: ${{ toJson(steps) }}
run: echo "${STEPS_CONTEXT}"

- name: Print variables and event
id: dump_env
if: >
failure() || (
(
success() &&
!contains(
fromJSON('["ERROR", "WARN"]'), inputs.log_severity
)
)
uses: hmarr/debug-action@v2
inputs.log_severity != 'ERROR'
) || failure()
uses: actions/github-script@7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const fs = require('fs');
const event = JSON.parse(fs.readFileSync(process.env['GITHUB_EVENT_PATH']));
console.log('::group::environment variables');
console.log('::stop-commands::77e6a57ef9854574');
for (const [key, value] of Object.entries(process.env).sort()) {
if (key != 'INPUT_SCRIPT') {
console.log(`${key}=${value}`);
}
}
console.log('::77e6a57ef9854574::');
console.log('::endgroup::');
console.log('::group::github event');
console.log('::stop-commands::77e6a57ef9854574');
console.log(JSON.stringify(event, null, 2));
console.log('::77e6a57ef9854574::');
console.log('::endgroup::');
100 changes: 45 additions & 55 deletions .github/workflows/terraform-job.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -262,7 +262,7 @@ jobs:
steps:
- name: Checkout head ref (src)
id: checkout_src
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
path: src
ref: ${{ inputs.pull_request_head_ref }}
Expand All @@ -272,7 +272,7 @@ jobs:
- name: Get library 01 token
id: library_01
if: inputs.library_01_repo != '' && inputs.library_01_app_id != ''
uses: innofactororg/github-app-token@v1
uses: innofactororg/github-app-token@v2
with:
app_id: ${{ inputs.library_01_app_id }}
private_key: ${{ secrets.LIBRARY_01_PRIVATE_KEY }}
Expand All @@ -285,7 +285,7 @@ jobs:
- name: Checkout library 01 (private)
id: checkout_library_01
if: inputs.library_01_repo != '' && steps.library_01.outputs.token != ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_01_repo }}
path: ${{ inputs.library_01_path }}
Expand All @@ -296,7 +296,7 @@ jobs:
- name: Checkout library 01 (public)
id: checkout_library_01_pub
if: inputs.library_01_repo != '' && steps.library_01.outputs.token == ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_01_repo }}
path: ${{ inputs.library_01_path }}
Expand All @@ -306,7 +306,7 @@ jobs:
- name: Get library 02 token
id: library_02
if: inputs.library_02_repo != '' && inputs.library_02_app_id != ''
uses: innofactororg/github-app-token@v1
uses: innofactororg/github-app-token@v2
with:
app_id: ${{ inputs.library_02_app_id }}
private_key: ${{ secrets.LIBRARY_02_PRIVATE_KEY }}
Expand All @@ -319,7 +319,7 @@ jobs:
- name: Checkout library 02 (private)
id: checkout_library_02
if: inputs.library_02_repo != '' && steps.library_02.outputs.token != ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_02_repo }}
path: ${{ inputs.library_02_path }}
Expand All @@ -330,7 +330,7 @@ jobs:
- name: Checkout library 02 (public)
id: checkout_library_02_pub
if: inputs.library_02_repo != '' && steps.library_02.outputs.token == ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_02_repo }}
path: ${{ inputs.library_02_path }}
Expand All @@ -340,7 +340,7 @@ jobs:
- name: Get library 03 token
id: library_03
if: inputs.library_03_repo != '' && inputs.library_03_app_id != ''
uses: innofactororg/github-app-token@v1
uses: innofactororg/github-app-token@v2
with:
app_id: ${{ inputs.library_03_app_id }}
private_key: ${{ secrets.LIBRARY_03_PRIVATE_KEY }}
Expand All @@ -353,7 +353,7 @@ jobs:
- name: Checkout library 03 (private)
id: checkout_library_03
if: inputs.library_03_repo != '' && steps.library_03.outputs.token != ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_03_repo }}
path: ${{ inputs.library_03_path }}
Expand All @@ -364,7 +364,7 @@ jobs:
- name: Checkout library 03 (public)
id: checkout_library_03_pub
if: inputs.library_03_repo != '' && steps.library_03.outputs.token == ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_03_repo }}
path: ${{ inputs.library_03_path }}
Expand All @@ -374,7 +374,7 @@ jobs:
- name: Get library 04 token
id: library_04
if: inputs.library_04_repo != '' && inputs.library_04_app_id != ''
uses: innofactororg/github-app-token@v1
uses: innofactororg/github-app-token@v2
with:
app_id: ${{ inputs.library_04_app_id }}
private_key: ${{ secrets.LIBRARY_04_PRIVATE_KEY }}
Expand All @@ -387,7 +387,7 @@ jobs:
- name: Checkout library 04 (private)
id: checkout_library_04
if: inputs.library_04_repo != '' && steps.library_04.outputs.token != ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_04_repo }}
path: ${{ inputs.library_04_path }}
Expand All @@ -398,7 +398,7 @@ jobs:
- name: Checkout library 04 (public)
id: checkout_library_04_pub
if: inputs.library_04_repo != '' && steps.library_04.outputs.token == ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_04_repo }}
path: ${{ inputs.library_04_path }}
Expand All @@ -408,7 +408,7 @@ jobs:
- name: Get library 05 token
id: library_05
if: inputs.library_05_repo != '' && inputs.library_05_app_id != ''
uses: innofactororg/github-app-token@v1
uses: innofactororg/github-app-token@v2
with:
app_id: ${{ inputs.library_05_app_id }}
private_key: ${{ secrets.LIBRARY_05_PRIVATE_KEY }}
Expand All @@ -421,7 +421,7 @@ jobs:
- name: Checkout library 05 (private)
id: checkout_library_05
if: inputs.library_05_repo != '' && steps.library_05.outputs.token != ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_05_repo }}
path: ${{ inputs.library_05_path }}
Expand All @@ -432,7 +432,7 @@ jobs:
- name: Checkout library 05 (public)
id: checkout_library_05_pub
if: inputs.library_05_repo != '' && steps.library_05.outputs.token == ''
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: ${{ inputs.library_05_repo }}
path: ${{ inputs.library_05_path }}
Expand Down Expand Up @@ -1079,14 +1079,14 @@ jobs:
- name: Setup infrastructure cost tool
id: infracost_setup
if: contains(inputs.terraform_command, 'plan')
uses: infracost/actions/setup@v2
uses: infracost/actions/setup@v3
with:
api-key: ${{ secrets.INFRACOST_API_KEY }}

- name: Checkout base ref (main)
id: checkout_base
if: contains(inputs.terraform_command, 'plan')
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
path: main
ref: ${{ inputs.pull_request_base_ref }}
Expand Down Expand Up @@ -1171,7 +1171,7 @@ jobs:
id: auto_merge
if: >
github.event_name == 'issue_comment' && steps.terraform.outputs.applied == 'true' && contains(fromJSON('["merge", "squash", "rebase"]'), inputs.merge_method)
uses: actions/github-script@v6
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
Expand Down Expand Up @@ -1228,7 +1228,7 @@ jobs:
- name: Comment when done
id: comment_when_done
if: always()
uses: actions/github-script@v6
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
Expand Down Expand Up @@ -1489,46 +1489,36 @@ jobs:
- name: Upload logs
id: upload_logs
if: always()
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: terraform_logs
path: logs/
if-no-files-found: ignore
retention-days: 0

- name: Dump github context
id: dump_github_context
- name: Show debug info
if: >
failure() || (
(
success() &&
!contains(
fromJSON('["ERROR", "WARN"]'), inputs.log_severity
)
)
env:
GH_CONTEXT: ${{ toJson(github) }}
run: echo "${GH_CONTEXT}"

- name: Dump steps context
id: dump_steps_context
if: >
failure() || (
success() &&
!contains(
fromJSON('["ERROR", "WARN"]'), inputs.log_severity
)
)
env:
STEPS_CONTEXT: ${{ toJson(steps) }}
run: echo "${STEPS_CONTEXT}"

- name: Print variables and event
id: dump_env
if: >
failure() || (
success() &&
!contains(
fromJSON('["ERROR", "WARN"]'), inputs.log_severity
)
)
uses: hmarr/debug-action@v2
inputs.log_severity != 'ERROR'
) || failure()
uses: actions/github-script@7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const fs = require('fs');
const event = JSON.parse(fs.readFileSync(process.env['GITHUB_EVENT_PATH']));
console.log('::group::environment variables');
console.log('::stop-commands::77e6a57ef9854574');
for (const [key, value] of Object.entries(process.env).sort()) {
if (key != 'INPUT_SCRIPT') {
console.log(`${key}=${value}`);
}
}
console.log('::77e6a57ef9854574::');
console.log('::endgroup::');
console.log('::group::github event');
console.log('::stop-commands::77e6a57ef9854574');
console.log(JSON.stringify(event, null, 2));
console.log('::77e6a57ef9854574::');
console.log('::endgroup::');
Loading