Skip to content

Renovate Update Patch & Minor Updates #659

Renovate Update Patch & Minor Updates

Renovate Update Patch & Minor Updates #659

name: "[Workflow] Pull Request Path"
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
on:
pull_request:
branches:
- main
permissions:
actions: read
checks: read
contents: write
deployments: none
issues: none
packages: none
pull-requests: write
repository-projects: none
security-events: write
statuses: none
jobs:
pr_label:
runs-on: ubuntu-latest
name: Label PR
steps:
- uses: actions/labeler@main
with:
configuration-path: ".github/labeller.yml"
repo-token: "${{ secrets.GITHUB_TOKEN }}"
sync-labels: true
branch_name:
runs-on: ubuntu-latest
name: Extract branch name
outputs:
raw_branch: ${{ steps.extract_branch.outputs.branch_raw }}
formatted_branch: ${{ steps.extract_branch.outputs.branch_formatted }}
steps:
- name: Extract branch
shell: bash
run: |
echo "branch_raw=$(echo ${GITHUB_HEAD_REF:-${GITHUB_REF##*/}})" >> $GITHUB_OUTPUT
echo "branch_formatted=$(echo ${GITHUB_HEAD_REF:-${GITHUB_REF##*/}} | tr -cd '[:alnum:]' | tr '[:upper:]' '[:lower:]' | cut -c1-10)" >> $GITHUB_OUTPUT
id: extract_branch
create_tags:
name: Create Tags
needs: ['branch_name']
uses: ./.github/workflows/sub-task-tags.yml
with:
branch_name: ${{ needs.branch_name.outputs.formatted_branch }}
secrets:
source_github_token: ${{ secrets.GITHUB_TOKEN }}
terraform_lint:
name: Lint terraform code
uses: ./.github/workflows/sub-task-lint.yml
needs: ['branch_name']
with:
workspace: ${{ needs.branch_name.outputs.formatted_branch }}
secrets:
source_github_token: ${{ secrets.GITHUB_TOKEN }}
aws_access_key_id_actions: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
aws_secret_access_key_actions: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
unit_tests:
name: Unit tests
needs: ['create_tags', 'branch_name']
uses: ./.github/workflows/sub-task-unit-tests.yml
docker_build_scan_push:
name: Build, Scan and Push
needs: ['create_tags', 'branch_name']
uses: ./.github/workflows/sub-task-docker-build.yml
with:
tag: ${{ needs.create_tags.outputs.version_tag }}
branch_name: ${{ needs.branch_name.outputs.formatted_branch }}
secrets:
aws_access_key_id_actions: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
aws_secret_access_key_actions: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
terraform_apply:
name: Terraform Plan and Apply Environment
needs: [
'docker_build_scan_push',
'terraform_lint',
'create_tags',
'branch_name',
'unit_tests'
]
uses: ./.github/workflows/sub-task-terraform.yml
with:
terraform_path: 'terraform/environment'
image_tag: ${{ needs.create_tags.outputs.version_tag }}
workspace: ${{ needs.branch_name.outputs.formatted_branch }}
secrets:
aws_access_key_id_actions: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
aws_secret_access_key_actions: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
integration_tests:
name: Integration tests against branch environment
needs: [
'terraform_apply',
'create_tags',
'branch_name'
]
uses: ./.github/workflows/sub-task-integration-tests.yml
with:
workspace: ${{ needs.branch_name.outputs.formatted_branch }}
secrets:
aws_access_key_id_actions: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
aws_secret_access_key_actions: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
workflow_complete:
name: Workflow Complete
runs-on: ubuntu-latest
needs: ['integration_tests']
steps:
- name: Completion message
run: echo "Workflow Complete"