Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: replace export-aws-secrets-manager to get-secrets #1353

Open
wants to merge 37 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
f7f5a3b
fix: remove outputs terraform_targets and tfmigrate_targets
suzuki-shunsuke Nov 9, 2023
f6d3abf
chore: update Node.js 16 to 20
suzuki-shunsuke Nov 9, 2023
39eebcb
fix(scaffold-working-dir): stop adding conftest to aqua.yaml
suzuki-shunsuke Nov 9, 2023
81cbd09
fix(get-global-config): skip creating aqua.yaml by default
suzuki-shunsuke Nov 9, 2023
0d75d54
fix: enable trivy and disable tfsec by default
suzuki-shunsuke Nov 9, 2023
6ef0e05
feat: merge actions' inputs github_token and github_app_token
suzuki-shunsuke Nov 9, 2023
f85894c
feat(scaffold-module): separate actions with generating codes and cre…
suzuki-shunsuke Nov 25, 2023
d45bc33
feat(scaffold-module): require module templates (#1341)
suzuki-shunsuke Nov 25, 2023
9f5e5dc
fix(scaffold-module): remove a template and create tfaction_module.ya…
suzuki-shunsuke Nov 25, 2023
332d61a
Merge branch 'main' into dev-v1
suzuki-shunsuke Nov 25, 2023
9ee20f5
feat: support running `terraform plan` with the `-destroy` option (#1…
suzuki-shunsuke Nov 25, 2023
2e3c954
Merge branch 'main' into dev-v1
suzuki-shunsuke Nov 27, 2023
5987a16
feat: replace export-aws-secrets-manager to get-secrets
suzuki-shunsuke Nov 28, 2023
4a5f5bd
fix: mask secrets
suzuki-shunsuke Nov 28, 2023
9a94f66
fix: typo
suzuki-shunsuke Nov 28, 2023
2d36735
fix: fix parse error
suzuki-shunsuke Nov 28, 2023
6f1e34d
fix: remove invalid inputs
suzuki-shunsuke Nov 28, 2023
fd2d7ca
refactor: use optional (#1375)
suzuki-shunsuke Dec 5, 2023
5c46bf6
fix(get-target-config): enable trivy and disable tfsec by default
suzuki-shunsuke Dec 7, 2023
98cdf9e
Merge remote-tracking branch 'origin/main' into dev-v1
suzuki-shunsuke Dec 7, 2023
5d6ab60
Merge branch 'main' into dev-v1
suzuki-shunsuke Dec 10, 2023
628aee1
Merge remote-tracking branch 'origin/dev-v1' into secure-secret-manag…
suzuki-shunsuke Dec 10, 2023
43e103f
fix: remove export-aws-secrets-manager
suzuki-shunsuke Dec 10, 2023
2945344
refactor: refactor JavaScript action
suzuki-shunsuke Dec 11, 2023
0e160bd
refactor: refactor
suzuki-shunsuke Dec 11, 2023
1c55dcb
refactor: change null to undefined
suzuki-shunsuke Dec 11, 2023
23103fe
style: format with prettier
suzuki-shunsuke Dec 11, 2023
5a15322
chore: npm run build
suzuki-shunsuke Dec 11, 2023
f06dd3a
ci: fix test
suzuki-shunsuke Dec 11, 2023
4c7fc83
docs: fix JSON Schema
suzuki-shunsuke Dec 11, 2023
70afe44
test: fix test file
suzuki-shunsuke Dec 11, 2023
d0fd779
test: fix a test file
suzuki-shunsuke Dec 11, 2023
693a5b7
test: fix a test file and JSON Schema
suzuki-shunsuke Dec 11, 2023
ef03cd9
fix: fix TargetConfig
suzuki-shunsuke Dec 11, 2023
d7fab27
fix: improve job_type validation
suzuki-shunsuke Dec 11, 2023
a6be3b2
Merge remote-tracking branch 'origin/main' into secure-secret-management
suzuki-shunsuke Dec 19, 2023
e45a939
Merge branch 'main' into secure-secret-management
suzuki-shunsuke Dec 19, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 38 additions & 19 deletions .cmdx.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,22 +2,41 @@
# cmdx - task runner
# https://github.com/suzuki-shunsuke/cmdx
tasks:
- name: release
short: r
description: release the new version
usage: release the new version
script: gh workflow run release.yaml -f tag={{.version}}
args:
- name: version
required: true
validate:
- regexp: "^v\\d+\\.\\d+.\\d+(-\\d+)?$"
- name: schema
description: build JSON Schema
usage: build JSON Schema
require:
exec:
- generate-schema-doc
script: |
mkdir -p build
generate-schema-doc --expand-buttons --link-to-reused-ref schema build
- name: release
short: r
description: release the new version
usage: release the new version
script: gh workflow run release.yaml -f tag={{.version}}
args:
- name: version
required: true
validate:
- regexp: "^v\\d+\\.\\d+.\\d+(-\\d+)?$"
- name: schema
description: build JSON Schema
usage: build JSON Schema
require:
exec:
- generate-schema-doc
script: |
mkdir -p build
generate-schema-doc --expand-buttons --link-to-reused-ref schema build
- name: build
description: build TypeScript
usage: build TypeScript
script: |
set -euo pipefail
pushd lib
npm run build
popd
for dir in $(git ls-files | grep package.json | grep -v -E '^package\.json' | grep -v lib/package.json | xargs -n 1 dirname); do
pushd "$dir"
npm run build
popd
done

- name: fmt
description: Format with prettier
usage: Format with prettier
script: |
npm run fmt
2 changes: 1 addition & 1 deletion .github/workflows/create-pr-branch.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ on:
workflow_dispatch:
inputs:
pr:
description: 'Pull Request Number'
description: "Pull Request Number"
required: true
jobs:
create-pr-branch:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/prerelease-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@ on:
workflow_dispatch:
inputs:
tag:
description: 'tag'
description: "tag"
required: true
pr:
description: 'pr number'
description: "pr number"
required: true
permissions:
contents: write
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@ on:
workflow_dispatch:
inputs:
tag:
description: 'tag'
description: "tag"
required: true
ref:
description: 'released ref (branch, tag or SHA). By default, the default branch is used'
description: "released ref (branch, tag or SHA). By default, the default branch is used"
required: false
default: ''
default: ""
permissions:
contents: write
jobs:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/wc-create-pr-branch.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ on:
workflow_call:
inputs:
pr:
description: 'Pull Request Number'
description: "Pull Request Number"
required: true
type: number
secrets:
Expand Down
10 changes: 4 additions & 6 deletions .github/workflows/wc-test-get-target-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,11 @@ jobs:
env:
TFACTION_CONFIG: get-target-config/tests/config-1.yaml
TFACTION_TARGET: aws/foo
TFACTION_IA_APPLY: 'false'
TFACTION_JOB_TYPE: 'terraform'
TFACTION_IA_APPLY: "false"
TFACTION_JOB_TYPE: "terraform"
- run: echo "${{ steps.target-config.outputs.working_directory }}"
- run: echo "${{ steps.target-config.outputs.aws_assume_role_arn }}"
- run: echo "${{ steps.target-config.outputs.aws_region }}"
- run: echo "${{ steps.target-config.outputs.s3_bucket_name_plan_file }}"
- run: echo "${{ steps.target-config.outputs.s3_bucket_name_tfmigrate_history }}"
- run: echo "${{ steps.target-config.outputs.template_dir }}"

Expand All @@ -38,9 +37,8 @@ jobs:
env:
TFACTION_CONFIG: get-target-config/tests/config-1.yaml
TFACTION_TARGET: gcp/foo
TFACTION_IA_APPLY: 'false'
TFACTION_JOB_TYPE: 'terraform'
TFACTION_IA_APPLY: "false"
TFACTION_JOB_TYPE: "terraform"
- run: echo "${{ steps.target-config.outputs.working_directory }}"
- run: echo "${{ steps.target-config.outputs.gcs_bucket_name_plan_file }}"
- run: echo "${{ steps.target-config.outputs.gcs_bucket_name_tfmigrate_history }}"
- run: echo "${{ steps.target-config.outputs.template_dir }}"
1 change: 1 addition & 0 deletions .prettierignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
**/dist
7 changes: 6 additions & 1 deletion apply/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,23 @@ name: apply
description: apply
inputs:
github_token:
description: 'GitHub Access Token'
description: "GitHub Access Token"
required: false
default: ${{ github.token }}
secrets:
required: false
default: "{}"
runs:
using: composite
steps:
- uses: suzuki-shunsuke/tfaction/terraform-apply@main
if: env.TFACTION_JOB_TYPE == 'terraform'
with:
github_token: ${{inputs.github_token}}
secrets: ${{inputs.secrets}}

- uses: suzuki-shunsuke/tfaction/tfmigrate-apply@main
if: env.TFACTION_JOB_TYPE == 'tfmigrate'
with:
github_token: ${{inputs.github_token}}
secrets: ${{inputs.secrets}}
2 changes: 1 addition & 1 deletion aqua/actionlint.yaml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
packages:
- name: rhysd/actionlint@v1.6.26
- name: rhysd/actionlint@v1.6.26
10 changes: 5 additions & 5 deletions check-terraform-skip/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,17 @@ name: Check if terraform plan and apply are skipped
description: Check if terraform plan and apply are skipped
inputs:
labels:
description: 'Labels File'
description: "Labels File"
required: true
skip_label_prefix:
description: 'Skip Label Prefix'
description: "Skip Label Prefix"
required: true
pr_author:
description: 'Pull Request Author'
description: "Pull Request Author"
required: true
outputs:
skip_terraform:
description: whether terraform is skipped
runs:
using: 'node20'
main: 'dist/index.js'
using: "node20"
main: "dist/index.js"
99 changes: 99 additions & 0 deletions check-terraform-skip/dist/LICENSE

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading