Skip to content

chore: release main #10438

chore: release main

chore: release main #10438

Workflow file for this run

name: tf-ci
on:
- pull_request
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
tf_module_changes:
runs-on: [ARM64, self-hosted, Linux]
permissions:
pull-requests: read
outputs:
run_tf_modules_ci: ${{ steps.filter.outputs.dependencies }}
steps:
- name: Check for changed files
uses: dorny/paths-filter@v2
id: filter
with:
filters: |
dependencies:
- '.github/**'
- 'terraform/modules/**'
find-changed-dirs:
needs: tf_module_changes
if: ${{ needs.tf_module_changes.outputs.run_tf_modules_ci == 'true' }}
runs-on: [ARM64, self-hosted, Linux]
outputs:
allChanges: ${{ steps.changedDirs.outputs.allChanges }}
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
with:
app_id: ${{ secrets.CZI_GITHUB_HELPER_APP_ID }}
private_key: ${{ secrets.CZI_GITHUB_HELPER_PK }}
- uses: actions/checkout@v3
with:
token: ${{ steps.generate_token.outputs.token }}
- uses: dorny/[email protected]
id: filter
with:
initial-fetch-depth: '1'
list-files: json
filters: |
changed:
- added|modified: 'terraform/modules/**'
- uses: actions/github-script@v6
id: changedDirs
with:
script: |
const path = require("path")
const changedFiles = ${{ steps.filter.outputs.changed_files }}
const changedDirs = changedFiles.map(f => path.dirname(f))
const uniqueChangedDirs = [...new Set(changedDirs)];
console.log(`Found the following changed dirs: ${JSON.stringify(uniqueChangedDirs, null, 2)}\n OG: ${JSON.stringify(changedFiles, null, 2)} `)
core.setOutput("allChanges", uniqueChangedDirs)
lint-changed-dirs:
runs-on: [X64, self-hosted, Linux]
needs: [find-changed-dirs, tf_module_changes]
strategy:
matrix:
tfmodule: ${{ fromJson(needs.find-changed-dirs.outputs.allChanges) }}
if: ${{ needs.find-changed-dirs.outputs.allChanges != '[]' && needs.tf_module_changes.outputs.run_tf_modules_ci == 'true' }}
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
with:
app_id: ${{ secrets.CZI_GITHUB_HELPER_APP_ID }}
private_key: ${{ secrets.CZI_GITHUB_HELPER_PK }}
- run: |
mkdir -p ~/.ssh/
ssh-keyscan -H github.com >> ~/.ssh/known_hosts
- name: Install SSH key
uses: webfactory/[email protected]
with:
ssh-private-key: |
${{ secrets.SHARED_INFRA_DEPLOY_KEY }}
- uses: actions/checkout@v3
with:
token: ${{ steps.generate_token.outputs.token }}
ref: ${{ github.event.pull_request.head.ref }}
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.3.0
- name: fix terraform docs
uses: terraform-docs/[email protected]
with:
working-dir: ${{matrix.tfmodule}}
git-push: "true"
template: <!-- START -->\n{{ .Content }}\n<!-- END -->
git-commit-message: |
commit from ci -- ran terraform-docs and pushed
- uses: actions/setup-node@v2
with:
node-version: '18'
- name: fix terraform fmt
run: |
cd ${{matrix.tfmodule}}
terraform fmt
- uses: EndBug/add-and-commit@v9
with:
add: -A
message: |
commit from ci -- ran terraform fmt and pushed
- name: terraform init
run: |
[ -d "${{matrix.tfmodule}}/.validate" ] && cd ${{matrix.tfmodule}}/.validate || cd ${{matrix.tfmodule}}
terraform init
- name: terraform validate
run: |
[ -d "${{matrix.tfmodule}}/.validate" ] && cd ${{matrix.tfmodule}}/.validate || cd ${{matrix.tfmodule}}
terraform validate -no-color
- uses: terraform-linters/setup-tflint@v3
with:
tflint_version: latest
- name: run tflint
run: |
cd ${{matrix.tfmodule}}
tflint -f compact