Skip to content

Commit

Permalink
Merge pull request #34 from using-system/features/improve-workflows
Browse files Browse the repository at this point in the history 
feat: update tf modules github workflows
  • Loading branch information
@using-system
using-system authored Mar 5, 2024
2 parents f4d0bc3 + ac2629c commit 308aa99
Show file tree
Hide file tree
Showing 5 changed files with 112 additions and 141 deletions.
37 changes: 0 additions & 37 deletions .github/workflows/release.yml
View file

This file was deleted.

72 changes: 0 additions & 72 deletions .github/workflows/tf-modules-doc.yml
View file

This file was deleted.

78 changes: 78 additions & 0 deletions .github/workflows/tf-modules-release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
name: TF Modules - Create a new release

on:
push:
branches:
- main
paths:
- "terraform/modules/**"
workflow_dispatch:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

permissions:
id-token: write
contents: write

jobs:

changed-modules:
name: Get changed files
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.changed-files.outputs.all_changed_files }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v42
with:
json: true
quotepath: false
escape_json: false
dir_names: 'true'
files: terraform/modules/**
dir_names_max_depth: '3'
- name: List all changed files
run: echo '${{ steps.changed-files.outputs.all_changed_files }}'

release:
runs-on: ubuntu-latest
needs: changed-modules
strategy:
fail-fast: false
max-parallel: 1
matrix:
module: ${{ fromJson(needs.changed-modules.outputs.matrix) }}
steps:
- name: Checkout
uses: actions/checkout@v4

- id: extract_module
run: |
module=$(echo '${{ matrix.module }}' | sed 's|modules/||')
echo "module=${module}" >> $GITHUB_OUTPUT
- name: Bump version and push tag
id: tag_version
uses: mathieudutour/github-tag-action@v6.1
with:
release_branches: main
default_bump: "patch"
tag_prefix: "${{ steps.extract_module.outputs.module }}-v"
create_annotated_tag: true
github_token: ${{ secrets.GITHUB_TOKEN }}

- name: Release
uses: softprops/action-gh-release@v1
with:
name: ${{ steps.tag_version.outputs.new_tag }}
body: ${{ steps.tag_version.outputs.changelog }}
tag_name: ${{ steps.tag_version.outputs.new_tag }}
generate_release_notes: true
token: ${{ secrets.GITHUB_TOKEN }}
20 changes: 11 additions & 9 deletions .github/workflows/tf-modules-validation.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Terraform modules validaton
name: TF Modules - Validaton

on:
push:
Expand All @@ -11,10 +11,12 @@ on:
paths:
- "terraform/modules/**"
- ".github/workflows/tf-modules-validation.yml"

workflow_dispatch:

concurrency:
group: ${{ github.workflow }}
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false

permissions:
id-token: write
contents: read
Expand All @@ -24,7 +26,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4

- id: get-tf-modules
name: "Build TF modules matrix"
Expand Down Expand Up @@ -53,10 +55,10 @@ jobs:
working-directory: "terraform/modules/${{ matrix.modules }}"
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
terraform_version: latest
Expand All @@ -80,21 +82,21 @@ jobs:
working-directory: "terraform/modules/${{ matrix.modules }}"

- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
client-id: ${{ env.ARM_CLIENT_ID }}
tenant-id: ${{ env.ARM_TENANT_ID }}
subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}

- uses: dorny/paths-filter@v2
- uses: dorny/paths-filter@v3
id: changes
with:
filters: |
module:
- 'terraform/modules/${{ matrix.modules }}/**'
- name: Terraform Test
if: steps.changes.outputs.module == 'true' || (github.event_name == 'push' && github.ref == 'refs/heads/main')
if: steps.changes.outputs.module == 'true' || (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch')
run: |
OUTPUT=$(terraform test)
echo "$OUTPUT"
Expand Down
46 changes: 23 additions & 23 deletions terraform/modules/az-des/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,42 +5,42 @@ No requirements.

## Providers

| Name | Version |
|------|---------|
| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | 3.82.0 |
| Name | Version |
| ------------------------------------------------------------- | ------- |
| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | 3.82.0 |

## Modules

No modules.

## Resources

| Name | Type |
|------|------|
| Name | Type |
| -------------------------------------------------------------------------------------------------------------------------------------- | -------- |
| [azurerm_disk_encryption_set.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/disk_encryption_set) | resource |
| [azurerm_key_vault_key.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key) | resource |
| [azurerm_role_assignment.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
| [azurerm_key_vault_key.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key) | resource |
| [azurerm_role_assignment.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_auto_rotation_time_before_expiry"></a> [auto\_rotation\_time\_before\_expiry](#input\_auto\_rotation\_time\_before\_expiry) | The time before expiry to automatically rotate the key. | `string` | `"P7D"` | no |
| <a name="input_expiration_date"></a> [expiration\_date](#input\_expiration\_date) | The date after which the key expires. | `string` | `null` | no |
| <a name="input_identity_id"></a> [identity\_id](#input\_identity\_id) | The ID of the identity to assign to the disk encryption set. | `string` | n/a | yes |
| <a name="input_key_size"></a> [key\_size](#input\_key\_size) | The size of the key to use for encryption. | `number` | `4096` | no |
| <a name="input_kv_id"></a> [kv\_id](#input\_kv\_id) | The ID of the Key Vault to use for encryption. | `string` | n/a | yes |
| <a name="input_location"></a> [location](#input\_location) | The Azure Region in which all resources in this example should be created. | `string` | n/a | yes |
| <a name="input_name"></a> [name](#input\_name) | The name of the disk encryption set. | `string` | n/a | yes |
| <a name="input_principal_id"></a> [principal\_id](#input\_principal\_id) | The ID of the principal to assign to the disk encryption set. | `string` | n/a | yes |
| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which all resources in this example should be created. | `string` | n/a | yes |
| <a name="input_rotation_expire_after"></a> [rotation\_expire\_after](#input\_rotation\_expire\_after) | The time after which the key expires. | `string` | `"P30D"` | no |
| <a name="input_rotation_notify_before_expiry"></a> [rotation\_notify\_before\_expiry](#input\_rotation\_notify\_before\_expiry) | The time before expiry to notify that the key is expiring. | `string` | `"P7D"` | no |
| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource. | `map(string)` | n/a | yes |
| Name | Description | Type | Default | Required |
| ------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------- | ------------- | -------- | :------: |
| <a name="input_auto_rotation_time_before_expiry"></a> [auto\_rotation\_time\_before\_expiry](#input\_auto\_rotation\_time\_before\_expiry) | The time before expiry to automatically rotate the key. | `string` | `"P7D"` | no |
| <a name="input_expiration_date"></a> [expiration\_date](#input\_expiration\_date) | The date after which the key expires. | `string` | `null` | no |
| <a name="input_identity_id"></a> [identity\_id](#input\_identity\_id) | The ID of the identity to assign to the disk encryption set. | `string` | n/a | yes |
| <a name="input_key_size"></a> [key\_size](#input\_key\_size) | The size of the key to use for encryption. | `number` | `4096` | no |
| <a name="input_kv_id"></a> [kv\_id](#input\_kv\_id) | The ID of the Key Vault to use for encryption. | `string` | n/a | yes |
| <a name="input_location"></a> [location](#input\_location) | The Azure Region in which all resources in this example should be created. | `string` | n/a | yes |
| <a name="input_name"></a> [name](#input\_name) | The name of the disk encryption set. | `string` | n/a | yes |
| <a name="input_principal_id"></a> [principal\_id](#input\_principal\_id) | The ID of the principal to assign to the disk encryption set. | `string` | n/a | yes |
| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which all resources in this example should be created. | `string` | n/a | yes |
| <a name="input_rotation_expire_after"></a> [rotation\_expire\_after](#input\_rotation\_expire\_after) | The time after which the key expires. | `string` | `"P30D"` | no |
| <a name="input_rotation_notify_before_expiry"></a> [rotation\_notify\_before\_expiry](#input\_rotation\_notify\_before\_expiry) | The time before expiry to notify that the key is expiring. | `string` | `"P7D"` | no |
| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource. | `map(string)` | n/a | yes |

## Outputs

| Name | Description |
|------|-------------|
| Name | Description |
| ------------------------------------------ | --------------------------------- |
| <a name="output_id"></a> [id](#output\_id) | The ID of the Disk Encryption Set |
<!-- END_TF_DOCS -->

0 comments on commit 308aa99

Please sign in to comment.