diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
deleted file mode 100644
index 4ca702c2..00000000
--- a/.github/workflows/release.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-name: Create a new release
-
-on:
- push:
- branches:
- - main
- paths:
- - "terraform/modules/**"
-
-concurrency:
- group: ${{ github.workflow }}
- cancel-in-progress: true
-
-jobs:
- release:
- runs-on: ubuntu-latest
- steps:
- - name: Checkout
- uses: actions/checkout@v3
-
- - name: Bump version and push tag
- id: tag_version
- uses: mathieudutour/github-tag-action@v6.1
- with:
- release_branches: main
- default_bump: "patch"
- create_annotated_tag: true
- github_token: ${{ secrets.GITHUB_TOKEN }}
-
- - name: Release
- uses: softprops/action-gh-release@v1
- with:
- name: Release ${{ steps.tag_version.outputs.new_tag }}
- body: ${{ steps.tag_version.outputs.changelog }}
- tag_name: ${{ steps.tag_version.outputs.new_tag }}
- generate_release_notes: true
- token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/.github/workflows/tf-modules-doc.yml b/.github/workflows/tf-modules-doc.yml
deleted file mode 100644
index 22688bbd..00000000
--- a/.github/workflows/tf-modules-doc.yml
+++ /dev/null
@@ -1,72 +0,0 @@
-name: Terraform modules documentation
-
-on:
- pull_request:
- paths:
- - "terraform/modules/**"
- - ".github/workflows/tf-modules-doc.yml"
-
-concurrency:
- group: ${{ github.workflow }}
- cancel-in-progress: false
-permissions:
- id-token: write
- contents: write
-
-jobs:
- get-tf-modules:
- runs-on: ubuntu-latest
- steps:
- - name: Checkout
- uses: actions/checkout@v3
-
- - id: get-tf-modules
- name: "Build TF modules matrix"
- run: |
- modules=$(ls -d */ | sed 's#/##' | jq -R -s -c 'split("\n") | map(select(length > 0))')
- echo "modules=$modules" >> $GITHUB_OUTPUT
- working-directory: "terraform/modules/"
- outputs:
- modules: ${{ steps.get-tf-modules.outputs.modules }}
-
- tf-modules-documentation:
- name: Terraform
- needs: get-tf-modules
- runs-on: ubuntu-latest
- strategy:
- max-parallel: 1
- fail-fast: false
- matrix:
- modules: ${{ fromJson(needs.get-tf-modules.outputs.modules) }}
- defaults:
- run:
- working-directory: "terraform/modules/${{ matrix.modules }}"
- steps:
- - name: Checkout
- uses: actions/checkout@v3
- with:
- ref: ${{ github.event.pull_request.head.ref }}
-
- - name: Setup Terraform
- uses: hashicorp/setup-terraform@v2
- with:
- terraform_wrapper: false
- terraform_version: latest
-
- - name: Terraform Version
- run: terraform version
-
- - name: Terraform Init
- run: terraform init
-
- - name: Terraform Validate
- run: terraform validate
-
- - name: Render terraform docs and push changes back to PR
- if: github.event_name == 'pull_request'
- uses: terraform-docs/gh-actions@v1.0.0
- with:
- working-dir: "terraform/modules/${{ matrix.modules }}"
- output-file: README.md
- output-method: inject
- git-push: "true"
\ No newline at end of file
diff --git a/.github/workflows/tf-modules-release.yml b/.github/workflows/tf-modules-release.yml
new file mode 100644
index 00000000..22ed916a
--- /dev/null
+++ b/.github/workflows/tf-modules-release.yml
@@ -0,0 +1,78 @@
+name: TF Modules - Create a new release
+
+on:
+ push:
+ branches:
+ - main
+ paths:
+ - "terraform/modules/**"
+ workflow_dispatch:
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: true
+
+permissions:
+ id-token: write
+ contents: write
+
+jobs:
+
+ changed-modules:
+ name: Get changed files
+ runs-on: ubuntu-latest
+ outputs:
+ matrix: ${{ steps.changed-files.outputs.all_changed_files }}
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: Get changed files
+ id: changed-files
+ uses: tj-actions/changed-files@v42
+ with:
+ json: true
+ quotepath: false
+ escape_json: false
+ dir_names: 'true'
+ files: terraform/modules/**
+ dir_names_max_depth: '3'
+ - name: List all changed files
+ run: echo '${{ steps.changed-files.outputs.all_changed_files }}'
+
+ release:
+ runs-on: ubuntu-latest
+ needs: changed-modules
+ strategy:
+ fail-fast: false
+ max-parallel: 1
+ matrix:
+ module: ${{ fromJson(needs.changed-modules.outputs.matrix) }}
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ - id: extract_module
+ run: |
+ module=$(echo '${{ matrix.module }}' | sed 's|modules/||')
+ echo "module=${module}" >> $GITHUB_OUTPUT
+
+ - name: Bump version and push tag
+ id: tag_version
+ uses: mathieudutour/github-tag-action@v6.1
+ with:
+ release_branches: main
+ default_bump: "patch"
+ tag_prefix: "${{ steps.extract_module.outputs.module }}-v"
+ create_annotated_tag: true
+ github_token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Release
+ uses: softprops/action-gh-release@v1
+ with:
+ name: ${{ steps.tag_version.outputs.new_tag }}
+ body: ${{ steps.tag_version.outputs.changelog }}
+ tag_name: ${{ steps.tag_version.outputs.new_tag }}
+ generate_release_notes: true
+ token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/.github/workflows/tf-modules-validation.yml b/.github/workflows/tf-modules-validation.yml
index 51ef252b..56e805a9 100644
--- a/.github/workflows/tf-modules-validation.yml
+++ b/.github/workflows/tf-modules-validation.yml
@@ -1,4 +1,4 @@
-name: Terraform modules validaton
+name: TF Modules - Validaton
on:
push:
@@ -11,10 +11,12 @@ on:
paths:
- "terraform/modules/**"
- ".github/workflows/tf-modules-validation.yml"
-
+ workflow_dispatch:
+
concurrency:
- group: ${{ github.workflow }}
+ group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
+
permissions:
id-token: write
contents: read
@@ -24,7 +26,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- id: get-tf-modules
name: "Build TF modules matrix"
@@ -53,10 +55,10 @@ jobs:
working-directory: "terraform/modules/${{ matrix.modules }}"
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Setup Terraform
- uses: hashicorp/setup-terraform@v2
+ uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
terraform_version: latest
@@ -80,13 +82,13 @@ jobs:
working-directory: "terraform/modules/${{ matrix.modules }}"
- name: Azure Login
- uses: azure/login@v1
+ uses: azure/login@v2
with:
client-id: ${{ env.ARM_CLIENT_ID }}
tenant-id: ${{ env.ARM_TENANT_ID }}
subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
- - uses: dorny/paths-filter@v2
+ - uses: dorny/paths-filter@v3
id: changes
with:
filters: |
@@ -94,7 +96,7 @@ jobs:
- 'terraform/modules/${{ matrix.modules }}/**'
- name: Terraform Test
- if: steps.changes.outputs.module == 'true' || (github.event_name == 'push' && github.ref == 'refs/heads/main')
+ if: steps.changes.outputs.module == 'true' || (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch')
run: |
OUTPUT=$(terraform test)
echo "$OUTPUT"
diff --git a/terraform/modules/az-des/README.md b/terraform/modules/az-des/README.md
index 0224cbca..b9a0e889 100644
--- a/terraform/modules/az-des/README.md
+++ b/terraform/modules/az-des/README.md
@@ -5,9 +5,9 @@ No requirements.
## Providers
-| Name | Version |
-|------|---------|
-| [azurerm](#provider\_azurerm) | 3.82.0 |
+| Name | Version |
+| ------------------------------------------------------------- | ------- |
+| [azurerm](#provider\_azurerm) | 3.82.0 |
## Modules
@@ -15,32 +15,32 @@ No modules.
## Resources
-| Name | Type |
-|------|------|
+| Name | Type |
+| -------------------------------------------------------------------------------------------------------------------------------------- | -------- |
| [azurerm_disk_encryption_set.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/disk_encryption_set) | resource |
-| [azurerm_key_vault_key.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key) | resource |
-| [azurerm_role_assignment.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_key_vault_key.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key) | resource |
+| [azurerm_role_assignment.des](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
## Inputs
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [auto\_rotation\_time\_before\_expiry](#input\_auto\_rotation\_time\_before\_expiry) | The time before expiry to automatically rotate the key. | `string` | `"P7D"` | no |
-| [expiration\_date](#input\_expiration\_date) | The date after which the key expires. | `string` | `null` | no |
-| [identity\_id](#input\_identity\_id) | The ID of the identity to assign to the disk encryption set. | `string` | n/a | yes |
-| [key\_size](#input\_key\_size) | The size of the key to use for encryption. | `number` | `4096` | no |
-| [kv\_id](#input\_kv\_id) | The ID of the Key Vault to use for encryption. | `string` | n/a | yes |
-| [location](#input\_location) | The Azure Region in which all resources in this example should be created. | `string` | n/a | yes |
-| [name](#input\_name) | The name of the disk encryption set. | `string` | n/a | yes |
-| [principal\_id](#input\_principal\_id) | The ID of the principal to assign to the disk encryption set. | `string` | n/a | yes |
-| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which all resources in this example should be created. | `string` | n/a | yes |
-| [rotation\_expire\_after](#input\_rotation\_expire\_after) | The time after which the key expires. | `string` | `"P30D"` | no |
-| [rotation\_notify\_before\_expiry](#input\_rotation\_notify\_before\_expiry) | The time before expiry to notify that the key is expiring. | `string` | `"P7D"` | no |
-| [tags](#input\_tags) | A mapping of tags to assign to the resource. | `map(string)` | n/a | yes |
+| Name | Description | Type | Default | Required |
+| ------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------- | ------------- | -------- | :------: |
+| [auto\_rotation\_time\_before\_expiry](#input\_auto\_rotation\_time\_before\_expiry) | The time before expiry to automatically rotate the key. | `string` | `"P7D"` | no |
+| [expiration\_date](#input\_expiration\_date) | The date after which the key expires. | `string` | `null` | no |
+| [identity\_id](#input\_identity\_id) | The ID of the identity to assign to the disk encryption set. | `string` | n/a | yes |
+| [key\_size](#input\_key\_size) | The size of the key to use for encryption. | `number` | `4096` | no |
+| [kv\_id](#input\_kv\_id) | The ID of the Key Vault to use for encryption. | `string` | n/a | yes |
+| [location](#input\_location) | The Azure Region in which all resources in this example should be created. | `string` | n/a | yes |
+| [name](#input\_name) | The name of the disk encryption set. | `string` | n/a | yes |
+| [principal\_id](#input\_principal\_id) | The ID of the principal to assign to the disk encryption set. | `string` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which all resources in this example should be created. | `string` | n/a | yes |
+| [rotation\_expire\_after](#input\_rotation\_expire\_after) | The time after which the key expires. | `string` | `"P30D"` | no |
+| [rotation\_notify\_before\_expiry](#input\_rotation\_notify\_before\_expiry) | The time before expiry to notify that the key is expiring. | `string` | `"P7D"` | no |
+| [tags](#input\_tags) | A mapping of tags to assign to the resource. | `map(string)` | n/a | yes |
## Outputs
-| Name | Description |
-|------|-------------|
+| Name | Description |
+| ------------------------------------------ | --------------------------------- |
| [id](#output\_id) | The ID of the Disk Encryption Set |
\ No newline at end of file