Skip to content
.github/workflows/deploy_terraform_networking.yml

Adding Github_Token to workflows #1

Sign in to view logs

Adding Github_Token to workflows

Adding Github_Token to workflows #1

Workflow file for this run

.github/workflows/deploy_terraform_networking.yml at 3d93780
name: Deploy Data-Platform Terraform Networking
env:
aws_deploy_region: "eu-west-2"
on:
workflow_call:
inputs:
terraform_infra_import:
description: "Terraform import statements"
required: false
default: ""
type: string
terraform_infra_remove:
description: "Terraform state rm statements"
required: false
default: ""
type: string
environment:
description: "Environment to deploy to"
required: true
type: string
automation_build_url:
description: "Link to where the build pipeline is defined"
type: string
required: true
build_path:
required: true
type: string
terraform_state_s3_key_prefix:
required: true
type: string
terraform_state_file_name:
required: true
type: string
secrets:
GOOGLE_PROJECT_ID:
required: true
AWS_DEPLOY_ACCOUNT_ID:
description: "ID of Account being deployed to"
required: true
INFRASTRUCTURE_PRIVATE_KEY:
required: true
AWS_ACCESS_KEY_ID:
required: true
AWS_SECRET_ACCESS_KEY:
required: true
AWS_API_ACCOUNT_PROD:
required: true
AWS_MOSAIC_PROD_ACCOUNT_ID:
required: true
AWS_DATA_PLATFORM_ACCOUNT_ID:
required: true
AWS_HACKIT_ACCOUNT_ID:
required: true
AWS_SANDBOX_ACCOUNT_ID:
required: true
AWS_ROLE_TO_ASSUME:
required: true
AWS_API_VPC_ID:
required: true
AWS_HOUSING_VPC_ID:
required: true
AWS_MOSAIC_VPC_ID:
required: true
AWS_DP_VPC_ID:
required: true
GOOGLE_CREDENTIALS:
required: true
TERRAFORM_SECRET_TOKEN:
required: true
GITHUB_TOKEN:

Check failure on line 71 in .github/workflows/deploy_terraform_networking.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/deploy_terraform_networking.yml

Invalid workflow file 

secret name `GITHUB_TOKEN` within `workflow_call` can not be used since it would collide with system reserved name
required: false
jobs:
deploy:
name: Terraform Apply
runs-on: ubuntu-24.04
environment: ${{ inputs.environment }}
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Set Github Auth
run: git config --global url."https://oauth2:${{ secrets.TERRAFORM_SECRET_TOKEN}}@github.com".insteadOf https://github.com
shell: bash
- name: Install Terraform
uses: hashicorp/[email protected]
with:
terraform_wrapper: false
terraform_version: 1.2.0
- name: Add a key to allow access to Infastructure
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
echo "${{ secrets.INFRASTRUCTURE_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 400 ~/.ssh/id_rsa ~/.ssh/known_hosts
- name: Set up Google Cloud Credentials
run: |
echo $GOOGLE_CREDENTIALS >> ./google_service_account_creds.json
shell: bash
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
- name: Deploy Data Platform in ${{ inputs.build_path }}
uses: ./.github/actions/terraform-deploy
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_deploy_region: ${{ env.aws_deploy_region }}
terraform_state_s3_key_prefix: ${{ inputs.terraform_state_s3_key_prefix }}
terraform_state_file_name: ${{ inputs.terraform_state_file_name }}
build_path: ${{ inputs.build_path }}
automation_build_url: ${{ inputs.automation_build_url }}
environment: ${{ inputs.environment }}
google_project_id: ${{ secrets.GOOGLE_PROJECT_ID }}
aws_deploy_account_id: ${{ secrets.AWS_DEPLOY_ACCOUNT_ID }}
aws_api_account_id: ${{ secrets.AWS_API_ACCOUNT_PROD }}
aws_mosaic_prod_account_id: ${{ secrets.AWS_MOSAIC_PROD_ACCOUNT_ID }}
aws_data_platform_account_id: ${{ secrets.AWS_DATA_PLATFORM_ACCOUNT_ID }}
aws_sandbox_account_id: ${{ secrets.AWS_SANDBOX_ACCOUNT_ID }}
aws_api_vpc_id: ${{ secrets.AWS_API_VPC_ID }}
aws_housing_vpc_id: ${{ secrets.AWS_HOUSING_VPC_ID }}
aws_mosaic_vpc_id: ${{ secrets.AWS_MOSAIC_VPC_ID }}
aws_dp_vpc_id: ${{ secrets.AWS_DP_VPC_ID }}
aws_hackit_account_id: ${{ secrets.AWS_HACKIT_ACCOUNT_ID }}
aws_deploy_iam_role_name: ${{ secrets.AWS_ROLE_TO_ASSUME }}
branch: "main"