Add Terraform force-unlock step to VMSS deploy workflow #14
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy VMSS Infrastructure | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: ['**'] | |
| paths: | |
| - 'gh-runners/**' | |
| - '.github/workflows/vmss-deploy.yml' | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| terraform: | |
| name: Deploy Azure VMSS | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Azure Login | |
| uses: azure/login@v1 | |
| with: | |
| creds: ${{ secrets.VMSS_AZURE_CREDENTIALS }} | |
| - name: Extract Azure credentials for Terraform | |
| id: azure-creds | |
| run: | | |
| echo "ARM_CLIENT_ID=$(echo '${{ secrets.VMSS_AZURE_CREDENTIALS }}' | jq -r '.clientId')" >> $GITHUB_ENV | |
| echo "ARM_CLIENT_SECRET=$(echo '${{ secrets.VMSS_AZURE_CREDENTIALS }}' | jq -r '.clientSecret')" >> $GITHUB_ENV | |
| echo "ARM_SUBSCRIPTION_ID=$(echo '${{ secrets.VMSS_AZURE_CREDENTIALS }}' | jq -r '.subscriptionId')" >> $GITHUB_ENV | |
| echo "ARM_TENANT_ID=$(echo '${{ secrets.VMSS_AZURE_CREDENTIALS }}' | jq -r '.tenantId')" >> $GITHUB_ENV | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: "1.5.0" | |
| - name: Terraform Init | |
| working-directory: ./gh-runners | |
| run: terraform init | |
| - name: Force unlock if stuck | |
| working-directory: ./gh-runners | |
| continue-on-error: true | |
| run: terraform force-unlock -force f7767d91-1834-0df5-462d-c30ba2872217 | |
| - name: Terraform Validate | |
| working-directory: ./gh-runners | |
| run: terraform validate | |
| - name: Terraform Plan | |
| working-directory: ./gh-runners | |
| run: | | |
| terraform plan \ | |
| -var-file="variables.tfvars" \ | |
| -var="github_token=${{ secrets.VMSS_GH_PAT }}" \ | |
| -out=tfplan | |
| - name: Terraform Apply | |
| if: github.event_name == 'push' | |
| working-directory: ./gh-runners | |
| run: terraform apply -auto-approve tfplan | |
| - name: Deployment Summary | |
| if: github.event_name == 'push' | |
| working-directory: ./gh-runners | |
| run: | | |
| echo "## VMSS Deployment Complete 🚀" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "- Resource Group: dbatools-ci-runners" >> $GITHUB_STEP_SUMMARY | |
| echo "- VMSS Name: dbatools-runner-vmss" >> $GITHUB_STEP_SUMMARY | |
| echo "- Max Instances: 3" >> $GITHUB_STEP_SUMMARY | |
| echo "- Runner Group: Default (no custom group)" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "Next: Scale VMSS to 1 instance to test runner registration" >> $GITHUB_STEP_SUMMARY |