-
Notifications
You must be signed in to change notification settings - Fork 12
Break terraform to modules #365
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
43 commits
Select commit
Hold shift + click to select a range
7f86f67
separate modules
cunla 17273e3
separate modules
cunla e654c16
separate modules
cunla 18f43f5
Merge branch 'main' into tf-modules
cunla 27f6c96
GHA
cunla c083968
Merge branch 'refs/heads/main' into tf-modules
cunla 75b9129
wip
cunla 893cb92
wip
cunla da22477
wip
cunla 9ca2ccc
wip
cunla ffeaf3d
wip
cunla 89d5f77
wip
cunla 7f2597e
wip
cunla 70015e6
wip
cunla cd408d1
wip
cunla 5e3be68
wip
cunla d5b8119
wip
cunla 0654905
wip
cunla 085b447
wip
cunla 65358cd
Merge branch 'main' into tf-modules
cunla 4eb48bc
remove org secrets
cunla 3c265a1
wip
cunla 21cef27
move readme
cunla 49b6945
wip
cunla 56db0df
wip
cunla 879fa24
wip
cunla f3de36d
Update .github/workflows/repos-apply.yml
cunla 6f7de67
Update .github/workflows/repos-plan.yml
cunla 8311e29
Update .github/workflows/repos-apply.yml
cunla ac9788a
wip
cunla 18c65cf
Merge branch 'main' into tf-modules
cunla 29aabb6
updated org state
cunla a37e6a9
Merge branch 'main' into tf-modules
cunla 1a32773
Break to tf modules
cunla 03ad940
Break to tf modules
cunla c69c547
Merge branch 'main' into tf-modules
cunla 6a12b2c
Change GH action version
cunla b0c215e
Merge branch 'main' into tf-modules
cunla 2222054
update state file
cunla bfde846
add auto_approve
cunla 6dc6a4b
Merge branch 'main' into tf-modules
cunla 5bc8b25
update state
cunla 20080d3
Merge branch 'main' into tf-modules
cunla File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
35 changes: 16 additions & 19 deletions
35
.github/workflows/apply.yml → .github/workflows/members-apply.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,54 +1,51 @@ | ||
| name: "Apply org changes" | ||
| name: "Apply org membership changes" | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| paths: | ||
| - 'terraform/production/*.tfvars' | ||
| - 'terraform/*.tf' | ||
| - '.github/workflows/apply.yml' | ||
| - '.github/workflows/plan.yml' | ||
| - 'terraform/org.tfvars' | ||
| - 'terraform/members/*.tf' | ||
| - '.github/workflows/members-apply.yml' | ||
| - '.github/workflows/members-plan.yml' | ||
|
|
||
| concurrency: | ||
| group: terraform-actions | ||
| group: terraform-actions-members | ||
|
|
||
| jobs: | ||
| apply-changes: | ||
| name: "Org changes apply" | ||
| org-apply-changes: | ||
| name: "Apply org membership changes" | ||
| runs-on: ubuntu-latest | ||
|
|
||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
|
|
||
| timeout-minutes: 10 | ||
|
|
||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v6.0.1 | ||
| uses: actions/checkout@v6 # zizmor: ignore[unpinned-uses] | ||
| with: | ||
| persist-credentials: false | ||
| - name: terraform apply | ||
| # v1.44.0 | ||
| uses: dflook/terraform-apply@5489b988934a50bf1489d5b7c5253b46520a7dca | ||
| uses: dflook/terraform-apply@8f47d0ad9f3cb9e50fd6b3595c0cb98f00c518df # v2.2.2 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| TERRAFORM_ACTIONS_GITHUB_TOKEN: ${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }} | ||
| with: | ||
| path: "terraform" | ||
| auto_approve: true | ||
| path: "terraform/members" | ||
| label: 'members' | ||
| variables: | | ||
| github_token = "${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }}" | ||
| var_file: | | ||
| terraform/production/org.tfvars | ||
| terraform/production/repositories.tfvars | ||
| terraform/org.tfvars | ||
|
|
||
| - name: Commit changes | ||
| if: ${{ always() }} | ||
| # v0.10.0 | ||
| uses: devops-infra/action-commit-push@8a2d9d73c3f506468129be2e4409e60dbed70357 | ||
| uses: devops-infra/action-commit-push@8a2d9d73c3f506468129be2e4409e60dbed70357 # v1.0.3 | ||
| with: | ||
| github_token: ${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }} | ||
| commit_prefix: "[AUTO]" | ||
| commit_message: "State changes after apply" | ||
| commit_message: "Members state changes after apply" | ||
| force: false | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| name: "Apply org repositories changes" | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| paths: | ||
| - 'terraform/repositories.tfvars' | ||
| - 'terraform/repositories/*.tf' | ||
| - '.github/workflows/repos-apply.yml' | ||
| - '.github/workflows/repos-plan.yml' | ||
|
|
||
| concurrency: | ||
| group: terraform-actions-repos | ||
|
|
||
| jobs: | ||
| repos-apply-changes: | ||
cunla marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| name: "Apply org-repositories changes" | ||
| runs-on: ubuntu-latest | ||
|
|
||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
| timeout-minutes: 10 | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v6 # zizmor: ignore[unpinned-uses] | ||
| with: | ||
| persist-credentials: false | ||
| - name: terraform apply | ||
| uses: dflook/terraform-apply@8f47d0ad9f3cb9e50fd6b3595c0cb98f00c518df # v2.2.2 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| TERRAFORM_ACTIONS_GITHUB_TOKEN: ${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }} | ||
| with: | ||
| auto_approve: true | ||
| path: "terraform/repositories" | ||
| label: 'repositories' | ||
| variables: | | ||
| github_token = "${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }}" | ||
| var_file: | | ||
| terraform/repositories.tfvars | ||
|
|
||
| - name: Commit changes | ||
| if: ${{ always() }} | ||
| uses: devops-infra/action-commit-push@8a2d9d73c3f506468129be2e4409e60dbed70357 # v1.0.3 | ||
| with: | ||
| github_token: ${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }} | ||
| commit_prefix: "[AUTO]" | ||
| commit_message: "Repositories state changes after apply" | ||
| force: false | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| name: "Plan org repositories changes and list them in a PR" | ||
| on: | ||
| pull_request: | ||
| branches: | ||
| - main | ||
| paths: | ||
| - 'terraform/repositories.tfvars' | ||
| - 'terraform/repositories/*.tf' | ||
| - '.github/workflows/repos-apply.yml' | ||
| # Do not trigger the plan action when it's been changed since this action has write permissions | ||
|
|
||
| concurrency: | ||
| group: terraform-actions-repos | ||
|
|
||
| jobs: | ||
| format-terraform-code: | ||
| name: "Check Terraform code formatting" | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
| timeout-minutes: 4 | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v6 # zizmor: ignore[unpinned-uses] | ||
| with: | ||
| persist-credentials: false | ||
|
|
||
| - name: terraform fmt check | ||
| uses: dflook/terraform-fmt-check@10eaa13fa61437aa51be2d12fafe95f152e3512d # v2.2.2 | ||
| with: | ||
| path: "terraform/repositories" | ||
|
|
||
| repos-plan-changes: | ||
cunla marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| name: "Plan org-repositories changes and list them in a PR" | ||
| runs-on: ubuntu-latest | ||
| needs: ["format-terraform-code"] | ||
| permissions: | ||
| pull-requests: write | ||
| contents: read | ||
| timeout-minutes: 10 | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v6 # zizmor: ignore[unpinned-uses] | ||
| with: | ||
| persist-credentials: false | ||
|
|
||
| - name: terraform plan | ||
| uses: dflook/terraform-plan@dc251c444763eed5defd065b866874b6343017ca # v2.2.2 | ||
| env: | ||
| TERRAFORM_ACTIONS_GITHUB_TOKEN: ${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }} | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| add_github_comment: true | ||
| path: "terraform/repositories" | ||
| label: 'repos' | ||
| variables: | | ||
| github_token = "${{ secrets.TERRAFORM_MANAGEMENT_GITHUB_TOKEN }}" | ||
| var_file: | | ||
| terraform/repositories.tfvars | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,6 @@ | ||
| *.backup | ||
| notes.txt | ||
| .terraform | ||
| .terraform.lock.hcl | ||
| .idea | ||
| .dflook-terraform-github-actions | ||
| tags |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.