diff --git a/image-pipeline.tf b/image-pipeline.tf
index b200f9b..943e9a6 100644
--- a/image-pipeline.tf
+++ b/image-pipeline.tf
@@ -7,30 +7,6 @@ locals {
]
}
-moved {
- from = module.linux_image_pipeline
- to = module.image_pipeline_repos["linux-image-pipeline"]
-}
-
-moved {
- from = module.win_image_pipeline
- to = module.image_pipeline_repos["windows-image-pipeline"]
-}
-
-moved {
- from = module.goss-testing
- to = module.image_pipeline_repos["image-pipeline-goss-testing"]
-}
-
-moved {
- from = module.image_pipeline_ansible_playbooks
- to = module.image_pipeline_repos["image-pipeline-ansible-playbooks"]
-}
-
-moved {
- from = module.image_pipeline
- to = module.aws_image_pipeline
-}
module "image_pipeline_repos" {
for_each = toset(local.pipeline_repos)
@@ -53,7 +29,7 @@ module "image_pipeline_repos" {
content = templatefile(
"${path.module}/workflows/s3_upload.yaml.tpl",
{
- repo_name = each.value
+ repo_name = each.value,
bucket_name = "image-pipeline-assets"
}
)
@@ -61,6 +37,7 @@ module "image_pipeline_repos" {
]
}
+
# image-pipeline-asset-releases
module "asset_releases" {
source = "git@github.e.it.census.gov:CSVD/terraform-github-repo"
@@ -78,6 +55,7 @@ module "asset_releases" {
pull_request_bypassers = local.pull_request_bypassers
}
+
# image-pipeline
module "aws_image_pipeline" {
source = "git@github.e.it.census.gov:CSVD/terraform-github-repo"
@@ -105,7 +83,8 @@ module "aws_image_pipeline" {
content = templatefile(
"${path.module}/workflows/terraform-plan.yaml.tpl",
{
- repo_name = "aws-image-pipeline"
+ repo_name = "aws-image-pipeline",
+ directory = null
}
)
},
@@ -114,7 +93,44 @@ module "aws_image_pipeline" {
content = templatefile(
"${path.module}/workflows/terraform-apply.yaml.tpl",
{
- repo_name = "aws-image-pipeline"
+ repo_name = "aws-image-pipeline",
+ directory = null
+ }
+ )
+ }
+ ]
+}
+
+
+# image-pipeline
+module "terraform_aws_image_pipeline" {
+ source = "git@github.e.it.census.gov:CSVD/terraform-github-repo"
+ #github_codeowners_team = "CSVD"
+ github_repo_description = "Terraform Module that creates codepipeline and codebuild jobs and other resources for building and deploying images"
+ repo_org = "arnol377"
+ name = "terraform-aws-image-pipeline"
+ github_repo_topics = [
+ "terraform"
+ ]
+ force_name = true
+ create_codeowners = false
+ enforce_prs = true
+ collaborators = local.collaborators
+ pull_request_bypassers = local.pull_request_bypassers
+ vars = [
+ {
+ name = "terraform_version"
+ value = "1.9.1"
+ }
+ ]
+ extra_files = [
+ {
+ path = ".github/workflows/terraform-plan.yaml"
+ content = templatefile(
+ "${path.module}/workflows/terraform-plan.yaml.tpl",
+ {
+ repo_name = "aws-image-pipeline",
+ directory = "./examples"
}
)
}
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..e69de29
diff --git a/workflows/s3_upload.yaml.tpl b/workflows/s3_upload.yaml.tpl
index 6ce63bc..531c9b6 100644
--- a/workflows/s3_upload.yaml.tpl
+++ b/workflows/s3_upload.yaml.tpl
@@ -29,5 +29,5 @@ jobs:
node-version: 16
- run: |
- zip ${repo_name}.zip *
+ zip -r ${repo_name}.zip *
aws s3 cp ${repo_name}.zip s3://${bucket_name}
diff --git a/workflows/terraform-apply.yaml.tpl b/workflows/terraform-apply.yaml.tpl
index dbdf241..c112c78 100644
--- a/workflows/terraform-apply.yaml.tpl
+++ b/workflows/terraform-apply.yaml.tpl
@@ -33,27 +33,41 @@ jobs:
- uses: CSVD/gh-actions-setup-terraform@v2
with:
- terraform_wrapper: false
terraform_version: $${{ vars.terraform_version }}
- name: Terraform Format
id: fmt
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: |
terraform fmt -check
- name: Autoformat Halt
if: env.auto_format == 'true'
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: exit 1
- name: Terraform Init
id: init
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: terraform init -upgrade
- name: Terraform Validate
id: validate
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: terraform validate
- name: Terraform Apply
id: apply
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: terraform apply -auto-approve
continue-on-error: true
diff --git a/workflows/terraform-plan.yaml.tpl b/workflows/terraform-plan.yaml.tpl
index bbf8248..63f91c5 100644
--- a/workflows/terraform-plan.yaml.tpl
+++ b/workflows/terraform-plan.yaml.tpl
@@ -32,27 +32,93 @@ jobs:
- uses: CSVD/gh-actions-setup-terraform@v2
with:
- terraform_wrapper: false
terraform_version: $${{ vars.terraform_version }}
- name: Terraform Format
id: fmt
+ continue-on-error: true
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: |
terraform fmt -check
- - name: Autoformat Halt
- if: env.auto_format == 'true'
- run: exit 1
-
- name: Terraform Init
id: init
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: terraform init -upgrade
- name: Terraform Validate
id: validate
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: terraform validate
- name: Terraform Plan
id: plan
+ %{ if directory != null }
+ working-directory: ${directory}
+ %{ endif }
run: terraform plan
continue-on-error: true
+
+ - uses: actions/github-script@v7
+ if: github.event_name == 'pull_request'
+ env:
+ PLAN: "terraform\n$${{ steps.plan.outputs.stdout }}"
+ with:
+ github-token: $${{ secrets.GH_TOKEN }}
+ script: |
+ // 1. Retrieve existing bot comments for the PR
+ const { data: comments } = await github.rest.issues.listComments({
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ issue_number: context.issue.number,
+ })
+ const botComment = comments.find(comment => {
+ return comment.user.type === 'Bot' && comment.body.includes('Terraform Format and Style')
+ })
+
+ // 2. Prepare format of the comment
+ const output = `#### Terraform Format and Style 🖌\`$${{ steps.fmt.outcome }}\`
+ #### Terraform Initialization ⚙️\`$${{ steps.init.outcome }}\`
+ #### Terraform Validation 🤖\`$${{ steps.validate.outcome }}\`
+ Validation Output
+
+ \`\`\`\n
+ $${{ steps.validate.outputs.stdout }}
+ \`\`\`
+
+ Show Plan
+
+ \`\`\`\n
+ $${process.env.PLAN}
+ \`\`\`
+
+