From 4473c921defe31b212bb9da94af02c618a1c9526 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 17 Apr 2025 23:40:14 -0400 Subject: [PATCH 1/4] dynamic version --- README.md | 6 +++++- requirements.tf | 4 ++++ version.tf | 27 +++++++++++++++++++++++++-- 3 files changed, 34 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 496ad4c..dae40f0 100644 --- a/README.md +++ b/README.md @@ -35,14 +35,16 @@ sys 0m2.015s | [aws](#requirement\_aws) | >= 5.14.0 | | [helm](#requirement\_helm) | >= 2.11.0 | | [kubernetes](#requirement\_kubernetes) | >= 2.23.0 | +| [null](#requirement\_null) | >= 3.2.1 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | 5.88.0 | +| [aws](#provider\_aws) | 5.95.0 | | [helm](#provider\_helm) | 2.17.0 | | [kubernetes](#provider\_kubernetes) | 2.36.0 | +| [null](#provider\_null) | 3.2.3 | ## Modules @@ -60,6 +62,8 @@ sys 0m2.015s | [kubernetes_storage_class.ebs_encrypted](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/storage_class) | resource | | [kubernetes_storage_class.efs_sc](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/storage_class) | resource | | [kubernetes_storage_class.gp3_encrypted](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/storage_class) | resource | +| [null_resource.git_version](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | +| [null_resource.module_name](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [aws_ebs_default_kms_key.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_default_kms_key) | data source | | [aws_kms_key.ebs_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source | diff --git a/requirements.tf b/requirements.tf index ae62e15..32e5c6f 100644 --- a/requirements.tf +++ b/requirements.tf @@ -14,5 +14,9 @@ terraform { source = "hashicorp/kubernetes" version = ">= 2.23.0" } + null = { + source = "hashicorp/null" + version = ">= 3.2.1" + } } } diff --git a/version.tf b/version.tf index 20b62d1..04c448b 100644 --- a/version.tf +++ b/version.tf @@ -1,4 +1,27 @@ +resource "null_resource" "git_version" { + triggers = { + # Force this to run on every apply to get the latest tag value + always_run = timestamp() + } + + provisioner "local-exec" { + command = "git describe --tags --abbrev=0 2>/dev/null || echo 'unknown' > ${path.module}/.git_tag" + on_failure = continue + } +} + +resource "null_resource" "module_name" { + triggers = { + module_path = path.module + } + + provisioner "local-exec" { + command = "basename $(pwd) > ${path.module}/.module_name" + on_failure = continue + } +} + locals { - module_name = "tfmod-eks-configuration" - module_version = "0.1.1" + module_name = fileexists("${path.module}/.module_name") ? trimspace(file("${path.module}/.module_name")) : "tfmod-eks-configuration" + module_version = fileexists("${path.module}/.git_tag") ? trimspace(file("${path.module}/.git_tag")) : "latest" } From 1ead4f1f078f021d3e40bbfe27b4097ab9e0bc46 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Mon, 21 Apr 2025 11:41:57 -0400 Subject: [PATCH 2/4] ensure workflows are current --- terraform-release.yaml | 40 +++++++++++++++++++++++++++++++++++++++ terraform-validate.yaml | 42 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 82 insertions(+) create mode 100644 terraform-release.yaml create mode 100644 terraform-validate.yaml diff --git a/terraform-release.yaml b/terraform-release.yaml new file mode 100644 index 0000000..3f67574 --- /dev/null +++ b/terraform-release.yaml @@ -0,0 +1,40 @@ +name: Terraform Module Release +on: + workflow_dispatch: + pull_request: + types: [closed] + branches: + - main +jobs: + terraform-release: + runs-on: "229685449397" + permissions: + contents: write + + steps: + - name: Checkout code + uses: CSVD/gh-actions-checkout@v4 + + - name: Setup GITHUB Credentials + id: github_credentials + uses: CSVD/gh-auth@main + with: + github_app_pem_file: ${{ secrets.GH_APP_PEM_FILE }} + github_app_installation_id: ${{ vars.GH_APP_INSTALLATION_ID }} + github_app_id: ${{ vars.GH_APP_ID }} + + - name: Setup GitHub CLI + run: | + # Force manual authentication since setup-git might not work with GitHub Enterprise + echo "${{ steps.github_credentials.outputs.github_token }}" > /tmp/token.txt + gh auth login --with-token --hostname "github.e.it.census.gov" < /tmp/token.txt + rm /tmp/token.txt + + # Test GitHub CLI auth status + gh auth status || echo "GitHub CLI authentication failed" + + - name: Run Release Action + uses: CSVD/releaser@main + with: + github-token: ${{ steps.github_credentials.outputs.github_token }} + working-directory: '.' diff --git a/terraform-validate.yaml b/terraform-validate.yaml new file mode 100644 index 0000000..ac349eb --- /dev/null +++ b/terraform-validate.yaml @@ -0,0 +1,42 @@ +name: Terraform Validate +on: + pull_request: + workflow_dispatch: + +jobs: + + terraform-validate: + runs-on: "229685449397" + permissions: + contents: write + steps: + - name: Checkout code + uses: CSVD/gh-actions-checkout@v4 + + - name: Setup Terraform + uses: CSVD/gh-actions-setup-terraform@v2 + with: + terraform_version: '1.10.5' + + - name: Validate Terraform Configuration + id: validate + uses: CSVD/terraform-validate@main + + - name: Check Validation/Test Results + if: always() + run: | + # Set default values if outputs are empty + IS_VALID="${{ steps.validate.outputs.is_valid }}" + TESTS_PASSED="${{ steps.validate.outputs.tests_passed }}" + + # If outputs are empty, set them to false + [ -z "$IS_VALID" ] && IS_VALID="false" + [ -z "$TESTS_PASSED" ] && TESTS_PASSED="false" + + if [[ "$IS_VALID" != "true" || "$TESTS_PASSED" != "true" ]]; then + echo "Validation or test errors found:" + echo "${{ steps.validate.outputs.stderr }}" + exit 1 + else + echo "All validations and tests passed successfully!" + fi From 8fb703e2364a418620f8d5e39ae629e05ca9427f Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Mon, 21 Apr 2025 15:42:35 -0400 Subject: [PATCH 3/4] ensure workflows are current --- .github/workflows/terraform-release.yaml | 6 ++-- .github/workflows/terraform-validate.yaml | 2 +- terraform-release.yaml | 40 --------------------- terraform-validate.yaml | 42 ----------------------- 4 files changed, 4 insertions(+), 86 deletions(-) delete mode 100644 terraform-release.yaml delete mode 100644 terraform-validate.yaml diff --git a/.github/workflows/terraform-release.yaml b/.github/workflows/terraform-release.yaml index 04b96db..3f67574 100644 --- a/.github/workflows/terraform-release.yaml +++ b/.github/workflows/terraform-release.yaml @@ -1,4 +1,4 @@ -name: Terraform CI/CD +name: Terraform Module Release on: workflow_dispatch: pull_request: @@ -6,8 +6,8 @@ on: branches: - main jobs: - terraform-ci-cd: - runs-on: 229685449397 + terraform-release: + runs-on: "229685449397" permissions: contents: write diff --git a/.github/workflows/terraform-validate.yaml b/.github/workflows/terraform-validate.yaml index 72829d8..ac349eb 100644 --- a/.github/workflows/terraform-validate.yaml +++ b/.github/workflows/terraform-validate.yaml @@ -16,7 +16,7 @@ jobs: - name: Setup Terraform uses: CSVD/gh-actions-setup-terraform@v2 with: - terraform_version: '1.7.3' + terraform_version: '1.10.5' - name: Validate Terraform Configuration id: validate diff --git a/terraform-release.yaml b/terraform-release.yaml deleted file mode 100644 index 3f67574..0000000 --- a/terraform-release.yaml +++ /dev/null @@ -1,40 +0,0 @@ -name: Terraform Module Release -on: - workflow_dispatch: - pull_request: - types: [closed] - branches: - - main -jobs: - terraform-release: - runs-on: "229685449397" - permissions: - contents: write - - steps: - - name: Checkout code - uses: CSVD/gh-actions-checkout@v4 - - - name: Setup GITHUB Credentials - id: github_credentials - uses: CSVD/gh-auth@main - with: - github_app_pem_file: ${{ secrets.GH_APP_PEM_FILE }} - github_app_installation_id: ${{ vars.GH_APP_INSTALLATION_ID }} - github_app_id: ${{ vars.GH_APP_ID }} - - - name: Setup GitHub CLI - run: | - # Force manual authentication since setup-git might not work with GitHub Enterprise - echo "${{ steps.github_credentials.outputs.github_token }}" > /tmp/token.txt - gh auth login --with-token --hostname "github.e.it.census.gov" < /tmp/token.txt - rm /tmp/token.txt - - # Test GitHub CLI auth status - gh auth status || echo "GitHub CLI authentication failed" - - - name: Run Release Action - uses: CSVD/releaser@main - with: - github-token: ${{ steps.github_credentials.outputs.github_token }} - working-directory: '.' diff --git a/terraform-validate.yaml b/terraform-validate.yaml deleted file mode 100644 index ac349eb..0000000 --- a/terraform-validate.yaml +++ /dev/null @@ -1,42 +0,0 @@ -name: Terraform Validate -on: - pull_request: - workflow_dispatch: - -jobs: - - terraform-validate: - runs-on: "229685449397" - permissions: - contents: write - steps: - - name: Checkout code - uses: CSVD/gh-actions-checkout@v4 - - - name: Setup Terraform - uses: CSVD/gh-actions-setup-terraform@v2 - with: - terraform_version: '1.10.5' - - - name: Validate Terraform Configuration - id: validate - uses: CSVD/terraform-validate@main - - - name: Check Validation/Test Results - if: always() - run: | - # Set default values if outputs are empty - IS_VALID="${{ steps.validate.outputs.is_valid }}" - TESTS_PASSED="${{ steps.validate.outputs.tests_passed }}" - - # If outputs are empty, set them to false - [ -z "$IS_VALID" ] && IS_VALID="false" - [ -z "$TESTS_PASSED" ] && TESTS_PASSED="false" - - if [[ "$IS_VALID" != "true" || "$TESTS_PASSED" != "true" ]]; then - echo "Validation or test errors found:" - echo "${{ steps.validate.outputs.stderr }}" - exit 1 - else - echo "All validations and tests passed successfully!" - fi From 753ae1a29f8a2eea49bfd0ef018c346ed0c744c4 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Tue, 22 Apr 2025 00:04:15 -0400 Subject: [PATCH 4/4] ensure committed --- README.md | 1 - version.tf | 13 +------------ 2 files changed, 1 insertion(+), 13 deletions(-) diff --git a/README.md b/README.md index dae40f0..01fb060 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,6 @@ sys 0m2.015s | [kubernetes_storage_class.efs_sc](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/storage_class) | resource | | [kubernetes_storage_class.gp3_encrypted](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/storage_class) | resource | | [null_resource.git_version](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [null_resource.module_name](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [aws_ebs_default_kms_key.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_default_kms_key) | data source | | [aws_kms_key.ebs_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source | diff --git a/version.tf b/version.tf index 04c448b..77b8249 100644 --- a/version.tf +++ b/version.tf @@ -10,18 +10,7 @@ resource "null_resource" "git_version" { } } -resource "null_resource" "module_name" { - triggers = { - module_path = path.module - } - - provisioner "local-exec" { - command = "basename $(pwd) > ${path.module}/.module_name" - on_failure = continue - } -} - locals { - module_name = fileexists("${path.module}/.module_name") ? trimspace(file("${path.module}/.module_name")) : "tfmod-eks-configuration" + module_name = "tfmod-eks-configuration" module_version = fileexists("${path.module}/.git_tag") ? trimspace(file("${path.module}/.git_tag")) : "latest" }