Skip to content
Pull request checks

[moved to new PR] Add e2e test and other updates #100

Sign in to view logs

[moved to new PR] Add e2e test and other updates

[moved to new PR] Add e2e test and other updates #100

Workflow file for this run

.github/workflows/pull-request.yaml at fde280b
name: Pull request checks
on:
pull_request:
jobs:
configs:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Find all configs
id: find
uses: bendrucker/find-terraform-modules@v1
with:
working-directory: tofu/config
- name: Show all matching configs
shell: bash
run: |
mods=(${{ join(fromJSON(steps.find.outputs.modules), ' ') }})
printf "%s\n" "${mods[@]}"
- name: Find all changed files
id: diff
uses: technote-space/get-diff-action@v6
with:
FORMAT: json
- name: Show changed files
run: |
echo "${{ steps.diff.outputs.diff }}"
- name: Get the modified configs
id: modified
uses: actions/github-script@v7
with:
script: |
const configs = ${{ steps.find.outputs.modules }}
const diff = ${{ steps.diff.outputs.diff }}
const modifiedConfigs = configs.filter(
(config) => {
return !!diff.find(file => new RegExp(`^${config}/.+`).test(file))
}
).map(config => config.replace(/^tofu\/config\//, ''))
core.setOutput('configs', modifiedConfigs)
- name: Show modified configs
run: |
echo "${{ steps.modified.outputs.configs }}"
outputs:
configs: ${{ steps.modified.outputs.configs }}
plan:
uses: ./.github/workflows/plan.yaml
needs: configs
permissions:
contents: read
id-token: write
strategy:
matrix:
config: ${{ fromJson(needs.configs.outputs.configs) }}
with:
environment: development
config: ${{ matrix.config }}
secrets:
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
TF_VAR_APPLY_DATABASE_UPDATES_IMMEDIATELY: ${{ secrets.TF_VAR_APPLY_DATABASE_UPDATES_IMMEDIATELY }}
TF_VAR_DATABASE_SKIP_FINAL_SNAPSHOT: ${{ secrets.TF_VAR_DATABASE_SKIP_FINAL_SNAPSHOT }}
TF_VAR_DELETION_PROTECTION: ${{ secrets.TF_VAR_DELETION_PROTECTION }}
TF_VAR_EXPORT_EXPIRATION: ${{ secrets.TF_VAR_EXPORT_EXPIRATION }}
TF_VAR_KEY_RECOVERY_PERIOD: ${{ secrets.TF_VAR_KEY_RECOVERY_PERIOD }}
TF_VAR_PROGRAM: ${{ secrets.TF_VAR_PROGRAM }}
TF_VAR_REPO_OIDC_ARN: ${{ secrets.TF_VAR_REPO_OIDC_ARN }}
TF_VAR_VPC_CIDR: ${{ secrets.TF_VAR_VPC_CIDR }}
TF_VAR_VPC_PRIVATE_SUBNET_CIDRS: ${{ secrets.TF_VAR_VPC_PRIVATE_SUBNET_CIDRS }}
TF_VAR_VPC_PUBLIC_SUBNET_CIDRS: ${{ secrets.TF_VAR_VPC_PUBLIC_SUBNET_CIDRS }}
comment:
runs-on: ubuntu-latest
needs:
- configs
- plan
permissions:
contents: read
pull-requests: write
strategy:
matrix:
config: ${{ fromJson(needs.configs.outputs.configs) }}
steps:
- name: Download plan file
uses: actions/download-artifact@v4
with:
name: ${{ matrix.config }}-tfplan
- uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
// Retrieve existing bot comments for the pull request.
const { data: comments } = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
})
const botComment = comments.find(comment => {
return comment.user.type === 'Bot' && comment.body.includes('## Plan output for ${{ matrix.config }} config')
})
// Read the contents of the plan.
const fs = require('fs');
const plan = fs.readFileSync('./plan.txt', 'utf8');
// Prepare the format of the comment.
const output = `## Plan output for ${{ matrix.config }} config\n\n\`\`\`\n${plan}\n\`\`\``
// If we have a comment, update it. Otherwise, create a new one.
if (botComment) {
github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: botComment.id,
body: output
})
} else {
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: output
})
}