Skip to content

Commit

Permalink
Add new github action to plan for all modules
Browse files Browse the repository at this point in the history
  • Loading branch information
@bryan-robitaille
bryan-robitaille committed Jul 10, 2023
1 parent 8af68d9 commit 17ed50c
Showing 1 changed file with 214 additions and 0 deletions.
214 changes: 214 additions & 0 deletions .github/workflows/terragrunt-plan-all-staging.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,214 @@
name: "Terragrunt plan all modules STAGING"

on:
workflow_dispatch:

env:
APP_ENV: staging
APP_DOMAIN: ${{ vars.STAGING_APP_DOMAIN }}
AWS_ACCOUNT_ID: ${{ vars.STAGING_AWS_ACCOUNT_ID }}
AWS_REGION: ca-central-1
AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }}
CONFTEST_VERSION: 0.27.0
TERRAFORM_VERSION: 1.5.0
TERRAGRUNT_VERSION: 0.46.3
TF_INPUT: false
TF_VAR_ecs_secret_token_secret: ${{ secrets.STAGING_TOKEN_SECRET }}
TF_VAR_google_client_id: ${{ secrets.STAGING_GOOGLE_CLIENT_ID}}
TF_VAR_google_client_secret: ${{secrets.STAGING_GOOGLE_CLIENT_SECRET}}
TF_VAR_recaptcha_secret: ${{secrets.STAGING_RECAPTCHA_SITE_SECRET}}
TF_VAR_recaptcha_public: 6LfJDN4eAAAAAGvdRF7ZnQ7ciqdo1RQnQDFmh0VY
TF_VAR_notify_api_key: ${{ secrets.STAGING_NOTIFY_API_KEY }}
TF_VAR_cognito_notify_api_key: ${{ secrets.STAGING_NOTIFY_API_KEY }}
TF_VAR_rds_db_password: ${{ secrets.STAGING_DB_PASSWORD }}
TF_VAR_slack_webhook: ${{ secrets.STAGING_SLACK_WEBHOOK }}
TF_VAR_gc_notify_callback_bearer_token: ${{ secrets.STAGING_GC_NOTIFY_CALLBACK_BEARER_TOKEN }}
TF_VAR_gc_temp_token_template_id: b6885d06-d10a-422a-973f-05e274d9aa86
TF_VAR_gc_template_id: 8d597a1b-a1d6-4e3c-8421-042a2b4158b7
TF_VAR_cognito_code_template_id: 12a18f84-062c-4a67-8310-bf114af051ea
TF_VAR_email_address_contact_us: ${{ vars.STAGING_CONTACT_US_EMAIL }}
TF_VAR_email_address_support: ${{ vars.STAGING_SUPPORT_EMAIL }}
jobs:
terragrunt-plan:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0

- name: Setup Terraform
uses: hashicorp/setup-terraform@ed3a0531877aca392eb870f440d9ae7aba83a6bd # v1.4.0
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
terraform_wrapper: false

- name: Setup Terragrunt
run: |
mkdir bin
wget -O bin/terragrunt https://github.com/gruntwork-io/terragrunt/releases/download/v$TERRAGRUNT_VERSION/terragrunt_linux_amd64
chmod +x bin/*
echo "$GITHUB_WORKSPACE/bin" >> $GITHUB_PATH
- name: Install Conftest
run: |
wget "https://github.com/open-policy-agent/conftest/releases/download/v${{ env.CONFTEST_VERSION }}/conftest_${{ env.CONFTEST_VERSION }}_Linux_x86_64.tar.gz" \
&& wget "https://github.com/open-policy-agent/conftest/releases/download/v${{ env.CONFTEST_VERSION }}/checksums.txt" \
&& grep 'Linux_x86_64.tar.gz' < checksums.txt | sha256sum --check --status \
&& tar -zxvf "conftest_${{ env.CONFTEST_VERSION }}_Linux_x86_64.tar.gz" conftest \
&& mv conftest /usr/local/bin \
&& rm "conftest_${{ env.CONFTEST_VERSION }}_Linux_x86_64.tar.gz" checksums.txt
# No dependencies
- name: Terragrunt plan ecr
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/ecr"
comment-delete: "true"
comment-title: "Staging: ecr"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan hosted_zone
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/hosted_zone"
comment-delete: "true"
comment-title: "Staging: hosted_zone"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan kms
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/kms"
comment-delete: "true"
comment-title: "Staging: kms"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan sqs
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/sqs"
comment-delete: "true"
comment-title: "Staging: sqs"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan sns
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/sns"
comment-delete: "true"
comment-title: "Staging: sns"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Install Cognito Lambda deps
run: ./aws/cognito/lambda/deps.sh install

- name: Terragrunt plan cognito
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/cognito"
comment-delete: "true"
comment-title: "Staging: cognito"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Remove Cognito Lambda deps
run: ./aws/cognito/lambda/deps.sh delete

# Depends on kms
- name: Terragrunt plan network
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/network"
comment-delete: "true"
comment-title: "Staging: network"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan dynamodb
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/dynamodb"
comment-delete: "true"
comment-title: "Staging: dynamodb"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

# Depends on network
- name: Terragrunt plan load_balancer
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/load_balancer"
comment-delete: "true"
comment-title: "Staging: load_balancer"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan redis
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/redis"
comment-delete: "true"
comment-title: "Staging: redis"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan rds
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/rds"
comment-delete: "true"
comment-title: "Staging: rds"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

# Depends on everything
- name: Install Lambda deps
run: ./aws/app/lambda/deps.sh install

- name: Terragrunt plan app
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/app"
comment-delete: "true"
comment-title: "Staging: app"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Remove Lambda deps
run: ./aws/app/lambda/deps.sh delete

- name: Terragrunt plan alarms
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/alarms"
comment-delete: "true"
comment-title: "Staging: alarms"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Build Load Testing Lambda Container
working-directory: aws/load_testing/lambda
run: docker build -t load_testing_lambda:latest .

- name: Terragrunt plan load_testing
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/load_testing"
comment-delete: "true"
comment-title: "Staging: load_testing"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

- name: Terragrunt plan pr_review
uses: cds-snc/terraform-plan@8be66db9c815352044405fd33120b91918bf1f2e # tag=v2.3.1
with:
directory: "env/cloud/pr_review"
comment-delete: "true"
comment-title: "Staging: pr_review"
github-token: "${{ secrets.GITHUB_TOKEN }}"
terragrunt: "true"

0 comments on commit 17ed50c

Please sign in to comment.