From a469a37573202c1a6697063c236b7476d8bc87a6 Mon Sep 17 00:00:00 2001
From: Igor Rodionov <goruha@gmail.com>
Date: Thu, 29 Aug 2024 16:19:17 +0200
Subject: [PATCH] Fix permissions

---
 .../workflows/shared-terraform-chatops.yml    | 77 +++++++++----------
 1 file changed, 35 insertions(+), 42 deletions(-)

diff --git a/.github/workflows/shared-terraform-chatops.yml b/.github/workflows/shared-terraform-chatops.yml
index 5f8d34c..f718e20 100644
--- a/.github/workflows/shared-terraform-chatops.yml
+++ b/.github/workflows/shared-terraform-chatops.yml
@@ -77,7 +77,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ github.token }}
 
-  run:
+  terratest:
     runs-on: ubuntu-latest
     container: cloudposse/test-harness:latest
     needs: [pr, pending]
@@ -293,47 +293,40 @@ jobs:
             -owner "${{ github.event.repository.owner.login }}"
         env:
           GITHUB_TOKEN: ${{ github.token }}
-#  finalize:
-#    runs-on: ubuntu-latest
-#    needs: [terratest]
-#    if: ${{ always() }}
-#    steps:
-#      - shell: bash
-#        id: status
-#        run: |
-#          if [[ ${{ needs.terratest.result }} == 'success' ]]; then
-#              echo "result=success" >> $GITHUB_OUTPUT
-#          elif [[ ${{ needs.terratest.result }} == 'cancelled' ]]; then
-#            echo "result=failure" >> $GITHUB_OUTPUT
-#          elif [[ ${{ needs.terratest.result }} == 'failure' ]]; then
-#            echo "result=failure" >> $GITHUB_OUTPUT
-#          elif [[ ${{ needs.terratest.result }} == 'skipped' ]]; then
-#            echo "result=failure" >> $GITHUB_OUTPUT
-#          else
-#              echo "Some tests failed"
-#              exit 1
-#          fi
-#
-#      - name: "Update GitHub Status for pending"
-#        uses: docker://cloudposse/github-status-updater
-#        with:
-#          args: >-
-#            -action update_state
-#            -ref "${{ github.event.client_payload.pull_request.head.sha }}"
-#            -repo "${{ github.event.repository.name }}"
-#            -state ${{ steps.status.outputs.result }}
-#            -context "test/terratest"
-#            -description "Tests started by @${{ github.event.client_payload.github.actor }}"
-#            -url "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
-#            -owner "${{ github.event.repository.owner.login }}"
-#        env:
-#          GITHUB_TOKEN: ${{ secrets.github_access_token }}
 
-  terratest:
-    runs-on: ${{ fromJSON(inputs.runs-on) }}
+  finalize:
+    runs-on: ubuntu-latest
+    needs: [terratest]
     if: ${{ always() }}
     steps:
-      - run: |
-          echo '${{ toJSON(needs) }}'  # easier debug
-          ! ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
-    needs: [run]
+      - shell: bash
+        id: status
+        run: |
+          if [[ ${{ needs.terratest.result }} == 'success' ]]; then
+              echo "result=success" >> $GITHUB_OUTPUT
+          elif [[ ${{ needs.terratest.result }} == 'cancelled' ]]; then
+            echo "result=failure" >> $GITHUB_OUTPUT
+          elif [[ ${{ needs.terratest.result }} == 'failure' ]]; then
+            echo "result=failure" >> $GITHUB_OUTPUT
+          elif [[ ${{ needs.terratest.result }} == 'skipped' ]]; then
+            echo "result=failure" >> $GITHUB_OUTPUT
+          else
+              echo "Some tests failed"
+              exit 1
+          fi
+
+      - name: "Update GitHub Status for pending"
+        uses: docker://cloudposse/github-status-updater
+        with:
+          args: >-
+            -action update_state
+            -ref "${{ needs.pr.outputs.head }}"
+            -repo "${{ github.event.repository.name }}"
+            -state ${{ steps.status.outputs.result }}
+            -context "test/terratest"
+            -description "Tests started by @${{ github.actor }}"
+            -url "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+            -owner "${{ github.event.repository.owner.login }}"
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+