Skip to content

Terraform V2 Batch #179827

Terraform V2 Batch

Terraform V2 Batch #179827

name: Terraform V2 Batch
on: workflow_dispatch
env:
TF_VERSION: 1.1.4
KEYCLOAK_V2_DEV_URL: https://dev.sandbox.loginproxy.gov.bc.ca
KEYCLOAK_V2_TEST_URL: https://test.sandbox.loginproxy.gov.bc.ca
KEYCLOAK_V2_PROD_URL: https://sandbox.loginproxy.gov.bc.ca
jobs:
terraform:
runs-on: ubuntu-22.04
timeout-minutes: 30
env:
API_URL: ${{ secrets.WEBAPP_API_URL }}
steps:
- uses: hmarr/debug-action@v2
- name: Wake Up API
uses: fjogeleit/http-request-action@master
with:
url: ${{ env.API_URL }}/heartbeat
method: GET
customHeaders: '{"Authorization": "${{ secrets.GH_SECRET }}"}'
timeout: '60000'
continue-on-error: true
- name: Fetch Requests Count
id: requests
uses: fjogeleit/http-request-action@master
with:
url: ${{ env.API_URL }}/batch/items/gold
method: GET
customHeaders: '{"Authorization": "${{ secrets.GH_SECRET }}"}'
timeout: '60000'
- name: Get Requests Count
id: count
run: |
count=$(jq length <<< ${{ steps.requests.outputs.response }})
echo "$count"
echo "count=$count" >> $GITHUB_OUTPUT
- name: Checkout Terraform Modules
if: steps.count.outputs.count != '0'
uses: actions/checkout@v3
with:
repository: bcgov/sso-terraform-modules
ref: dev
- id: tf-modules
if: steps.count.outputs.count != '0'
name: Get Terraform Modules Latest SHA
run: echo "latest-sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
shell: bash
- uses: actions/checkout@v2
- name: Pull the main branch again
if: steps.count.outputs.count != '0'
run: |
git pull origin main --rebase
- name: Setup Terraform
if: steps.count.outputs.count != '0'
id: tf
uses: bcgov/sso-requests-actions/actions/[email protected]
with:
context: ./terraform-v2
tf-version: ${{ env.TF_VERSION }}
tf-s3-bucket: xgr00q-dev-keycloak
tf-s3-bucket-key: keycloak/gold
tf-s3-dynamodb-table: xgr00q-dev-state-locking
tf-s3-access-key: ${{ secrets.TF_S3_ACCESS_KEY }}
tf-s3-secret-key: ${{ secrets.TF_S3_SECRET_KEY }}
tf-s3-role-arn: ${{ secrets.TF_S3_ROLE_ARN }}
kc-provider-version: 3.10.0
kc-dev-url: ${{ env.KEYCLOAK_V2_DEV_URL }}
kc-test-url: ${{ env.KEYCLOAK_V2_TEST_URL }}
kc-prod-url: ${{ env.KEYCLOAK_V2_PROD_URL }}
kc-dev-secret: ${{ secrets.KEYCLOAK_V2_DEV_CLIENT_SECRET }}
kc-test-secret: ${{ secrets.KEYCLOAK_V2_TEST_CLIENT_SECRET }}
kc-prod-secret: ${{ secrets.KEYCLOAK_V2_PROD_CLIENT_SECRET }}
test-siteminder-signing-certificate: ${{ secrets.TEST_SITEMINDER_SIGNING_CERTIFICATE }}
prod-siteminder-signing-certificate: ${{ secrets.PROD_SITEMINDER_SIGNING_CERTIFICATE }}
dev-github-client-id: ${{ secrets.DEV_GITHUB_CLIENT_ID }}
dev-github-client-secret: ${{ secrets.DEV_GITHUB_CLIENT_SECRET }}
test-github-client-id: ${{ secrets.TEST_GITHUB_CLIENT_ID }}
test-github-client-secret: ${{ secrets.TEST_GITHUB_CLIENT_SECRET }}
prod-github-client-id: ${{ secrets.PROD_GITHUB_CLIENT_ID }}
prod-github-client-secret: ${{ secrets.PROD_GITHUB_CLIENT_SECRET }}
dev-azureidir-client-id: ${{ secrets.DEV_AZUREIDIR_CLIENT_ID }}
dev-azureidir-client-secret: ${{ secrets.DEV_AZUREIDIR_CLIENT_SECRET }}
test-azureidir-client-id: ${{ secrets.TEST_AZUREIDIR_CLIENT_ID }}
test-azureidir-client-secret: ${{ secrets.TEST_AZUREIDIR_CLIENT_SECRET }}
prod-azureidir-client-id: ${{ secrets.PROD_AZUREIDIR_CLIENT_ID }}
prod-azureidir-client-secret: ${{ secrets.PROD_AZUREIDIR_CLIENT_SECRET }}
dev-digitalcredential-client-id: ${{ secrets.DEV_DIGITALCREDENTIAL_CLIENT_ID }}
dev-digitalcredential-client-secret: ${{ secrets.DEV_DIGITALCREDENTIAL_CLIENT_SECRET }}
test-digitalcredential-client-id: ${{ secrets.TEST_DIGITALCREDENTIAL_CLIENT_ID }}
test-digitalcredential-client-secret: ${{ secrets.TEST_DIGITALCREDENTIAL_CLIENT_SECRET }}
prod-digitalcredential-client-id: ${{ secrets.PROD_DIGITALCREDENTIAL_CLIENT_ID }}
prod-digitalcredential-client-secret: ${{ secrets.PROD_DIGITALCREDENTIAL_CLIENT_SECRET }}
apply: true
tf-modules-cache-key: ${{ steps.tf-modules.outputs.latest-sha }}
continue-on-error: true
- name: Setup NPM Packages
if: steps.count.outputs.count != '0'
uses: bcgov/sso-requests-actions/actions/[email protected]
- name: Update Requests Status
if: steps.count.outputs.count != '0'
uses: fjogeleit/http-request-action@master
with:
url: ${{ env.API_URL }}/batch/items
method: PUT
data: "{\"ids\": ${{ steps.requests.outputs.response }}, \"success\": \"${{ steps.tf.outputs.apply != 'failure' }}\"}"
customHeaders: '{"Authorization": "${{ secrets.GH_SECRET }}"}'
timeout: '60000'
- name: Set Failure Code
if: steps.tf.outputs.init == 'failure' || steps.tf.outputs.apply == 'failure'
run: exit 1