Skip to content

ci-scripted

ci-scripted #1280

Workflow file for this run

on:
pull_request:
branches: [ main ]
paths-ignore:
- '**/README.md'
- '**/LICENSE'
- 'visuals/**'
schedule:
- cron: '0 2 * * Thu,Sat'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
inputs:
upgrade_provider_versions:
description: 'Upgrade Terraform provider versions'
required: false
type: boolean
default: false
upgrade_terraform_version:
description: 'Upgrade Terraform version'
required: false
type: boolean
default: false
upgrade_azure_cli:
description: 'Upgrade Azure CLI to latest version'
required: false
type: boolean
default: false
destroy:
description: 'Destroy Infrastucture'
required: false
type: boolean
default: true
workspace:
type: choice
required: true
description: 'Terraform Workspace'
default: ci
options:
- ci
- ci1
- ci2
- ci3
env:
ARM_SAS_TOKEN: ${{ secrets.ARM_SAS_TOKEN }}
TF_IN_AUTOMATION: true
TF_INPUT: 0
TF_STATE_backend_storage_container: ${{ secrets.TF_STATE_BACKEND_STORAGE_CONTAINER }}
TF_STATE_backend_storage_account: ${{ secrets.TF_STATE_BACKEND_STORAGE_ACCOUNT }}
TF_STATE_backend_resource_group: ${{ secrets.TF_STATE_BACKEND_RESOURCE_GROUP }}
TF_VAR_backup_container_sleep_minutes: 20
TF_VAR_location: ${{ secrets.TF_VAR_LOCATION }}
TF_WORKSPACE: ${{ github.event.inputs.workspace || 'ci' }}
name: ci-scripted
jobs:
prepare:
name: Prepare strategy
defaults:
run:
working-directory: scripts
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v2
- name: Print environment variables
run: |
Get-ChildItem -Path Env: -Recurse -Include ARM_*,AZURE_*,GITHUB_*,INPUT_*,TF_* | Sort-Object -Property Name
shell: pwsh
- name: Create matrix
id: create-matrix
run: |
ConvertTo-SecureString -AsPlainText -String '${{ secrets.GITHUB_TOKEN }}' | Set-Variable gitHubToken
./create_workflow_strategy.ps1 -GitHubToken $gitHubToken `
-DestroyInput "${{ github.event.inputs.destroy }}" `
-UseLatestAzureCLIVersionInput "${{ github.event.inputs.upgrade_azure_cli }}" `
-UseLatestTerraformProviderVersionsInput "${{ github.event.inputs.upgrade_provider_versions }}" `
-UseLatestTerraformVersionInput "${{ github.event.inputs.upgrade_terraform_version }}"
shell: pwsh
- name: Install json2yaml
run: |
sudo npm install -g json2yaml
- name: Display matrix
run: |
$matrixJSON = '${{ steps.create-matrix.outputs.matrix }}'
$matrixJSON
$matrixJSON | jq
$matrixJSON | ConvertFrom-Json
$matrixJSON | json2yaml
shell: pwsh
outputs:
matrix: ${{ steps.create-matrix.outputs.matrix }}
terraform_preferred_version: ${{ steps.terraform-version-check.outputs.terraform_preferred_version }}
terraform_latest_version: ${{ steps.terraform-version-check.outputs.terraform_latest_version }}
integrated:
needs: prepare
defaults:
run:
working-directory: scripts
strategy:
fail-fast: false
max-parallel: 1
matrix: ${{ fromJson(needs.prepare.outputs.matrix) }}
name: Pin providers = ${{ matrix.pin_provider_versions }} - Terraform ${{ matrix.terraform_version }} - az ${{ matrix.azure_cli_version }}
runs-on: ${{ matrix.os }}
steps:
- name: Checkout source
uses: actions/checkout@v2
- name: Dump strategy context
env:
MATRIX_CONTEXT: ${{ toJSON(matrix) }}
STRATEGY_CONTEXT: ${{ toJSON(strategy) }}
run: |
Write-Host "Strategy context:"
$env:STRATEGY_CONTEXT | ConvertFrom-Json | Format-List
Write-Host "Matrix context:"
$env:MATRIX_CONTEXT | ConvertFrom-Json | Format-List
shell: pwsh
- name: Upgrade Azure CLI
id: az-upgrade
if: ${{ matrix.upgrade_azure_cli }}
run: |
# sudo az upgrade -y # not reliable
curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/azure-cli.list
sudo apt-get update
$packageName = ($(apt-cache show azure-cli | Select-String 'Version: ${{ matrix.azure_cli_version }}.*$') -split ' ' | Select-Object -Last 1)
Write-Host "`nAzure CLI package: $packageName"
if ($packageName) {
sudo apt-get install --allow-downgrades azure-cli=$packageName
} else {
Write-Host "Azure CLI version ${{ matrix.azure_cli_version }} not found"
}
az -v
continue-on-error: true
shell: pwsh
- name: Use Azure CLI
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
enable-AzPSSession: false
- name: Show Azure CLI version
run: |
az -v
- name: Use Terraform
uses: hashicorp/setup-terraform@v1
with:
terraform_version: ${{matrix.terraform_version}}
terraform_wrapper: false
- name: Show Terraform version
run: |
terraform -v
- name: Unpin Terraform provider versions
id: terraform-version-check
if: ${{ !matrix.pin_provider_versions }}
run: |
Set-Location (Join-Path $env:GITHUB_WORKSPACE terraform) # Task does not support 'working-directory' property
(Get-Content ./provider.tf) -replace " = `" *= +",' = "~> ' | Out-File provider.tf
Get-Content ./provider.tf
if (Test-Path .terraform.lock.hcl) {
Remove-Item .terraform.lock.hcl -Force
}
shell: pwsh
- name: Prepare environment variables
env:
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
ENVIRONMENT_VARIABLES: ${{ secrets.ENVIRONMENT_VARIABLES }}
run: |
# Parse Azure secret into Terraform variables
$servicePrincipal = ($env:AZURE_CREDENTIALS | ConvertFrom-Json)
$env:ARM_CLIENT_ID = $servicePrincipal.clientId
$env:ARM_CLIENT_SECRET = $servicePrincipal.clientSecret
$env:ARM_SUBSCRIPTION_ID = $servicePrincipal.subscriptionId
$env:ARM_TENANT_ID = $servicePrincipal.tenantId
$env:TF_VAR_run_id=$env:GITHUB_RUN_ID
# We may not be able to create a Service Principal with a Service Principal, reuse Terraform SP for Logic App:
$env:TF_VAR_workflow_sp_application_id = $servicePrincipal.clientId
$env:TF_VAR_workflow_sp_application_secret = $servicePrincipal.clientSecret
$env:TF_VAR_workflow_sp_object_id = $servicePrincipal.objectId
# Save environment variable setup for subsequent steps
Get-ChildItem -Path Env: -Recurse -Include ARM_*,TF_VAR_* | ForEach-Object {Write-Output "$($_.Name)=$($_.Value)"} >> $env:GITHUB_ENV
shell: pwsh
- name: Show environment variables
run: |
Write-Host "Environment (sorted):"
Get-ChildItem -Path Env: -Recurse -Include ARM_*,AZURE_*,GITHUB_*,INPUT_*,TF_* | Sort-Object -Property Name
Write-Host "Environment (unsorted):"
Get-ChildItem -Path Env: -Recurse -Include ARM_*,AZURE_*,GITHUB_*,INPUT_*,TF_*
shell: pwsh
- name: Terraform Init & Plan
run: ./deploy.ps1 -Init -Plan
shell: pwsh
- name: Use Node.js
if: ${{ matrix.terraform_apply }}
uses: actions/setup-node@v1
- name: Install Azure Functions Core Tools
if: ${{ matrix.terraform_apply }}
run:
npm i -g azure-functions-core-tools@3 --unsafe-perm true
- name: Terraform Apply
id: terraform-apply
if: ${{ matrix.terraform_apply }}
run: ./deploy.ps1 -Apply -Force -NoCode
shell: pwsh
- name: Deploy Azure Function
if: ${{ matrix.terraform_apply }}
run: ./deploy_functions.ps1
shell: pwsh
- name: Test connection to Minecraft Server
if: ${{ matrix.terraform_apply }}
run: |
Set-Location (Join-Path $env:GITHUB_WORKSPACE terraform) # Task does not support 'working-directory' property
$minecraftConfig = (terraform output -json minecraft_java | ConvertFrom-Json -AsHashtable)
foreach ($minecraftConfigName in $minecraftConfig.Keys) {
Write-Host "Processing configuration '{$minecraftConfigName}''..."
$containerGroupID = $minecraftConfig[$minecraftConfigName].container_group_id
$serverFQDN = $minecraftConfig[$minecraftConfigName].minecraft_server_fqdn
$serverPort = $minecraftConfig[$minecraftConfigName].minecraft_server_port
# Wait for Minecraft socket to open
$connectionAttempts = 0
do {
Start-Sleep -Seconds 10
Write-Host "Pinging ${serverFQDN} on port ${serverPort}..."
try {
$connectionAttempts++
$mineCraftConnection = New-Object System.Net.Sockets.TcpClient($serverFQDN, $serverPort) -ErrorAction SilentlyContinue
} catch [System.Management.Automation.MethodInvocationException] {
Write-Warning $_
}
} while ((!$mineCraftConnection || !$mineCraftConnection.Connected) -and ($connectionAttempts -le 10))
if ($mineCraftConnection.Connected) {
Write-Host "Connected to ${serverFQDN}:${serverPort}"
$mineCraftConnection.Close()
} else {
Write-Warning "Could not connect to ${serverFQDN}:${serverPort}!"
}
# BUG: https://github.com/Azure/azure-cli/issues/19475
if ([version]$(az version --query '\"azure-cli\"' -o tsv) -ge [version]"2.29") {
# BUG: https://github.com/Azure/azure-cli/issues/13352
# No tty / ioctl device
# az container exec --ids $containerGroupID --exec-command "/health.sh" --container-name minecraft
script --return --quiet -c "az container exec --ids $containerGroupID --exec-command '/health.sh' --container-name minecraft" /dev/null
az container show --ids $containerGroupID --query instanceView
az container logs --ids $containerGroupID
}
}
shell: pwsh
- name: Remove backup items & resource locks
if: ${{ matrix.destroy }}
run: |
. (Join-Path $env:GITHUB_WORKSPACE scripts functions.ps1)
TearDown-Resources -Backups -Locks
shell: pwsh
- name: Terraform Destroy
if: ${{ matrix.destroy }}
run: ./deploy.ps1 -Destroy -Force
shell: pwsh
continue-on-error: ${{ matrix.ignore_destroy_failure }}
- name: Upload artifacts
uses: actions/upload-artifact@v2
if: ${{ matrix.terraform_apply }}
with:
name: terraform
path: 'terraform'
- name: Teardown
if: ${{ matrix.destroy || failure() }}
run: ./deploy.ps1 -Init -Teardown
shell: pwsh