Build(deps): Bump github.com/aws/aws-sdk-go from 1.44.332 to 1.45.11 #507
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Integration | |
| on: | |
| pull_request: {} | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| id-token: write | |
| jobs: | |
| dependency-review: | |
| name: Dependency Review | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/dependency-review-action@v3 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| qa: | |
| name: QA | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Restore/save Taskfile cache | |
| uses: actions/cache@v3 | |
| with: | |
| key: ${{ runner.os }}-taskfile | |
| path: | | |
| ~/.task | |
| ~/bin | |
| ~/build | |
| ~/cover.out | |
| ~/cover.html | |
| - uses: actions/setup-go@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| go-version-file: go.mod | |
| - uses: arduino/setup-task@v1 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| version: 3.x | |
| - name: Pre-build optimization | |
| run: task prebuild-lambda | |
| - name: Check Formatting | |
| run: test -z "$(go fmt ./...)" || echo "Formatting check failed." | |
| - name: Test | |
| run: task test | |
| - name: Vet | |
| run: go vet ./... | |
| - name: Lint | |
| uses: dominikh/[email protected] | |
| with: | |
| install-go: false | |
| - name: Build Lambdas | |
| run: task build | |
| - name: Build CLI | |
| run: task build-cli | |
| tflint: | |
| name: Lint terraform | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| name: Checkout source code | |
| - uses: actions/cache@v3 | |
| name: Cache plugin dir | |
| with: | |
| path: ~/.tflint.d/plugins | |
| key: ${{ runner.os }}-tflint-${{ hashFiles('terraform/.tflint.hcl') }} | |
| - uses: terraform-linters/setup-tflint@v3 | |
| name: Setup TFLint | |
| with: | |
| tflint_version: latest | |
| - name: Show TFLint version | |
| run: tflint --version | |
| - name: Init TFLint | |
| run: tflint --init | |
| working-directory: terraform | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: Run TFLint | |
| run: tflint -f compact --recursive | |
| terraform_validate_plan_report: | |
| name: Validate and plan terraform | |
| runs-on: ubuntu-latest | |
| if: always() | |
| defaults: | |
| run: | |
| working-directory: terraform | |
| env: | |
| TF_PLUGIN_CACHE_DIR: ~/.terraform.d/plugin-cache | |
| TF_VAR_version_identifier: ${{ github.sha }} | |
| TF_VAR_git_commit_sha: ${{ github.sha }} | |
| TF_VAR_datadog_api_key: ${{ secrets.DATADOG_API_KEY }} | |
| TF_VAR_datadog_app_key: ${{ secrets.DATADOG_APP_KEY }} | |
| concurrency: | |
| group: run_terraform-staging | |
| cancel-in-progress: false | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/cache@v3 | |
| with: | |
| key: ${{ runner.os }}-taskfile | |
| path: | | |
| ~/.task | |
| ~/bin | |
| ~/build | |
| ~/terraform/builds | |
| - uses: actions/cache@v3 | |
| with: | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| - name: Setup Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install Taskfile | |
| uses: arduino/setup-task@v1 | |
| with: | |
| version: 3.x | |
| - name: Pre-build optimization | |
| run: task prebuild-lambda | |
| - name: Get project TF version | |
| id: get_version | |
| run: echo "TF_VERSION=$(cat .terraform-version | tr -d '[:space:]')" | tee -a $GITHUB_OUTPUT | |
| - uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: ${{ steps.get_version.outputs.TF_VERSION }} | |
| - name: Ensure Terraform plugin cache exists | |
| run: mkdir -p $TF_PLUGIN_CACHE_DIR | |
| - name: Save/Restore Terraform plugin cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: ${{ env.TF_PLUGIN_CACHE_DIR }} | |
| key: ${{ runner.os }}-terraform-${{ hashFiles('**/.terraform.lock.hcl') }} | |
| restore-keys: | | |
| ${{ runner.os }}-terraform- | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: us-west-2 | |
| role-to-assume: "${{ secrets.CI_ROLE_ARN }}" | |
| - name: Terraform fmt | |
| id: fmt | |
| run: terraform fmt -check -diff -recursive | |
| - name: Ensure Terraform plugin cache still exists | |
| run: mkdir -p $TF_PLUGIN_CACHE_DIR | |
| - name: Terraform Init | |
| id: init | |
| run: terraform init -backend-config="staging.s3.tfbackend" | |
| - name: Terraform Validate | |
| id: validate | |
| run: terraform validate -no-color | |
| - name: Terraform Plan | |
| if: steps.validate.outcome == 'success' | |
| id: plan | |
| run: terraform plan -input=false -no-color -out=tfplan -var-file="staging.tfvars" && terraform show -no-color tfplan | |
| - name: Reformat Plan | |
| if: always() && steps.plan.outcome != 'cancelled' && steps.plan.outcome != 'skipped' | |
| run: | | |
| echo '${{ steps.plan.outputs.stdout || steps.plan.outputs.stderr }}' \ | |
| | sed -E 's/^([[:space:]]+)([-+])/\2\1/g' > plan.txt | |
| PLAN=$(cat plan.txt | head -c 65300) # Observe GitHub's 65535 character limit | |
| echo "PLAN<<EOF" >> $GITHUB_ENV | |
| echo "$PLAN" >> $GITHUB_ENV | |
| echo "EOF" >> $GITHUB_ENV | |
| - name: Write the report markdown file | |
| if: always() | |
| run: | | |
| REPORT_FILE=$(mktemp -t summary.md.XXXXX ) | |
| echo "REPORT_FILE=$REPORT_FILE" >> $GITHUB_ENV | |
| cat >> $REPORT_FILE << 'ENDOFREPORT' | |
| ## Terraform Summary | |
| | Step | Result | | |
| |:-----------------------------|:-------:| | |
| | π Terraform Format & Style | ${{ (steps.fmt.outcome == 'success' && 'β ') || (steps.fmt.outcome == 'skipped' && 'β') || 'β' }} | | |
| | βοΈ Terraform Initialization | ${{ (steps.init.outcome == 'success' && 'β ') || (steps.init.outcome == 'skipped' && 'β') || 'β' }} | | |
| | π€ Terraform Validation | ${{ (steps.validate.outcome == 'success' && 'β ') || (steps.validate.outcome == 'skipped' && 'β') || 'β' }} | | |
| | π Terraform Plan | ${{ (steps.plan.outcome == 'success' && 'β ') || (steps.plan.outcome == 'skipped' && 'β') || 'β' }} | | |
| ### Output | |
| <details> | |
| <summary>Validation Output</summary> | |
| ``` | |
| ${{ steps.validate.outputs.stdout }} | |
| ``` | |
| </details> | |
| <details> | |
| <summary>Plan Output</summary> | |
| ```diff | |
| ${{ env.PLAN }} | |
| ``` | |
| </details> | |
| *Pusher: @${{ github.actor }}, Action: `${{ github.event_name }}`, Workflow: [`${{ github.workflow }}`](${{ github.server_url}}/${{ github.repository }}/actions/runs/${{ github.run_id }})* | |
| ENDOFREPORT | |
| - name: Write the step summary | |
| if: always() | |
| run: | | |
| cat $REPORT_FILE >> $GITHUB_STEP_SUMMARY | |
| CONTENT=$(cat $REPORT_FILE) | |
| echo "REPORT_CONTENT<<ENDOFREPORT" >> $GITHUB_ENV | |
| echo "$CONTENT" >> $GITHUB_ENV | |
| echo "ENDOFREPORT" >> $GITHUB_ENV | |
| - name: Find previous report comment | |
| if: always() | |
| uses: peter-evans/find-comment@v2 | |
| id: fc | |
| with: | |
| issue-number: ${{ github.event.pull_request.number }} | |
| comment-author: 'github-actions[bot]' | |
| body-includes: Terraform Summary | |
| - name: Create or update comment | |
| if: always() | |
| uses: peter-evans/create-or-update-comment@v2 | |
| with: | |
| comment-id: ${{ steps.fc.outputs.comment-id }} | |
| issue-number: ${{ github.event.pull_request.number }} | |
| body: ${{ env.REPORT_CONTENT }} | |
| edit-mode: replace | |
| - name: Print zip md5s | |
| if: always() | |
| run: md5sum builds/* | |
| - name: Print bin md5s | |
| if: always() | |
| run: md5sum ../bin/*/* |