diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 8ecabff0e..56d03049b 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -13,6 +13,8 @@ env: permissions: id-token: write contents: read + actions: write + pull-requests: write jobs: test: @@ -25,20 +27,34 @@ jobs: - shell: bash run: | mkdir -p ${{ runner.temp }} - cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml + cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component uses: ./ with: component: "foobar" stack: "plat-ue2-sandbox" atmos-config-path: ${{ runner.temp }} - atmos-version: v1.81.0 + atmos-version: 1.99.0 + skip-checkout: true \ No newline at end of file diff --git a/.github/workflows/test-changes-exists-drift.yml b/.github/workflows/test-changes-exists-drift.yml index 5d9cf8c32..6e5770301 100644 --- a/.github/workflows/test-changes-exists-drift.yml +++ b/.github/workflows/test-changes-exists-drift.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/opentofu/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/opentofu/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current @@ -50,7 +63,8 @@ jobs: sha: ${{ github.sha }} drift-detection-mode-enabled: true atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} diff --git a/.github/workflows/test-changes-exists.yml b/.github/workflows/test-changes-exists.yml index 8279550bb..370cda431 100644 --- a/.github/workflows/test-changes-exists.yml +++ b/.github/workflows/test-changes-exists.yml @@ -30,16 +30,31 @@ jobs: - shell: bash run: | mkdir -p ${{ runner.temp }} - cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml + cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + + cat ${{ runner.temp }}/atmos.yaml + - name: Plan Atmos Component id: current uses: ./ @@ -48,7 +63,8 @@ jobs: stack: "plat-ue2-sandbox" sha: ${{ github.sha }} atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: false outputs: result: ${{ steps.current.outcome }} diff --git a/.github/workflows/test-failed-plan-drift.yml b/.github/workflows/test-failed-plan-drift.yml index a3cf64cc7..1590ce45b 100644 --- a/.github/workflows/test-failed-plan-drift.yml +++ b/.github/workflows/test-failed-plan-drift.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current @@ -50,7 +63,8 @@ jobs: sha: ${{ github.sha }} drift-detection-mode-enabled: true atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} diff --git a/.github/workflows/test-failed-plan.yml b/.github/workflows/test-failed-plan.yml index 05714dffe..54f744d40 100644 --- a/.github/workflows/test-failed-plan.yml +++ b/.github/workflows/test-failed-plan.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current @@ -49,7 +62,8 @@ jobs: stack: "plat-ue2-sandbox" sha: ${{ github.sha }} atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} diff --git a/.github/workflows/test-infra-cost.yml b/.github/workflows/test-infra-cost.yml index db52f05f5..0025da368 100644 --- a/.github/workflows/test-infra-cost.yml +++ b/.github/workflows/test-infra-cost.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#true#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#true#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#true#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current @@ -51,7 +64,8 @@ jobs: infracost-api-key: ${{ secrets.INFRACOST_API_KEY }} debug: true atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} @@ -164,8 +178,6 @@ jobs: ``` - - teardown: runs-on: ubuntu-latest diff --git a/.github/workflows/test-no-changes-drift-more.yml b/.github/workflows/test-no-changes-drift-more.yml index b436a9f43..c06b67e55 100644 --- a/.github/workflows/test-no-changes-drift-more.yml +++ b/.github/workflows/test-no-changes-drift-more.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current uses: ./ @@ -49,7 +62,8 @@ jobs: sha: ${{ github.sha }} drift-detection-mode-enabled: true atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} diff --git a/.github/workflows/test-no-changes.yml b/.github/workflows/test-no-changes.yml index 56bd7064b..30384d860 100644 --- a/.github/workflows/test-no-changes.yml +++ b/.github/workflows/test-no-changes.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current uses: ./ @@ -48,7 +61,8 @@ jobs: stack: "plat-ue2-sandbox" sha: ${{ github.sha }} atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} diff --git a/.github/workflows/test-settings-action-disabled-drift.yml b/.github/workflows/test-settings-action-disabled-drift.yml index be9d6df3d..4a5118e0b 100644 --- a/.github/workflows/test-settings-action-disabled-drift.yml +++ b/.github/workflows/test-settings-action-disabled-drift.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current uses: ./ @@ -49,7 +62,8 @@ jobs: sha: ${{ github.sha }} drift-detection-mode-enabled: true atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} diff --git a/.github/workflows/test-settings-action-disabled.yml b/.github/workflows/test-settings-action-disabled.yml index 6bc59389a..b005408e6 100644 --- a/.github/workflows/test-settings-action-disabled.yml +++ b/.github/workflows/test-settings-action-disabled.yml @@ -31,15 +31,28 @@ jobs: run: | mkdir -p ${{ runner.temp }} cp ./tests/terraform/atmos.yaml ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__INFRACOST_ENABLED__#false#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_REGION__#${{ env.AWS_REGION }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g' ${{ runner.temp }}/atmos.yaml - sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml + sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml sed -i -e 's#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g' ${{ runner.temp }}/atmos.yaml + for file in ./tests/terraform/stacks/catalog/*.yaml; do + if [ -f "$file" ]; then + sed -i -e "s#__INFRACOST_ENABLED__#false#g" "$file" + sed -i -e "s#__STORAGE_REGION__#${{ env.AWS_REGION }}#g" "$file" + sed -i -e "s#__STORAGE_BUCKET__#${{ secrets.TERRAFORM_STATE_BUCKET }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_TABLE__#${{ secrets.TERRAFORM_STATE_TABLE }}#g" "$file" + sed -i -e "s#__STORAGE_ROLE__#${{ secrets.TERRAFORM_STATE_ROLE }}#g" "$file" + sed -i -e "s#__PLAN_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + sed -i -e "s#__APPLY_ROLE__#${{ secrets.TERRAFORM_PLAN_ROLE }}#g" "$file" + fi + done + - name: Plan Atmos Component id: current uses: ./ @@ -48,7 +61,8 @@ jobs: stack: "plat-ue2-sandbox" sha: ${{ github.sha }} atmos-config-path: ${{ runner.temp }} - atmos-version: 1.81.0 + atmos-version: 1.99.0 + skip-checkout: true outputs: result: ${{ steps.current.outcome }} diff --git a/README.md b/README.md index b04ee2241..9ae1766b6 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,19 @@ this action. For more on setting up those components, see the `gitops` component ### Config +> [!IMPORTANT] +> **Please note!** This GitHub Action only works with `atmos >= 1.99.0`. +> If you are using `atmos >= 1.63.0, < 1.99.0` please use `v2` or `v3` version of this action. +> If you are using `atmos < 1.63.0` please use `v1` version of this action. + The action expects the atmos configuration file `atmos.yaml` to be present in the repository. + +The action supports AWS and Azure to store Terraform plan files. +You can read more about plan storage in the [cloudposse/github-action-terraform-plan-storage](https://github.com/cloudposse/github-action-terraform-plan-storage?tab=readme-ov-file#aws-default) documentation. +Depending on the cloud provider, the following fields should be set in the `atmos.yaml`: + +#### AWS + The config should have the following structure: ```yaml @@ -77,11 +89,14 @@ integrations: terraform-version: 1.5.2 infracost-enabled: false artifact-storage: + plan-repository-type: s3 + metadata-repository-type: dynamo region: us-east-2 bucket: cptest-core-ue2-auto-gitops table: cptest-core-ue2-auto-gitops-plan-storage role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-core-ue2-auto-gitops-gha role: + # Set `plan` empty if you don't want to assume IAM role before terraform plan plan: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops apply: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops matrix: @@ -89,8 +104,56 @@ integrations: group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-") ``` +#### Azure + +The config should have the following structure: + +```yaml +integrations: + github: + gitops: + opentofu-version: 1.7.3 + terraform-version: 1.5.2 + infracost-enabled: false + artifact-storage: + plan-repository-type: azureblob + metadata-repository-type: cosmos + blob-account-name: tfplans + blob-container-name: plans + cosmos-container-name: terraform-plan-storage + cosmos-database-name: terraform-plan-storage + cosmos-endpoint: "https://my-cosmo-account.documents.azure.com:443/" + # We remove the `role` section as it is AWS specific + matrix: + sort-by: .stack_slug + group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-") +``` + +### Stack level configuration + > [!IMPORTANT] -> **Please note!** This GitHub Action only works with `atmos >= 1.63.0`. If you are using `atmos < 1.63.0` please use `v1` version of this action. +> Wherever it is possible to specify `integration.github.gitops` on stack level +> it is required to define default values in `atmos.yaml` + +It is possible to override integration settings on a stack level by defining `settings.integrations`. + +```yaml +components: + terraform: + foobar: + settings: + integrations: + github: + gitops: + artifact-storage: + bucket: cptest-plat-ue2-auto-gitops + table: cptest-plat-ue2-auto-gitops-plan-storage + role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-plat-ue2-auto-gitops-gha + role: + # Set `plan` empty if you don't want to assume IAM role before terraform plan + plan: arn:aws:iam::yyyyyyyyyyyy:role/cptest-plat-gbl-identity-gitops + apply: arn:aws:iam::yyyyyyyyyyyy:role/cptest-plat-gbl-identity-gitops +``` ### Support OpenTofu @@ -154,6 +217,28 @@ integrations: atmos-version: 1.81.0 ``` +### Migrating from `v3` to `v4` + +The notable changes in `v4` are: + +- `v4` works only with `atmos >= 1.99.0` +- `v4` support azure plan and metadata storage +- `v4` supports stack level integration gitops settings +- `v4` allow to skip internal checkout with `skip-checkout` input +- `v4` support creating summary comments to PR + +The only required migration step is updating atmos version to `>= 1.99.0` + +### Migrating from `v2` to `v3` + +The notable changes in `v3` are: + +- `v3` use `actions/upload-artifact@v4` to share artifacts so it is not compatible with `cloudposse/github-action-atmos-terraform-drift-detection` `< v2.0.0` +- `v3` support .terraform caching to performance improvment + + +No special migration steps required + ### Migrating from `v1` to `v2` The notable changes in `v2` are: @@ -316,7 +401,7 @@ Which would produce the same behavior as in `v1`, doing this: | Name | Description | Default | Required | |------|-------------|---------|----------| | atmos-config-path | The path to the atmos.yaml file | N/A | true | -| atmos-version | The version of atmos to install | >= 1.63.0 | false | +| atmos-version | The version of atmos to install | >= 1.99.0 | false | | branding-logo-image | Branding logo image url | https://cloudposse.com/logo-300x69.svg | false | | branding-logo-url | Branding logo url | https://cloudposse.com/ | false | | component | The name of the component to plan. | N/A | true | @@ -324,7 +409,9 @@ Which would produce the same behavior as in `v1`, doing this: | drift-detection-mode-enabled | Indicate whether this action is used in drift detection workflow. | false | true | | infracost-api-key | Infracost API key | N/A | false | | metadata-retention-days | Infracost API key | 1 | false | +| pr-comment | Set to 'true' to create a PR comment with the summary of the plan | false | false | | sha | Commit SHA to plan. Default: github.sha | ${{ github.event.pull\_request.head.sha }} | true | +| skip-checkout | Disable actions/checkout. Useful for when the checkout happens in a previous step and file are modified outside of git through other actions | false | false | | stack | The stack name for the given component. | N/A | true | | token | Used to pull node distributions for Atmos from Cloud Posse's GitHub repository. Since there's a default, this is typically not supplied by the user. When running this action on github.com, the default value is sufficient. When running on GHES, you can pass a personal access token for github.com if you are experiencing rate limiting. | ${{ github.server\_url == 'https://github.com' && github.token \|\| '' }} | false | diff --git a/README.yaml b/README.yaml index f5ec6d6fe..860f4bbfa 100644 --- a/README.yaml +++ b/README.yaml @@ -55,7 +55,19 @@ usage: |- ### Config + > [!IMPORTANT] + > **Please note!** This GitHub Action only works with `atmos >= 1.99.0`. + > If you are using `atmos >= 1.63.0, < 1.99.0` please use `v2` or `v3` version of this action. + > If you are using `atmos < 1.63.0` please use `v1` version of this action. + The action expects the atmos configuration file `atmos.yaml` to be present in the repository. + + The action supports AWS and Azure to store Terraform plan files. + You can read more about plan storage in the [cloudposse/github-action-terraform-plan-storage](https://github.com/cloudposse/github-action-terraform-plan-storage?tab=readme-ov-file#aws-default) documentation. + Depending on the cloud provider, the following fields should be set in the `atmos.yaml`: + + #### AWS + The config should have the following structure: ```yaml @@ -66,21 +78,72 @@ usage: |- terraform-version: 1.5.2 infracost-enabled: false artifact-storage: + plan-repository-type: s3 + metadata-repository-type: dynamo region: us-east-2 bucket: cptest-core-ue2-auto-gitops table: cptest-core-ue2-auto-gitops-plan-storage role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-core-ue2-auto-gitops-gha role: + # Set `plan` empty if you don't want to assume IAM role before terraform plan plan: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops apply: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops matrix: sort-by: .stack_slug group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-") ``` + + #### Azure + + The config should have the following structure: + ```yaml + integrations: + github: + gitops: + opentofu-version: 1.7.3 + terraform-version: 1.5.2 + infracost-enabled: false + artifact-storage: + plan-repository-type: azureblob + metadata-repository-type: cosmos + blob-account-name: tfplans + blob-container-name: plans + cosmos-container-name: terraform-plan-storage + cosmos-database-name: terraform-plan-storage + cosmos-endpoint: "https://my-cosmo-account.documents.azure.com:443/" + # We remove the `role` section as it is AWS specific + matrix: + sort-by: .stack_slug + group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-") + ``` + + ### Stack level configuration + > [!IMPORTANT] - > **Please note!** This GitHub Action only works with `atmos >= 1.63.0`. If you are using `atmos < 1.63.0` please use `v1` version of this action. + > Wherever it is possible to specify `integration.github.gitops` on stack level + > it is required to define default values in `atmos.yaml` + It is possible to override integration settings on a stack level by defining `settings.integrations`. + + ```yaml + components: + terraform: + foobar: + settings: + integrations: + github: + gitops: + artifact-storage: + bucket: cptest-plat-ue2-auto-gitops + table: cptest-plat-ue2-auto-gitops-plan-storage + role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-plat-ue2-auto-gitops-gha + role: + # Set `plan` empty if you don't want to assume IAM role before terraform plan + plan: arn:aws:iam::yyyyyyyyyyyy:role/cptest-plat-gbl-identity-gitops + apply: arn:aws:iam::yyyyyyyyyyyy:role/cptest-plat-gbl-identity-gitops + ``` + ### Support OpenTofu This action supports [OpenTofu](https://opentofu.org/). @@ -142,7 +205,29 @@ usage: |- atmos-config-path: ./rootfs/usr/local/etc/atmos/ atmos-version: 1.81.0 ``` + + ### Migrating from `v3` to `v4` + The notable changes in `v4` are: + + - `v4` works only with `atmos >= 1.99.0` + - `v4` support azure plan and metadata storage + - `v4` supports stack level integration gitops settings + - `v4` allow to skip internal checkout with `skip-checkout` input + - `v4` support creating summary comments to PR + + The only required migration step is updating atmos version to `>= 1.99.0` + + ### Migrating from `v2` to `v3` + + The notable changes in `v3` are: + + - `v3` use `actions/upload-artifact@v4` to share artifacts so it is not compatible with `cloudposse/github-action-atmos-terraform-drift-detection` `< v2.0.0` + - `v3` support .terraform caching to performance improvment + + + No special migration steps required + ### Migrating from `v1` to `v2` The notable changes in `v2` are: diff --git a/action.yml b/action.yml index 751f689c7..4110aeb20 100644 --- a/action.yml +++ b/action.yml @@ -22,7 +22,7 @@ inputs: atmos-version: description: The version of atmos to install required: false - default: ">= 1.63.0" + default: ">= 1.99.0" atmos-config-path: description: The path to the atmos.yaml file required: true @@ -51,6 +51,14 @@ inputs: not supplied by the user. When running this action on github.com, the default value is sufficient. When running on GHES, you can pass a personal access token for github.com if you are experiencing rate limiting. default: ${{ github.server_url == 'https://github.com' && github.token || '' }} + skip-checkout: + description: "Disable actions/checkout. Useful for when the checkout happens in a previous step and file are modified outside of git through other actions" + required: false + default: 'false' + pr-comment: + description: "Set to 'true' to create a PR comment with the summary of the plan" + required: false + default: 'false' outputs: summary: description: "Summary" @@ -60,10 +68,11 @@ runs: using: "composite" steps: - name: Checkout + if: ${{ inputs.skip-checkout != 'true' }} uses: actions/checkout@v4 with: ref: ${{ inputs.sha }} - + - name: Set atmos cli config path vars shell: bash run: |- @@ -76,48 +85,9 @@ runs: token: ${{ inputs.token }} install-wrapper: false - - name: config - shell: bash - id: config - run: |- - echo "opentofu-version=$(atmos describe config -f json | jq -r '.integrations.github.gitops["opentofu-version"]')" >> $GITHUB_OUTPUT - echo "terraform-version=$(atmos describe config -f json | jq -r '.integrations.github.gitops["terraform-version"]')" >> $GITHUB_OUTPUT - echo "enable-infracost=$(atmos describe config -f json | jq -r '.integrations.github.gitops["infracost-enabled"]')" >> $GITHUB_OUTPUT - echo "aws-region=$(atmos describe config -f json | jq -r '.integrations.github.gitops["artifact-storage"].region')" >> $GITHUB_OUTPUT - echo "terraform-state-role=$(atmos describe config -f json | jq -r '.integrations.github.gitops["artifact-storage"].role')" >> $GITHUB_OUTPUT - echo "terraform-state-table=$(atmos describe config -f json | jq -r '.integrations.github.gitops["artifact-storage"].table')" >> $GITHUB_OUTPUT - echo "terraform-state-bucket=$(atmos describe config -f json | jq -r '.integrations.github.gitops["artifact-storage"].bucket')" >> $GITHUB_OUTPUT - echo "terraform-plan-role=$(atmos describe config -f json | jq -r '.integrations.github.gitops.role.plan')" >> $GITHUB_OUTPUT - - - name: Install Terraform - if: ${{ steps.config.outputs.terraform-version != '' && steps.config.outputs.terraform-version != 'null' }} - uses: hashicorp/setup-terraform@v3 - with: - terraform_version: ${{ steps.config.outputs.terraform-version }} - terraform_wrapper: false - - - name: Install Dependencies - uses: cloudposse-github-actions/install-gh-releases@v1 - with: - cache: true - config: |- - opentofu/opentofu: - tag: ${{ startsWith(steps.config.outputs.opentofu-version, 'v') && steps.config.outputs.opentofu-version || format('v{0}', steps.config.outputs.opentofu-version) }} - skip: ${{ steps.config.outputs.opentofu-version == '' || steps.config.outputs.opentofu-version == 'null' }} - suzuki-shunsuke/tfcmt: - tag: v4.11.0 - - - name: Configure Plan AWS Credentials - uses: aws-actions/configure-aws-credentials@v4.0.2 - with: - aws-region: ${{ steps.config.outputs.aws-region }} - role-to-assume: ${{ steps.config.outputs.terraform-plan-role }} - role-session-name: "atmos-terraform-plan-gitops" - mask-aws-account-id: "no" - - name: Get atmos settings - uses: cloudposse/github-action-atmos-get-setting@v1 - id: component + id: atmos-settings + uses: cloudposse/github-action-atmos-get-setting@v2 with: settings: | - component: ${{ inputs.component }} @@ -136,31 +106,121 @@ runs: stack: ${{ inputs.stack }} settingsPath: command outputPath: command + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.opentofu-version + outputPath: opentofu-version + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.terraform-version + outputPath: terraform-version + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.infracost-enabled + outputPath: enable-infracost + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.role.plan + outputPath: terraform-plan-role + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.region + outputPath: aws-region + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.role + outputPath: terraform-state-role + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.table + outputPath: terraform-state-table + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.bucket + outputPath: terraform-state-bucket + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.plan-repository-type + outputPath: plan-repository-type + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.blob-account-name + outputPath: blob-account-name + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.blob-container-name + outputPath: blob-container-name + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.metadata-repository-type + outputPath: metadata-repository-type + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.cosmos-container-name + outputPath: cosmos-container-name + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.cosmos-database-name + outputPath: cosmos-database-name + - component: ${{ inputs.component }} + stack: ${{ inputs.stack }} + settingsPath: settings.integrations.github.gitops.artifact-storage.cosmos-endpoint + outputPath: cosmos-endpoint + + - name: Install Terraform + if: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-version != '' && fromJson(steps.atmos-settings.outputs.settings).terraform-version != 'null' }} + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-version }} + terraform_wrapper: false + + - name: Install Dependencies + uses: cloudposse-github-actions/install-gh-releases@v1 + with: + cache: true + config: |- + opentofu/opentofu: + tag: ${{ startsWith(fromJson(steps.atmos-settings.outputs.settings).opentofu-version, 'v') && fromJson(steps.atmos-settings.outputs.settings).opentofu-version || format('v{0}', fromJson(steps.atmos-settings.outputs.settings).opentofu-version) }} + skip: ${{ fromJson(steps.atmos-settings.outputs.settings).opentofu-version == '' || fromJson(steps.atmos-settings.outputs.settings).opentofu-version == 'null' }} + suzuki-shunsuke/tfcmt: + tag: v4.14.0 + + - name: Configure Plan AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + if: ${{ fromJson(steps.atmos-settings.outputs.settings).aws-region != '' && + fromJson(steps.atmos-settings.outputs.settings).aws-region != 'null' && + fromJson(steps.atmos-settings.outputs.settings).terraform-plan-role != '' && + fromJson(steps.atmos-settings.outputs.settings).terraform-plan-role != 'null' }} + with: + aws-region: ${{ fromJson(steps.atmos-settings.outputs.settings).aws-region }} + role-to-assume: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-plan-role }} + role-session-name: "atmos-terraform-plan-gitops" + mask-aws-account-id: "no" - name: Set atmos cli base path vars - if: ${{ fromJson(steps.component.outputs.settings).enabled }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled }} shell: bash run: |- # Set ATMOS_BASE_PATH allow `cloudposse/utils` provider to read atmos config from the correct path - ATMOS_BASE_PATH="${{ fromJson(steps.component.outputs.settings).base-path }}" + ATMOS_BASE_PATH="${{ fromJson(steps.atmos-settings.outputs.settings).base-path }}" echo "ATMOS_BASE_PATH=$(realpath ${ATMOS_BASE_PATH:-./})" >> $GITHUB_ENV - name: Prepare Artifacts Directory - if: ${{ fromJson(steps.component.outputs.settings).enabled }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled }} shell: bash run: | mkdir -p metadata - name: Define Job Variables - if: ${{ fromJson(steps.component.outputs.settings).enabled }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled }} id: vars shell: bash run: | STACK_NAME=$(echo "${{ inputs.stack }}" | sed 's#/#_#g') - COMPONENT_PATH=${{ fromJson(steps.component.outputs.settings).component-path }} + COMPONENT_PATH=${{ fromJson(steps.atmos-settings.outputs.settings).component-path }} COMPONENT_NAME=$(echo "${{ inputs.component }}" | sed 's#/#_#g') COMPONENT_SLUG="$STACK_NAME-$COMPONENT_NAME" - COMPONENT_CACHE_KEY=$(basename "${{ fromJson(steps.component.outputs.settings).component-path }}") + COMPONENT_CACHE_KEY=$(basename "${{ fromJson(steps.atmos-settings.outputs.settings).component-path }}") PLAN_FILE="$( realpath ${COMPONENT_PATH})/$COMPONENT_SLUG-${{ inputs.sha }}.planfile" LOCK_FILE="$( realpath ${COMPONENT_PATH})/.terraform.lock.hcl" @@ -183,18 +243,21 @@ runs: - name: Cache .terraform id: cache uses: actions/cache@v4 - if: ${{ fromJson(steps.component.outputs.settings).enabled }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled }} with: path: | ./${{ steps.vars.outputs.component_path }}/.terraform key: ${{ steps.vars.outputs.cache-key }} - name: Atmos Terraform Plan - if: ${{ fromJson(steps.component.outputs.settings).enabled }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled }} id: atmos-plan shell: bash run: | set +e + + # Remove the environment file from the cache to avoid conflicts with workspace select + rm -f ./${{ steps.vars.outputs.component_path }}/.terraform/environment TERRAFORM_OUTPUT_FILE="./terraform-${GITHUB_RUN_ID}-output.txt" @@ -210,11 +273,13 @@ runs: -var "job:${{ github.job }}" \ -var "logoImage:${{ inputs.branding-logo-image }}" \ -var "logoUrl:${{ inputs.branding-logo-url }}" \ - -var "infracost_enabled:${{ steps.config.outputs.enable-infracost }}" \ + -var "infracost_enabled:${{ fromJson(steps.atmos-settings.outputs.settings).enable-infracost }}" \ -var "driftModeEnabled:${{ inputs.drift-detection-mode-enabled }}" \ - --output ${{ steps.vars.outputs.summary_file }} \ + $([[ "${{ inputs.pr-comment }}" == "false" ]] && echo "--output ${{ steps.vars.outputs.summary_file }}") \ --log-level $([[ "${{ inputs.debug }}" == "true" ]] && echo "DEBUG" || echo "INFO") \ - plan -- \ + plan \ + $([[ "${{ inputs.pr-comment }}" == "true" ]] && echo "-patch") \ + -- \ atmos terraform plan ${{ inputs.component }} \ --stack ${{ inputs.stack }} \ -out="${{ steps.vars.outputs.plan_file }}" \ @@ -225,6 +290,28 @@ runs: TERRAFORM_RESULT=$? + if [[ "${{ inputs.pr-comment }}" == "true" ]]; then + tfcmt \ + --config ${GITHUB_ACTION_PATH}/config/summary.yaml \ + -owner "${{ github.repository_owner }}" \ + -repo "${{ github.event.repository.name }}" \ + -var "target:${{ steps.vars.outputs.component_slug }}" \ + -var "component:${{ inputs.component }}" \ + -var "componentPath:${{ steps.vars.outputs.component_path }}" \ + -var "commitSHA:${{ inputs.sha }}" \ + -var "stack:${{ inputs.stack }}" \ + -var "job:${{ github.job }}" \ + -var "logoImage:${{ inputs.branding-logo-image }}" \ + -var "logoUrl:${{ inputs.branding-logo-url }}" \ + -var "infracost_enabled:${{ fromJson(steps.atmos-settings.outputs.settings).enable-infracost }}" \ + -var "driftModeEnabled:${{ inputs.drift-detection-mode-enabled }}" \ + --output ${{ steps.vars.outputs.summary_file }} \ + --log-level $([[ "${{ inputs.debug }}" == "true" ]] && echo "DEBUG" || echo "INFO") \ + plan \ + -- \ + bash -c "cat ${TERRAFORM_OUTPUT_FILE}" + fi + set -e if [[ "${{ inputs.drift-detection-mode-enabled }}" == "true" ]]; then @@ -265,26 +352,39 @@ runs: rm -f ${TERRAFORM_OUTPUT_FILE} - name: Configure State AWS Credentials - if: ${{ steps.atmos-plan.outputs.error == 'false' }} - uses: aws-actions/configure-aws-credentials@v4.0.2 + uses: aws-actions/configure-aws-credentials@v4 + if: ${{ ( fromJson(steps.atmos-settings.outputs.settings).plan-repository-type == 's3' || + fromJson(steps.atmos-settings.outputs.settings).plan-repository-type == '' || + fromJson(steps.atmos-settings.outputs.settings).plan-repository-type == 'null' ) && + steps.atmos-plan.outputs.error == 'false' && + fromJson(steps.atmos-settings.outputs.settings).aws-region != '' && + fromJson(steps.atmos-settings.outputs.settings).aws-region != 'null' && + fromJson(steps.atmos-settings.outputs.settings).terraform-state-role != '' && + fromJson(steps.atmos-settings.outputs.settings).terraform-state-role != 'null' }} with: - aws-region: ${{ steps.config.outputs.aws-region }} - role-to-assume: ${{ steps.config.outputs.terraform-state-role }} + aws-region: ${{ fromJson(steps.atmos-settings.outputs.settings).aws-region }} + role-to-assume: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-state-role }} role-session-name: "atmos-terraform-state-gitops" mask-aws-account-id: "no" - name: Store New Plan if: ${{ steps.atmos-plan.outputs.error == 'false' }} uses: cloudposse/github-action-terraform-plan-storage@v1 - id: store-plan with: action: storePlan commitSHA: ${{ inputs.sha }} planPath: ${{ steps.vars.outputs.plan_file }} component: ${{ inputs.component }} stack: ${{ inputs.stack }} - tableName: ${{ steps.config.outputs.terraform-state-table }} - bucketName: ${{ steps.config.outputs.terraform-state-bucket }} + planRepositoryType: ${{ fromJson(steps.atmos-settings.outputs.settings).plan-repository-type || 's3' }} + metadataRepositoryType: ${{ fromJson(steps.atmos-settings.outputs.settings).metadata-repository-type || 'dynamo' }} + blobAccountName: ${{ fromJson(steps.atmos-settings.outputs.settings).blob-account-name }} + blobContainerName: ${{ fromJson(steps.atmos-settings.outputs.settings).blob-container-name }} + cosmosContainerName: ${{ fromJson(steps.atmos-settings.outputs.settings).cosmos-container-name }} + cosmosDatabaseName: ${{ fromJson(steps.atmos-settings.outputs.settings).cosmos-database-name }} + cosmosEndpoint: ${{ fromJson(steps.atmos-settings.outputs.settings).cosmos-endpoint }} + tableName: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-state-table }} + bucketName: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-state-bucket }} - name: Store Lockfile for New Plan if: ${{ steps.atmos-plan.outputs.error == 'false' }} @@ -295,27 +395,35 @@ runs: planPath: ${{ steps.vars.outputs.lock_file }} component: ${{ inputs.component }} stack: ${{ inputs.stack }}-lockfile - tableName: ${{ steps.config.outputs.terraform-state-table }} - bucketName: ${{ steps.config.outputs.terraform-state-bucket }} + planRepositoryType: ${{ fromJson(steps.atmos-settings.outputs.settings).plan-repository-type || 's3' }} + metadataRepositoryType: ${{ fromJson(steps.atmos-settings.outputs.settings).metadata-repository-type || 'dynamo' }} + blobAccountName: ${{ fromJson(steps.atmos-settings.outputs.settings).blob-account-name }} + blobContainerName: ${{ fromJson(steps.atmos-settings.outputs.settings).blob-container-name }} + cosmosContainerName: ${{ fromJson(steps.atmos-settings.outputs.settings).cosmos-container-name }} + cosmosDatabaseName: ${{ fromJson(steps.atmos-settings.outputs.settings).cosmos-database-name }} + cosmosEndpoint: ${{ fromJson(steps.atmos-settings.outputs.settings).cosmos-endpoint }} + tableName: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-state-table }} + bucketName: ${{ fromJson(steps.atmos-settings.outputs.settings).terraform-state-bucket }} - name: Setup Infracost - if: ${{ steps.config.outputs.enable-infracost == 'true' && steps.atmos-plan.outputs.changes == 'true' }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enable-infracost == true && steps.atmos-plan.outputs.changes == 'true' }} uses: infracost/actions/setup@v3 with: api-key: ${{ inputs.infracost-api-key }} - name: Convert PLANFILE to JSON - if: ${{ steps.config.outputs.enable-infracost == 'true' && steps.atmos-plan.outputs.changes == 'true' }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enable-infracost == true && steps.atmos-plan.outputs.changes == 'true' }} shell: bash working-directory: ./${{ steps.vars.outputs.component_path }} run: | - ${{ fromJson(steps.component.outputs.settings).command }} show -json "${{ steps.vars.outputs.plan_file }}" > "${{ steps.vars.outputs.plan_file }}.json" + ${{ fromJson(steps.atmos-settings.outputs.settings).command }} show -json "${{ steps.vars.outputs.plan_file }}" > "${{ steps.vars.outputs.plan_file }}.json" - name: Generate Infracost Diff - if: ${{ steps.config.outputs.enable-infracost == 'true' && steps.atmos-plan.outputs.changes == 'true' }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enable-infracost == true && steps.atmos-plan.outputs.changes == 'true' }} id: infracost shell: bash run: | + echo "Running Infracost diff" infracost diff \ --path="${{ steps.vars.outputs.plan_file }}.json" \ --format=diff \ @@ -357,7 +465,7 @@ runs: sed -i -e '/%INFRACOST_DIFF%/{r /tmp/infracost.txt' -e 'd}' ${{ steps.vars.outputs.step_summary_file }} - name: Store Component Metadata to Artifacts - if: ${{ fromJson(steps.component.outputs.settings).enabled && inputs.drift-detection-mode-enabled == 'true' }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled && inputs.drift-detection-mode-enabled == 'true' }} shell: bash run: | echo -n '{ "stack": "${{ inputs.stack }}", "component": "${{ inputs.component }}", "componentPath": "${{ steps.vars.outputs.component_path }}", "drifted": '"${{ steps.atmos-plan.outputs.changes }}"', "error": '"${{ steps.atmos-plan.outputs.error }}"' }' > "metadata/${{ steps.vars.outputs.component_slug }}.metadata.json" @@ -401,7 +509,7 @@ runs: echo "rand=$(openssl rand -hex 5)" >> "$GITHUB_OUTPUT" - name: Upload Artifacts - if: ${{ fromJson(steps.component.outputs.settings).enabled && inputs.drift-detection-mode-enabled == 'true' }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled && inputs.drift-detection-mode-enabled == 'true' }} uses: actions/upload-artifact@v4 with: # The name of the artifact needs to be unique for every job run! @@ -411,7 +519,7 @@ runs: retention-days: ${{ inputs.metadata-retention-days }} - name: Exit status - if: ${{ fromJson(steps.component.outputs.settings).enabled }} + if: ${{ fromJson(steps.atmos-settings.outputs.settings).enabled }} shell: bash run: | exit ${{ steps.atmos-plan.outputs.result }} diff --git a/docs/github-action.md b/docs/github-action.md index 26c44b7db..8ca7f68de 100644 --- a/docs/github-action.md +++ b/docs/github-action.md @@ -5,7 +5,7 @@ | Name | Description | Default | Required | |------|-------------|---------|----------| | atmos-config-path | The path to the atmos.yaml file | N/A | true | -| atmos-version | The version of atmos to install | >= 1.63.0 | false | +| atmos-version | The version of atmos to install | >= 1.99.0 | false | | branding-logo-image | Branding logo image url | https://cloudposse.com/logo-300x69.svg | false | | branding-logo-url | Branding logo url | https://cloudposse.com/ | false | | component | The name of the component to plan. | N/A | true | @@ -13,7 +13,9 @@ | drift-detection-mode-enabled | Indicate whether this action is used in drift detection workflow. | false | true | | infracost-api-key | Infracost API key | N/A | false | | metadata-retention-days | Infracost API key | 1 | false | +| pr-comment | Set to 'true' to create a PR comment with the summary of the plan | false | false | | sha | Commit SHA to plan. Default: github.sha | ${{ github.event.pull\_request.head.sha }} | true | +| skip-checkout | Disable actions/checkout. Useful for when the checkout happens in a previous step and file are modified outside of git through other actions | false | false | | stack | The stack name for the given component. | N/A | true | | token | Used to pull node distributions for Atmos from Cloud Posse's GitHub repository. Since there's a default, this is typically not supplied by the user. When running this action on github.com, the default value is sufficient. When running on GHES, you can pass a personal access token for github.com if you are experiencing rate limiting. | ${{ github.server\_url == 'https://github.com' && github.token \|\| '' }} | false | diff --git a/tests/opentofu/atmos.yaml b/tests/opentofu/atmos.yaml index 43083bc0c..6d3cf7d5b 100644 --- a/tests/opentofu/atmos.yaml +++ b/tests/opentofu/atmos.yaml @@ -71,16 +71,6 @@ workflows: integrations: github: gitops: - opentofu-version: 1.7.3 - infracost-enabled: __INFRACOST_ENABLED__ - artifact-storage: - region: __STORAGE_REGION__ - bucket: __STORAGE_BUCKET__ - table: __STORAGE_TABLE__ - role: __STORAGE_ROLE__ - role: - plan: __PLAN_ROLE__ - apply: __APPLY_ROLE__ matrix: sort-by: .stack_slug group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-") diff --git a/tests/opentofu/stacks/catalog/foobar-changes.yaml b/tests/opentofu/stacks/catalog/foobar-changes.yaml index edd546794..4913e01b9 100644 --- a/tests/opentofu/stacks/catalog/foobar-changes.yaml +++ b/tests/opentofu/stacks/catalog/foobar-changes.yaml @@ -1,10 +1,30 @@ components: terraform: foobar/changes: - component: foobar + metadata: + component: foobar settings: github: actions_enabled: true + integrations: + github: + actions_enabled: true + gitops: + opentofu-version: 1.7.3 + infracost-enabled: __INFRACOST_ENABLED__ + artifact-storage: + region: __STORAGE_REGION__ + bucket: __STORAGE_BUCKET__ + table: __STORAGE_TABLE__ + role: __STORAGE_ROLE__ + blob-account-name: + blob-container-name: + cosmos-container-name: + cosmos-database-name: + cosmos-endpoint: + role: + plan: __PLAN_ROLE__ + apply: __APPLY_ROLE__ vars: example: blue enabled: true diff --git a/tests/opentofu/stacks/catalog/foobar-disabled.yaml b/tests/opentofu/stacks/catalog/foobar-disabled.yaml index dea88ba5b..0bc822780 100644 --- a/tests/opentofu/stacks/catalog/foobar-disabled.yaml +++ b/tests/opentofu/stacks/catalog/foobar-disabled.yaml @@ -3,7 +3,28 @@ components: foobar-disabled: settings: github: - actions_enabled: false + actions_enabled: true + integrations: + github: + actions_enabled: true + gitops: + opentofu-version: 1.7.3 + infracost-enabled: __INFRACOST_ENABLED__ + artifact-storage: + region: __STORAGE_REGION__ + bucket: __STORAGE_BUCKET__ + table: __STORAGE_TABLE__ + role: __STORAGE_ROLE__ + plan-repository-type: s3 + blob-account-name: + blob-container-name: + metadata-repository-type: dynamo + cosmos-container-name: + cosmos-database-name: + cosmos-endpoint: + role: + plan: __PLAN_ROLE__ + apply: __APPLY_ROLE__ vars: example: blue enabled: true diff --git a/tests/opentofu/stacks/catalog/foobar-fail.yaml b/tests/opentofu/stacks/catalog/foobar-fail.yaml index adf352793..94eb6edf4 100644 --- a/tests/opentofu/stacks/catalog/foobar-fail.yaml +++ b/tests/opentofu/stacks/catalog/foobar-fail.yaml @@ -1,10 +1,32 @@ components: terraform: foobar-fail: - component: foobar + metadata: + component: foobar settings: github: actions_enabled: true + integrations: + github: + actions_enabled: true + gitops: + opentofu-version: 1.7.3 + infracost-enabled: __INFRACOST_ENABLED__ + artifact-storage: + region: __STORAGE_REGION__ + bucket: __STORAGE_BUCKET__ + table: __STORAGE_TABLE__ + role: __STORAGE_ROLE__ + plan-repository-type: s3 + blob-account-name: + blob-container-name: + metadata-repository-type: dynamo + cosmos-container-name: + cosmos-database-name: + cosmos-endpoint: + role: + plan: __PLAN_ROLE__ + apply: __APPLY_ROLE__ vars: example: blue enabled: true diff --git a/tests/opentofu/stacks/catalog/foobar.yaml b/tests/opentofu/stacks/catalog/foobar.yaml index 53ba98fa2..6e931f55f 100644 --- a/tests/opentofu/stacks/catalog/foobar.yaml +++ b/tests/opentofu/stacks/catalog/foobar.yaml @@ -2,8 +2,27 @@ components: terraform: foobar: settings: - github: - actions_enabled: true + integrations: + github: + actions_enabled: true + gitops: + opentofu-version: 1.7.3 + infracost-enabled: __INFRACOST_ENABLED__ + artifact-storage: + region: __STORAGE_REGION__ + bucket: __STORAGE_BUCKET__ + table: __STORAGE_TABLE__ + role: __STORAGE_ROLE__ + plan-repository-type: s3 + blob-account-name: + blob-container-name: + metadata-repository-type: dynamo + cosmos-container-name: + cosmos-database-name: + cosmos-endpoint: + role: + plan: __PLAN_ROLE__ + apply: __APPLY_ROLE__ vars: example: blue enabled: false diff --git a/tests/terraform/atmos.yaml b/tests/terraform/atmos.yaml index b5b6a9a7e..ddf26506c 100644 --- a/tests/terraform/atmos.yaml +++ b/tests/terraform/atmos.yaml @@ -74,6 +74,8 @@ integrations: bucket: __STORAGE_BUCKET__ table: __STORAGE_TABLE__ role: __STORAGE_ROLE__ + plan-repository-type: s3 + metadata-repository-type: dynamo role: plan: __PLAN_ROLE__ apply: __APPLY_ROLE__ diff --git a/tests/terraform/stacks/catalog/foobar-changes.yaml b/tests/terraform/stacks/catalog/foobar-changes.yaml index edd546794..ef18a1747 100644 --- a/tests/terraform/stacks/catalog/foobar-changes.yaml +++ b/tests/terraform/stacks/catalog/foobar-changes.yaml @@ -1,7 +1,8 @@ components: terraform: foobar/changes: - component: foobar + metadata: + component: foobar settings: github: actions_enabled: true diff --git a/tests/terraform/stacks/catalog/foobar-fail.yaml b/tests/terraform/stacks/catalog/foobar-fail.yaml index adf352793..ee2cf1082 100644 --- a/tests/terraform/stacks/catalog/foobar-fail.yaml +++ b/tests/terraform/stacks/catalog/foobar-fail.yaml @@ -1,7 +1,8 @@ components: terraform: foobar-fail: - component: foobar + metadata: + component: foobar settings: github: actions_enabled: true