From c6069076e51a6488757fec897764af90769c2224 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 15:08:16 -0700 Subject: [PATCH 01/46] adding cognito module --- terraform-modules/cognito/main.tf | 19 +++++++++++++++++++ terraform-modules/cognito/outputs.tf | 9 +++++++++ terraform-modules/cognito/variables.tf | 15 +++++++++++++++ 3 files changed, 43 insertions(+) create mode 100644 terraform-modules/cognito/main.tf create mode 100644 terraform-modules/cognito/outputs.tf create mode 100644 terraform-modules/cognito/variables.tf diff --git a/terraform-modules/cognito/main.tf b/terraform-modules/cognito/main.tf new file mode 100644 index 0000000..7616c8c --- /dev/null +++ b/terraform-modules/cognito/main.tf @@ -0,0 +1,19 @@ +resource "aws_cognito_user_pool" "main" { + name = var.user_pool_name + + // Add additional configurations here +} + +resource "aws_cognito_user_pool_client" "main" { + name = var.client_name + user_pool_id = aws_cognito_user_pool.main.id + + // Configure client here + // For example: + generate_secret = false + allowed_oauth_flows = ["code", "implicit"] + allowed_oauth_scopes = ["email", "openid"] + allowed_oauth_flows_user_pool_client = true + + // Other configurations like callback URLs, logout URLs, etc. +} \ No newline at end of file diff --git a/terraform-modules/cognito/outputs.tf b/terraform-modules/cognito/outputs.tf new file mode 100644 index 0000000..756a4fa --- /dev/null +++ b/terraform-modules/cognito/outputs.tf @@ -0,0 +1,9 @@ +output "user_pool_id" { + description = "The ID of the Cognito User Pool" + value = aws_cognito_user_pool.main.id +} + +output "user_pool_client_id" { + description = "The ID of the Cognito User Pool Client" + value = aws_cognito_user_pool_client.main.id +} \ No newline at end of file diff --git a/terraform-modules/cognito/variables.tf b/terraform-modules/cognito/variables.tf new file mode 100644 index 0000000..2bc6025 --- /dev/null +++ b/terraform-modules/cognito/variables.tf @@ -0,0 +1,15 @@ +variable "region" { + description = "AWS region" + type = string + default = "us-west-2" +} + +variable "user_pool_name" { + description = "Name of the Cognito User Pool" + type = string +} + +variable "client_name" { + description = "Name of the Cognito User Pool Client" + type = string +} \ No newline at end of file From c07c14196d9474ba29074a0c01af5890564aee72 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 15:47:19 -0700 Subject: [PATCH 02/46] updating plan to include changes to modules --- .github/workflows/terraform-plan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index d6f0b96..a669c68 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -40,7 +40,7 @@ jobs: if: ${{ needs.changed-files.outputs.module-change == 'true' }} strategy: matrix: - directory: ${{ needs.changed-files.outputs.environment-change }} + directory: ${{ needs.changed-files.outputs.module-change }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} From 17402184e1c7189f90c5356d27f1a1cf667d2e47 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 15:52:13 -0700 Subject: [PATCH 03/46] updating action to test --- .github/workflows/terraform-plan.yml | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index a669c68..54ae15a 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -40,15 +40,14 @@ jobs: if: ${{ needs.changed-files.outputs.module-change == 'true' }} strategy: matrix: - directory: ${{ needs.changed-files.outputs.module-change }} + directory: ${{ fromJson(needs.changed-files.outputs.module-change_files) }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v3 - - name: terraform plan uses: dflook/terraform-plan@v1 with: @@ -57,15 +56,14 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false'}} + if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v3 - - name: terraform plan uses: dflook/terraform-plan@v1 with: @@ -77,13 +75,12 @@ jobs: if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v3 - - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: terraform-incubator/people-depot/dev \ No newline at end of file + path: terraform-incubator/people-depot/dev From 289b1b5bd2fa3a22e3603731ac3cb929e01d180a Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:01:03 -0700 Subject: [PATCH 04/46] editing module file to test --- terraform-modules/cognito/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform-modules/cognito/main.tf b/terraform-modules/cognito/main.tf index 7616c8c..50133a4 100644 --- a/terraform-modules/cognito/main.tf +++ b/terraform-modules/cognito/main.tf @@ -1,7 +1,7 @@ resource "aws_cognito_user_pool" "main" { name = var.user_pool_name - // Add additional configurations here + // Add additional configurations here based on project needs } resource "aws_cognito_user_pool_client" "main" { From add0df7e210c465329b4a3a46c7eca55d6cfb55d Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:03:51 -0700 Subject: [PATCH 05/46] updating plan --- .github/workflows/terraform-plan.yml | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 54ae15a..a669c68 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -40,14 +40,15 @@ jobs: if: ${{ needs.changed-files.outputs.module-change == 'true' }} strategy: matrix: - directory: ${{ fromJson(needs.changed-files.outputs.module-change_files) }} + directory: ${{ needs.changed-files.outputs.module-change }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} + AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} steps: - name: Checkout uses: actions/checkout@v3 + - name: terraform plan uses: dflook/terraform-plan@v1 with: @@ -56,14 +57,15 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false' }} + if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false'}} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} + AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} steps: - name: Checkout uses: actions/checkout@v3 + - name: terraform plan uses: dflook/terraform-plan@v1 with: @@ -75,12 +77,13 @@ jobs: if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} + AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} steps: - name: Checkout uses: actions/checkout@v3 + - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: terraform-incubator/people-depot/dev + path: terraform-incubator/people-depot/dev \ No newline at end of file From 07b4dbf881522389edfb51bd0ac4cc65b385f2f7 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:05:17 -0700 Subject: [PATCH 06/46] making change to test --- terraform-modules/cognito/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform-modules/cognito/main.tf b/terraform-modules/cognito/main.tf index 50133a4..8836ded 100644 --- a/terraform-modules/cognito/main.tf +++ b/terraform-modules/cognito/main.tf @@ -1,7 +1,7 @@ resource "aws_cognito_user_pool" "main" { name = var.user_pool_name - // Add additional configurations here based on project needs + // Add additional configurations here based on project requirements } resource "aws_cognito_user_pool_client" "main" { From f9c2e5528b7e513f1b2714045a46aa56d0146b1c Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:27:14 -0700 Subject: [PATCH 07/46] making change to test --- .github/workflows/terraform-plan.yml | 33 +++++++++++++++------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index a669c68..a0d4a1a 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -32,58 +32,61 @@ jobs: - 'terraform-incubator/*/!(project)/*.tf' list-files: json - name: List all changed files - run: echo '${{ steps.changed-files.outputs.module-change_files }}'; echo '${{ steps.changed-files.outputs.project-change_files }}'; echo '${{ steps.changed-files.outputs.environment-change_files }}' + run: | + echo "Module changes: ${{ steps.changed-files.outputs.module-change_files }}" + echo "Project changes: ${{ steps.changed-files.outputs.project-change_files }}" + echo "Environment changes: ${{ steps.changed-files.outputs.environment-change_files }}" + plan-all: runs-on: ubuntu-latest name: Terraform plan - all directories needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-change == 'true' }} + if: ${{ fromJson(needs.changed-files.outputs.module-change_files).length > 0 }} strategy: matrix: - directory: ${{ needs.changed-files.outputs.module-change }} + directory: ${{ fromJson(needs.changed-files.outputs.module-change_files) }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v3 - - name: terraform plan uses: dflook/terraform-plan@v1 with: path: ${{ matrix.directory }} + plan-project: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false'}} + if: ${{ fromJson(needs.changed-files.outputs.project-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v3 - - name: terraform plan uses: dflook/terraform-plan@v1 with: path: terraform-incubator/people-depot/dev + plan-environment: runs-on: ubuntu-latest name: Terraform plan - Env changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} + if: ${{ fromJson(needs.changed-files.outputs.environment-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 && fromJson(needs.changed-files.outputs.project-change_files).length == 0 }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v3 - - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: terraform-incubator/people-depot/dev \ No newline at end of file + path: terraform-incubator/people-depot/dev From 4b1d52407dbfd826fcaf9f4c325d6a2c216a6218 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:32:51 -0700 Subject: [PATCH 08/46] making change to test --- .github/workflows/terraform-plan.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index a0d4a1a..1d58729 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -41,10 +41,10 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - all directories needs: [changed-files] - if: ${{ fromJson(needs.changed-files.outputs.module-change_files).length > 0 }} + if: ${{ steps.changed-files.outputs.module-change_files != '[]' }} strategy: matrix: - directory: ${{ fromJson(needs.changed-files.outputs.module-change_files) }} + directory: ${{ fromJson(steps.changed-files.outputs.module-change_files) }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -61,7 +61,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ fromJson(needs.changed-files.outputs.project-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 }} + if: ${{ steps.changed-files.outputs.project-change_files != '[]' && steps.changed-files.outputs.module-change_files == '[]' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -78,7 +78,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Env changes needs: [changed-files] - if: ${{ fromJson(needs.changed-files.outputs.environment-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 && fromJson(needs.changed-files.outputs.project-change_files).length == 0 }} + if: ${{ steps.changed-files.outputs.environment-change_files != '[]' && steps.changed-files.outputs.module-change_files == '[]' && steps.changed-files.outputs.project-change_files == '[]' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From 8daa78612b489cbde316193cd6b477ecb6bf9b88 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:34:45 -0700 Subject: [PATCH 09/46] making change to test --- terraform-modules/cognito/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform-modules/cognito/main.tf b/terraform-modules/cognito/main.tf index 8836ded..de781f6 100644 --- a/terraform-modules/cognito/main.tf +++ b/terraform-modules/cognito/main.tf @@ -1,7 +1,7 @@ resource "aws_cognito_user_pool" "main" { name = var.user_pool_name - // Add additional configurations here based on project requirements + // Add additional configurations here according to project needs } resource "aws_cognito_user_pool_client" "main" { From a2834f50daf21592b05a4d0b000497734b9e7f26 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:36:37 -0700 Subject: [PATCH 10/46] making change to test --- .github/workflows/terraform-plan.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 1d58729..281c684 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -12,8 +12,11 @@ jobs: runs-on: ubuntu-latest outputs: module-change: ${{ steps.changed-files.outputs.module-change }} + module-change-files: ${{ steps.changed-files.outputs.module-change_files }} project-change: ${{ steps.changed-files.outputs.project-change }} + project-change-files: ${{ steps.changed-files.outputs.project-change_files }} environment-change: ${{ steps.changed-files.outputs.environment-change }} + environment-change-files: ${{ steps.changed-files.outputs.environment-change_files }} steps: - name: Checkout uses: actions/checkout@v4 @@ -41,10 +44,10 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - all directories needs: [changed-files] - if: ${{ steps.changed-files.outputs.module-change_files != '[]' }} + if: ${{ needs.changed-files.outputs.module-change == 'true' }} strategy: matrix: - directory: ${{ fromJson(steps.changed-files.outputs.module-change_files) }} + directory: ${{ fromJson(needs.changed-files.outputs.module-change-files) }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -61,7 +64,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ steps.changed-files.outputs.project-change_files != '[]' && steps.changed-files.outputs.module-change_files == '[]' }} + if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -78,7 +81,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Env changes needs: [changed-files] - if: ${{ steps.changed-files.outputs.environment-change_files != '[]' && steps.changed-files.outputs.module-change_files == '[]' && steps.changed-files.outputs.project-change_files == '[]' }} + if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From e568eabd47110a18e762b0c764768a7d72292a9f Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:40:03 -0700 Subject: [PATCH 11/46] making change to test --- .github/workflows/terraform-plan.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 281c684..023edfa 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -12,11 +12,9 @@ jobs: runs-on: ubuntu-latest outputs: module-change: ${{ steps.changed-files.outputs.module-change }} - module-change-files: ${{ steps.changed-files.outputs.module-change_files }} + module-change-dirs: ${{ steps.extract-dirs.outputs.module-change-dirs }} project-change: ${{ steps.changed-files.outputs.project-change }} - project-change-files: ${{ steps.changed-files.outputs.project-change_files }} environment-change: ${{ steps.changed-files.outputs.environment-change }} - environment-change-files: ${{ steps.changed-files.outputs.environment-change_files }} steps: - name: Checkout uses: actions/checkout@v4 @@ -34,11 +32,10 @@ jobs: environment-change: - 'terraform-incubator/*/!(project)/*.tf' list-files: json - - name: List all changed files + - name: Extract unique directories for module changes + id: extract-dirs run: | - echo "Module changes: ${{ steps.changed-files.outputs.module-change_files }}" - echo "Project changes: ${{ steps.changed-files.outputs.project-change_files }}" - echo "Environment changes: ${{ steps.changed-files.outputs.environment-change_files }}" + echo "::set-output name=module-change-dirs::$(echo '${{ steps.changed-files.outputs.module-change_files }}' | jq -r '[.[] | split("/")[:-1] | join("/")] | unique | .[]')" plan-all: runs-on: ubuntu-latest @@ -47,7 +44,7 @@ jobs: if: ${{ needs.changed-files.outputs.module-change == 'true' }} strategy: matrix: - directory: ${{ fromJson(needs.changed-files.outputs.module-change-files) }} + directory: ${{ fromJson(needs.changed-files.outputs.module-change-dirs) }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From d0f574c8f617ef2eaeb3b0a7aeff2c1e725da368 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Fri, 17 May 2024 16:44:33 -0700 Subject: [PATCH 12/46] making change to test --- .github/workflows/terraform-plan.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 023edfa..87281e6 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -35,7 +35,9 @@ jobs: - name: Extract unique directories for module changes id: extract-dirs run: | - echo "::set-output name=module-change-dirs::$(echo '${{ steps.changed-files.outputs.module-change_files }}' | jq -r '[.[] | split("/")[:-1] | join("/")] | unique | .[]')" + module_dirs=$(echo '${{ steps.changed-files.outputs.module-change_files }}' | jq -r '[.[] | split("/")[:-1] | join("/")] | unique | .[]') + echo "Unique module directories: $module_dirs" + echo "::set-output name=module-change-dirs::$module_dirs" plan-all: runs-on: ubuntu-latest From c8e4350c08d1d6968e0c156604b2379e776ae6ab Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 07:57:03 -0700 Subject: [PATCH 13/46] changing plan logic --- .github/workflows/terraform-plan.yml | 33 ++++++++++++---------------- 1 file changed, 14 insertions(+), 19 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 87281e6..f5dad04 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -12,7 +12,6 @@ jobs: runs-on: ubuntu-latest outputs: module-change: ${{ steps.changed-files.outputs.module-change }} - module-change-dirs: ${{ steps.extract-dirs.outputs.module-change-dirs }} project-change: ${{ steps.changed-files.outputs.project-change }} environment-change: ${{ steps.changed-files.outputs.environment-change }} steps: @@ -32,21 +31,14 @@ jobs: environment-change: - 'terraform-incubator/*/!(project)/*.tf' list-files: json - - name: Extract unique directories for module changes - id: extract-dirs - run: | - module_dirs=$(echo '${{ steps.changed-files.outputs.module-change_files }}' | jq -r '[.[] | split("/")[:-1] | join("/")] | unique | .[]') - echo "Unique module directories: $module_dirs" - echo "::set-output name=module-change-dirs::$module_dirs" + - name: List all changed files + run: echo '${{ steps.changed-files.outputs.module-change_files }}'; echo '${{ steps.changed-files.outputs.project-change_files }}'; echo '${{ steps.changed-files.outputs.environment-change_files }}' - plan-all: + plan-module: runs-on: ubuntu-latest - name: Terraform plan - all directories + name: Terraform plan - Module changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-change == 'true' }} - strategy: - matrix: - directory: ${{ fromJson(needs.changed-files.outputs.module-change-dirs) }} + if: ${{ fromJson(needs.changed-files.outputs.module-change_files).length > 0 }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -54,16 +46,17 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ matrix.directory }} + path: ${{ steps.changed-files.outputs.module-change_files[0] }} plan-project: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false' }} + if: ${{ fromJson(needs.changed-files.outputs.project-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -71,16 +64,17 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: terraform-incubator/people-depot/dev + path: ${{ steps.changed-files.outputs.project-change_files[0] }} plan-environment: runs-on: ubuntu-latest - name: Terraform plan - Env changes + name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} + if: ${{ fromJson(needs.changed-files.outputs.environment-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 && fromJson(needs.changed-files.outputs.project-change_files).length == 0 }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -88,7 +82,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: terraform-incubator/people-depot/dev + path: ${{ steps.changed-files.outputs.environment-change_files[0] }} From ba1580bd9e966779e62220bc43801a730cf00c35 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 08:01:35 -0700 Subject: [PATCH 14/46] fixing extraction of path --- .github/workflows/terraform-plan.yml | 43 +++++++++++++++++++++++----- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index f5dad04..b3da016 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -14,11 +14,15 @@ jobs: module-change: ${{ steps.changed-files.outputs.module-change }} project-change: ${{ steps.changed-files.outputs.project-change }} environment-change: ${{ steps.changed-files.outputs.environment-change }} + module-directory: ${{ steps.get-module-directory.outputs.directory }} + project-directory: ${{ steps.get-project-directory.outputs.directory }} + environment-directory: ${{ steps.get-environment-directory.outputs.directory }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 + - name: Get changed files id: changed-files uses: dorny/paths-filter@v2 @@ -31,14 +35,39 @@ jobs: environment-change: - 'terraform-incubator/*/!(project)/*.tf' list-files: json + - name: List all changed files - run: echo '${{ steps.changed-files.outputs.module-change_files }}'; echo '${{ steps.changed-files.outputs.project-change_files }}'; echo '${{ steps.changed-files.outputs.environment-change_files }}' + run: | + echo 'module-change: ${{ steps.changed-files.outputs.module-change_files }}' + echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' + echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' + + - name: Extract module directory + id: get-module-directory + if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} + run: | + echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }})" + echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }})" + + - name: Extract project directory + id: get-project-directory + if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} + run: | + echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }})" + echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }})" + + - name: Extract environment directory + id: get-environment-directory + if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} + run: | + echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }})" + echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }})" plan-module: runs-on: ubuntu-latest name: Terraform plan - Module changes needs: [changed-files] - if: ${{ fromJson(needs.changed-files.outputs.module-change_files).length > 0 }} + if: ${{ needs.changed-files.outputs.module-change == 'true' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -50,13 +79,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ steps.changed-files.outputs.module-change_files[0] }} + path: ${{ needs.changed-files.outputs.module-directory }} plan-project: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ fromJson(needs.changed-files.outputs.project-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 }} + if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -68,13 +97,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ steps.changed-files.outputs.project-change_files[0] }} + path: ${{ needs.changed-files.outputs.project-directory }} plan-environment: runs-on: ubuntu-latest name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ fromJson(needs.changed-files.outputs.environment-change_files).length > 0 && fromJson(needs.changed-files.outputs.module-change_files).length == 0 && fromJson(needs.changed-files.outputs.project-change_files).length == 0 }} + if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -86,4 +115,4 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ steps.changed-files.outputs.environment-change_files[0] }} + path: ${{ needs.changed-files.outputs.environment-directory }} From 7db13c77374e732aec153d27f127b48981c82503 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 08:34:55 -0700 Subject: [PATCH 15/46] testing new structure --- .github/workflows/terraform-plan.yml | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index b3da016..67f71c0 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,12 +11,9 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-change: ${{ steps.changed-files.outputs.module-change }} - project-change: ${{ steps.changed-files.outputs.project-change }} - environment-change: ${{ steps.changed-files.outputs.environment-change }} - module-directory: ${{ steps.get-module-directory.outputs.directory }} - project-directory: ${{ steps.get-project-directory.outputs.directory }} - environment-directory: ${{ steps.get-environment-directory.outputs.directory }} + module-directory: ${{ steps.module-directory.outputs.directory }} + project-directory: ${{ steps.project-directory.outputs.directory }} + environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: - name: Checkout uses: actions/checkout@v4 @@ -43,21 +40,21 @@ jobs: echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - name: Extract module directory - id: get-module-directory + id: module-directory if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} run: | echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }})" echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }})" - name: Extract project directory - id: get-project-directory + id: project-directory if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} run: | echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }})" echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }})" - name: Extract environment directory - id: get-environment-directory + id: environment-directory if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} run: | echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }})" @@ -67,7 +64,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Module changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-change == 'true' }} + if: ${{ needs.changed-files.outputs.module-directory }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -85,7 +82,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false' }} + if: ${{ needs.changed-files.outputs.project-directory && !needs.changed-files.outputs.module-directory }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -103,7 +100,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} + if: ${{ needs.changed-files.outputs.environment-directory && !needs.changed-files.outputs.module-directory && !needs.changed-files.outputs.project-directory }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From f4938e90fb26e0570e27ddb333e02d165e423336 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 08:38:11 -0700 Subject: [PATCH 16/46] changing output values --- .github/workflows/terraform-plan.yml | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 67f71c0..cb3e672 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,9 +11,9 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-directory: ${{ steps.module-directory.outputs.directory }} - project-directory: ${{ steps.project-directory.outputs.directory }} - environment-directory: ${{ steps.environment-directory.outputs.directory }} + module-directory: ${{ steps.module-directory.outputs.directory || 'null' }} + project-directory: ${{ steps.project-directory.outputs.directory || 'null' }} + environment-directory: ${{ steps.environment-directory.outputs.directory || 'null' }} steps: - name: Checkout uses: actions/checkout@v4 @@ -43,28 +43,31 @@ jobs: id: module-directory if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} run: | - echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }})" - echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }})" + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") + echo "Directory: $directory" + echo "::set-output name=directory::$directory" - name: Extract project directory id: project-directory if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} run: | - echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }})" - echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }})" + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") + echo "Directory: $directory" + echo "::set-output name=directory::$directory" - name: Extract environment directory id: environment-directory if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} run: | - echo "Directory: $(dirname ${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }})" - echo "::set-output name=directory::$(dirname ${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }})" + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") + echo "Directory: $directory" + echo "::set-output name=directory::$directory" plan-module: runs-on: ubuntu-latest name: Terraform plan - Module changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-directory }} + if: ${{ needs.changed-files.outputs.module-directory != 'null' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -82,7 +85,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory && !needs.changed-files.outputs.module-directory }} + if: ${{ needs.changed-files.outputs.project-directory != 'null' && needs.changed-files.outputs.module-directory == 'null' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -100,7 +103,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory && !needs.changed-files.outputs.module-directory && !needs.changed-files.outputs.project-directory }} + if: ${{ needs.changed-files.outputs.environment-directory != 'null' && needs.changed-files.outputs.module-directory == 'null' && needs.changed-files.outputs.project-directory == 'null' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From 0dded84ed604de9280029c39b78ecf588c62d978 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 08:41:49 -0700 Subject: [PATCH 17/46] use explicit conditions --- .github/workflows/terraform-plan.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index cb3e672..f12980e 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,9 +11,9 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-directory: ${{ steps.module-directory.outputs.directory || 'null' }} - project-directory: ${{ steps.project-directory.outputs.directory || 'null' }} - environment-directory: ${{ steps.environment-directory.outputs.directory || 'null' }} + module-directory: ${{ steps.module-directory.outputs.directory }} + project-directory: ${{ steps.project-directory.outputs.directory }} + environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: - name: Checkout uses: actions/checkout@v4 @@ -41,33 +41,33 @@ jobs: - name: Extract module directory id: module-directory - if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} + if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") - echo "Directory: $directory" + echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - name: Extract project directory id: project-directory - if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} + if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") - echo "Directory: $directory" + echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - name: Extract environment directory id: environment-directory - if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} + if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") - echo "Directory: $directory" + echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" plan-module: runs-on: ubuntu-latest name: Terraform plan - Module changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-directory != 'null' }} + if: ${{ needs.changed-files.outputs.module-directory != '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -85,7 +85,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != 'null' && needs.changed-files.outputs.module-directory == 'null' }} + if: ${{ needs.changed-files.outputs.project-directory != '' && needs.changed-files.outputs.module-directory == '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -103,7 +103,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory != 'null' && needs.changed-files.outputs.module-directory == 'null' && needs.changed-files.outputs.project-directory == 'null' }} + if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-directory == '' && needs.changed-files.outputs.project-directory == '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From 3c140c34993e1c436fa40f037be9983a32b1c4da Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 08:53:51 -0700 Subject: [PATCH 18/46] setting defaults to variables --- terraform-modules/cognito/variables.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/terraform-modules/cognito/variables.tf b/terraform-modules/cognito/variables.tf index 2bc6025..689dfc2 100644 --- a/terraform-modules/cognito/variables.tf +++ b/terraform-modules/cognito/variables.tf @@ -7,9 +7,11 @@ variable "region" { variable "user_pool_name" { description = "Name of the Cognito User Pool" type = string + default = "" } variable "client_name" { description = "Name of the Cognito User Pool Client" type = string + default = "" } \ No newline at end of file From 5b68c9e03b05f2c3f81b52a0c448e22059dd65a7 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 09:27:49 -0700 Subject: [PATCH 19/46] updating logic for where plan is run --- .github/workflows/terraform-plan.yml | 50 ++++++++++++++++++---------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index f12980e..1d303d5 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,7 +11,7 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-directory: ${{ steps.module-directory.outputs.directory }} + module-change: ${{ steps.changed-files.outputs.module-change }} project-directory: ${{ steps.project-directory.outputs.directory }} environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: @@ -28,9 +28,9 @@ jobs: module-change: - 'terraform-modules/**' project-change: - - 'terraform-incubator/*/project/*.tf' + - 'terraform-incubator/**/project/*.tf' environment-change: - - 'terraform-incubator/*/!(project)/*.tf' + - 'terraform-incubator/**/!(project)/*.tf' list-files: json - name: List all changed files @@ -39,17 +39,15 @@ jobs: echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - - name: Extract module directory + - name: Set module change output id: module-directory - if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} + if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" + echo "::set-output name=module-change::true" - name: Extract project directory id: project-directory - if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} + if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") echo "Extracted Directory: $directory" @@ -57,17 +55,35 @@ jobs: - name: Extract environment directory id: environment-directory - if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} + if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - plan-module: + plan-modules: runs-on: ubuntu-latest name: Terraform plan - Module changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-directory != '' }} + if: ${{ needs.changed-files.outputs.module-change == 'true' }} + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: List all project directories + id: list-projects + run: | + projects=$(find terraform-incubator -type d -name dev -o -name prod) + echo "Projects: $projects" + echo "::set-output name=projects::$(echo $projects | jq -R -s -c 'split(" ")')" + + plan-projects: + runs-on: ubuntu-latest + name: Terraform plan - All projects + needs: [plan-modules] + strategy: + matrix: + directory: ${{ fromJson(needs.plan-modules.outputs.projects) }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -79,13 +95,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.module-directory }} + path: ${{ matrix.directory }} - plan-project: + plan-specific-project: runs-on: ubuntu-latest - name: Terraform plan - Project changes + name: Terraform plan - Specific project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != '' && needs.changed-files.outputs.module-directory == '' }} + if: ${{ needs.changed-files.outputs.project-directory != '' && needs.changed-files.outputs.module-change != 'true' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -103,7 +119,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-directory == '' && needs.changed-files.outputs.project-directory == '' }} + if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-change != 'true' && needs.changed-files.outputs.project-directory == '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From 29f4e1c9cef80d9067c8e637533ec4b41b3fe55d Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 09:35:04 -0700 Subject: [PATCH 20/46] updating logic for where plan is run --- .github/workflows/terraform-plan.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 1d303d5..03dd6f0 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,7 +11,7 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-change: ${{ steps.changed-files.outputs.module-change }} + module-change: ${{ steps.module-directory.outputs.module-change }} project-directory: ${{ steps.project-directory.outputs.directory }} environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: @@ -81,6 +81,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - All projects needs: [plan-modules] + if: ${{ needs.plan-modules.outputs.projects != '' }} strategy: matrix: directory: ${{ fromJson(needs.plan-modules.outputs.projects) }} From 4c92e9ec95c66730db272af5210cdcfb55720d8c Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 09:48:29 -0700 Subject: [PATCH 21/46] updating location of plan for module changes --- .github/workflows/terraform-plan.yml | 51 ++++++++++------------------ 1 file changed, 17 insertions(+), 34 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 03dd6f0..f12980e 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,7 +11,7 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-change: ${{ steps.module-directory.outputs.module-change }} + module-directory: ${{ steps.module-directory.outputs.directory }} project-directory: ${{ steps.project-directory.outputs.directory }} environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: @@ -28,9 +28,9 @@ jobs: module-change: - 'terraform-modules/**' project-change: - - 'terraform-incubator/**/project/*.tf' + - 'terraform-incubator/*/project/*.tf' environment-change: - - 'terraform-incubator/**/!(project)/*.tf' + - 'terraform-incubator/*/!(project)/*.tf' list-files: json - name: List all changed files @@ -39,15 +39,17 @@ jobs: echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - - name: Set module change output + - name: Extract module directory id: module-directory - if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} + if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} run: | - echo "::set-output name=module-change::true" + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") + echo "Extracted Directory: $directory" + echo "::set-output name=directory::$directory" - name: Extract project directory id: project-directory - if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} + if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") echo "Extracted Directory: $directory" @@ -55,36 +57,17 @@ jobs: - name: Extract environment directory id: environment-directory - if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} + if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - plan-modules: + plan-module: runs-on: ubuntu-latest name: Terraform plan - Module changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-change == 'true' }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: List all project directories - id: list-projects - run: | - projects=$(find terraform-incubator -type d -name dev -o -name prod) - echo "Projects: $projects" - echo "::set-output name=projects::$(echo $projects | jq -R -s -c 'split(" ")')" - - plan-projects: - runs-on: ubuntu-latest - name: Terraform plan - All projects - needs: [plan-modules] - if: ${{ needs.plan-modules.outputs.projects != '' }} - strategy: - matrix: - directory: ${{ fromJson(needs.plan-modules.outputs.projects) }} + if: ${{ needs.changed-files.outputs.module-directory != '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -96,13 +79,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ matrix.directory }} + path: ${{ needs.changed-files.outputs.module-directory }} - plan-specific-project: + plan-project: runs-on: ubuntu-latest - name: Terraform plan - Specific project changes + name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != '' && needs.changed-files.outputs.module-change != 'true' }} + if: ${{ needs.changed-files.outputs.project-directory != '' && needs.changed-files.outputs.module-directory == '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -120,7 +103,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-change != 'true' && needs.changed-files.outputs.project-directory == '' }} + if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-directory == '' && needs.changed-files.outputs.project-directory == '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} From 331d9f0bfc61f570b5d0a4b16a5d3a767a6ee531 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 09:48:41 -0700 Subject: [PATCH 22/46] adding cognito config to pd --- terraform-incubator/people-depot/project/main.tf | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/terraform-incubator/people-depot/project/main.tf b/terraform-incubator/people-depot/project/main.tf index cc3c0c9..0cc5a91 100644 --- a/terraform-incubator/people-depot/project/main.tf +++ b/terraform-incubator/people-depot/project/main.tf @@ -64,6 +64,14 @@ module "people_depot" { root_db_password = var.root_db_password } +module "cognito" { + source = "../../../terraform-modules/cognito" + + region = "us-west-2" + user_pool_name = "people-depot-user-pool" + client_name = "people-depot-client" +} + variable "root_db_password" { type = string description = "root database password" From 553686d396cc4648d75e628679b5de2b9c5ffb5a Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 09:57:30 -0700 Subject: [PATCH 23/46] prioritizing project dir if changes in both --- .github/workflows/terraform-plan.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index f12980e..bface52 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -63,11 +63,11 @@ jobs: echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - plan-module: + plan-project: runs-on: ubuntu-latest - name: Terraform plan - Module changes + name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-directory != '' }} + if: ${{ needs.changed-files.outputs.project-directory != '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -79,13 +79,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.module-directory }} + path: ${{ needs.changed-files.outputs.project-directory }} - plan-project: + plan-module: runs-on: ubuntu-latest - name: Terraform plan - Project changes + name: Terraform plan - Module changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != '' && needs.changed-files.outputs.module-directory == '' }} + if: ${{ needs.changed-files.outputs.module-directory != '' && needs.changed-files.outputs.project-directory == '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -97,7 +97,7 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.project-directory }} + path: ${{ needs.changed-files.outputs.module-directory }} plan-environment: runs-on: ubuntu-latest From 05516205e76dc23fbb9587e24205fcfac2c225f5 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:17:27 -0700 Subject: [PATCH 24/46] removing module plan --- .github/workflows/terraform-plan.yml | 46 ++++++++++------------------ 1 file changed, 17 insertions(+), 29 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index bface52..36ffba7 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,7 +11,7 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-directory: ${{ steps.module-directory.outputs.directory }} + module-change: ${{ steps.module-change.outputs.module_change }} project-directory: ${{ steps.project-directory.outputs.directory }} environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: @@ -39,17 +39,14 @@ jobs: echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - - name: Extract module directory - id: module-directory - if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} - run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" + - name: Set module change output + id: module-change + if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} + run: echo "::set-output name=module_change::true" - name: Extract project directory id: project-directory - if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} + if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") echo "Extracted Directory: $directory" @@ -57,7 +54,7 @@ jobs: - name: Extract environment directory id: environment-directory - if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} + if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") echo "Extracted Directory: $directory" @@ -67,7 +64,7 @@ jobs: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != '' }} + if: ${{ needs.changed-files.outputs.project-directory != '' && (needs.changed-files.outputs.environment-directory == '' || needs.changed-files.outputs.module-change != 'true') }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -81,11 +78,11 @@ jobs: with: path: ${{ needs.changed-files.outputs.project-directory }} - plan-module: + plan-environment: runs-on: ubuntu-latest - name: Terraform plan - Module changes + name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-directory != '' && needs.changed-files.outputs.project-directory == '' }} + if: ${{ needs.changed-files.outputs.environment-directory != '' && (needs.changed-files.outputs.project-directory == '' || needs.changed-files.outputs.module-change == 'true') }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -97,22 +94,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.module-directory }} + path: ${{ needs.changed-files.outputs.environment-directory }} - plan-environment: + skip-module: runs-on: ubuntu-latest - name: Terraform plan - Environment changes + name: Skip Terraform plan for module changes only needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-directory == '' && needs.changed-files.outputs.project-directory == '' }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} + if: ${{ needs.changed-files.outputs.module-change == 'true' && needs.changed-files.outputs.project-directory == '' && needs.changed-files.outputs.environment-directory == '' }} steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: terraform plan - uses: dflook/terraform-plan@v1 - with: - path: ${{ needs.changed-files.outputs.environment-directory }} + - name: Skip module changes + run: echo "Skipping Terraform plan for module changes only." From 23ccd4cf798feb8e9d35d5ac6ef6482bf7f1a1b5 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:18:22 -0700 Subject: [PATCH 25/46] moving cognito creation to dev for testing --- terraform-incubator/people-depot/dev/main.tf | 8 ++++++++ terraform-incubator/people-depot/project/main.tf | 8 -------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/terraform-incubator/people-depot/dev/main.tf b/terraform-incubator/people-depot/dev/main.tf index 65f8812..a091cd3 100644 --- a/terraform-incubator/people-depot/dev/main.tf +++ b/terraform-incubator/people-depot/dev/main.tf @@ -29,6 +29,14 @@ module "dev" { container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" } +module "cognito" { + source = "../../../terraform-modules/cognito" + + region = "us-west-2" + user_pool_name = "people-depot-user-pool" + client_name = "people-depot-client" +} + moved { from = module.ecr.aws_ecr_repository.this to = module.dev.module.people_depot.module.ecr.aws_ecr_repository.this diff --git a/terraform-incubator/people-depot/project/main.tf b/terraform-incubator/people-depot/project/main.tf index 0cc5a91..cc3c0c9 100644 --- a/terraform-incubator/people-depot/project/main.tf +++ b/terraform-incubator/people-depot/project/main.tf @@ -64,14 +64,6 @@ module "people_depot" { root_db_password = var.root_db_password } -module "cognito" { - source = "../../../terraform-modules/cognito" - - region = "us-west-2" - user_pool_name = "people-depot-user-pool" - client_name = "people-depot-client" -} - variable "root_db_password" { type = string description = "root database password" From 31d7f2181c1a5643fadc9b55e2f9004bd6aded22 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:26:19 -0700 Subject: [PATCH 26/46] testing plan --- .github/workflows/terraform-plan.yml | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 36ffba7..2d5d807 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -14,6 +14,8 @@ jobs: module-change: ${{ steps.module-change.outputs.module_change }} project-directory: ${{ steps.project-directory.outputs.directory }} environment-directory: ${{ steps.environment-directory.outputs.directory }} + has-project-change: ${{ steps.project-directory.outputs.has_project_change }} + has-environment-change: ${{ steps.environment-directory.outputs.has_environment_change }} steps: - name: Checkout uses: actions/checkout@v4 @@ -28,9 +30,9 @@ jobs: module-change: - 'terraform-modules/**' project-change: - - 'terraform-incubator/*/project/*.tf' + - 'terraform-incubator/**/project/*.tf' environment-change: - - 'terraform-incubator/*/!(project)/*.tf' + - 'terraform-incubator/**/!(project)/*.tf' list-files: json - name: List all changed files @@ -51,6 +53,7 @@ jobs: directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" + echo "::set-output name=has_project_change::true" - name: Extract environment directory id: environment-directory @@ -59,12 +62,13 @@ jobs: directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" + echo "::set-output name=has_environment_change::true" - plan-project: + plan-environment: runs-on: ubuntu-latest - name: Terraform plan - Project changes + name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != '' && (needs.changed-files.outputs.environment-directory == '' || needs.changed-files.outputs.module-change != 'true') }} + if: ${{ needs.changed-files.outputs.has_environment_change == 'true' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -76,13 +80,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.project-directory }} + path: ${{ needs.changed-files.outputs.environment-directory }} - plan-environment: + plan-project: runs-on: ubuntu-latest - name: Terraform plan - Environment changes + name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory != '' && (needs.changed-files.outputs.project-directory == '' || needs.changed-files.outputs.module-change == 'true') }} + if: ${{ needs.changed-files.outputs.has_project_change == 'true' && needs.changed-files.outputs.has_environment_change != 'true' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -94,13 +98,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.environment-directory }} + path: ${{ needs.changed-files.outputs.project-directory }} skip-module: runs-on: ubuntu-latest name: Skip Terraform plan for module changes only needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-change == 'true' && needs.changed-files.outputs.project-directory == '' && needs.changed-files.outputs.environment-directory == '' }} + if: ${{ needs.changed-files.outputs.module_change == 'true' && needs.changed-files.outputs.has_project_change != 'true' && needs.changed-files.outputs.has_environment_change != 'true' }} steps: - name: Skip module changes run: echo "Skipping Terraform plan for module changes only." From f290aae17c4599ae2b88ea16c33dd3818a3c04dd Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:35:16 -0700 Subject: [PATCH 27/46] adding debug job for testing --- .github/workflows/terraform-plan.yml | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 2d5d807..5a2638c 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -64,11 +64,23 @@ jobs: echo "::set-output name=directory::$directory" echo "::set-output name=has_environment_change::true" + debug: + runs-on: ubuntu-latest + needs: [changed-files] + steps: + - name: Print outputs + run: | + echo "module-change: ${{ needs.changed-files.outputs.module-change }}" + echo "project-directory: ${{ needs.changed-files.outputs.project-directory }}" + echo "environment-directory: ${{ needs.changed-files.outputs.environment-directory }}" + echo "has-project-change: ${{ needs.changed-files.outputs.has-project-change }}" + echo "has-environment-change: ${{ needs.changed-files.outputs.has-environment-change }}" + plan-environment: runs-on: ubuntu-latest name: Terraform plan - Environment changes - needs: [changed-files] - if: ${{ needs.changed-files.outputs.has_environment_change == 'true' }} + needs: [changed-files, debug] + if: ${{ needs.changed-files.outputs.has-environment-change == 'true' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -85,8 +97,8 @@ jobs: plan-project: runs-on: ubuntu-latest name: Terraform plan - Project changes - needs: [changed-files] - if: ${{ needs.changed-files.outputs.has_project_change == 'true' && needs.changed-files.outputs.has_environment_change != 'true' }} + needs: [changed-files, debug] + if: ${{ needs.changed-files.outputs.has-project-change == 'true' && needs.changed-files.outputs.has-environment-change != 'true' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -103,8 +115,8 @@ jobs: skip-module: runs-on: ubuntu-latest name: Skip Terraform plan for module changes only - needs: [changed-files] - if: ${{ needs.changed-files.outputs.module_change == 'true' && needs.changed-files.outputs.has_project_change != 'true' && needs.changed-files.outputs.has_environment_change != 'true' }} + needs: [changed-files, debug] + if: ${{ needs.changed-files.outputs.module-change == 'true' && needs.changed-files.outputs.has-project-change != 'true' && needs.changed-files.outputs.has-environment-change != 'true' }} steps: - name: Skip module changes run: echo "Skipping Terraform plan for module changes only." From 1ac50dac8e7325cc75df824790e4aefd1be8faef Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:37:41 -0700 Subject: [PATCH 28/46] more debugging --- .github/workflows/terraform-plan.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 5a2638c..90bc592 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -44,7 +44,9 @@ jobs: - name: Set module change output id: module-change if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} - run: echo "::set-output name=module_change::true" + run: | + echo "::set-output name=module_change::true" + echo "Set module_change to true" - name: Extract project directory id: project-directory @@ -54,6 +56,7 @@ jobs: echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" echo "::set-output name=has_project_change::true" + echo "Set project directory to $directory and has_project_change to true" - name: Extract environment directory id: environment-directory @@ -63,6 +66,7 @@ jobs: echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" echo "::set-output name=has_environment_change::true" + echo "Set environment directory to $directory and has_environment_change to true" debug: runs-on: ubuntu-latest From 0d13438c36381838b4fdb52e407ed1c55a5f8472 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:40:55 -0700 Subject: [PATCH 29/46] changing how changes are set --- .github/workflows/terraform-plan.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 90bc592..c3ab054 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,11 +11,11 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-change: ${{ steps.module-change.outputs.module_change }} - project-directory: ${{ steps.project-directory.outputs.directory }} - environment-directory: ${{ steps.environment-directory.outputs.directory }} - has-project-change: ${{ steps.project-directory.outputs.has_project_change }} - has-environment-change: ${{ steps.environment-directory.outputs.has_environment_change }} + module-change: ${{ steps.set-module-change.outputs.module_change }} + project-directory: ${{ steps.set-project-directory.outputs.directory }} + environment-directory: ${{ steps.set-environment-directory.outputs.directory }} + has-project-change: ${{ steps.set-project-directory.outputs.has_project_change }} + has-environment-change: ${{ steps.set-environment-directory.outputs.has_environment_change }} steps: - name: Checkout uses: actions/checkout@v4 @@ -42,14 +42,14 @@ jobs: echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - name: Set module change output - id: module-change + id: set-module-change if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} run: | echo "::set-output name=module_change::true" echo "Set module_change to true" - - name: Extract project directory - id: project-directory + - name: Set project directory output + id: set-project-directory if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") @@ -58,8 +58,8 @@ jobs: echo "::set-output name=has_project_change::true" echo "Set project directory to $directory and has_project_change to true" - - name: Extract environment directory - id: environment-directory + - name: Set environment directory output + id: set-environment-directory if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") From efe0481b415b0f8aa994f5d03f6e00729abf4932 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:43:25 -0700 Subject: [PATCH 30/46] more debugging --- .github/workflows/terraform-plan.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index c3ab054..ce7a481 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -48,6 +48,10 @@ jobs: echo "::set-output name=module_change::true" echo "Set module_change to true" + - name: Debug module change + if: ${{ steps.set-module-change.outputs.module_change == 'true' }} + run: echo "module_change is set to true" + - name: Set project directory output id: set-project-directory if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} @@ -58,6 +62,10 @@ jobs: echo "::set-output name=has_project_change::true" echo "Set project directory to $directory and has_project_change to true" + - name: Debug project directory + if: ${{ steps.set-project-directory.outputs.has_project_change == 'true' }} + run: echo "has_project_change is set to true with directory ${{ steps.set-project-directory.outputs.directory }}" + - name: Set environment directory output id: set-environment-directory if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} @@ -68,6 +76,10 @@ jobs: echo "::set-output name=has_environment_change::true" echo "Set environment directory to $directory and has_environment_change to true" + - name: Debug environment directory + if: ${{ steps.set-environment-directory.outputs.has_environment_change == 'true' }} + run: echo "has_environment_change is set to true with directory ${{ steps.set-environment-directory.outputs.directory }}" + debug: runs-on: ubuntu-latest needs: [changed-files] From 26aca8bccbb81700f38891d083ff887e56159fbb Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:47:13 -0700 Subject: [PATCH 31/46] reverting back to last working init --- .github/workflows/terraform-plan.yml | 106 +++++++++++---------------- 1 file changed, 41 insertions(+), 65 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index ce7a481..85a531f 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,11 +11,9 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-change: ${{ steps.set-module-change.outputs.module_change }} - project-directory: ${{ steps.set-project-directory.outputs.directory }} - environment-directory: ${{ steps.set-environment-directory.outputs.directory }} - has-project-change: ${{ steps.set-project-directory.outputs.has_project_change }} - has-environment-change: ${{ steps.set-environment-directory.outputs.has_environment_change }} + module-directory: ${{ steps.module-directory.outputs.directory }} + project-directory: ${{ steps.project-directory.outputs.directory }} + environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: - name: Checkout uses: actions/checkout@v4 @@ -30,9 +28,9 @@ jobs: module-change: - 'terraform-modules/**' project-change: - - 'terraform-incubator/**/project/*.tf' + - 'terraform-incubator/*/project/*.tf' environment-change: - - 'terraform-incubator/**/!(project)/*.tf' + - 'terraform-incubator/*/!(project)/*.tf' list-files: json - name: List all changed files @@ -40,63 +38,32 @@ jobs: echo 'module-change: ${{ steps.changed-files.outputs.module-change_files }}' echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - - - name: Set module change output - id: set-module-change - if: ${{ fromJson(steps.changed-files.outputs.module-change_files).length > 0 }} + - name: Extract module directory + id: module-directory + if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} run: | - echo "::set-output name=module_change::true" - echo "Set module_change to true" - - - name: Debug module change - if: ${{ steps.set-module-change.outputs.module_change == 'true' }} - run: echo "module_change is set to true" - - - name: Set project directory output - id: set-project-directory - if: ${{ fromJson(steps.changed-files.outputs.project-change_files).length > 0 }} + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") + echo "Extracted Directory: $directory" + echo "::set-output name=directory::$directory" + - name: Extract project directory + id: project-directory + if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - echo "::set-output name=has_project_change::true" - echo "Set project directory to $directory and has_project_change to true" - - - name: Debug project directory - if: ${{ steps.set-project-directory.outputs.has_project_change == 'true' }} - run: echo "has_project_change is set to true with directory ${{ steps.set-project-directory.outputs.directory }}" - - - name: Set environment directory output - id: set-environment-directory - if: ${{ fromJson(steps.changed-files.outputs.environment-change_files).length > 0 }} + - name: Extract environment directory + id: environment-directory + if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} run: | directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - echo "::set-output name=has_environment_change::true" - echo "Set environment directory to $directory and has_environment_change to true" - - - name: Debug environment directory - if: ${{ steps.set-environment-directory.outputs.has_environment_change == 'true' }} - run: echo "has_environment_change is set to true with directory ${{ steps.set-environment-directory.outputs.directory }}" - - debug: + plan-project: runs-on: ubuntu-latest + name: Terraform plan - Project changes needs: [changed-files] - steps: - - name: Print outputs - run: | - echo "module-change: ${{ needs.changed-files.outputs.module-change }}" - echo "project-directory: ${{ needs.changed-files.outputs.project-directory }}" - echo "environment-directory: ${{ needs.changed-files.outputs.environment-directory }}" - echo "has-project-change: ${{ needs.changed-files.outputs.has-project-change }}" - echo "has-environment-change: ${{ needs.changed-files.outputs.has-environment-change }}" - - plan-environment: - runs-on: ubuntu-latest - name: Terraform plan - Environment changes - needs: [changed-files, debug] - if: ${{ needs.changed-files.outputs.has-environment-change == 'true' }} + if: ${{ needs.changed-files.outputs.project-directory != '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -108,13 +75,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.environment-directory }} + path: ${{ needs.changed-files.outputs.project-directory }} - plan-project: + plan-module: runs-on: ubuntu-latest - name: Terraform plan - Project changes - needs: [changed-files, debug] - if: ${{ needs.changed-files.outputs.has-project-change == 'true' && needs.changed-files.outputs.has-environment-change != 'true' }} + name: Terraform plan - Module changes + needs: [changed-files] + if: ${{ needs.changed-files.outputs.module-directory != '' && needs.changed-files.outputs.project-directory == '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -126,13 +93,22 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.project-directory }} + path: ${{ needs.changed-files.outputs.module-directory }} - skip-module: + plan-environment: runs-on: ubuntu-latest - name: Skip Terraform plan for module changes only - needs: [changed-files, debug] - if: ${{ needs.changed-files.outputs.module-change == 'true' && needs.changed-files.outputs.has-project-change != 'true' && needs.changed-files.outputs.has-environment-change != 'true' }} + name: Terraform plan - Environment changes + needs: [changed-files] + if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-directory == '' && needs.changed-files.outputs.project-directory == '' }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - - name: Skip module changes - run: echo "Skipping Terraform plan for module changes only." + - name: Checkout + uses: actions/checkout@v3 + + - name: terraform plan + uses: dflook/terraform-plan@v1 + with: + path: ${{ needs.changed-files.outputs.environment-directory }} \ No newline at end of file From 903c67dc8d775b388f0b4b2876f5cc462bb7616a Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 11:58:18 -0700 Subject: [PATCH 32/46] moving env plan job and removing module plan job --- .github/workflows/terraform-plan.yml | 35 +++++++--------------------- 1 file changed, 9 insertions(+), 26 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 85a531f..2cde88e 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -59,29 +59,12 @@ jobs: directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" - plan-project: - runs-on: ubuntu-latest - name: Terraform plan - Project changes - needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != '' }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: terraform plan - uses: dflook/terraform-plan@v1 - with: - path: ${{ needs.changed-files.outputs.project-directory }} - plan-module: + plan-environment: runs-on: ubuntu-latest - name: Terraform plan - Module changes + name: Terraform plan - Environment changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-directory != '' && needs.changed-files.outputs.project-directory == '' }} + if: ${{ needs.changed-files.outputs.environment-directory != '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -93,13 +76,13 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.module-directory }} - - plan-environment: + path: ${{ needs.changed-files.outputs.environment-directory }} + + plan-project: runs-on: ubuntu-latest - name: Terraform plan - Environment changes + name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory != '' && needs.changed-files.outputs.module-directory == '' && needs.changed-files.outputs.project-directory == '' }} + if: ${{ needs.changed-files.outputs.project-directory != '' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} @@ -111,4 +94,4 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.environment-directory }} \ No newline at end of file + path: ${{ needs.changed-files.outputs.project-directory }} From 08390ac1f5e4be726aef3c65d7a5c9617985b454 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 12:21:26 -0700 Subject: [PATCH 33/46] commenting out for testing --- terraform-incubator/people-depot/dev/main.tf | 32 ++++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/terraform-incubator/people-depot/dev/main.tf b/terraform-incubator/people-depot/dev/main.tf index a091cd3..a4d9762 100644 --- a/terraform-incubator/people-depot/dev/main.tf +++ b/terraform-incubator/people-depot/dev/main.tf @@ -12,22 +12,22 @@ provider "aws" { region = "us-west-2" } -variable "root_db_password" { - type = string - description = "root database password" -} - -variable "app_db_password" { - type = string -} - -module "dev" { - source = "../project" - - root_db_password = var.root_db_password - app_db_password = var.app_db_password - container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" -} +# variable "root_db_password" { +# type = string +# description = "root database password" +# } + +# variable "app_db_password" { +# type = string +# } + +# module "dev" { +# source = "../project" + +# root_db_password = var.root_db_password +# app_db_password = var.app_db_password +# container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" +# } module "cognito" { source = "../../../terraform-modules/cognito" From e3c14e8ea1e77d0c81d400efaa124a0d1421214c Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 12:27:24 -0700 Subject: [PATCH 34/46] uncommenting to test and adding arbitrary default values --- terraform-incubator/people-depot/dev/main.tf | 34 +++++++++++--------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/terraform-incubator/people-depot/dev/main.tf b/terraform-incubator/people-depot/dev/main.tf index a4d9762..c1c1250 100644 --- a/terraform-incubator/people-depot/dev/main.tf +++ b/terraform-incubator/people-depot/dev/main.tf @@ -12,22 +12,24 @@ provider "aws" { region = "us-west-2" } -# variable "root_db_password" { -# type = string -# description = "root database password" -# } - -# variable "app_db_password" { -# type = string -# } - -# module "dev" { -# source = "../project" - -# root_db_password = var.root_db_password -# app_db_password = var.app_db_password -# container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" -# } +variable "root_db_password" { + type = string + description = "root database password" + default = "password" +} + +variable "app_db_password" { + type = string + default = "password" +} + +module "dev" { + source = "../project" + + root_db_password = var.root_db_password + app_db_password = var.app_db_password + container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" +} module "cognito" { source = "../../../terraform-modules/cognito" From 691b6f0cead25c3748b05c392e7adb3df24b9d34 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 13:46:30 -0700 Subject: [PATCH 35/46] reverting back to original to test --- .github/workflows/terraform-plan.yml | 76 +++++++++++++--------------- 1 file changed, 34 insertions(+), 42 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 2cde88e..d6f0b96 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,15 +11,14 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-directory: ${{ steps.module-directory.outputs.directory }} - project-directory: ${{ steps.project-directory.outputs.directory }} - environment-directory: ${{ steps.environment-directory.outputs.directory }} + module-change: ${{ steps.changed-files.outputs.module-change }} + project-change: ${{ steps.changed-files.outputs.project-change }} + environment-change: ${{ steps.changed-files.outputs.environment-change }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Get changed files id: changed-files uses: dorny/paths-filter@v2 @@ -32,43 +31,20 @@ jobs: environment-change: - 'terraform-incubator/*/!(project)/*.tf' list-files: json - - name: List all changed files - run: | - echo 'module-change: ${{ steps.changed-files.outputs.module-change_files }}' - echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' - echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - - name: Extract module directory - id: module-directory - if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} - run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" - - name: Extract project directory - id: project-directory - if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} - run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" - - name: Extract environment directory - id: environment-directory - if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} - run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" - - plan-environment: + run: echo '${{ steps.changed-files.outputs.module-change_files }}'; echo '${{ steps.changed-files.outputs.project-change_files }}'; echo '${{ steps.changed-files.outputs.environment-change_files }}' + plan-all: runs-on: ubuntu-latest - name: Terraform plan - Environment changes + name: Terraform plan - all directories needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-directory != '' }} + if: ${{ needs.changed-files.outputs.module-change == 'true' }} + strategy: + matrix: + directory: ${{ needs.changed-files.outputs.environment-change }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} + AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} steps: - name: Checkout uses: actions/checkout@v3 @@ -76,17 +52,33 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.environment-directory }} - + path: ${{ matrix.directory }} plan-project: runs-on: ubuntu-latest name: Terraform plan - Project changes needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-directory != '' }} + if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false'}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} + AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: terraform plan + uses: dflook/terraform-plan@v1 + with: + path: terraform-incubator/people-depot/dev + plan-environment: + runs-on: ubuntu-latest + name: Terraform plan - Env changes + needs: [changed-files] + if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} + AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} steps: - name: Checkout uses: actions/checkout@v3 @@ -94,4 +86,4 @@ jobs: - name: terraform plan uses: dflook/terraform-plan@v1 with: - path: ${{ needs.changed-files.outputs.project-directory }} + path: terraform-incubator/people-depot/dev \ No newline at end of file From cd230ff3a6b197ae95b80ec60a2b2667e0128ee2 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 13:55:26 -0700 Subject: [PATCH 36/46] refactoring workflow for testing --- .github/workflows/terraform-plan.yml | 89 ++++++++++++++-------------- 1 file changed, 44 insertions(+), 45 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index d6f0b96..8db7cd5 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,14 +11,15 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-change: ${{ steps.changed-files.outputs.module-change }} - project-change: ${{ steps.changed-files.outputs.project-change }} - environment-change: ${{ steps.changed-files.outputs.environment-change }} + module-directory: ${{ steps.module-directory.outputs.directory }} + project-directory: ${{ steps.project-directory.outputs.directory }} + environment-directory: ${{ steps.environment-directory.outputs.directory }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 + - name: Get changed files id: changed-files uses: dorny/paths-filter@v2 @@ -31,59 +32,57 @@ jobs: environment-change: - 'terraform-incubator/*/!(project)/*.tf' list-files: json + - name: List all changed files - run: echo '${{ steps.changed-files.outputs.module-change_files }}'; echo '${{ steps.changed-files.outputs.project-change_files }}'; echo '${{ steps.changed-files.outputs.environment-change_files }}' - plan-all: - runs-on: ubuntu-latest - name: Terraform plan - all directories - needs: [changed-files] - if: ${{ needs.changed-files.outputs.module-change == 'true' }} - strategy: - matrix: - directory: ${{ needs.changed-files.outputs.environment-change }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} - steps: - - name: Checkout - uses: actions/checkout@v3 + run: | + echo 'module-change: ${{ steps.changed-files.outputs.module-change_files }}' + echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' + echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - - name: terraform plan - uses: dflook/terraform-plan@v1 - with: - path: ${{ matrix.directory }} - plan-project: + - name: Extract module directory + id: module-directory + if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} + run: | + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") + echo "Extracted Directory: $directory" + echo "::set-output name=directory::$directory" + + - name: Extract project directory + id: project-directory + if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} + run: | + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") + echo "Extracted Directory: $directory" + echo "::set-output name=directory::$directory" + + - name: Extract environment directory + id: environment-directory + if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} + run: | + directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") + echo "Extracted Directory: $directory" + echo "::set-output name=directory::$directory" + + plan: runs-on: ubuntu-latest - name: Terraform plan - Project changes + name: Terraform Plan needs: [changed-files] - if: ${{ needs.changed-files.outputs.project-change == 'true' && needs.changed-files.outputs.module-change == 'false'}} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} + AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v3 - - name: terraform plan + - name: Terraform plan - Environment + if: ${{ needs.changed-files.outputs.environment-directory != '' }} uses: dflook/terraform-plan@v1 with: - path: terraform-incubator/people-depot/dev - plan-environment: - runs-on: ubuntu-latest - name: Terraform plan - Env changes - needs: [changed-files] - if: ${{ needs.changed-files.outputs.environment-change == 'true' && needs.changed-files.outputs.module-change == 'false' && needs.changed-files.outputs.project-change == 'false' }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: terraform plan + path: ${{ needs.changed-files.outputs.environment-directory }} + + - name: Terraform plan - Project + if: ${{ needs.changed-files.outputs.project-directory != '' }} uses: dflook/terraform-plan@v1 with: - path: terraform-incubator/people-depot/dev \ No newline at end of file + path: ${{ needs.changed-files.outputs.project-directory }} From 472f8947650ba7c426261b6e6ca54f681f82694e Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:18:05 -0700 Subject: [PATCH 37/46] changing project file to see what happens --- terraform-incubator/people-depot/project/main.tf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/terraform-incubator/people-depot/project/main.tf b/terraform-incubator/people-depot/project/main.tf index cc3c0c9..6ba8f60 100644 --- a/terraform-incubator/people-depot/project/main.tf +++ b/terraform-incubator/people-depot/project/main.tf @@ -67,12 +67,15 @@ module "people_depot" { variable "root_db_password" { type = string description = "root database password" + default = "password" } variable "app_db_password" { type = string + default = "password" } variable "container_image" { type = string + default = "nginx:latest" } From 0a2f7cd37e79a58a793ad1a86e8826beff698bf1 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:30:50 -0700 Subject: [PATCH 38/46] adding failure for multiple plans --- .github/workflows/terraform-plan.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index 8db7cd5..d03e3da 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -14,6 +14,8 @@ jobs: module-directory: ${{ steps.module-directory.outputs.directory }} project-directory: ${{ steps.project-directory.outputs.directory }} environment-directory: ${{ steps.environment-directory.outputs.directory }} + has-environment-changes: ${{ steps.check-changes.outputs.has-environment-changes }} + has-project-changes: ${{ steps.check-changes.outputs.has-project-changes }} steps: - name: Checkout uses: actions/checkout@v4 @@ -63,6 +65,12 @@ jobs: echo "Extracted Directory: $directory" echo "::set-output name=directory::$directory" + - name: Check for conflicting changes + id: check-changes + run: | + echo "::set-output name=has-environment-changes::${{ steps.changed-files.outputs.environment-change_files != '[]' }}" + echo "::set-output name=has-project-changes::${{ steps.changed-files.outputs.project-change_files != '[]' }}" + plan: runs-on: ubuntu-latest name: Terraform Plan @@ -75,14 +83,20 @@ jobs: - name: Checkout uses: actions/checkout@v3 + - name: Fail on multiple plans + if: ${{ needs.changed-files.outputs.has-environment-changes == 'true' && needs.changed-files.outputs.has-project-changes == 'true' }} + run: | + echo "Multiple plans detected: Please make changes to environments and projects in separate pull requests." + exit 1 + - name: Terraform plan - Environment - if: ${{ needs.changed-files.outputs.environment-directory != '' }} + if: ${{ needs.changed-files.outputs.environment-directory != '' && (needs.changed-files.outputs.project-directory == '' || needs.changed-files.outputs.has-environment-changes == 'true') }} uses: dflook/terraform-plan@v1 with: path: ${{ needs.changed-files.outputs.environment-directory }} - name: Terraform plan - Project - if: ${{ needs.changed-files.outputs.project-directory != '' }} + if: ${{ needs.changed-files.outputs.project-directory != '' && needs.changed-files.outputs.has-environment-changes != 'true' }} uses: dflook/terraform-plan@v1 with: path: ${{ needs.changed-files.outputs.project-directory }} From 9613e7a456ca28a85f803fe6ccd467cf6cecd1d5 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:39:38 -0700 Subject: [PATCH 39/46] removing change to project --- terraform-incubator/people-depot/project/main.tf | 3 --- 1 file changed, 3 deletions(-) diff --git a/terraform-incubator/people-depot/project/main.tf b/terraform-incubator/people-depot/project/main.tf index 6ba8f60..cc3c0c9 100644 --- a/terraform-incubator/people-depot/project/main.tf +++ b/terraform-incubator/people-depot/project/main.tf @@ -67,15 +67,12 @@ module "people_depot" { variable "root_db_password" { type = string description = "root database password" - default = "password" } variable "app_db_password" { type = string - default = "password" } variable "container_image" { type = string - default = "nginx:latest" } From dfef3a0e59ee7183cdd8750975b8b350665d7979 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:46:51 -0700 Subject: [PATCH 40/46] testing change on non tf file --- terraform-incubator/people-depot/project/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform-incubator/people-depot/project/README.md b/terraform-incubator/people-depot/project/README.md index 9330938..263adcf 100644 --- a/terraform-incubator/people-depot/project/README.md +++ b/terraform-incubator/people-depot/project/README.md @@ -1,7 +1,7 @@ -# Groups +# Project -This module declares all of the resources necessary to create AWS IAM groups. +This module declares all of the resources necessary to create Resources for People Depot. ## Modules From b66a2039c621b0531a04b3a4aaf6269ce1bd2fbf Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:48:30 -0700 Subject: [PATCH 41/46] removing environment change --- terraform-incubator/people-depot/dev/main.tf | 8 -------- 1 file changed, 8 deletions(-) diff --git a/terraform-incubator/people-depot/dev/main.tf b/terraform-incubator/people-depot/dev/main.tf index c1c1250..7b17475 100644 --- a/terraform-incubator/people-depot/dev/main.tf +++ b/terraform-incubator/people-depot/dev/main.tf @@ -31,14 +31,6 @@ module "dev" { container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" } -module "cognito" { - source = "../../../terraform-modules/cognito" - - region = "us-west-2" - user_pool_name = "people-depot-user-pool" - client_name = "people-depot-client" -} - moved { from = module.ecr.aws_ecr_repository.this to = module.dev.module.people_depot.module.ecr.aws_ecr_repository.this From f6afbceff62861ddd19db8fd894053ac2d01b796 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:51:22 -0700 Subject: [PATCH 42/46] removing changes to dev --- terraform-incubator/people-depot/dev/main.tf | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/terraform-incubator/people-depot/dev/main.tf b/terraform-incubator/people-depot/dev/main.tf index 7b17475..a091cd3 100644 --- a/terraform-incubator/people-depot/dev/main.tf +++ b/terraform-incubator/people-depot/dev/main.tf @@ -15,12 +15,10 @@ provider "aws" { variable "root_db_password" { type = string description = "root database password" - default = "password" } variable "app_db_password" { - type = string - default = "password" + type = string } module "dev" { @@ -31,6 +29,14 @@ module "dev" { container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" } +module "cognito" { + source = "../../../terraform-modules/cognito" + + region = "us-west-2" + user_pool_name = "people-depot-user-pool" + client_name = "people-depot-client" +} + moved { from = module.ecr.aws_ecr_repository.this to = module.dev.module.people_depot.module.ecr.aws_ecr_repository.this From da69e9168be801314bbb74f6fc5fc9d1f08fd282 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:51:57 -0700 Subject: [PATCH 43/46] removing changes to dev --- terraform-incubator/people-depot/dev/main.tf | 8 -------- 1 file changed, 8 deletions(-) diff --git a/terraform-incubator/people-depot/dev/main.tf b/terraform-incubator/people-depot/dev/main.tf index a091cd3..65f8812 100644 --- a/terraform-incubator/people-depot/dev/main.tf +++ b/terraform-incubator/people-depot/dev/main.tf @@ -29,14 +29,6 @@ module "dev" { container_image = "035866691871.dkr.ecr.us-west-2.amazonaws.com/people-depot-backend-dev:latest" } -module "cognito" { - source = "../../../terraform-modules/cognito" - - region = "us-west-2" - user_pool_name = "people-depot-user-pool" - client_name = "people-depot-client" -} - moved { from = module.ecr.aws_ecr_repository.this to = module.dev.module.people_depot.module.ecr.aws_ecr_repository.this From 37d89a518cffa31937778940fa5edc1c0b7897a0 Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:54:12 -0700 Subject: [PATCH 44/46] reverting readme changes --- terraform-incubator/people-depot/project/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform-incubator/people-depot/project/README.md b/terraform-incubator/people-depot/project/README.md index 263adcf..9330938 100644 --- a/terraform-incubator/people-depot/project/README.md +++ b/terraform-incubator/people-depot/project/README.md @@ -1,7 +1,7 @@ -# Project +# Groups -This module declares all of the resources necessary to create Resources for People Depot. +This module declares all of the resources necessary to create AWS IAM groups. ## Modules From 1d666f0fbdc9ec286c5abb510895bbbe7eacdfbb Mon Sep 17 00:00:00 2001 From: Chelsey Beck Date: Sat, 18 May 2024 14:59:29 -0700 Subject: [PATCH 45/46] adding validation check on module changes --- .github/workflows/terraform-plan.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index d03e3da..d1136eb 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -89,6 +89,20 @@ jobs: echo "Multiple plans detected: Please make changes to environments and projects in separate pull requests." exit 1 + - name: Terraform validate - Modules + if: ${{ needs.changed-files.outputs.module-directory != '' && needs.changed-files.outputs.environment-directory == '' && needs.changed-files.outputs.project-directory == '' }} + run: | + echo "Validating module changes..." + mkdir -p ./temp-validate + cat > ./temp-validate/main.tf < Date: Sat, 18 May 2024 16:10:15 -0700 Subject: [PATCH 46/46] reverting changes to plan --- .github/workflows/terraform-plan.yml | 117 +++++++++++---------------- 1 file changed, 45 insertions(+), 72 deletions(-) diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml index d1136eb..d6f0b96 100644 --- a/.github/workflows/terraform-plan.yml +++ b/.github/workflows/terraform-plan.yml @@ -11,17 +11,14 @@ jobs: name: Get changed terraform directories runs-on: ubuntu-latest outputs: - module-directory: ${{ steps.module-directory.outputs.directory }} - project-directory: ${{ steps.project-directory.outputs.directory }} - environment-directory: ${{ steps.environment-directory.outputs.directory }} - has-environment-changes: ${{ steps.check-changes.outputs.has-environment-changes }} - has-project-changes: ${{ steps.check-changes.outputs.has-project-changes }} + module-change: ${{ steps.changed-files.outputs.module-change }} + project-change: ${{ steps.changed-files.outputs.project-change }} + environment-change: ${{ steps.changed-files.outputs.environment-change }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Get changed files id: changed-files uses: dorny/paths-filter@v2 @@ -34,83 +31,59 @@ jobs: environment-change: - 'terraform-incubator/*/!(project)/*.tf' list-files: json - - name: List all changed files - run: | - echo 'module-change: ${{ steps.changed-files.outputs.module-change_files }}' - echo 'project-change: ${{ steps.changed-files.outputs.project-change_files }}' - echo 'environment-change: ${{ steps.changed-files.outputs.environment-change_files }}' - - - name: Extract module directory - id: module-directory - if: ${{ steps.changed-files.outputs['module-change'] == 'true' }} - run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.module-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" - - - name: Extract project directory - id: project-directory - if: ${{ steps.changed-files.outputs['project-change'] == 'true' }} - run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.project-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" - - - name: Extract environment directory - id: environment-directory - if: ${{ steps.changed-files.outputs['environment-change'] == 'true' }} - run: | - directory=$(dirname "${{ fromJson(steps.changed-files.outputs.environment-change_files)[0] }}") - echo "Extracted Directory: $directory" - echo "::set-output name=directory::$directory" - - - name: Check for conflicting changes - id: check-changes - run: | - echo "::set-output name=has-environment-changes::${{ steps.changed-files.outputs.environment-change_files != '[]' }}" - echo "::set-output name=has-project-changes::${{ steps.changed-files.outputs.project-change_files != '[]' }}" - - plan: + run: echo '${{ steps.changed-files.outputs.module-change_files }}'; echo '${{ steps.changed-files.outputs.project-change_files }}'; echo '${{ steps.changed-files.outputs.environment-change_files }}' + plan-all: runs-on: ubuntu-latest - name: Terraform Plan + name: Terraform plan - all directories needs: [changed-files] + if: ${{ needs.changed-files.outputs.module-change == 'true' }} + strategy: + matrix: + directory: ${{ needs.changed-files.outputs.environment-change }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.INCUBATOR_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{secrets.INCUBATOR_AWS_ACCESS_KEY_ID}} + AWS_SECRET_ACCESS_KEY: ${{secrets.INCUBATOR_AWS_SECRET_ACCESS_KEY}} steps: - name: Checkout uses: actions/checkout@v3 - - name: Fail on multiple plans - if: ${{ needs.changed-files.outputs.has-environment-changes == 'true' && needs.changed-files.outputs.has-project-changes == 'true' }} - run: | - echo "Multiple plans detected: Please make changes to environments and projects in separate pull requests." - exit 1 - - - name: Terraform validate - Modules - if: ${{ needs.changed-files.outputs.module-directory != '' && needs.changed-files.outputs.environment-directory == '' && needs.changed-files.outputs.project-directory == '' }} - run: | - echo "Validating module changes..." - mkdir -p ./temp-validate - cat > ./temp-validate/main.tf <