From f23d6f581ab09f6f26facd64ceac03e93a5f9557 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 16:39:31 +1200 Subject: [PATCH 01/34] Testing branch protection --- README.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/README.md b/README.md index 989d7ec4..1904aa07 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,24 @@ # Wildsea Wildsea companion app + +## Repository Setup + +To set up a github repository: + +* Log into Codacy, and connect the repo +* Create a branch restriction rule called "main": + * Enforcement: Active + * Target Branches: Include default branch + * Tick Restrict creations + * Tick Restrict updates + * Tick Restrict deletions + * Tick Require linear history + * Tick Require a pull request before merging + * Require 0 Approvals + * Require review from code owners + * Tick Require status checks to pass + * Tick require branches to be up to date before merging + * Add "Codacy Static Code Analysis" to status checks that are required + * Block force pushes + * TODO: Require code scanning results From 5db686978a4efdcf5446ba578e4c5b264b0d3de8 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 17:02:29 +1200 Subject: [PATCH 02/34] First workflow --- .github/workflows/terraform.yaml | 22 ++++++++++++++++++++++ README.md | 2 +- terraform/environment/github/main.tf | 1 + 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/terraform.yaml create mode 100644 terraform/environment/github/main.tf diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml new file mode 100644 index 00000000..811a8515 --- /dev/null +++ b/.github/workflows/terraform.yaml @@ -0,0 +1,22 @@ +name: Terraform Validation + +on: + pull_request: + paths: + - terraform/environment/github/** + push: + branches: + - main + +jobs: + terraform: + name: Validate Terraform + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: action/checkout@v4 + - name: Validate Terraform + uses: dflook/terraform-validate@v1 + with: + path: terraform/environment/github + \ No newline at end of file diff --git a/README.md b/README.md index 1904aa07..293b4a36 100644 --- a/README.md +++ b/README.md @@ -7,11 +7,11 @@ Wildsea companion app To set up a github repository: * Log into Codacy, and connect the repo + * Configure the rule to maximum * Create a branch restriction rule called "main": * Enforcement: Active * Target Branches: Include default branch * Tick Restrict creations - * Tick Restrict updates * Tick Restrict deletions * Tick Require linear history * Tick Require a pull request before merging diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf new file mode 100644 index 00000000..15731b42 --- /dev/null +++ b/terraform/environment/github/main.tf @@ -0,0 +1 @@ +resource "null_resource" "test" {} From c41966806d204fd98dc0fa00c5a9943ab9b358c5 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 17:07:10 +1200 Subject: [PATCH 03/34] First workflow - fixes --- .github/workflows/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 811a8515..0751293f 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: action/checkout@v4 + uses: actions/checkout@v4 - name: Validate Terraform uses: dflook/terraform-validate@v1 with: From 76219fb7e442cc33707446f4c75b9a5a29f63094 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 17:10:00 +1200 Subject: [PATCH 04/34] Pin versions --- .github/workflows/terraform.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 0751293f..e9473c51 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -14,9 +14,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Validate Terraform - uses: dflook/terraform-validate@v1 + uses: dflook/terraform-validate@9cfdf207ffbd0ec5d171403a24feb222591ffdc7 with: path: terraform/environment/github \ No newline at end of file From 76cb3c0d7df1490204a8ae9f4fbf1a8d1d7f7267 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 17:58:31 +1200 Subject: [PATCH 05/34] Environment --- .github/workflows/terraform.yaml | 3 +++ README.md | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index a2a48ace..3cce46fe 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -12,6 +12,7 @@ jobs: terraform: name: Validate Terraform runs-on: ubuntu-latest + environment: main steps: - name: Checkout code uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 @@ -19,4 +20,6 @@ jobs: uses: dflook/terraform-validate@9cfdf207ffbd0ec5d171403a24feb222591ffdc7 with: path: terraform/environment/github + - run: echo $TEST_VAR + - run: echo $TEST_SECRET \ No newline at end of file diff --git a/README.md b/README.md index 293b4a36..3b9ca7b2 100644 --- a/README.md +++ b/README.md @@ -22,3 +22,8 @@ To set up a github repository: * Add "Codacy Static Code Analysis" to status checks that are required * Block force pushes * TODO: Require code scanning results +* Install into the repo +* Create an AWS Account for deployment + * Set up OIDC as per +* Add an environment "main" + * TODO From 63247606e27288cf95208ea3a75c4e57959c329b Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 18:03:50 +1200 Subject: [PATCH 06/34] Create test workflaow --- .github/workflows/environment-test.yaml | 19 +++++++++++++++++++ .github/workflows/terraform.yaml | 3 --- 2 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/environment-test.yaml diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml new file mode 100644 index 00000000..35d4343f --- /dev/null +++ b/.github/workflows/environment-test.yaml @@ -0,0 +1,19 @@ +name: Environment Test + +on: + pull_request: {} + push: + branches: + - main + +jobs: + envtesr: + name: Environment Test + runs-on: ubuntu-latest + environment: main + steps: + - name: Checkout code + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 + - run: echo $TEST_VAR + - run: echo $TEST_SECRET + \ No newline at end of file diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 3cce46fe..a2a48ace 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -12,7 +12,6 @@ jobs: terraform: name: Validate Terraform runs-on: ubuntu-latest - environment: main steps: - name: Checkout code uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 @@ -20,6 +19,4 @@ jobs: uses: dflook/terraform-validate@9cfdf207ffbd0ec5d171403a24feb222591ffdc7 with: path: terraform/environment/github - - run: echo $TEST_VAR - - run: echo $TEST_SECRET \ No newline at end of file From 9ba670ce385cb651deefb84d7453d1425eac5554 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 18:05:25 +1200 Subject: [PATCH 07/34] more test workflaow --- .github/workflows/environment-test.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 35d4343f..6f418d8b 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -14,6 +14,6 @@ jobs: steps: - name: Checkout code uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 - - run: echo $TEST_VAR - - run: echo $TEST_SECRET + - run: echo $TEST_VAR end + - run: echo $TEST_SECRET end \ No newline at end of file From 2964ae8ef65282b07e8c550bb137632af9a17c94 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 18:08:59 +1200 Subject: [PATCH 08/34] more test workflaow --- .github/workflows/environment-test.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 6f418d8b..2fcad70d 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -14,6 +14,6 @@ jobs: steps: - name: Checkout code uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 - - run: echo $TEST_VAR end - - run: echo $TEST_SECRET end + - run: echo ${{ vars.TEST_VAR }} is VarValue end + - run: echo ${{ secrets.TEST_SECRET }} is SecretValue end \ No newline at end of file From 0fee3b4746078f1ba0e21e15ed2c48a0eac1a739 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 18:29:01 +1200 Subject: [PATCH 09/34] more test workflaow --- .github/workflows/environment-test.yaml | 14 +++++++++++--- README.md | 5 ++++- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 2fcad70d..b58797f8 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -6,6 +6,10 @@ on: branches: - main +permissions: + id-token: write + contents: read + jobs: envtesr: name: Environment Test @@ -14,6 +18,10 @@ jobs: steps: - name: Checkout code uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 - - run: echo ${{ vars.TEST_VAR }} is VarValue end - - run: echo ${{ secrets.TEST_SECRET }} is SecretValue end - \ No newline at end of file + - name: Configure AWS Access + uses: aws-actions/configure-aws-credentials@v1.7.0 + with: + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GitHubAction-Wildsea + role-session-name: GitHubTest + - name: GetCallerIdentity + run: aws sts get-caller-identity diff --git a/README.md b/README.md index 3b9ca7b2..e4be5b28 100644 --- a/README.md +++ b/README.md @@ -25,5 +25,8 @@ To set up a github repository: * Install into the repo * Create an AWS Account for deployment * Set up OIDC as per + * Restrict it to the repo and branch main + * Add AdministratorAccess, for now, and call it GitHubAccess-Wildsea@main + * Add another role with ReadyOnlyAccess, don't restrict the branch, and call it GitHubAccess-Wildsea * Add an environment "main" - * TODO + * Add an Environment Secret "AWS_ACCOUNT" with the ID of the AWS Account From 4342c98e9d69c4778f80de896d4324859b44ac60 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 18:30:41 +1200 Subject: [PATCH 10/34] more test workflaow --- .github/workflows/environment-test.yaml | 1 + README.md | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index b58797f8..d95160d8 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -23,5 +23,6 @@ jobs: with: role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GitHubAction-Wildsea role-session-name: GitHubTest + aws-region: ${{ secrets.AWS_REGION }} - name: GetCallerIdentity run: aws sts get-caller-identity diff --git a/README.md b/README.md index e4be5b28..b88ee501 100644 --- a/README.md +++ b/README.md @@ -30,3 +30,4 @@ To set up a github repository: * Add another role with ReadyOnlyAccess, don't restrict the branch, and call it GitHubAccess-Wildsea * Add an environment "main" * Add an Environment Secret "AWS_ACCOUNT" with the ID of the AWS Account + * Add an Environment Secret "AWS_REGION" with the AWS Region you want to use From 4d1c07ee1327eebcb4dbb69e0cdfb789fe37739b Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 18:55:00 +1200 Subject: [PATCH 11/34] more test workflaow --- .github/workflows/environment-test.yaml | 11 ++++++++--- README.md | 4 ++++ terraform/environment/github/main.tf | 6 ++++++ 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index d95160d8..403c72b9 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -15,14 +15,19 @@ jobs: name: Environment Test runs-on: ubuntu-latest environment: main + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - name: Checkout code uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 - name: Configure AWS Access - uses: aws-actions/configure-aws-credentials@v1.7.0 + uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 with: role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GitHubAction-Wildsea role-session-name: GitHubTest aws-region: ${{ secrets.AWS_REGION }} - - name: GetCallerIdentity - run: aws sts get-caller-identity + - name: terraform plan + uses: dflook/terraform-plan@v1 + with: + path: terraform/environment/github + diff --git a/README.md b/README.md index b88ee501..35cee4d0 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,10 @@ To set up a github repository: * Block force pushes * TODO: Require code scanning results * Install into the repo +* Under settings, "Set up code scanning" + * Enable everything exeept Dependabot version updates + * Set up CodeQL to default + * Set the Protection rules to Any/Any * Create an AWS Account for deployment * Set up OIDC as per * Restrict it to the repo and branch main diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index 15731b42..537b4c73 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -1 +1,7 @@ resource "null_resource" "test" {} + +data "aws_region" "current" {} + +output "aws_region" { + value = data.aws_region.current.id +} From 6c0e5c5dfa1ac2334566f1ddea6092a153469746 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 18:58:36 +1200 Subject: [PATCH 12/34] more test workflaow --- .github/workflows/environment-test.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 403c72b9..020dc544 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -9,6 +9,7 @@ on: permissions: id-token: write contents: read + pull-requests: write jobs: envtesr: @@ -27,7 +28,7 @@ jobs: role-session-name: GitHubTest aws-region: ${{ secrets.AWS_REGION }} - name: terraform plan - uses: dflook/terraform-plan@v1 + uses: dflook/terraform-plan@d9df4f6c2484e709ba7ffaa16c98a6906f4760cd with: path: terraform/environment/github From 43ffd058dae08fbd62b72b1976e43b2beab30947 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 3 Aug 2024 19:19:41 +1200 Subject: [PATCH 13/34] more test workflaow --- .github/workflows/environment-test.yaml | 4 +++- renovate.json | 3 ++- terraform/environment/github/main.tf | 14 ++++++++++++++ 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 020dc544..8f17c833 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -31,4 +31,6 @@ jobs: uses: dflook/terraform-plan@d9df4f6c2484e709ba7ffaa16c98a6906f4760cd with: path: terraform/environment/github - + variables: | + aws_account=${{ secrets.AWS_ACCOUNT }} + aws_region=${{ secrets.AWS_REGION }} diff --git a/renovate.json b/renovate.json index 5db72dd6..9a3152d9 100644 --- a/renovate.json +++ b/renovate.json @@ -1,6 +1,7 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - "config:recommended" + "config:recommended", + ":dependencyDashboard" ] } diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index 537b4c73..587b5da3 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -5,3 +5,17 @@ data "aws_region" "current" {} output "aws_region" { value = data.aws_region.current.id } + +variable "aws_account" { + type = string + sensitive = true +} + +variable "aws_region" { + type = string + sensitive = true +} + +provider "aws" { + +} \ No newline at end of file From 1d64b27065af4a77433af9ff6b9a4396f97eefd9 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sun, 4 Aug 2024 17:13:02 +1200 Subject: [PATCH 14/34] more test workflaow --- terraform/environment/github/main.tf | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index 587b5da3..8cfe3fc5 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -17,5 +17,13 @@ variable "aws_region" { } provider "aws" { - -} \ No newline at end of file + assume_role { + role_arn = "arn:aws:iam::${var.aws_account}:role/GitHubAction-Wildsea" + } +} + +resource "aws_ssm_parameter" "test" { + name = "test" + type = "String" + value = "test" +} From ed634bd4dd90a5f8c92bc02ef9137fe55876e1d1 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sun, 4 Aug 2024 17:15:33 +1200 Subject: [PATCH 15/34] more test workflaow --- terraform/environment/github/main.tf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index 8cfe3fc5..0d29997c 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -11,10 +11,10 @@ variable "aws_account" { sensitive = true } -variable "aws_region" { - type = string - sensitive = true -} +#variable "aws_region" { +# type = string +# sensitive = true +#} provider "aws" { assume_role { From cebc1ada3116c15d230d6a2eec4b985518444319 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sun, 4 Aug 2024 17:51:50 +1200 Subject: [PATCH 16/34] more test workflaow --- .github/workflows/environment-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 8f17c833..0cd3ab08 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -32,5 +32,5 @@ jobs: with: path: terraform/environment/github variables: | - aws_account=${{ secrets.AWS_ACCOUNT }} + aws_account="${{ secrets.AWS_ACCOUNT }}" aws_region=${{ secrets.AWS_REGION }} From b0dbe66cca7788814c6abfd83e7f1b42307021ad Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:41:46 +1200 Subject: [PATCH 17/34] more test workflaow --- .github/workflows/environment-test.yaml | 10 ++++--- README.md | 6 ++-- terraform/environment/github/main.tf | 38 +++++++++++++++---------- 3 files changed, 33 insertions(+), 21 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 0cd3ab08..1b230a38 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -24,13 +24,15 @@ jobs: - name: Configure AWS Access uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GitHubAction-Wildsea + role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT }}:role/GitHubAction-Wildsea role-session-name: GitHubTest - aws-region: ${{ secrets.AWS_REGION }} + aws-region: ${{ env.AWS_REGION }} - name: terraform plan uses: dflook/terraform-plan@d9df4f6c2484e709ba7ffaa16c98a6906f4760cd with: path: terraform/environment/github variables: | - aws_account="${{ secrets.AWS_ACCOUNT }}" - aws_region=${{ secrets.AWS_REGION }} + aws_account="${{ env.AWS_ACCOUNT }}" + aws_region="${{ env.AWS_REGION }}" + state_bucket="${{ env.STATE_BUCKET }}" + environment="${{ env.ENVIRONMENT }}" diff --git a/README.md b/README.md index 35cee4d0..f59beb65 100644 --- a/README.md +++ b/README.md @@ -33,5 +33,7 @@ To set up a github repository: * Add AdministratorAccess, for now, and call it GitHubAccess-Wildsea@main * Add another role with ReadyOnlyAccess, don't restrict the branch, and call it GitHubAccess-Wildsea * Add an environment "main" - * Add an Environment Secret "AWS_ACCOUNT" with the ID of the AWS Account - * Add an Environment Secret "AWS_REGION" with the AWS Region you want to use + * Add an Environment Variable in the environment "AWS_ACCOUNT" with the ID of the AWS Account + * Add an Environment Variable in the environment "AWS_REGION" with the AWS Region you want to use + * Add an Environment Variable in the environment "STATE_BUCKET" with the name of the state bucket you created + * Add an Environment Variable in the environment "ENVIRONMENT" with the name of the environment diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index 0d29997c..f5c6dd41 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -1,29 +1,37 @@ resource "null_resource" "test" {} -data "aws_region" "current" {} - -output "aws_region" { - value = data.aws_region.current.id +variable "aws_account" { + description = "ID of the AWS Account" + type = string + sensitive = true } -variable "aws_account" { +variable "aws_region" { + description = "AWS Region name" type = string sensitive = true } -#variable "aws_region" { -# type = string -# sensitive = true -#} +variable "state_bucket" { + description = "Name of the S3 state bucket" + type = string +} + +variable "environment" { + description = "Name of the Environment" + type = string +} + +terraform { + backend "s3" { + bucket = var.state_bucket + key = "${var.environment}/terraform.tfstate" + region = var.aws_region + } +} provider "aws" { assume_role { role_arn = "arn:aws:iam::${var.aws_account}:role/GitHubAction-Wildsea" } } - -resource "aws_ssm_parameter" "test" { - name = "test" - type = "String" - value = "test" -} From dd6b9700d41563d92b1be369764ad9e13392c5f3 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:43:43 +1200 Subject: [PATCH 18/34] more test workflaow --- .github/workflows/environment-test.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index 1b230a38..d29ca319 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -24,15 +24,15 @@ jobs: - name: Configure AWS Access uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 with: - role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT }}:role/GitHubAction-Wildsea + role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT }}:role/GitHubAction-Wildsea role-session-name: GitHubTest - aws-region: ${{ env.AWS_REGION }} + aws-region: ${{ vars.AWS_REGION }} - name: terraform plan uses: dflook/terraform-plan@d9df4f6c2484e709ba7ffaa16c98a6906f4760cd with: path: terraform/environment/github variables: | - aws_account="${{ env.AWS_ACCOUNT }}" - aws_region="${{ env.AWS_REGION }}" - state_bucket="${{ env.STATE_BUCKET }}" - environment="${{ env.ENVIRONMENT }}" + aws_account="${{ vars.AWS_ACCOUNT }}" + aws_region="${{ vars.AWS_REGION }}" + state_bucket="${{ vars.STATE_BUCKET }}" + environment="${{ vars.ENVIRONMENT }}" From d1ee7cbf485ee5aa78313d2cc255c7ba1e82ab40 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:47:23 +1200 Subject: [PATCH 19/34] more test workflaow --- .github/workflows/environment-test.yaml | 3 +++ terraform/environment/github/main.tf | 2 -- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml index d29ca319..311361cb 100644 --- a/.github/workflows/environment-test.yaml +++ b/.github/workflows/environment-test.yaml @@ -36,3 +36,6 @@ jobs: aws_region="${{ vars.AWS_REGION }}" state_bucket="${{ vars.STATE_BUCKET }}" environment="${{ vars.ENVIRONMENT }}" + backend_config: + state_bucket="${{ vars.STATE_BUCKET }}" + environment="${{ vars.ENVIRONMENT }}" diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index f5c6dd41..31e655c2 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -24,8 +24,6 @@ variable "environment" { terraform { backend "s3" { - bucket = var.state_bucket - key = "${var.environment}/terraform.tfstate" region = var.aws_region } } From 528dc5ea143c2ea695223ca9105a38fe5b99281f Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:49:42 +1200 Subject: [PATCH 20/34] more test workflaow --- .github/workflows/environment-test.yaml | 41 ------------------------- terraform/environment/github/main.tf | 1 + 2 files changed, 1 insertion(+), 41 deletions(-) delete mode 100644 .github/workflows/environment-test.yaml diff --git a/.github/workflows/environment-test.yaml b/.github/workflows/environment-test.yaml deleted file mode 100644 index 311361cb..00000000 --- a/.github/workflows/environment-test.yaml +++ /dev/null @@ -1,41 +0,0 @@ -name: Environment Test - -on: - pull_request: {} - push: - branches: - - main - -permissions: - id-token: write - contents: read - pull-requests: write - -jobs: - envtesr: - name: Environment Test - runs-on: ubuntu-latest - environment: main - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - steps: - - name: Checkout code - uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 - - name: Configure AWS Access - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 - with: - role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT }}:role/GitHubAction-Wildsea - role-session-name: GitHubTest - aws-region: ${{ vars.AWS_REGION }} - - name: terraform plan - uses: dflook/terraform-plan@d9df4f6c2484e709ba7ffaa16c98a6906f4760cd - with: - path: terraform/environment/github - variables: | - aws_account="${{ vars.AWS_ACCOUNT }}" - aws_region="${{ vars.AWS_REGION }}" - state_bucket="${{ vars.STATE_BUCKET }}" - environment="${{ vars.ENVIRONMENT }}" - backend_config: - state_bucket="${{ vars.STATE_BUCKET }}" - environment="${{ vars.ENVIRONMENT }}" diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index 31e655c2..df6c91f5 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -24,6 +24,7 @@ variable "environment" { terraform { backend "s3" { + // bucket and key come from -backend-config region = var.aws_region } } From 56c8a116dc9d8fd5eafe3b6d1d7d684b0117feab Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:51:39 +1200 Subject: [PATCH 21/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 41 ++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 .github/workflows/environment-main-plan.yaml diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml new file mode 100644 index 00000000..33496427 --- /dev/null +++ b/.github/workflows/environment-main-plan.yaml @@ -0,0 +1,41 @@ +name: Environment Main - Plan + +on: + pull_request: {} + push: + branches: + - main + +permissions: + id-token: write + contents: read + pull-requests: write + +jobs: + envtest: + name: Environment Main - Plan + runs-on: ubuntu-latest + environment: main + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - name: Checkout code + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 + - name: Configure AWS Access + uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 + with: + role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT }}:role/GitHubAction-Wildsea + role-session-name: GitHubTest + aws-region: ${{ vars.AWS_REGION }} + - name: terraform plan + uses: dflook/terraform-plan@d9df4f6c2484e709ba7ffaa16c98a6906f4760cd + with: + path: terraform/environment/github + variables: | + aws_account="${{ vars.AWS_ACCOUNT }}" + aws_region="${{ vars.AWS_REGION }}" + state_bucket="${{ vars.STATE_BUCKET }}" + environment="${{ vars.ENVIRONMENT }}" + backend_config: + bucket="${{ vars.STATE_BUCKET }}" + key="${{ vars.ENVIRONMENT }}/terraform.tfstate" From 3dbfb52fe0c3a56ef1c346e513a15e010fc5d5ba Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:52:42 +1200 Subject: [PATCH 22/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 1 + terraform/environment/github/main.tf | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index 33496427..b5544248 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -39,3 +39,4 @@ jobs: backend_config: bucket="${{ vars.STATE_BUCKET }}" key="${{ vars.ENVIRONMENT }}/terraform.tfstate" + region="${{ vars.AWS_REGION }}" diff --git a/terraform/environment/github/main.tf b/terraform/environment/github/main.tf index df6c91f5..7d3f2f77 100644 --- a/terraform/environment/github/main.tf +++ b/terraform/environment/github/main.tf @@ -24,8 +24,7 @@ variable "environment" { terraform { backend "s3" { - // bucket and key come from -backend-config - region = var.aws_region + // region, bucket and key come from -backend-config } } From b177f8cfee7f5eeac135938279fac579b373b261 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:58:02 +1200 Subject: [PATCH 23/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index b5544248..25d87648 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -39,4 +39,4 @@ jobs: backend_config: bucket="${{ vars.STATE_BUCKET }}" key="${{ vars.ENVIRONMENT }}/terraform.tfstate" - region="${{ vars.AWS_REGION }}" + region=${{ vars.AWS_REGION }} From 7a36c0be41a6b674b3ad56ee3cbacd65b4d60c50 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 13:59:55 +1200 Subject: [PATCH 24/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index 25d87648..b44c8108 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -37,6 +37,6 @@ jobs: state_bucket="${{ vars.STATE_BUCKET }}" environment="${{ vars.ENVIRONMENT }}" backend_config: - bucket="${{ vars.STATE_BUCKET }}" - key="${{ vars.ENVIRONMENT }}/terraform.tfstate" + bucket=${{ vars.STATE_BUCKET }} + key=${{ vars.ENVIRONMENT }}/terraform.tfstate region=${{ vars.AWS_REGION }} From c10a13a70f45cf2372bbd2bba2ae30ed8be8aea1 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:03:20 +1200 Subject: [PATCH 25/34] more test workflaow --- .../environment/github/.terraform.lock.hcl | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 terraform/environment/github/.terraform.lock.hcl diff --git a/terraform/environment/github/.terraform.lock.hcl b/terraform/environment/github/.terraform.lock.hcl new file mode 100644 index 00000000..0d365aee --- /dev/null +++ b/terraform/environment/github/.terraform.lock.hcl @@ -0,0 +1,43 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.62.0" + hashes = [ + "h1:8tevkFG+ea/sNZYiQ2GQ02hknPcWBukxkrpjRCodQC0=", + "zh:1f366cbcda72fb123015439a42ab19f96e10ce4edb404273f4e1b7e06da20b73", + "zh:25f098454a34b483279e0382b24b4f42e51c067222c6e797eda5d3ec33b9beb1", + "zh:4b59d48b527e3cefd73f196853bfc265b3e1e57b55c1c8a2d12ff6e3534b4f07", + "zh:7bb88c1ca95e2b3f0f1fe8636925133b9813fc5b137cc467ba6a233ddf4b360e", + "zh:8a93dece40e816c92647e762839d0370e9cad2aa21dc4ca95baee9385f116459", + "zh:8dfe82c55ab8f633c1e2a39c687e9ca8c892d1c2005bf5166ac396ce868ecd05", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:a754952d69b4860480d5207390e3ab42350c964dbca9a5ac0c6912dd24b4c11d", + "zh:b2a4dbf4abee0e9ec18c5d323b99defdcd3c681f8c4306fb6e02cff7de038f85", + "zh:b57d84be258b571c04271015f03858ab215768b82e47c11ecd86e789d577030a", + "zh:be811b03289407c8d59e6b199bf16e6071165565ffe502148172d0886cf849c4", + "zh:d4144c7366c840eff1ac15ba13d96063f798f0983d24053a832362033624fe6f", + "zh:d88612856d453c4e10c49c76e4ef522b7d068b4f7c3e2e0b03dd74540986eecd", + "zh:e8bd231a5d0786cc4aab8471bb6dabd5a5df1c598afda077a9f27987ada57b67", + "zh:ffb40a66b4d000a8ee4c54227eeb998f887ad867419c3af7d3981587788de074", + ] +} + +provider "registry.terraform.io/hashicorp/null" { + version = "3.2.2" + hashes = [ + "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=", + "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", + "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", + "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", + "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606", + "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546", + "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539", + "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422", + "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae", + "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1", + "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e", + ] +} From 7df8622382787ae2329fb3c822fe6edd022f63fb Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:10:04 +1200 Subject: [PATCH 26/34] more test workflaow --- .../workflows/environment-main-deploy.yaml | 41 +++++++++++++++++++ .github/workflows/environment-main-plan.yaml | 3 -- 2 files changed, 41 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/environment-main-deploy.yaml diff --git a/.github/workflows/environment-main-deploy.yaml b/.github/workflows/environment-main-deploy.yaml new file mode 100644 index 00000000..ca71ff9e --- /dev/null +++ b/.github/workflows/environment-main-deploy.yaml @@ -0,0 +1,41 @@ +name: Environment Main - Apply + +on: + push: + branches: + - main + +permissions: + id-token: write + contents: read + pull-requests: write + +jobs: + envtest: + name: Environment Main - Apply + runs-on: ubuntu-latest + environment: main + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - name: Checkout code + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 + - name: Configure AWS Access + uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 + with: + role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT }}:role/GitHubAction-Wildsea@${{ vars.ENVIRONMENT }} + role-session-name: GitHubTest + aws-region: ${{ vars.AWS_REGION }} + - name: terraform plan + uses: dflook/terraform-apply + with: + path: terraform/environment/github + variables: | + aws_account="${{ vars.AWS_ACCOUNT }}" + aws_region="${{ vars.AWS_REGION }}" + state_bucket="${{ vars.STATE_BUCKET }}" + environment="${{ vars.ENVIRONMENT }}" + backend_config: + bucket=${{ vars.STATE_BUCKET }} + key=${{ vars.ENVIRONMENT }}/terraform.tfstate + region=${{ vars.AWS_REGION }} diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index b44c8108..7bd9379c 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -2,9 +2,6 @@ name: Environment Main - Plan on: pull_request: {} - push: - branches: - - main permissions: id-token: write From 9f42d2d62b7abc0351f516cee3c62b9ab0cb8939 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:13:31 +1200 Subject: [PATCH 27/34] more test workflaow --- .github/workflows/environment-main-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment-main-deploy.yaml b/.github/workflows/environment-main-deploy.yaml index ca71ff9e..cc2ed649 100644 --- a/.github/workflows/environment-main-deploy.yaml +++ b/.github/workflows/environment-main-deploy.yaml @@ -27,7 +27,7 @@ jobs: role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan - uses: dflook/terraform-apply + uses: dflook/terraform-apply@@c3f4d3e8d5a1a5b8d5e4e3e7f8f2b3a1c4e9d3f2 with: path: terraform/environment/github variables: | From d9c26216dced0acc75cc6daa3f92e81ebd4d0de4 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:24:53 +1200 Subject: [PATCH 28/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index b781983d..4949f42d 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -19,21 +19,13 @@ jobs: - name: Checkout code uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 - name: Configure AWS Access -<<<<<<< HEAD - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 -======= uses: aws-actions/configure-aws-credentials@39228ca2bffc0bfc8f7761ce893f5b80e7eaaf8f ->>>>>>> origin/main with: role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT }}:role/GitHubAction-Wildsea role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan -<<<<<<< HEAD - uses: dflook/terraform-plan@d9df4f6c2484e709ba7ffaa16c98a6906f4760cd -======= uses: dflook/terraform-plan@b0877a1bf56160160ab482f4aff8a12fff35fe06 ->>>>>>> origin/main with: path: terraform/environment/github variables: | From c0f6431cb59a985b2dca53480c9068c057a9cbf4 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:30:09 +1200 Subject: [PATCH 29/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index 4949f42d..d148e5de 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -25,7 +25,8 @@ jobs: role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan - uses: dflook/terraform-plan@b0877a1bf56160160ab482f4aff8a12fff35fe06 + #uses: dflook/terraform-plan@b0877a1bf56160160ab482f4aff8a12fff35fe06 + uses: dflook/terraform-apply with: path: terraform/environment/github variables: | From 8c0746a0d5a37dece9a374eb1a624233f83e7379 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:31:08 +1200 Subject: [PATCH 30/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index d148e5de..8a3bbe8b 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -25,7 +25,6 @@ jobs: role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan - #uses: dflook/terraform-plan@b0877a1bf56160160ab482f4aff8a12fff35fe06 uses: dflook/terraform-apply with: path: terraform/environment/github From 7a4c56e726c611dd1422b4c073c1b893044ee151 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:33:29 +1200 Subject: [PATCH 31/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index 8a3bbe8b..46b91ac1 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -25,7 +25,7 @@ jobs: role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan - uses: dflook/terraform-apply + uses: dflook/terraform-apply@v1.44.0 with: path: terraform/environment/github variables: | From 947eadbb8a402cb2aeb5a813a69c69312ee000a6 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:35:04 +1200 Subject: [PATCH 32/34] more test workflaow --- .github/workflows/environment-main-plan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment-main-plan.yaml b/.github/workflows/environment-main-plan.yaml index 46b91ac1..4949f42d 100644 --- a/.github/workflows/environment-main-plan.yaml +++ b/.github/workflows/environment-main-plan.yaml @@ -25,7 +25,7 @@ jobs: role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan - uses: dflook/terraform-apply@v1.44.0 + uses: dflook/terraform-plan@b0877a1bf56160160ab482f4aff8a12fff35fe06 with: path: terraform/environment/github variables: | From a7423262136fa1f9a8bda48ca5cb6b4f6e00458f Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:37:49 +1200 Subject: [PATCH 33/34] more test workflaow --- .github/workflows/environment-main-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment-main-deploy.yaml b/.github/workflows/environment-main-deploy.yaml index 29b831aa..7452569c 100644 --- a/.github/workflows/environment-main-deploy.yaml +++ b/.github/workflows/environment-main-deploy.yaml @@ -27,7 +27,7 @@ jobs: role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan - uses: dflook/terraform-apply@4aa6179df0f08cabedbf3b340b419adf5c32854619be6926492f48048946ebb8 + uses: dflook/terraform-apply@4aa6179df0f08cabedbf3b340b419adf5c3285461 with: path: terraform/environment/github variables: | From 8f8d7682f8492506b06ce066019848ab0b484eb6 Mon Sep 17 00:00:00 2001 From: Jarrod Lowe Date: Sat, 10 Aug 2024 14:40:37 +1200 Subject: [PATCH 34/34] more test workflaow --- .github/workflows/environment-main-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment-main-deploy.yaml b/.github/workflows/environment-main-deploy.yaml index 7452569c..9699f60e 100644 --- a/.github/workflows/environment-main-deploy.yaml +++ b/.github/workflows/environment-main-deploy.yaml @@ -27,7 +27,7 @@ jobs: role-session-name: GitHubTest aws-region: ${{ vars.AWS_REGION }} - name: terraform plan - uses: dflook/terraform-apply@4aa6179df0f08cabedbf3b340b419adf5c3285461 + uses: dflook/terraform-apply@4aa6179df0f08cabedbf3b340b419adf5c328546 with: path: terraform/environment/github variables: |