fix gha syntax errors; fix access token lexical scope;

netfoundry · Jan 14, 2025 · f785148 · f785148
1 parent 456e550
commit f785148
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 29 deletions.
diff --git a/.github/actions/eks-cluster-cleanup/action.yml b/.github/actions/eks-cluster-cleanup/action.yml
@@ -1,14 +1,14 @@
-name: 'EKS Cluster Cleanup'
-description: 'Delete an EKS cluster with retries'
+name: EKS Cluster Cleanup
+description: Delete an EKS cluster with retries
 inputs:
-  cluster-name:
-    description: 'Name of the cluster to delete'
+  cluster_name:
+    description: Name of the cluster to delete
     required: true
   region:
-    description: 'AWS region'
+    description: AWS region
     required: true
-  role-to-assume:
-    description: 'AWS role to assume'
+  role_to_assume:
+    description: AWS role to assume
     required: true
 
 runs:
@@ -18,7 +18,7 @@ runs:
       uses: aws-actions/configure-aws-credentials@v4
       with:
         aws-region: ${{ inputs.region }}
-        role-to-assume: ${{ inputs.role-to-assume }}
+        role-to-assume: ${{ inputs.role_to_assume }}
         role-session-name: GitHubActions
         audience: sts.amazonaws.com
 
@@ -42,7 +42,7 @@ runs:
         # Function to get cluster status
         get_cluster_status() {
           aws eks describe-cluster \
-            --name "${{ inputs.cluster-name }}" \
+            --name "${{ inputs.cluster_name }}" \
             --region "${{ inputs.region }}" \
             --query 'cluster.status' \
             --output text 2>/dev/null || echo "NOT_FOUND"
@@ -65,7 +65,7 @@ runs:
           
           # Try to delete the cluster
           if eksctl delete cluster \
-              --name "${{ inputs.cluster-name }}" \
+              --name "${{ inputs.cluster_name }}" \
               --region "${{ inputs.region }}" \
               --force \
               --disable-nodegroup-eviction \

diff --git a/.github/actions/gke-cluster-cleanup/action.yml b/.github/actions/gke-cluster-cleanup/action.yml
@@ -1,16 +1,16 @@
 name: GKE Cluster Cleanup
 description: Delete a GKE cluster with retries
 inputs:
-  cluster-name:
+  cluster_name:
     description: Name of the cluster to delete
     required: true
   region:
     description: GCP region
     required: true
-  workload-identity-provider:
+  workload_identity_provider:
     description: GCP workload identity provider
     required: true
-  service-account:
+  service_account:
     description: GCP service account
     required: true
   audience:
@@ -23,8 +23,8 @@ runs:
     - name: Configure GCP Credentials
       uses: google-github-actions/auth@v2
       with:
-        workload_identity_provider: ${{ inputs.workload-identity-provider }}
-        service_account: ${{ inputs.service-account }}
+        workload_identity_provider: ${{ inputs.workload_identity_provider }}
+        service_account: ${{ inputs.service_account }}
         audience: ${{ inputs.audience }}
         export_environment_variables: true  # sets GCP_PROJECT
 
@@ -39,7 +39,7 @@ runs:
 
         # Function to check if cluster exists and get its status
         get_cluster_status() {
-          gcloud container clusters describe "${{ inputs.cluster-name }}" \
+          gcloud container clusters describe "${{ inputs.cluster_name }}" \
             --project "$GCP_PROJECT" \
             --region "${{ inputs.region }}" \
             --format='get(status)' 2>/dev/null || echo "NOT_FOUND"
@@ -68,7 +68,7 @@ runs:
           echo "Attempt $ATTEMPT: Cluster status is $STATUS"
           
           # Try to delete the cluster
-          DELETE_OUTPUT=$(gcloud container clusters delete "${{ inputs.cluster-name }}" \
+          DELETE_OUTPUT=$(gcloud container clusters delete "${{ inputs.cluster_name }}" \
             --project "$GCP_PROJECT" \
             --region "${{ inputs.region }}" \
             --quiet 2>&1) || true

diff --git a/.github/actions/nf-network-cleanup/action.yml b/.github/actions/nf-network-cleanup/action.yml
@@ -1,10 +1,10 @@
 name: NetFoundry Network Cleanup
 description: Delete a NetFoundry network
 inputs:
-  network-name:
+  network_name:
     description: Name of the network to delete
     required: true
-  access-token:
+  access_token:
     description: NetFoundry access token
     required: true
 
@@ -21,14 +21,14 @@ runs:
         NF_NETWORK_LIST="$(curl --silent --fail --location --request GET \
             https://gateway.production.netfoundry.io/core/v3/networks \
             --header 'Content-Type: application/json' \
-            --header "Authorization: Bearer ${{ inputs.access-token }}"
+            --header "Authorization: Bearer ${{ inputs.access_token }}"
         )"
         if [[ -z "$NF_NETWORK_LIST" ]]; then
             echo "ERROR: NF_NETWORK_LIST is empty" >&2
             exit 1
         fi
         NF_NETWORK_ID="$(echo "$NF_NETWORK_LIST" | jq -r \
-            --arg nf_network_name "${{ inputs.network-name }}" \
+            --arg nf_network_name "${{ inputs.network_name }}" \
             '._embedded.networkList[] | select(.name==$nf_network_name).id'
         )"
 
@@ -37,12 +37,12 @@ runs:
             NF_NETWORK_STATUS="$(curl --silent --fail --location --request DELETE \
                 "https://gateway.production.netfoundry.io/core/v3/networks/$NF_NETWORK_ID" \
                 --header 'Content-Type: application/json' \
-                --header "Authorization: Bearer ${{ inputs.access-token }}"
+                --header "Authorization: Bearer ${{ inputs.access_token }}"
             )"
             if [[ -z "$NF_NETWORK_STATUS" ]]; then
                 echo "ERROR: NF_NETWORK_STATUS is empty" >&2
                 exit 1
             fi
         else
-            echo "INFO: network ${{ inputs.network-name }} does not exist"
+            echo "INFO: network ${{ inputs.network_name }} does not exist"
         fi
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -179,6 +179,8 @@ jobs:
   regression_test:
     needs: [build_deploy, create-eks, create-gke]
     runs-on: ubuntu-24.04
+    outputs:
+      nf_access_token: ${{ steps.nf_auth.outputs.nf_access_token }}
     permissions:
       contents: read
       id-token: write
@@ -291,7 +293,7 @@ jobs:
             exit 1
           fi
           echo "::add-mask::$ACCESS_TOKEN"
-          echo "NF_ACCESS_TOKEN=$ACCESS_TOKEN" | tee -a $GITHUB_ENV
+          echo "nf_access_token=$ACCESS_TOKEN" | tee -a $GITHUB_OUTPUT
           set -o xtrace
 
           # compose a Postman global variable file for creating the NF network for this workflow run ID
@@ -731,8 +733,8 @@ jobs:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/nf-network-cleanup
         with:
-          network-name: ${{ env.NF_NETWORK_NAME }}
-          access-token: ${{ env.NF_ACCESS_TOKEN }}
+          network_name: ${{ env.NF_NETWORK_NAME }}
+          access_token: ${{ needs.regression_test.outputs.nf_access_token }}
 
   cleanup-eks:
     needs: [cleanup-debug-delay]
@@ -745,9 +747,9 @@ jobs:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/eks-cluster-cleanup
         with:
-          cluster-name: ${{ env.CLUSTER_NAME }}
+          cluster_name: ${{ env.CLUSTER_NAME }}
           region: ${{ env.AWS_REGION }}
-          role-to-assume: ${{ secrets.AWS_ROLE_FOR_GITHUB }}
+          role_to_assume: ${{ secrets.AWS_ROLE_FOR_GITHUB }}
 
   cleanup-gke:
     needs: [cleanup-debug-delay]
@@ -760,7 +762,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/gke-cluster-cleanup
         with:
-          cluster-name: ${{ env.CLUSTER_NAME }}
+          cluster_name: ${{ env.CLUSTER_NAME }}
           region: ${{ env.GKE_REGION }}
           workload-identity-provider: ${{ secrets.GCLOUD_WL_ID_FOR_GITHUB }}
           service-account: ${{ secrets.GCLOUD_SVC_ACCT_FOR_GITHUB }}