Skip to content

Commit

Permalink
Add CI pipeline (#73)
Browse files Browse the repository at this point in the history 
* Add CI pipeline

Co-authored-by: zjhe <hezijie@microsoft.com>
  • Loading branch information
@jiaweitao001 @lonegunmanb
jiaweitao001 and lonegunmanb authored Nov 22, 2022
1 parent 7070853 commit 1f0badb
Show file tree
Hide file tree
Showing 32 changed files with 1,701 additions and 438 deletions.
120 changes: 120 additions & 0 deletions .github/ISSUE_TEMPLATE/Bug_Report.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
name: Bug Report
description: If something isn't working as expected.
labels: [bug]
body:
- type: markdown
attributes:
value: |
Thank you for taking the time to fill out a bug report.
If you are not running the latest version of this module, please try to reproduce your bug with the latest version before opening an issue.
- type: checkboxes
attributes:
label: Is there an existing issue for this?
description: Please search to see if an issue already exists for the bug you encountered.
options:
- label: I have searched the existing issues
required: true
- type: dropdown
attributes:
label: Greenfield/Brownfield provisioning
description: Do you reproduce the bug with a new infrastructure provisioning (greenfield) or you need an existing infrastructure with an existing terraform state (brownfield) to reproduce the bug ?
multiple: false
options:
- greenfield
- brownfield
validations:
required: true
- type: input
id: terraform
attributes:
label: Terraform Version
description: Which Terraform version are you using?
placeholder: Example value, 1.2.8
validations:
required: true
- type: input
id: module
attributes:
label: Module Version
description: Which module version are you using?
placeholder: Example value, 6.0.0
validations:
required: true
- type: input
id: azurerm
attributes:
label: AzureRM Provider Version
description: Which AzureRM Provider version are you using?
placeholder: Example value, 3.21.1
validations:
required: true
- type: input
id: resource
attributes:
label: Affected Resource(s)/Data Source(s)
description: Please list the affected resources and/or data sources.
placeholder: azurerm_XXXXX
validations:
required: true
- type: textarea
id: config
attributes:
label: Terraform Configuration Files
description: |
Please provide a minimal Terraform configuration that can reproduce the issue.
render: hcl
validations:
required: true
- type: textarea
id: tfvars
attributes:
label: tfvars variables values
description: |
Please provide the necessary tfvars variables values to reproduce the issue. Do not share secrets or sensitive information.
render: hcl
validations:
required: true
- type: textarea
id: debug
attributes:
label: Debug Output/Panic Output
description: |
For long debug logs please provide a link to a GitHub Gist containing the complete debug output. Please do NOT paste the debug output in the issue; just paste a link to the Gist.
To obtain the debug output, see the [Terraform documentation on debugging](https://www.terraform.io/docs/internals/debugging.html).
render: shell
validations:
required: true
- type: textarea
id: expected
attributes:
label: Expected Behaviour
description: What should have happened?
- type: textarea
id: actual
attributes:
label: Actual Behaviour
description: What actually happened?
- type: textarea
id: reproduce
attributes:
label: Steps to Reproduce
description: |
Please list the steps required to reproduce the issue, e.g.
1. `terraform apply`
- type: input
id: facts
attributes:
label: Important Factoids
description: |
Are there anything atypical about your accounts that we should know? For example: Running in a Azure China/Germany/Government?
- type: textarea
id: references
attributes:
label: References
description: |
Information about referencing Github Issues: https://help.github.com/articles/basic-writing-and-formatting-syntax/#referencing-issues-and-pull-requests
Are there any other GitHub issues (open or closed) or pull requests that should be linked here? Such as vendor documentation?
42 changes: 42 additions & 0 deletions .github/ISSUE_TEMPLATE/Feature_Request.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Feature Request
description: I have a suggestion (and might want to implement myself)!
title: "Support for [thing]"
body:
- type: checkboxes
attributes:
label: Is there an existing issue for this?
description: Please search to see if an issue already exists for the feature you are requesting.
options:
- label: I have searched the existing issues
required: true
- type: textarea
id: description
attributes:
label: Description
description: Please leave a helpful description of the feature request here.
validations:
required: true
- type: input
id: resource
attributes:
label: New or Affected Resource(s)/Data Source(s)
description: Please list the new or affected resources and/or data sources.
placeholder: azurerm_XXXXX
validations:
required: true
- type: textarea
id: config
attributes:
label: Potential Terraform Configuration
description: Please provide an example of what the enhancement could look like on this Terraform module.
render: hcl
- type: textarea
id: references
attributes:
label: References
description: |
Information about referencing Github Issues: https://help.github.com/articles/basic-writing-and-formatting-syntax/#referencing-issues-and-pull-requests
Are there any other GitHub issues (open or closed) or pull requests that should be linked here? Vendor blog posts or documentation? For example:
* https://azure.microsoft.com/en-us/roadmap/virtual-network-service-endpoint-for-azure-cosmos-db/
1 change: 1 addition & 0 deletions .github/ISSUE_TEMPLATE/config.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
blank_issues_enabled: false
19 changes: 9 additions & 10 deletions .github/pull_request_template.md
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,13 @@
<!---
Please add this into the test of test/fixture, format the changes by "terraform fmt", and test it by run the following:
```sh
$ docker build --build-arg BUILD_ARM_SUBSCRIPTION_ID=$ARM_SUBSCRIPTION_ID --build-arg BUILD_ARM_CLIENT_ID=$ARM_CLIENT_ID --build-arg BUILD_ARM_CLIENT_SECRET=$ARM_CLIENT_SECRET --build-arg BUILD_ARM_TENANT_ID=$ARM_TENANT_ID -t azure-network .
$ docker run --rm azure-network /bin/bash -c "bundle install && rake full"
```
Please add this into the example usage of README.md and format the changes by "terrafmt fmt README.md". Please intall "terrafmt" by [install terrafmt](https://github.com/katbyte/terrafmt#install).
--->
## Describe your changes

Fixes #000
## Issue number

Changes proposed in the pull request:
#000

## Checklist before requesting a review
- [ ] The pr title can be used to describe what this pr did in `CHANGELOG.md` file
- [ ] I have executed pre-commit on my machine
- [ ] I have passed pr-check on my machine

Thanks for your cooperation!

31 changes: 31 additions & 0 deletions .github/workflows/acc-test.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: E2E Test
on:
pull_request:
types: [ 'opened', 'synchronize' ]
paths:
- '.github/**'
- '**.go'
- '**.tf'
- '.github/workflows/**'
- '**.md'
- '**/go.mod'

jobs:
acc-tests:
runs-on: [self-hosted, 1ES.Pool=terraform-azurerm-network]
environment:
name: acctests
steps:
- uses: actions/checkout@v3
- name: e2e test
run: |
az login --identity --username $MSI_ID > /dev/null
export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
docker run --rm -v $(pwd):/src -w /src --network=host -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make e2e-test
- name: version-upgrade test
run: |
az login --identity --username $MSI_ID > /dev/null
export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
docker run --rm -v $(pwd):/src -w /src --network=host -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make version-upgrade-test
33 changes: 33 additions & 0 deletions .github/workflows/breaking-change-detect.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: 'Comment on PR'

on:
workflow_run:
workflows: ["Pre Pull Request Check"]
types:
- completed

jobs:
comment:
name: 'breaking change detect'
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.event == 'pull_request' }}
steps:
- name: 'Download change artifact'
uses: dawidd6/action-download-artifact@v2
with:
github_token: "${{ secrets.GITHUB_TOKEN }}"
run_id: ${{ github.event.workflow_run.id }}
workflow: pr-check.yaml
name: change
- name: Check change existence
id: check_change
uses: andstor/file-existence-action@v1
with:
files: "change"
- name: 'Comment on PR'
if: steps.check_change.outputs.files_exists == 'true'
run: |
export PR_NUMBER=$(cat change | jq -r '.pr')
msg=$(cat change | jq -r '.body')
jq -n --arg msg "$msg" '{body: $msg}' > body.txt
curl -s -X POST -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/issues/$PR_NUMBER/comments -d @body.txt
31 changes: 31 additions & 0 deletions .github/workflows/main-branch-push.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: Main Branch Push
on:
push:
branches:
- main
- master
jobs:
main-branch-push:
runs-on: ubuntu-latest
permissions:
contents: write
issues: write
pull-requests: write
steps:
- uses: 8BitJonny/gh-get-current-pr@2.1.0
id: PR
# checkov:skip=CKV_GHA_3 bypass check for CKV_GHA_3 since the GITHUB_TOKEN will be a one-time token https://docs.bridgecrew.io/docs/suspicious-use-of-curl-with-secrets
- name: Warn remaining PR branch
run: |
echo "=====> Query remaining pull requests"
response=$(curl \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/${{ github.repository }}/pulls?per_page=100)
export pr_number=$(echo "$response" | jq '.[].number')
echo "=====> Warn pull requests branch"
for p in $pr_number; do
curl -s -X POST -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/issues/$p/comments -d "{\"body\":\"MAIN BRANCH PUSH DETECTED DUE TO #${{steps.PR.outputs.number}}, THIS PR NEED TO BE UPDATED TO TRIGGER CI.\"}"
done
40 changes: 40 additions & 0 deletions .github/workflows/pr-check.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
name: Pre Pull Request Check
on:
pull_request:
types: ['opened', 'synchronize']
paths:
- '.github/**'
- '**.go'
- '**.tf'
- '.github/workflows/**'
- '**.md'
- '**/go.mod'

jobs:
prepr-check:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v3
- name: pr-check
run: |
docker run --rm -v $(pwd):/src -w /src -e SKIP_CHECKOV -e TFLINT_CONFIG=".tflint_alt.hcl" mcr.microsoft.com/azterraform:latest make pr-check
- name: Breaking Change Brief
run: |
c=$(docker run --rm -t -v $(pwd):/src -w /src mcr.microsoft.com/azterraform:latest breaking_detect /src ${{ github.repository_owner }} ${{ github.event.repository.name }} ${{ github.base_ref }})
if [ ! -z "$c" ]; then
msg=$(printf "Potential Breaking Changes in ${{ github.event.pull_request.head.sha }}:\n${c}")
jq -n --arg msg "$msg" '{pr: ${{ github.event.pull_request.number }}, body: $msg}' > change
fi
- name: Check change existence
id: check_change
uses: andstor/file-existence-action@v1
with:
files: "change"
- name: 'Upload breaking change warning'
if: steps.check_change.outputs.files_exists == 'true'
uses: actions/upload-artifact@v2
with:
retention-days: 1
name: change
path: change
47 changes: 47 additions & 0 deletions .github/workflows/update-changelog.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
name: Update Changelog
on:
push:
branches:
- main
- master
tags:
- '*'

jobs:
update-changelog:
runs-on: ubuntu-latest
steps:
- name: get-default-branch
run: |
branch=$(curl -s "https://api.github.com/repos/$GITHUB_REPOSITORY" | jq -r '.default_branch')
echo "default_branch=$branch" >> $GITHUB_ENV
- name: checkout
uses: actions/checkout@v3
with:
ref: ${{ env.default_branch }}
- uses: 8BitJonny/gh-get-current-pr@2.1.0
id: PR
- uses: little-core-labs/get-git-tag@v3.0.1
id: current-tag
- uses: actions-ecosystem/action-get-latest-tag@v1
id: get-latest-tag
with:
semver_only: true
initial_version: 0.0.0
- name: update-changelog
if: steps.PR.outputs.number != '' || steps.current-tag.outputs.tag != ''
run: |
MAJOR_VERSION=$(ls | grep CHANGELOG | cut -d'-' -f 2 | cut -f 1 -d '.' | grep v | sort -V -r | head -n 1)
if [ -z "$MAJOR_VERSION" ]; then
MAJOR_VERSION=0
else
MAJOR_VERSION=${MAJOR_VERSION#"v"}
MAJOR_VERSION=$((MAJOR_VERSION+1))
fi
docker run --rm -v $(pwd):/src -w /src githubchangeloggenerator/github-changelog-generator -u ${{ github.repository_owner }} -p ${{ github.event.repository.name }} -t ${{ secrets.GITHUB_TOKEN }} --no-issues --no-compare-link --include-tags-regex "$MAJOR_VERSION\..*\..*"
- name: Commit & Push changes
uses: actions-js/push@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
message: 'Update changelog'
branch: ${{ env.default_branch }}
Loading

0 comments on commit 1f0badb

Please sign in to comment.