Terraform V2 Batch #182866

Summary
Jobs
- terraform
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/terraform-v2-batch.yml at ea60fb4

	name: Terraform V2 Batch

	on: workflow_dispatch

	env:
	TF_VERSION: 1.1.4
	KEYCLOAK_V2_DEV_URL: https://dev.loginproxy.gov.bc.ca
	KEYCLOAK_V2_TEST_URL: https://test.loginproxy.gov.bc.ca
	KEYCLOAK_V2_PROD_URL: https://loginproxy.gov.bc.ca
	TF_LOG: ERROR
	TF_LOG_PATH: ${{ github.workspace }}/terraform.log

	jobs:
	terraform:
	runs-on: ubuntu-22.04
	timeout-minutes: 30
	env:
	API_URL: ${{ secrets.WEBAPP_API_URL }}
	steps:
	- uses: hmarr/debug-action@v2

	- name: Wake Up API
	uses: fjogeleit/http-request-action@master
	with:
	url: ${{ env.API_URL }}/heartbeat
	method: GET
	customHeaders: '{"Authorization": "${{ secrets.GH_SECRET }}"}'
	timeout: '60000'
	continue-on-error: true

	- name: Fetch Requests Count
	id: requests
	uses: fjogeleit/http-request-action@master
	with:
	url: ${{ env.API_URL }}/batch/items/gold
	method: GET
	customHeaders: '{"Authorization": "${{ secrets.GH_SECRET }}"}'
	timeout: '60000'

	- name: Get Requests Count
	id: count
	run: \|
	count=$(jq length <<< ${{ steps.requests.outputs.response }})
	echo "$count"
	echo "count=$count" >> $GITHUB_OUTPUT

	- name: Checkout Terraform Modules
	if: steps.count.outputs.count != '0'
	uses: actions/checkout@v3
	with:
	repository: bcgov/sso-terraform-modules
	ref: main

	- id: tf-modules
	if: steps.count.outputs.count != '0'
	name: Get Terraform Modules Latest SHA
	run: echo "latest-sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
	shell: bash

	- uses: actions/checkout@v2

	- name: Pull the main branch again
	if: steps.count.outputs.count != '0'
	run: \|
	git pull origin main --rebase

	- name: Setup Terraform
	if: steps.count.outputs.count != '0'
	id: tf
	uses: bcgov/sso-requests-actions/actions/setup-terraform@v0.63.0
	with:
	context: ./terraform-v2
	tf-version: ${{ env.TF_VERSION }}
	tf-s3-bucket: xgr00q-prod-keycloak
	tf-s3-bucket-key: keycloak/gold
	tf-s3-dynamodb-table: xgr00q-prod-state-locking
	tf-s3-access-key: ${{ secrets.TF_S3_ACCESS_KEY }}
	tf-s3-secret-key: ${{ secrets.TF_S3_SECRET_KEY }}
	tf-s3-role-arn: ${{ secrets.TF_S3_ROLE_ARN }}
	kc-provider-version: 3.10.0
	kc-dev-url: ${{ env.KEYCLOAK_V2_DEV_URL }}
	kc-test-url: ${{ env.KEYCLOAK_V2_TEST_URL }}
	kc-prod-url: ${{ env.KEYCLOAK_V2_PROD_URL }}
	kc-dev-secret: ${{ secrets.KEYCLOAK_V2_DEV_CLIENT_SECRET }}
	kc-test-secret: ${{ secrets.KEYCLOAK_V2_TEST_CLIENT_SECRET }}
	kc-prod-secret: ${{ secrets.KEYCLOAK_V2_PROD_CLIENT_SECRET }}
	test-siteminder-signing-certificate: ${{ secrets.TEST_SITEMINDER_SIGNING_CERTIFICATE }}
	prod-siteminder-signing-certificate: ${{ secrets.PROD_SITEMINDER_SIGNING_CERTIFICATE }}
	dev-azureidir-tenant-id: ${{ secrets.DEV_AZUREIDIR_TENANT_ID }}
	dev-azureidir-client-id: ${{ secrets.DEV_AZUREIDIR_CLIENT_ID }}
	dev-azureidir-client-secret: ${{ secrets.DEV_AZUREIDIR_CLIENT_SECRET }}
	test-azureidir-tenant-id: ${{ secrets.TEST_AZUREIDIR_TENANT_ID }}
	test-azureidir-client-id: ${{ secrets.TEST_AZUREIDIR_CLIENT_ID }}
	test-azureidir-client-secret: ${{ secrets.TEST_AZUREIDIR_CLIENT_SECRET }}
	prod-azureidir-tenant-id: ${{ secrets.PROD_AZUREIDIR_TENANT_ID }}
	prod-azureidir-client-id: ${{ secrets.PROD_AZUREIDIR_CLIENT_ID }}
	prod-azureidir-client-secret: ${{ secrets.PROD_AZUREIDIR_CLIENT_SECRET }}
	dev-github-client-id: ${{ secrets.DEV_GITHUB_CLIENT_ID }}
	dev-github-client-secret: ${{ secrets.DEV_GITHUB_CLIENT_SECRET }}
	test-github-client-id: ${{ secrets.TEST_GITHUB_CLIENT_ID }}
	test-github-client-secret: ${{ secrets.TEST_GITHUB_CLIENT_SECRET }}
	prod-github-client-id: ${{ secrets.PROD_GITHUB_CLIENT_ID }}
	prod-github-client-secret: ${{ secrets.PROD_GITHUB_CLIENT_SECRET }}
	apply: true
	tf-modules-cache-key: ${{ steps.tf-modules.outputs.latest-sha }}
	continue-on-error: true

	- name: Setup NPM Packages
	if: steps.count.outputs.count != '0'
	uses: bcgov/sso-requests-actions/actions/setup-yarn@v0.63.0

	- name: Update Requests Status
	if: steps.count.outputs.count != '0'
	uses: fjogeleit/http-request-action@master
	with:
	url: ${{ env.API_URL }}/batch/items
	method: PUT
	data: "{\"ids\": ${{ steps.requests.outputs.response }}, \"success\": \"${{ steps.tf.outputs.apply != 'failure' }}\"}"
	customHeaders: '{"Authorization": "${{ secrets.GH_SECRET }}"}'
	timeout: '60000'
	- name: Fetch Terraform Log
	if: steps.tf.outputs.init == 'failure' \|\| steps.tf.outputs.apply == 'failure'
	id: summary
	run: \|
	# `tr` joins lines and `sed` removes single/double quotes
	summary=$(cat ${{ github.workspace }}/terraform.log \| awk 'match($0, /\[ERROR\] .*/) {print substr($0, RSTART, RLENGTH)}' \| tr '\n' ',' \| sed -e 's\|["'\'']\|\|g')
	echo "$summary"
	echo "summary=$summary" >> "$GITHUB_OUTPUT"
	- name: Rocket.Chat Notification
	if: steps.tf.outputs.init == 'failure' \|\| steps.tf.outputs.apply == 'failure'
	uses: fjogeleit/http-request-action@master
	with:
	url: ${{ secrets.RC_SSO_ALERTS_WEBHOOK }}
	method: POST
	customHeaders: '{"Content-Type": "application/json"}'
	data: '{"text": "Terraform Batch Job Failed! @jsharman @jlanglois @Marco @zorin.samji @nithinshekar.kuruba", "attachments": [{"color": "#FF0000","author_name": "${{ github.actor }}", "title": "Failed job", "title_link": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "text": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "fields": [{"title": "Error Summary", "value": "${{ steps.summary.outputs.summary }}", "short": false}]}]}'

	- name: Set Failure Code
	if: steps.tf.outputs.init == 'failure' \|\| steps.tf.outputs.apply == 'failure'
	run: exit 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Terraform V2 Batch #182866

Workflow file

Terraform V2 Batch #182866

Jobs

Run details

Workflow file for this run