Skip to content

bug: fixes for github and resource providers #89

bug: fixes for github and resource providers

bug: fixes for github and resource providers #89

Workflow file for this run

---
name: End to End Tests
on:
pull_request:
branches:
- main
types: ['opened', 'reopened', 'synchronize', 'labeled']
workflow_dispatch:
permissions:
id-token: write
contents: read
jobs:
e2e-test:
name: "OS: ${{ matrix.operatingSystem }}, VCS: ${{ matrix.versionControlSystem }}, Auth: ${{ matrix.authScheme }}, Terraform: ${{ matrix.terraform_version }}"
environment: CSUTF
concurrency: CSUTF-${{ matrix.operatingSystem }}-${{ matrix.terraform_version }}-${{ matrix.versionControlSystem }}-${{ matrix.authScheme }}
if: "${{ github.repository == 'Azure/alz-terraform-accelerator' && (contains(github.event.pull_request.labels.*.name, 'PR: Safe to test 🧪') || github.event_name == 'workflow_dispatch') }}"
strategy:
fail-fast: false
matrix:
operatingSystem: ['ubuntu-latest', 'windows-latest', 'macos-latest']
terraform_version: ['latest', '1.5.0']
versionControlSystem: ['github', 'azuredevops']
authScheme: ['ManagedServiceIdentity', 'WorkloadIdentityFederation']
exclude:
- versionControlSystem: github
authScheme: ManagedServiceIdentity
runs-on: ${{ matrix.operatingSystem }}
steps:
- name: Show env
run: env | sort
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ matrix.terraform_version }}
terraform_wrapper: false
- name: Setup ALZ Module Inputs
run: |
# Get Inputs
$versionControlSystem = "${{ matrix.versionControlSystem }}"
$authScheme = "${{ matrix.authScheme }}"
$operatingSystem = "${{ matrix.operatingSystem }}"
$terraformVersion = "${{ matrix.terraform_version }}"
# Get Unique ID
$versionControlSystemShort = $versionControlSystem.Substring(0, 1)
$authSchemeShort = $authScheme.Substring(0, 1)
$operationSystemShort = $operatingSystem.Substring(0, 1)
$terraformVersionShort = if ($terraformVersion -eq "latest") { "l" } else { "m" }
$runNumber = "${{ github.run_number }}"
Write-Host "Version Control System: $versionControlSystem ($versionControlSystemShort)"
Write-Host "Auth Scheme: $authScheme ($authSchemeShort)"
Write-Host "Operating System: $operatingSystem ($operationSystemShort)"
Write-Host "Terraform Version: $terraformVersion ($terraformVersionShort)"
Write-Host "Run Number: $runNumber"
$uniqueId = "$operationSystemShort$versionControlSystemShort$authSchemeShort$terraformVersionShort$runNumber".ToLower()
Write-Host "Unique ID: $uniqueId"
$Inputs = @{}
$Inputs["starter_module"] = ".test"
$Inputs["version_control_system_access_token"] = if ($versionControlSystem -eq "github") { "${{ secrets.VCS_TOKEN_GITHUB }}" } else { "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}" }
$Inputs["version_control_system_organization"] = "${{ vars.VCS_ORGANIZATION }}"
$Inputs["azure_location"] = "uksouth"
$Inputs["azure_subscription_id"] = ""
$Inputs["service_name"] = "alz"
$Inputs["environment_name"] = $uniqueId
$Inputs["postfix_number"] = "1"
if($versionControlSystem -eq "github") {
$Inputs["repository_visibility"] = "public"
} else {
$Inputs["azure_devops_use_organisation_legacy_url"] = "false"
$Inputs["azure_devops_create_project"] = "true"
$Inputs["azure_devops_project_name"] = "alz-test-$uniqueId"
$Inputs["azure_devops_authentication_scheme"] = $authScheme
}
$Inputs["apply_approvers"] = if ($versionControlSystem -eq "github") { "${{ vars.VCS_APPROVER_GITHUB }}" } else { "${{ vars.VCS_APPROVER_AZUREDEVOPS }}" }
$Inputs["root_management_group_display_name"] = "Tenant Root Group"
$Inputs["additional_files"] = ""
$Inputs["subscription_id_connectivity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["subscription_id_identity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["subscription_id_management"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["parent_management_group_display_name"] = "Tenant Root Group"
$Inputs["child_management_group_display_name"] = "E2E Test"
$Inputs["resource_group_location"] = "uksouth"
$json = $Inputs | ConvertTo-Json -Depth 100 | Out-File -FilePath inputs.json -Encoding utf8 -Force
shell: pwsh
- name: Run ALZ PowerShell
run: |
# Get Inputs
$versionControlSystem = "${{ matrix.versionControlSystem }}"
# Install the Module
Write-Host "Installing the ALZ Module"
Install-Module -Name ALZ -Force -Scope CurrentUser -Repository PSGallery
# Get the latest release version
$release = ./tests/scripts/get-release.ps1
# Copy the Module into the Release Folder to ensure we are using the code in our branch
Write-Host "Copying the ALZ Module into the release Folder"
$folder = New-Item -Path "./$release" -ItemType Directory
Copy-Item -Path "./bootstrap" -Destination "./$release/bootstrap" -Recurse
Copy-Item -Path "./templates" -Destination "./$release/templates" -Recurse
Write-Host "ALZ Module copied into the release folder $($folder.name)"
# Run the Module in a retry loop
$retryCount = 0
$maximumRetries = 10
$retryDelay = 10000
$success = $false
do {
$retryCount++
try {
Write-Host "Running the ALZ Module"
New-ALZEnvironment -IaC "terraform" -cicd $versionControlSystem -inputs "./inputs.json" -autoApprove -ErrorAction Stop
if ($LastExitCode -eq 0) {
$success = $true
} else {
throw "Failed to apply the bootstrap environment."
}
} catch {
Write-Host "Failed to apply the bootstrap environment. Destroy and retry..."
./tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem
}
} while ($success -eq $false -and $retryCount -lt $maximumRetries)
if ($success -eq $false) {
throw "Failed to apply the bootstrap environment after $maximumRetries attempts."
}
shell: pwsh
env:
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }}
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }}
ARM_USE_OIDC: true
- name: Run Terraform Destroy to Clean Up
if: always()
run: |
# Get Inputs
$versionControlSystem = "${{ matrix.versionControlSystem }}"
# Run destroy
./tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem
shell: pwsh
env:
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }}
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }}
ARM_USE_OIDC: true