bug: fixes for github and resource providers #89
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: End to End Tests | |
on: | |
pull_request: | |
branches: | |
- main | |
types: ['opened', 'reopened', 'synchronize', 'labeled'] | |
workflow_dispatch: | |
permissions: | |
id-token: write | |
contents: read | |
jobs: | |
e2e-test: | |
name: "OS: ${{ matrix.operatingSystem }}, VCS: ${{ matrix.versionControlSystem }}, Auth: ${{ matrix.authScheme }}, Terraform: ${{ matrix.terraform_version }}" | |
environment: CSUTF | |
concurrency: CSUTF-${{ matrix.operatingSystem }}-${{ matrix.terraform_version }}-${{ matrix.versionControlSystem }}-${{ matrix.authScheme }} | |
if: "${{ github.repository == 'Azure/alz-terraform-accelerator' && (contains(github.event.pull_request.labels.*.name, 'PR: Safe to test 🧪') || github.event_name == 'workflow_dispatch') }}" | |
strategy: | |
fail-fast: false | |
matrix: | |
operatingSystem: ['ubuntu-latest', 'windows-latest', 'macos-latest'] | |
terraform_version: ['latest', '1.5.0'] | |
versionControlSystem: ['github', 'azuredevops'] | |
authScheme: ['ManagedServiceIdentity', 'WorkloadIdentityFederation'] | |
exclude: | |
- versionControlSystem: github | |
authScheme: ManagedServiceIdentity | |
runs-on: ${{ matrix.operatingSystem }} | |
steps: | |
- name: Show env | |
run: env | sort | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_version: ${{ matrix.terraform_version }} | |
terraform_wrapper: false | |
- name: Setup ALZ Module Inputs | |
run: | | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.versionControlSystem }}" | |
$authScheme = "${{ matrix.authScheme }}" | |
$operatingSystem = "${{ matrix.operatingSystem }}" | |
$terraformVersion = "${{ matrix.terraform_version }}" | |
# Get Unique ID | |
$versionControlSystemShort = $versionControlSystem.Substring(0, 1) | |
$authSchemeShort = $authScheme.Substring(0, 1) | |
$operationSystemShort = $operatingSystem.Substring(0, 1) | |
$terraformVersionShort = if ($terraformVersion -eq "latest") { "l" } else { "m" } | |
$runNumber = "${{ github.run_number }}" | |
Write-Host "Version Control System: $versionControlSystem ($versionControlSystemShort)" | |
Write-Host "Auth Scheme: $authScheme ($authSchemeShort)" | |
Write-Host "Operating System: $operatingSystem ($operationSystemShort)" | |
Write-Host "Terraform Version: $terraformVersion ($terraformVersionShort)" | |
Write-Host "Run Number: $runNumber" | |
$uniqueId = "$operationSystemShort$versionControlSystemShort$authSchemeShort$terraformVersionShort$runNumber".ToLower() | |
Write-Host "Unique ID: $uniqueId" | |
$Inputs = @{} | |
$Inputs["starter_module"] = ".test" | |
$Inputs["version_control_system_access_token"] = if ($versionControlSystem -eq "github") { "${{ secrets.VCS_TOKEN_GITHUB }}" } else { "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}" } | |
$Inputs["version_control_system_organization"] = "${{ vars.VCS_ORGANIZATION }}" | |
$Inputs["azure_location"] = "uksouth" | |
$Inputs["azure_subscription_id"] = "" | |
$Inputs["service_name"] = "alz" | |
$Inputs["environment_name"] = $uniqueId | |
$Inputs["postfix_number"] = "1" | |
if($versionControlSystem -eq "github") { | |
$Inputs["repository_visibility"] = "public" | |
} else { | |
$Inputs["azure_devops_use_organisation_legacy_url"] = "false" | |
$Inputs["azure_devops_create_project"] = "true" | |
$Inputs["azure_devops_project_name"] = "alz-test-$uniqueId" | |
$Inputs["azure_devops_authentication_scheme"] = $authScheme | |
} | |
$Inputs["apply_approvers"] = if ($versionControlSystem -eq "github") { "${{ vars.VCS_APPROVER_GITHUB }}" } else { "${{ vars.VCS_APPROVER_AZUREDEVOPS }}" } | |
$Inputs["root_management_group_display_name"] = "Tenant Root Group" | |
$Inputs["additional_files"] = "" | |
$Inputs["subscription_id_connectivity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["subscription_id_identity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["subscription_id_management"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["parent_management_group_display_name"] = "Tenant Root Group" | |
$Inputs["child_management_group_display_name"] = "E2E Test" | |
$Inputs["resource_group_location"] = "uksouth" | |
$json = $Inputs | ConvertTo-Json -Depth 100 | Out-File -FilePath inputs.json -Encoding utf8 -Force | |
shell: pwsh | |
- name: Run ALZ PowerShell | |
run: | | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.versionControlSystem }}" | |
# Install the Module | |
Write-Host "Installing the ALZ Module" | |
Install-Module -Name ALZ -Force -Scope CurrentUser -Repository PSGallery | |
# Get the latest release version | |
$release = ./tests/scripts/get-release.ps1 | |
# Copy the Module into the Release Folder to ensure we are using the code in our branch | |
Write-Host "Copying the ALZ Module into the release Folder" | |
$folder = New-Item -Path "./$release" -ItemType Directory | |
Copy-Item -Path "./bootstrap" -Destination "./$release/bootstrap" -Recurse | |
Copy-Item -Path "./templates" -Destination "./$release/templates" -Recurse | |
Write-Host "ALZ Module copied into the release folder $($folder.name)" | |
# Run the Module in a retry loop | |
$retryCount = 0 | |
$maximumRetries = 10 | |
$retryDelay = 10000 | |
$success = $false | |
do { | |
$retryCount++ | |
try { | |
Write-Host "Running the ALZ Module" | |
New-ALZEnvironment -IaC "terraform" -cicd $versionControlSystem -inputs "./inputs.json" -autoApprove -ErrorAction Stop | |
if ($LastExitCode -eq 0) { | |
$success = $true | |
} else { | |
throw "Failed to apply the bootstrap environment." | |
} | |
} catch { | |
Write-Host "Failed to apply the bootstrap environment. Destroy and retry..." | |
./tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem | |
} | |
} while ($success -eq $false -and $retryCount -lt $maximumRetries) | |
if ($success -eq $false) { | |
throw "Failed to apply the bootstrap environment after $maximumRetries attempts." | |
} | |
shell: pwsh | |
env: | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} | |
ARM_USE_OIDC: true | |
- name: Run Terraform Destroy to Clean Up | |
if: always() | |
run: | | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.versionControlSystem }}" | |
# Run destroy | |
./tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem | |
shell: pwsh | |
env: | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} | |
ARM_USE_OIDC: true |