Skip to content

Commit

Permalink
squash
Browse files Browse the repository at this point in the history
  • Loading branch information
ryanwi committed Jun 1, 2024
1 parent 3808d15 commit 94e2f02
Show file tree
Hide file tree
Showing 9 changed files with 77 additions and 40 deletions.
4 changes: 2 additions & 2 deletions .github/actions/docker-build-artifacts/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,17 +41,17 @@ runs:
shell: bash
working-directory: ${{ inputs.WORKING_DIRECTORY }}
run: |
env REPO_PASSWORD='${{ env.REPO_PASSWORD }}' docker build \
env REPO_PASSWORD='${{ env.REPO_PASSWORD }}' DEPLOYMENT_TOKEN='${{ env.DEPLOYMENT_TOKEN }}' docker build \
--build-arg BUILD_NUMBER="${GITHUB_RUN_ID}" \
--build-arg GIT_SHA="$(echo ${GITHUB_SHA} | cut -c1-10)" \
--build-arg MAINTAINER="${{ inputs.MAINTAINER }}" \
--build-arg REPO_DOMAIN="${{ inputs.REPO_DOMAIN }}" \
--build-arg REPO_USERNAME="${{ env.REPO_USERNAME }}" \
--file "${{ inputs.DOCKERFILE }}" \
--no-cache \
--platform linux/${{ inputs.PLATFORM }} \
--progress=plain \
--secret id=REPO_PASSWORD,env=REPO_PASSWORD \
--secret id=DEPLOYMENT_TOKEN,env=DEPLOYMENT_TOKEN \
--tag artifacts-${GITHUB_RUN_ID}:${GITHUB_SHA} \
--ulimit nofile=1024000:1024000 \
. 2>&1 | tee -a ${{ inputs.BUILD_LOG_FILENAME }}
Expand Down
22 changes: 12 additions & 10 deletions .github/actions/docker/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,10 @@ inputs:
default: 'true'
description: 'Whenever the container should be tested on pr.'
required: false
CONTAINER_TEST_RUN_OPTIONS:
default: ''
description: 'Custom options for the docker run command that executes the test'
required: false
CONTAINER_TEST_COMMAND:
default: ''
description: 'A custom command to test the docker container.'
Expand Down Expand Up @@ -124,7 +128,7 @@ runs:

- name: Build and export to Docker
uses: docker/build-push-action@v5
if: inputs.PLATFORMS == 'linux/amd64' && inputs.TAG_ONLY == 'false'
if: inputs.TAG_ONLY == 'false'
with:
load: true
tags: |
Expand All @@ -133,7 +137,8 @@ runs:
# cache-to: type=gha,mode=max
file: ${{ inputs.FILE }}
context: ${{ inputs.CONTEXT }}
platforms: ${{ inputs.PLATFORMS }}
# cannot use multiple platforms with `load`, build a single arch image for validation purposes in CI
platforms: linux/amd64
build-args: ${{ env.BUILD_ARGS }}
secrets: ${{ env.DOCKER_SECRETS }}

Expand All @@ -143,15 +148,12 @@ runs:
shell: bash
run: |
docker images
echo "${{ steps.meta.outputs.tags }}"
docker run -d --rm --name test ${{ fromJSON(steps.meta.outputs.json).tags[0] }} ${{ inputs.CONTAINER_TEST_COMMAND }}
echo "Starting container for image: ${{ steps.meta.outputs.tags }}"
docker run -d --rm --name test ${{ inputs.CONTAINER_TEST_RUN_OPTIONS }} ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
sleep 20
docker logs test > logs.txt
EXECUTIONLOG=$(cat logs.txt)
EXECUTIONLOG="${EXECUTIONLOG//'%'/'%25'}"
EXECUTIONLOG="${EXECUTIONLOG//$'\n'/'%0A'}"
EXECUTIONLOG="${EXECUTIONLOG//$'\r'/'%0D'}"
echo "name=container-logs::$EXECUTIONLOG" >> $GITHUB_OUTPUT
docker ps
docker logs test
${{ inputs.CONTAINER_TEST_COMMAND }}
- name: Build and push
if: inputs.PUSH == 'true' # && inputs.TAG_ONY == 'false'
Expand Down
5 changes: 0 additions & 5 deletions .github/actions/test-ruby/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,6 @@ inputs:
required: false
description: Reviewdog report
default: 'false'
RUN_TESTS:
required: false
default: 'true'
description: Whenever you wanna run tests.

runs:
using: "composite"
Expand Down Expand Up @@ -123,7 +119,6 @@ runs:
shell: bash

- name: Run Tests
if: inputs.RUN_TESTS != 'false'
run: |
bundle exec rspec -f j -o tmp/rspec_results.json -f p
shell: bash
Expand Down
7 changes: 6 additions & 1 deletion .github/workflows/ci-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,10 @@ on:
type: boolean
default: true
description: 'Whenever the container should be tested on pr.'
CONTAINER_TEST_RUN_OPTIONS:
type: string
default: ''
description: 'Custom options for the docker run command that executes the test'
CONTAINER_TEST_COMMAND:
type: string
default: ''
Expand Down Expand Up @@ -225,7 +229,7 @@ jobs:
uses: actions/checkout@v4
with:
repository: signalwire/actions-template
ref: main
ref: ryanwi/container-test-run-options
path: actions

- uses: ./actions/.github/actions/gpg
Expand Down Expand Up @@ -273,6 +277,7 @@ jobs:
IMAGE_REPO: ${{ inputs.IMAGE_REPO }}
BUILD_ARGS: ${{ inputs.BUILD_ARGS }}
CONTAINER_TEST: ${{ inputs.CONTAINER_TEST }}
CONTAINER_TEST_RUN_OPTIONS: ${{ inputs.CONTAINER_TEST_RUN_OPTIONS }}
CONTAINER_TEST_COMMAND: ${{ inputs.CONTAINER_TEST_COMMAND }}
OUTPUT_TAG_INDEX: ${{ inputs.OUTPUT_TAG_INDEX }}
CACHE_FROM: ${{ inputs.CACHE_FROM }}
Expand Down
1 change: 0 additions & 1 deletion .github/workflows/ci-docker-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,6 @@ jobs:
--build-arg REPO_DOMAIN="${{ inputs.REPO_DOMAIN }}" \
--build-arg REPO_USERNAME="${{ secrets.REPO_USERNAME }}" \
--file "${{ inputs.DOCKERFILE }}" \
--no-cache \
--platform linux/${{ inputs.PLATFORM }} \
--progress=plain \
--secret id=REPO_PASSWORD,env=REPO_PASSWORD \
Expand Down
12 changes: 11 additions & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,14 @@ on:
type: boolean
default: true
description: 'Whenever the container should be tested on pr.'
CONTAINER_TEST_RUN_OPTIONS:
type: string
default: ''
description: 'Custom options for the docker run command that executes the test'
CONTAINER_TEST_COMMAND:
type: string
default: ''
description: 'A custom command to test the docker container.'
RUNNER:
type: string
default: 'ubuntu-latest'
Expand Down Expand Up @@ -237,7 +245,7 @@ jobs:
BUILD:
name: BUILD
needs: CHECK
uses: signalwire/actions-template/.github/workflows/ci-build.yml@ryanwi/debug-container-test
uses: signalwire/actions-template/.github/workflows/ci-build.yml@ryanwi/container-test-run-options
with:
ENVIRONMENT: ${{ inputs.ENVIRONMENT }}
PROJECT_NAME: ${{ inputs.PROJECT_NAME }}
Expand All @@ -251,6 +259,8 @@ jobs:
PLATFORMS: ${{ inputs.PLATFORMS }}
CONTAINER_SCAN: ${{ inputs.CONTAINER_SCAN }}
CONTAINER_TEST: ${{ inputs.CONTAINER_TEST }}
CONTAINER_TEST_RUN_OPTIONS: ${{ inputs.CONTAINER_TEST_RUN_OPTIONS }}
CONTAINER_TEST_COMMAND: ${{ inputs.CONTAINER_TEST_COMMAND }}
RUNNER: ${{ inputs.RUNNER }}
TAG: ${{ inputs.TAG }}
BUILD_ARGS: ${{ inputs.BUILD_ARGS }}
Expand Down
5 changes: 4 additions & 1 deletion .github/workflows/cicd-docker-build-and-distribute.yml
Original file line number Diff line number Diff line change
Expand Up @@ -87,9 +87,11 @@ on:
required: true
USERNAME:
required: true
REPO_USERNAME:
required: false
REPO_PASSWORD:
required: false
REPO_USERNAME:
DEPLOYMENT_TOKEN:
required: false
GH_BOT_DEPLOY_TOKEN:
required: true
Expand Down Expand Up @@ -135,6 +137,7 @@ jobs:
env:
REPO_USERNAME: ${{ secrets.REPO_USERNAME }}
REPO_PASSWORD: ${{ secrets.REPO_PASSWORD }}
DEPLOYMENT_TOKEN: ${{ secrets.DEPLOYMENT_TOKEN }}

- name: Upload build logs
uses: actions/upload-artifact@v4
Expand Down
58 changes: 40 additions & 18 deletions .github/workflows/iac.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ on:
TG_VERSION:
required: false
type: string
default: '0.57.5'
default: '0.58.2'
TF_VERSION:
required: false
type: string
Expand Down Expand Up @@ -57,6 +57,11 @@ on:
required: true
type: string
default: ubuntu-latest
AZURE_ENV:
required: false
description: If Azure is required
type: boolean
default: false
secrets:
AWS_ACCESS_KEY_ID:
required: true
Expand Down Expand Up @@ -99,6 +104,19 @@ on:
PRIVATE_SSH_KEY_TFMODULES:
required: false
description: A private SSH key to clone the repository
AZURE_CLIENT_ID:
required: false
description: "Azure Client ID"
AZURE_TENANT_ID:
required: false
description: "Azure Tenant ID"
AZURE_SUBSCRIPTION_ID:
required: false
description: "Azure Subscription ID"
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

jobs:
terragrunt:
Expand All @@ -110,6 +128,14 @@ jobs:
permissions: write-all

steps:
- name: Install dependencies
run: |
sudo apt update
sudo apt install unzip git -yq
- name: cleanup old checkout
run: chmod +w -R ${GITHUB_WORKSPACE}; rm -rf ${GITHUB_WORKSPACE}/*;

- name: 'Checkout'
uses: actions/checkout@v4

Expand All @@ -119,7 +145,7 @@ jobs:
repository: signalwire/actions-template
ref: main
path: actions

- name: Configure AWS Credentials
uses: aws-actions/[email protected]
with:
Expand All @@ -129,18 +155,16 @@ jobs:

- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/[email protected].2'
uses: 'google-github-actions/[email protected].3'
if: inputs.GCP_ENV == true
with:
workload_identity_provider: ${{ inputs.GCP_WIP }}
project_id: ${{ inputs.PROJECT_ID }}
service_account: ${{ inputs.GCP_SA }}

- name: Install dependencies
run: sudo apt update ; sudo apt install unzip -yq

- name: Sops Binary Installer
uses: mdgreenwald/[email protected]
if: inputs.TELEPORT_APP != ''
with:
version: 3.7.3

Expand Down Expand Up @@ -170,15 +194,13 @@ jobs:

- uses: opentofu/setup-opentofu@main

- run: sudo apt update ; sudo apt install git -yq ; git config --global --add safe.directory '*'

- name: Init
id: init
uses: gruntwork-io/terragrunt-action@v2
uses: gruntwork-io/terragrunt-action@v1
with:
tf_version: ${{ inputs.TF_VERSION }}
tg_version: ${{ inputs.TG_VERSION }}
tg_dir: ${{ inputs.WORKING_DIR }}
tg_dir: ./${{ inputs.WORKING_DIR }}
tg_command: 'run-all init'
env:
# configure git to use custom token to clone repository.
Expand All @@ -189,7 +211,7 @@ jobs:
git config --global --list
- name: Validate
uses: gruntwork-io/terragrunt-action@v2
uses: gruntwork-io/terragrunt-action@v1
id: validate
with:
tf_version: ${{ inputs.TF_VERSION }}
Expand All @@ -200,8 +222,9 @@ jobs:
OVH_CLOUD_PROJECT_SERVICE: ${{ secrets.OVH_CLOUD_PROJECT_SERVICE }}

- name: Plan
uses: gruntwork-io/terragrunt-action@v2
uses: gruntwork-io/terragrunt-action@v1
id: plan
continue-on-error: true
with:
tf_version: ${{ inputs.TF_VERSION }}
tg_version: ${{ inputs.TG_VERSION }}
Expand All @@ -223,13 +246,9 @@ jobs:
OVH_APPLICATION_SECRET: ${{ secrets.OVH_APPLICATION_SECRET }}
OVH_CONSUMER_KEY: ${{ secrets.OVH_CONSUMER_KEY }}
OVH_CLOUD_PROJECT_SERVICE: ${{ secrets.OVH_CLOUD_PROJECT_SERVICE }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}}
GITHUB_TOKEN: ${{ github.token }}
# TF_LOG: trace

- name: Terraform Plan Status
if: steps.plan.outcome == 'failure'
run: exit 1

- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
Expand All @@ -250,7 +269,7 @@ jobs:

- name: Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
uses: gruntwork-io/terragrunt-action@v2
uses: gruntwork-io/terragrunt-action@v1
id: apply
with:
tf_version: ${{ inputs.TF_VERSION }}
Expand All @@ -272,3 +291,6 @@ jobs:
OVH_APPLICATION_SECRET: ${{ secrets.OVH_APPLICATION_SECRET }}
OVH_CONSUMER_KEY: ${{ secrets.OVH_CONSUMER_KEY }}
OVH_CLOUD_PROJECT_SERVICE: ${{ secrets.OVH_CLOUD_PROJECT_SERVICE }}

- run: sudo chmod -R 777 /home/runner/_work/${{ github.event.repository.name }}
continue-on-error: true
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
./sonarscanner
./sonarscanner
.DS_Store

0 comments on commit 94e2f02

Please sign in to comment.