chore(deps): lock file maintenance #805
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test action | |
on: pull_request | |
env: | |
AWS_REGION: ca-central-1 | |
TERRAFORM_VERSION: 1.9.8 | |
TERRAGRUNT_VERSION: 0.68.6 | |
TF_SUMMARIZE_VERSION: 0.3.5 | |
permissions: | |
id-token: write | |
pull-requests: write | |
contents: read | |
jobs: | |
terraform-plan: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- test: changes | |
allow-failure: false | |
- test: no-changes | |
allow-failure: false | |
- test: format-error | |
allow-failure: true | |
- test: invalid | |
allow-failure: true | |
- test: conftest-deny | |
allow-failure: true | |
- test: skip-conftest | |
allow-failure: false | |
skip-conftest: true | |
- test: skip-fmt | |
allow-failure: false | |
skip-fmt: true | |
- test: skip-plan | |
allow-failure: false | |
skip-plan: true | |
- test: truncate-plan | |
allow-failure: false | |
- test: init-fail | |
allow-failure: true | |
- test: validate-fail | |
allow-failure: true | |
- test: import | |
allow-failure: true | |
- test: terragrunt | |
allow-failure: false | |
terragrunt: true | |
- test: init-run-all | |
allow-failure: false | |
terragrunt: true | |
init-run-all: true | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Setup terraform tools | |
uses: cds-snc/terraform-tools-setup@v1 | |
- name: Configure AWS credentials using OIDC | |
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
with: | |
role-to-assume: arn:aws:iam::124044056575:role/terraform-plan-plan | |
role-session-name: TFPlan | |
aws-region: ${{ env.AWS_REGION }} | |
- name: Test ${{ matrix.test }} | |
uses: ./ | |
with: | |
directory: test/${{ matrix.test }} | |
allow-failure: ${{ matrix.allow-failure }} | |
comment-title: Test ${{ matrix.test }} | |
comment-delete: true | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
skip-conftest: ${{ matrix.skip-conftest || 'false' }} | |
skip-fmt: ${{ matrix.skip-fmt || 'false' }} | |
skip-plan: ${{ matrix.skip-plan || 'false' }} | |
terragrunt: ${{ matrix.terragrunt || 'false' }} | |
init-run-all: ${{ matrix.init-run-all || 'false'}} | |
test-action-comments: | |
needs: terraform-plan | |
runs-on: ubuntu-latest | |
steps: | |
- name: Test action comments | |
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
script: | | |
let isFailed = false; | |
const testComments = [ | |
{ | |
exist: true, | |
title: /Test changes/g, | |
state: /`success`[^`]+`success`/g | |
},{ | |
exist: true, | |
title: /Test format-error/g, | |
state: /`failed`[^`]+`success`/g | |
},{ | |
exist: true, | |
title: /Test invalid/g, | |
state: /`failed`[^`]+`failed`/g | |
},{ | |
exist: false, | |
title: /Test no-changes/g, | |
state: /./g | |
},{ | |
exist: true, | |
title: /Test conftest-deny/g, | |
state: /FAIL/g | |
},{ | |
exist: false, | |
title: /Test skip-conftest/g, | |
state: /Conftest:\*\*/gm | |
},{ | |
exist: true, | |
title: /Test skip-fmt/g, | |
state: /Terraform Validate:\*\* `success`\n\*\*✅ Terraform Plan/gm | |
},{ | |
exist: true, | |
title: /Test skip-plan/g, | |
state: /Terraform Format:\*\* `success`\n/gm | |
},{ | |
exist: true, | |
title: /Test truncate-plan/g, | |
state: /plan has been truncated/gm | |
},{ | |
exist: true, | |
title: /Test init-fail/g, | |
state: /Terraform Init:\*\* `failed`\n/gm | |
},{ | |
exist: true, | |
title: /Test validate-fail/g, | |
state: /Terraform Validate:\*\* `failed`\n/gm | |
},{ | |
exist: true, | |
title: /Test import/g, | |
state: /`success`[^`]+`success`/g | |
}, | |
{ | |
exist: true, | |
title: /Test terragrunt/g, | |
state: /`success`[^`]+`success`/g | |
}, | |
{ | |
exist: true, | |
title: /Test init-run-all/g, | |
state: /`success`[^`]+`success`/g | |
} | |
]; | |
// Get the existing comments. | |
const {data: comments} = await github.rest.issues.listComments({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: context.payload.number, | |
}); | |
// Run through the tests | |
let botComment; | |
for(let test of testComments){ | |
botComment = comments.find(comment => comment.body.match(test.title) && comment.body.match(test.state)); | |
if((botComment && !test.exist) || (!botComment && test.exist)){ | |
console.log(`Failed '${test.title}'`); | |
isFailed = true; | |
} | |
} | |
if(isFailed){ | |
core.setFailed('PR comments did not match'); | |
} | |
test-directory-failure: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Setup terraform tools | |
uses: cds-snc/terraform-tools-setup@v1 | |
- name: Test directory failure | |
id: directory-failure | |
continue-on-error: true | |
uses: ./ | |
with: | |
directory: invalid | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Check directory failure | |
if: steps.directory-failure.outcome == 'failure' | |
run: | | |
echo "Directory failure test passed" | |
- name: Test failed | |
if: steps.directory-failure.outcome == 'success' && steps.directory-failure.conclusion == 'success' | |
run: | | |
exit 1 |