Skip to content

Merge pull request #3549 from sean-morris/master #742

Merge pull request #3549 from sean-morris/master

Merge pull request #3549 from sean-morris/master #742

name: Ensure Uptime Checks
- master
# Config of prometheus or hubs might have changed
- helm-charts/**
# Hubs & clusters might be added or removed
- config/clusters/**
# The terraform code for the checks might have changed
- terraform/uptime-checks/**
# The way terraform is deployed might have changed!
- .github/workflows/ensure-uptime-checks.yaml
# When multiple PRs triggering this workflow are merged, queue them instead
# of running them in parallel
concurrency: uptime-checks
# This environment variable triggers the deployer to colourise print statments in the
# GitHub Actions logs for easy reading
TERM: xterm
runs-on: ubuntu-latest
- name: Checkout repo
uses: actions/checkout@v4
# Uptime checks are set up and managed via terraform
- uses: hashicorp/setup-terraform@v3
# We use sops to store encrypted GCP ServiceAccount Key that terraform uses
# to run, as well as PagerDuty config terraform uses
- name: Install sops
uses: mdgreenwald/[email protected]
# Authenticate with the correct KMS key that sops will use.
- name: Setup sops credentials to decrypt repo secrets
uses: google-github-actions/auth@v2
credentials_json: "${{ secrets.GCP_KMS_DECRYPTOR_KEY }}"
- name: ensure uptime checks are set up
run: |
cd terraform/uptime-checks
# Decrypt the GCP ServiceAccount key with permissions to run terraform
sops -d secret/enc-service-account-key.secret.json > service-account-key.json
export GOOGLE_APPLICATION_CREDENTIALS=service-account-key.json
# Setup Terraform
terraform init
# Run terraform automatically
terraform apply -auto-approve