This repository has been archived by the owner on Oct 6, 2024. It is now read-only.
Initiate HashiStack #1165
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright Jiaqi Liu | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| --- | |
| name: CI/CD | |
| "on": | |
| pull_request: | |
| push: | |
| branches: | |
| - master | |
| jobs: | |
| cancel-previous: | |
| name: Cancel Previous Runs In Order to Allocate Action Resources Immediately for Current Run | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Cancel previous | |
| uses: styfle/[email protected] | |
| if: ${{github.ref != 'refs/head/master'}} | |
| with: | |
| access_token: ${{ github.token }} | |
| yml-md-style-and-link-checks: | |
| uses: ./.github/workflows/yml-md-style-and-link-checks.yml | |
| test-upversion: | |
| name: Test upversion.py | |
| needs: [yml-md-style-and-link-checks] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: echo "LAST_TAG=1.2.3" >> $GITHUB_ENV | |
| - run: | | |
| NEW_TAG=$(LAST_TAG=${LAST_TAG} python .github/version-bump/upversion.py) | |
| if [[ "$NEW_TAG" != "1.2.4" ]]; then | |
| exit 1 | |
| fi | |
| packer-file-linting: | |
| name: Packer Files Linting | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: hashicorp/setup-packer@v3 | |
| - run: packer fmt -check -recursive . | |
| terraform-file-linting: | |
| name: Terraform Files Linting | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: hashicorp/setup-terraform@v3 | |
| - run: terraform fmt -check -recursive | |
| packer-validate: | |
| name: Validate the Syntax and Configuration of Templates | |
| needs: [yml-md-style-and-link-checks, packer-file-linting] | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| infrastructure: [ | |
| { | |
| name: React App, | |
| packer-conf-dir: hashicorp/react/images/aws, | |
| packer-var-file: .github/hashicorp/react.auto.pkrvars.hcl | |
| }, | |
| { | |
| name: Jersey Webservice, | |
| packer-conf-dir: hashicorp/webservice/images/aws, | |
| packer-var-file: .github/hashicorp/webservice.auto.pkrvars.hcl | |
| }, | |
| { | |
| name: Sonatype Nexus Repository, | |
| packer-conf-dir: hashicorp/sonatype-nexus-repository/images/aws, | |
| packer-var-file: .github/hashicorp/sonatype-nexus-repository.auto.pkrvars.hcl | |
| } | |
| ] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Install Packer | |
| uses: hashicorp/setup-packer@v3 | |
| - name: Setup Packer configuration templates | |
| run: | | |
| cp hashicorp/common/images/aws/aws-builder.pkr.hcl ${{ matrix.infrastructure.packer-conf-dir }} | |
| cp hashicorp/common/images/aws/aws-packer.pkr.hcl ${{ matrix.infrastructure.packer-conf-dir }} | |
| - name: Load Packer variables | |
| run: cp ${{ matrix.infrastructure.packer-var-file }} ${{ matrix.infrastructure.packer-conf-dir }} | |
| - name: Validate | |
| run: | | |
| cd ${{ matrix.infrastructure.packer-conf-dir }} | |
| packer init . | |
| packer validate . | |
| terraform-validate: | |
| name: Validate the Terraform Configuration Files | |
| needs: [yml-md-style-and-link-checks, terraform-file-linting] | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| infrastructure: [ | |
| { | |
| name: React App, | |
| terraform-conf-dir: hashicorp/react/instances/aws, | |
| ssl-enabled: true | |
| }, | |
| { | |
| name: Jersey Webservice, | |
| terraform-conf-dir: hashicorp/webservice/instances/aws, | |
| ssl-enabled: true | |
| }, | |
| { | |
| name: Sonatype Nexus Repository, | |
| terraform-conf-dir: hashicorp/sonatype-nexus-repository/instances/aws, | |
| ssl-enabled: true | |
| } | |
| ] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Install Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| - name: Setup Terraform configuration templates | |
| run: | | |
| cp hashicorp/common/instances/aws/aws-ec2.tf ${{ matrix.infrastructure.terraform-conf-dir }} | |
| cp hashicorp/common/instances/aws/aws-terraform.tf ${{ matrix.infrastructure.terraform-conf-dir }} | |
| - name: Setup SSL configuration templates if needed | |
| if: ${{ matrix.infrastructure.ssl-enabled }} == true | |
| run: cp hashicorp/common/instances/aws/aws-ssl.tf ${{ matrix.infrastructure.terraform-conf-dir }} | |
| - name: Validate | |
| run: | | |
| cd ${{ matrix.infrastructure.terraform-conf-dir }} | |
| terraform init | |
| terraform validate | |
| list-screwdriver-templates: | |
| name: Listing Screwdriver Templates to Validate | |
| needs: [packer-validate, terraform-validate] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| paths: ${{ steps.list-screwdriver-templates.outputs.paths }} | |
| steps: | |
| - name: List Files | |
| id: list-screwdriver-templates | |
| uses: mirko-felice/[email protected] | |
| with: | |
| repo: ${{ github.repository }} | |
| ref: ${{ github.ref }} | |
| path: "adaptors/screwdriver-cd/templates" | |
| ext: ".yaml" | |
| validate-screwdriver-templates: | |
| name: Validating Screwdriver Templates | |
| needs: list-screwdriver-templates | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| template: ${{ fromJson(needs.list-screwdriver-templates.outputs.paths) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| - name: Validate ${{ matrix.template }} | |
| uses: satackey/[email protected] | |
| with: | |
| required-packages: js-yaml screwdriver-data-schema | |
| script: | | |
| // Running screwdriver-template-main's template-validate CMD won't work because it's a over-the-wire | |
| // validation against SD API which requires token authentication... (can't believe this) | |
| // | |
| // The API-based validation, by digging source code, essentially runs the following in API server: | |
| const error = require("screwdriver-data-schema").config.template.template | |
| .validate( | |
| require('js-yaml').load( | |
| require("fs").readFileSync("${{ matrix.template }}") | |
| ) | |
| ).error | |
| if (error) { | |
| require('@actions/core').setFailed(error); | |
| } | |
| list-screwdriver-command-scripts: | |
| name: Listing Screwdriver Command Scripts to Test | |
| needs: [packer-validate, terraform-validate] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| paths: ${{ steps.list-screwdriver-command-scripts.outputs.paths }} | |
| steps: | |
| - name: List Files | |
| id: list-screwdriver-command-scripts | |
| uses: mirko-felice/[email protected] | |
| with: | |
| repo: ${{ github.repository }} | |
| ref: ${{ github.ref }} | |
| path: "adaptors/screwdriver-cd/commands" | |
| ext: ".sh" | |
| test-screwdriver-command-scripts: | |
| name: Test All run.sh Scripts | |
| needs: list-screwdriver-command-scripts | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| ubuntu-version: [22.04] | |
| script: ${{ fromJson(needs.list-screwdriver-command-scripts.outputs.paths) }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: ${{ matrix.test-suite.desc }} | |
| run: docker run --rm -v $(pwd)/${{ matrix.script }}:/test/script.sh ubuntu:${{ matrix.ubuntu-version }} /test/script.sh | |
| list-screwdriver-commands: | |
| name: Listing Screwdriver Commands to Validate | |
| needs: [packer-validate, terraform-validate] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| paths: ${{ steps.list-screwdriver-commands.outputs.paths }} | |
| steps: | |
| - name: List Files | |
| id: list-screwdriver-commands | |
| uses: mirko-felice/[email protected] | |
| with: | |
| repo: ${{ github.repository }} | |
| ref: ${{ github.ref }} | |
| path: "adaptors/screwdriver-cd/commands" | |
| ext: ".yaml" | |
| validate-screwdriver-commands: | |
| name: Validating Screwdriver Commands | |
| needs: list-screwdriver-commands | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| template: ${{ fromJson(needs.list-screwdriver-commands.outputs.paths) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| - name: Validate ${{ matrix.template }} | |
| uses: satackey/[email protected] | |
| with: | |
| required-packages: screwdriver-command-validator | |
| script: | | |
| require("screwdriver-command-validator")(require("fs").readFileSync("${{ matrix.template }}")) | |
| .then(response => { | |
| if (response.errors.length > 0) { | |
| require('@actions/core').setFailed(response.errors); | |
| } | |
| }) | |
| documentation: | |
| name: Test Documentation Build & Deploy Documentation to GitHub Pages | |
| needs: [ | |
| test-upversion, | |
| validate-screwdriver-templates, | |
| validate-screwdriver-commands, | |
| test-screwdriver-command-scripts | |
| ] | |
| outputs: | |
| outcome: ${{ job.status }} | |
| continue-on-error: true | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./docs/ | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| - name: Install dependencies | |
| run: | | |
| : # https://yarnpkg.com/corepack | |
| npm install -g corepack | |
| yarn | |
| - name: Build website | |
| run: yarn build | |
| - name: Load CNAME file | |
| #if: github.ref == 'refs/heads/master' | |
| run: cp CNAME build | |
| - name: Deploy to GitHub Pages | |
| #if: github.ref == 'refs/heads/master' | |
| uses: peaceiris/actions-gh-pages@v3 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| publish_dir: ./docs/build | |
| user_name: QubitPi | |
| user_email: [email protected] | |
| slack-notification: | |
| name: Send Slack Notification | |
| if: ${{ always() }} | |
| needs: documentation | |
| uses: QubitPi/hashistack/.github/workflows/slack-notification.yml@master | |
| with: | |
| job-status: ${{ needs.documentation.outputs.outcome }} | |
| secrets: | |
| slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }} |