Remove CW alarm. Website moved from AWS. #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Pull Request" | |
| on: | |
| pull_request: | |
| paths: | |
| - "**/*.tf" | |
| - "**/*.tf.j2" | |
| - ".github/workflows/**" | |
| workflow_dispatch: {} | |
| jobs: | |
| pull-request: | |
| name: "Terraform Pull Request" | |
| runs-on: ubuntu-latest | |
| env: | |
| TF_LOG: "ERROR" | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: hashicorp/setup-terraform@v1 | |
| with: | |
| terraform_version: ${{ secrets.TERRAFORM_VERSION }} | |
| - uses: actions/setup-python@v2 | |
| with: | |
| python-version: "3.x" | |
| - name: "Install dependencies" | |
| id: deps | |
| run: pip install Jinja2 PyYAML boto3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-skip-session-tagging: true | |
| aws-access-key-id: ${{ secrets.ACTIONS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ACTIONS_SECRET_ACCESS_KEY }} | |
| role-to-assume: ${{ secrets.AWS_GHA_ROLE }} | |
| role-duration-seconds: 900 | |
| role-session-name: ${{ github.run_id }}-${{ github.run_number }} | |
| aws-region: eu-west-2 | |
| - name: "Bootstrap" | |
| id: bootstrap | |
| run: | | |
| python bootstrap.py | |
| sed -i "s/Administrator/ci/" variables.tf | |
| working-directory: . | |
| env: | |
| TF_WORKSPACE: burendo-prod | |
| AWS_SECRETS_ROLE: ${{ secrets.AWS_GHA_ROLE }} | |
| AWS_DEFAULT_REGION: eu-west-2 | |
| - name: "Terraform Init" | |
| id: init | |
| run: terraform init | |
| env: | |
| TF_WORKSPACE: burendo-prod | |
| AWS_DEFAULT_REGION: eu-west-2 | |
| - name: "Terraform Plan" | |
| id: plan | |
| run: terraform plan -no-color >> ${{ github.workspace }}/${{ github.run_id }}-${{ github.run_number }}.log | |
| continue-on-error: false | |
| env: | |
| TF_WORKSPACE: burendo-prod | |
| AWS_DEFAULT_REGION: eu-west-2 | |
| - name: "Terminate Session" | |
| if: ${{ always() }} | |
| id: terminate-session | |
| run: | | |
| set -e | |
| aws ssm terminate-session --session-id ${{ github.run_id }}-${{ github.run_number }} | |
| - name: "Redact Logs PR" | |
| if: ${{ always() }} | |
| id: redact-logs-pr | |
| run: | | |
| sed -i "s/$ACC_PROD/REDACTED/g" ${{ github.workspace }}/${{ github.run_id }}-${{ github.run_number }}.log | |
| shell: bash | |
| env: | |
| ACC_PROD: ${{ secrets.AWS_GHA_ACC_PROD }} | |
| - name: "Upload Plan log" | |
| uses: actions/upload-artifact@v2 | |
| id: upload-plan-log | |
| if: ${{ failure() }} | |
| with: | |
| name: pr-workflow-log | |
| path: ${{ github.workspace }}/${{ github.run_id }}-${{ github.run_number }}.log |