Skip to content
Release Tests

Fix: CodeBuild syncing to config bucket instead of content bucket (#7) #36

Sign in to view logs

Fix: CodeBuild syncing to config bucket instead of content bucket (#7)

Fix: CodeBuild syncing to config bucket instead of content bucket (#7) #36

Workflow file for this run

.github/workflows/release-tests.yml at 2d1ccb9
name: Release Tests
on:
push:
branches: ["main"]
tags: ["v*.*.*"]
# Allows manual testing
workflow_dispatch:
jobs:
pre-commit:
permissions:
contents: read
uses: ./.github/workflows/reusable-precommit.yml
# Build, validate, apply, then destroy the terraform module. Notify slack of success/failure
release-tests:
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
env:
CI: true
steps:
- uses: actions/checkout@v5
# TF_STATE_FILENAME
# - Here we create an s3-friendly terraform state filename, based on the branch/tag name and commit sha. Note
# that we need this to be unique per workflow run to avoid statefile conflicts, thus the sha addition
- name: Prereqs
id: prereqs
run: |
echo "TF_STATE_FILENAME=`echo \"${{ github.ref_name }}-${{ github.sha }}\" | tr -d './' | cut -c1-15`" >> $GITHUB_ENV
# Here we read the terraform version from the .terraform-version file, and then install that version
- name: Get Terraform version
id: tf_version
run: |
echo "value=$(cat .terraform-version)" >> $GITHUB_OUTPUT
- uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ steps.tf_version.outputs.value }}
- name: Preparing Environment
id: prep_env
working-directory: utils/cicd
run: |
sed -i "s|VAR-TF_STATE_BUCKET|${{ secrets.FD_CICD_TF_STATE_BUCKET }}|g" backend.tf
sed -i "s|VAR-AWS_REGION|${{ secrets.FD_CICD_AWS_REGION}}|g" backend.tf
sed -i "s|VAR-TF_STATE_FILENAME|$TF_STATE_FILENAME|g" backend.tf
echo "AWS REGION: ${{secrets.FD_CICD_AWS_REGION}}"
- name: Configure Terraform Init Credentials
id: init_creds
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.FD_CICD_AWS_REGION }}
role-to-assume: ${{ secrets.FD_CICD_AWS_ROLE }}
role-session-name: GitHubReleaseInit
- name: Terraform Init
id: tf_init
working-directory: utils/cicd
run: terraform init
- name: Terraform Validate
id: tf_validate
working-directory: utils/cicd
run: terraform validate
- name: Configure Terraform Plan Credentials
id: plan_creds
uses: aws-actions/configure-aws-credentials@v5
with:
aws-region: ${{ secrets.FD_CICD_AWS_REGION }}
role-to-assume: ${{ secrets.FD_CICD_AWS_ROLE }}
role-session-name: GitHubReleasePlan
- name: Terraform Plan
id: tf_plan
working-directory: utils/cicd
run: terraform plan -out test.tfplan
- name: Configure Terraform Apply Credentials
id: apply_creds
uses: aws-actions/configure-aws-credentials@v5
with:
aws-region: ${{ secrets.FD_CICD_AWS_REGION }}
role-to-assume: ${{ secrets.FD_CICD_AWS_ROLE }}
role-session-name: GitHubReleaseApply
- name: Terraform Apply
id: tf_apply
working-directory: utils/cicd
run: terraform apply -input=false test.tfplan
- name: Post tf_apply success status to Slack channel
id: tf_apply_successs
if: steps.tf_apply.outcome == 'success' && github.ref_type == 'tag'
continue-on-error: true
uses: slackapi/slack-github-action@v2.1.1
with:
method: chat.postMessage
token: ${{ secrets.FD_CICD_SLACK_BOT_TOKEN }}
payload: |
channel: ${{ secrets.FD_CICD_SLACK_CHANNEL_ID }}
text: ":badger_dance: terraform-aws-filmdrop-ui - ${{ github.ref_name }} - terraform apply job has succeeded!\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
- name: Post tf_apply failure status to Slack channel
id: tf_apply_failure
if: steps.tf_apply.outcome != 'success' && github.ref_type == 'tag'
continue-on-error: true
uses: slackapi/slack-github-action@v2.1.1
with:
method: chat.postMessage
token: ${{ secrets.FD_CICD_SLACK_BOT_TOKEN }}
payload: |
channel: ${{ secrets.FD_CICD_SLACK_CHANNEL_ID }}
text: ":sadpanda: terraform-aws-filmdrop-ui - ${{ github.ref_name }} - terraform apply has failed!\n:alert: make sure cleanup job deletes all AWS resources!\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
- name: Configure Terraform Cleanup Check Credentials
id: cleanup_check_creds
if: always()
uses: aws-actions/configure-aws-credentials@v5
with:
aws-region: ${{ secrets.FD_CICD_AWS_REGION }}
role-to-assume: ${{ secrets.FD_CICD_AWS_ROLE }}
role-session-name: GitHubReleaseCleanupCheck
- name: Terraform Destroy Pre-Check
id: tf_destroy_plan
if: always()
working-directory: utils/cicd
run: terraform plan -destroy -out test-cleanup.tfplan
- name: Configure Terraform Cleanup Credentials
id: cleanup_creds
if: always()
uses: aws-actions/configure-aws-credentials@v5
with:
aws-region: ${{ secrets.FD_CICD_AWS_REGION }}
role-to-assume: ${{ secrets.FD_CICD_AWS_ROLE }}
role-session-name: GitHubReleaseCleanup
- name: Terraform Destroy
id: tf_destroy_apply
if: always()
continue-on-error: true
working-directory: utils/cicd
run: terraform apply -destroy -input=false test-cleanup.tfplan
- name: Post tf_destroy success status to Slack channel
id: tf_destroy_apply_successs
if: steps.tf_destroy_apply.outcome == 'success' && github.ref_type == 'tag'
continue-on-error: true
uses: slackapi/slack-github-action@v2.1.1
with:
method: chat.postMessage
token: ${{ secrets.FD_CICD_SLACK_BOT_TOKEN }}
payload: |
channel: ${{ secrets.FD_CICD_SLACK_CHANNEL_ID }}
text: ":badger_dance: terraform-aws-filmdrop-ui - ${{ github.ref_name }} - cleanup job has succeeded!\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
- name: Post tf_destroy failure status to Slack channel
id: tf_destroy_apply_failure
if: steps.tf_destroy_apply.outcome != 'success' && github.ref_type == 'tag'
continue-on-error: true
uses: slackapi/slack-github-action@v2.1.1
with:
method: chat.postMessage
token: ${{ secrets.FD_CICD_SLACK_BOT_TOKEN }}
payload: |
channel: ${{ secrets.FD_CICD_SLACK_CHANNEL_ID }}
text: ":sadpanda: terraform-aws-filmdrop-ui - ${{ github.ref_name }} - cleanup job has failed!\n:alert: make sure AWS resources are deleted!\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"