1+ name : Terraform Test Deployment
2+
3+ on :
4+ pull_request :
5+ branches :
6+ - " *"
7+
8+ permissions :
9+ id-token : write
10+ contents : read
11+
12+ jobs :
13+ test-deployment :
14+ runs-on : ubuntu-latest
15+
16+ env :
17+ DATABASE_NAME : cid_data_export
18+
19+ steps :
20+ - uses : actions/checkout@v3
21+
22+ - name : Install dependencies
23+ run : |
24+ sudo apt-get update
25+ sudo apt-get install -y bats jq
26+
27+ name : Set up Python
28+ uses : actions/setup-python@v4
29+ with :
30+ python-version : " 3.x"
31+
32+ - name : Install dependencies
33+ run : |
34+ python -m pip install --upgrade pip
35+
36+ - name : Setup Terraform
37+ uses : hashicorp/setup-terraform@v2
38+
39+ - name : Setup TFLint
40+ uses : terraform-linters/setup-tflint@v3
41+
42+ - name : Get CID versions
43+ id : versions
44+ run : |
45+ # Get CID CFN version from first Description line
46+ CFN_VERSION=$(find . -name "cid-cfn.yml" -type f -exec grep "Description.*Cloud Intelligence Dashboards" {} \; | grep -o '[0-9]\+\.[0-9]\+\.[0-9]\+' | head -1)
47+ echo "Using local CFN version: $CFN_VERSION"
48+ echo "cid_cfn_version=$CFN_VERSION" >> $GITHUB_OUTPUT
49+
50+ # Get Data Export version
51+ EXPORT_VERSION=$(curl -s https://raw.githubusercontent.com/aws-solutions-library-samples/cloud-intelligence-dashboards-data-collection/main/data-exports/deploy/data-exports-aggregation.yaml | grep Description | grep -o '[0-9]\+\.[0-9]\+\.[0-9]\+' | head -1)
52+ echo "data_export_version=$EXPORT_VERSION" >> $GITHUB_OUTPUT
53+
54+ name : Create terraform directory and tfvars file
55+ run : |
56+
57+ # Create terraform.tfvars file
58+ cat > ./terraform/terraform.tfvars << EOF
59+ global_values = {
60+ destination_account_id = "${{ secrets.AWS_ACCOUNT_ID }}"
61+ source_account_ids = "${{ secrets.AWS_ACCOUNT_ID }}"
62+ aws_region = "${{ secrets.AWS_REGION }}"
63+ quicksight_user = "${{ secrets.QUICKSIGHT_USER }}"
64+ cid_cfn_version = "${{ steps.versions.outputs.cid_cfn_version }}"
65+ data_export_version = "${{ steps.versions.outputs.data_export_version }}"
66+ environment = "dev"
67+ }
68+ EOF
69+
70+ name : Configure AWS Credentials
71+ uses : aws-actions/configure-aws-credentials@v2
72+ with :
73+ role-to-assume : ${{ secrets.AWS_ROLE }}
74+ aws-region : ${{ secrets.AWS_REGION }}
75+ role-duration-seconds : 3600
76+ role-skip-session-tagging : true
77+
78+ - name : Initialize Terraform
79+ working-directory : ./terraform
80+ run : terraform init
81+
82+ - name : Run TFLint
83+ working-directory : ./terraform
84+ run : tflint --format=compact
85+
86+ - name : Terraform Format Check
87+ working-directory : ./terraform
88+ run : terraform fmt -check -recursive
89+
90+ - name : Terraform Validate
91+ working-directory : ./terraform
92+ run : terraform validate
93+
94+ - name : Prepare deploy and cleanup scripts
95+ run : |
96+
97+ # Create a new backend.tf file with S3 configuration
98+ cat > ./terraform/backend.tf << EOF
99+ terraform {
100+ backend "s3" {
101+ bucket = "${{ secrets.BACKEND_S3_BUCKET }}"
102+ key = "terraform/cid-test/terraform.tfstate"
103+ region = "${{ secrets.AWS_REGION }}"
104+ }
105+ }
106+ EOF
107+
108+ # Create provider override
109+ cat > ./terraform/local_override.tf << EOF
110+ provider "aws" {
111+ alias = "destination_account"
112+ # This will use the same credentials as the default provider
113+ }
114+ EOF
115+
116+ name : Run deploy script
117+ run : |
118+ export DATABASE_NAME="cid_data_export"
119+ export RESOURCE_PREFIX="cid-tf"
120+ export BACKEND_TYPE="s3"
121+ export S3_BUCKET="${{ secrets.BACKEND_S3_BUCKET }}"
122+ export S3_KEY="terraform/cid-test/terraform.tfstate"
123+ export S3_REGION="${{ secrets.AWS_REGION }}"
124+ ./terraform/terraform-test/deploy.sh
125+
126+ name : Run cleanup script
127+ if : always()
128+ run : |
129+ export RESOURCE_PREFIX="cid-tf"
130+ export BACKEND_TYPE="s3"
131+ export S3_BUCKET="${{ secrets.BACKEND_S3_BUCKET }}"
132+ export S3_KEY="terraform/cid-test/terraform.tfstate"
133+ export S3_REGION="${{ secrets.AWS_REGION }}"
134+ ./terraform/terraform-test/cleanup.sh
135+
0 commit comments