diff --git a/.github/workflows/aks-deploy.yaml b/.github/workflows/aks-deploy.yaml index ac09dad7..e5db6f58 100644 --- a/.github/workflows/aks-deploy.yaml +++ b/.github/workflows/aks-deploy.yaml @@ -220,7 +220,7 @@ jobs: environmentKeyVault: ${{ inputs.environmentKeyVault }} - name: Generate build args from Azure Key Vaults - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: inlineScript: | if ("${{ inputs.environmentKeyVault }}") { @@ -248,7 +248,7 @@ jobs: azPSVersion: "latest" - name: Login to Azure Container Registry - uses: Azure/docker-login@v1.0.1 + uses: Azure/docker-login@v1 with: login-server: ${{ secrets.registryHostName }} username: ${{ secrets.registryUserName }} @@ -318,7 +318,7 @@ jobs: - name: Bake Helm Templates id: bake - uses: azure/k8s-bake@v2.4 + uses: azure/k8s-bake@v2 with: renderEngine: "helm" helmChart: ${{ inputs.chartsPath }} @@ -393,7 +393,7 @@ jobs: - name: Apply configMap if it exists if: ${{ needs.build.outputs.configMap != null }} - uses: swdotcom/update-and-apply-kubernetes-configs@v1.2.0 + uses: swdotcom/update-and-apply-kubernetes-configs@v1 with: k8-config-file-paths: deployments/k8s/config-${{ inputs.environment }}.yaml @@ -419,7 +419,7 @@ jobs: } - name: Create K8s Image Pull Secret - uses: Azure/k8s-create-secret@v4.0 + uses: Azure/k8s-create-secret@v4 with: container-registry-url: ${{ secrets.registryHostName }} container-registry-username: ${{ secrets.registryUserName }} @@ -428,7 +428,7 @@ jobs: - name: Deploy to Azure Kubernetes Service timeout-minutes: ${{ inputs.deploymentTimeout }} - uses: Azure/k8s-deploy@v4.9 + uses: Azure/k8s-deploy@v4 with: namespace: ${{ inputs.environment }} manifests: ${{ needs.build.outputs.manifestsBundle }} @@ -468,7 +468,7 @@ jobs: enable-AzPSSession: true - name: Create or Update Public DNS Record - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: inlineScript: | $NewRecords = New-AzDnsRecordConfig -Cname "${{ secrets.azureClusterName }}-${{ inputs.environment }}-ingress.centralus.cloudapp.azure.com." diff --git a/.github/workflows/clear-azure-redis-cache.yaml b/.github/workflows/clear-azure-redis-cache.yaml new file mode 100644 index 00000000..aad84adf --- /dev/null +++ b/.github/workflows/clear-azure-redis-cache.yaml @@ -0,0 +1,70 @@ +name: Clear Azure Redis Cache + +on: + workflow_call: + inputs: + environment: + required: true + type: string + description: "Environment to clear caches for." + resourceGroupName: + default: "AMU_DevOps_RG" + type: string + description: "Name of Resource Group that the Azure Redis Instance is in." + secrets: + azureCredentials: + required: true + +jobs: + clear-redis-cache: + name: Clear Azure Redis Cache + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Login to Azure + uses: Andrews-McMeel-Universal/cache-azure-login@v1 + with: + azureCredentials: "${{ secrets.azureCredentials }}" + + - name: Install Dependencies + uses: awalsh128/cache-apt-pkgs-action@v1 + with: + packages: redis-tools + version: 1.0 + + # Script is adapted from https://github.com/Andrews-McMeel-Universal/azure-content-management_tool/blob/main/Scripts/rundeck/Flush-RedisCache.ps1 + - name: Clear Redis Cache + uses: azure/powershell@v1 + with: + inlineScript: | + # Check to see if Azure Redis Cache PowerShell Module is installed + Install-Module -Name Az.RedisCache -Confirm:$false -Force + + # Get list of Redis instances using tags + $Redis = Get-AzRedisCache -ResourceGroupName "${{ inputs.resourceGroupName }}" | Where-Object { $_.Tag.Values -eq "${{ inputs.environment }}" } + + # Loop through Redis instances + $Redis | ForEach-Object { + $RedisHostname = $_.HostName + $RedisPort = $_.Port + $RedisName = $_.Name + $RedisKey = (Get-AzRedisCacheKey -Name $RedisName -ResourceGroupName "${{ inputs.resourceGroupName }}").PrimaryKey + + # Authenticate using Redis key and flush cache database + $RedisCommands = "AUTH $RedisKey + SELECT 0 + FLUSHDB" + $RedisResult = $RedisCommands | redis-cli -h "$RedisHostname" -p "$RedisPort" + + # Check if output from cache clearing command has correct status message + if ($RedisResult -match 'OK') { + Write-Host "Successfully flushed cache for $RedisHostname" -ForegroundColor Green + } + else { + Write-Error "Failed to clear cache for $RedisHostname" + } + } + azPSVersion: "latest" + diff --git a/.github/workflows/dependabot-automations.yaml b/.github/workflows/dependabot-automations.yaml index a61b98c2..959bd4ce 100644 --- a/.github/workflows/dependabot-automations.yaml +++ b/.github/workflows/dependabot-automations.yaml @@ -26,12 +26,12 @@ jobs: # will not occur. - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.3.1 + uses: dependabot/fetch-metadata@v1 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - name: Auto Approve Dependabot PRs - uses: hmarr/auto-approve-action@v2.0.0 + uses: hmarr/auto-approve-action@v3.2.1 if: ${{ inputs.autoApprove && github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' }} with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/mega-lint.yaml b/.github/workflows/mega-lint.yaml index d61493dc..c1ca0940 100644 --- a/.github/workflows/mega-lint.yaml +++ b/.github/workflows/mega-lint.yaml @@ -60,7 +60,7 @@ jobs: # Run the MegaLinter Github Action - name: MegaLinter id: ml - uses: oxsecurity/megalinter/flavors/cupcake@v6.20.1 + uses: oxsecurity/megalinter/flavors/cupcake@v7 env: VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'workflow_dispatch' }} GITHUB_TOKEN: ${{ secrets.PAT_ACTION_CI }} @@ -115,7 +115,7 @@ jobs: # Run the MegaLinter Github Action - name: MegaLinter id: ml - uses: oxsecurity/megalinter/flavors/dotnet@v6.20.1 + uses: oxsecurity/megalinter/flavors/dotnet@v7 env: VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'workflow_dispatch' }} GITHUB_TOKEN: ${{ secrets.PAT_ACTION_CI }} diff --git a/.github/workflows/purge-cdn.yaml b/.github/workflows/purge-cdn.yaml index 057df5d5..a056dba6 100644 --- a/.github/workflows/purge-cdn.yaml +++ b/.github/workflows/purge-cdn.yaml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check inputs - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: azPSVersion: "latest" inlineScript: | @@ -62,7 +62,7 @@ jobs: enable-AzPSSession: true - name: Purge CDN cache - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: azPSVersion: "latest" inlineScript: | diff --git a/.github/workflows/update-addns.yaml b/.github/workflows/update-addns.yaml index 3a2c136e..26a08d99 100644 --- a/.github/workflows/update-addns.yaml +++ b/.github/workflows/update-addns.yaml @@ -38,7 +38,7 @@ jobs: steps: - name: Retrieve Application information id: getappinfo - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: azPSVersion: "latest" inlineScript: | @@ -81,7 +81,7 @@ jobs: echo "aksIngress=$aksIngress" >> $env:GITHUB_ENV - name: Update Internal Boley DNS - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: azPSVersion: "latest" inlineScript: | diff --git a/.github/workflows/update-azureapimanagement.yaml b/.github/workflows/update-azureapimanagement.yaml index 0cf2461c..57e29a3e 100644 --- a/.github/workflows/update-azureapimanagement.yaml +++ b/.github/workflows/update-azureapimanagement.yaml @@ -100,7 +100,7 @@ jobs: - name: Login via PowerShell if: ${{ inputs.azureUser && env.azurePassword && env.azureSubscription }} - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: azPSVersion: "latest" inlineScript: | @@ -114,7 +114,7 @@ jobs: - name: Retrieve Application information id: getappinfo - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: azPSVersion: "latest" inlineScript: | @@ -155,7 +155,7 @@ jobs: echo "aksIngress=$aksIngress" >> $env:GITHUB_ENV - name: Update Azure API Management - uses: azure/powershell@v1.2.0 + uses: azure/powershell@v1 with: azPSVersion: "latest" inlineScript: | diff --git a/.github/workflows/wpe-deploy.yaml b/.github/workflows/wpe-deploy.yaml index 6abcea72..2178ae71 100644 --- a/.github/workflows/wpe-deploy.yaml +++ b/.github/workflows/wpe-deploy.yaml @@ -36,7 +36,7 @@ jobs: uses: actions/checkout@v2 - name: Deploy to WP Engine - uses: wpengine/github-action-wpe-site-deploy@v3.2.2 + uses: wpengine/github-action-wpe-site-deploy@v3 with: # Deploy vars WPE_SSHG_KEY_PRIVATE: ${{ secrets.WPENGINE_ED25514 }}