chore: synced file(s) with cds-snc/site-reliability-engineering #437
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test action | |
on: pull_request | |
jobs: | |
terraform-plan: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- test: changes | |
allow-failure: false | |
- test: no-changes | |
allow-failure: false | |
- test: format-error | |
allow-failure: true | |
- test: invalid | |
allow-failure: true | |
- test: conftest-deny | |
allow-failure: true | |
- test: skip-conftest | |
allow-failure: false | |
skip-conftest: true | |
- test: skip-plan | |
allow-failure: false | |
skip-plan: true | |
- test: truncate-plan | |
allow-failure: false | |
- test: init-fail | |
allow-failure: true | |
- test: validate-fail | |
allow-failure: true | |
steps: | |
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
- name: Setup terraform tools | |
uses: cds-snc/terraform-tools-setup@v1 | |
- name: Install TF-Summarize | |
run: | | |
curl -L -o tf-summarize.zip https://github.com/dineshba/tf-summarize/releases/download/v0.2.3/tf-summarize_linux_amd64.zip \ | |
&& unzip tf-summarize.zip tf-summarize \ | |
&& chmod +x tf-summarize \ | |
&& mv tf-summarize /usr/local/bin | |
- name: Test ${{ matrix.test }} | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
uses: ./ | |
with: | |
directory: test/${{ matrix.test }} | |
allow-failure: ${{ matrix.allow-failure }} | |
comment-title: Test ${{ matrix.test }} | |
comment-delete: true | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
skip-conftest: ${{ matrix.skip-conftest || 'false' }} | |
skip-plan: ${{ matrix.skip-plan || 'false' }} | |
test-action-comments: | |
needs: terraform-plan | |
runs-on: ubuntu-latest | |
steps: | |
- name: Test action comments | |
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
script: | | |
let isFailed = false; | |
const testComments = [ | |
{ | |
exist: true, | |
title: /Test changes/g, | |
state: /`success`[^`]+`success`/g | |
},{ | |
exist: true, | |
title: /Test format-error/g, | |
state: /`failed`[^`]+`success`/g | |
},{ | |
exist: true, | |
title: /Test invalid/g, | |
state: /`failed`[^`]+`failed`/g | |
},{ | |
exist: false, | |
title: /Test no-changes/g, | |
state: /./g | |
},{ | |
exist: true, | |
title: /Test conftest-deny/g, | |
state: /FAIL/g | |
},{ | |
exist: false, | |
title: /Test skip-conftest/g, | |
state: /Conftest:\*\*/gm | |
},{ | |
exist: true, | |
title: /Test skip-plan/g, | |
state: /Terraform Format:\*\* `success`\n/gm | |
},{ | |
exist: true, | |
title: /Test truncate-plan/g, | |
state: /plan has been truncated/gm | |
},{ | |
exist: true, | |
title: /Test init-fail/g, | |
state: /Terraform Init:\*\* `failed`\n/gm | |
},{ | |
exist: true, | |
title: /Test validate-fail/g, | |
state: /Terraform Validate:\*\* `failed`\n/gm | |
} | |
]; | |
// Get the existing comments. | |
const {data: comments} = await github.rest.issues.listComments({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: context.payload.number, | |
}); | |
// Run through the tests | |
let botComment; | |
for(let test of testComments){ | |
botComment = comments.find(comment => comment.body.match(test.title) && comment.body.match(test.state)); | |
if((botComment && !test.exist) || (!botComment && test.exist)){ | |
console.log(`Failed '${test.title}'`); | |
isFailed = true; | |
} | |
} | |
if(isFailed){ | |
core.setFailed('PR comments did not match'); | |
} | |
test-directory-failure: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
- name: Setup terraform tools | |
uses: cds-snc/terraform-tools-setup@v1 | |
- name: Test directory failure | |
id: directory-failure | |
continue-on-error: true | |
uses: ./ | |
with: | |
directory: invalid | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Check directory failure | |
if: steps.directory-failure.outcome == 'failure' | |
run: | | |
echo "Directory failure test passed" | |
- name: Test failed | |
if: steps.directory-failure.outcome == 'success' && steps.directory-failure.conclusion == 'success' | |
run: | | |
exit 1 |