fix: Pipelines with ignore pull request auto-cancel (#78)

* Ignore pull_request_trigger.0.override.0.auto_cancel * Ignore pull_request_trigger.0.override.0.auto_cancel * static analisys updated to 1.86 * pre-commit fixs
pagopa · Feb 5, 2024 · 130974d · 130974d
1 parent 95968ab
commit 130974d
Show file tree

Hide file tree

Showing 12 changed files with 27 additions and 44 deletions.
diff --git a/.github/workflows/static_analysis.yml b/.github/workflows/static_analysis.yml
@@ -16,5 +16,5 @@ jobs:
 
       - name: run_test
         run: |
-          TAG=v1.79.1
+          TAG=v1.86.0
           docker run -v $(pwd):/lint -w /lint ghcr.io/antonbabenko/pre-commit-terraform:$TAG run -a
diff --git a/.releaserc.js b/.releaserc.js
@@ -17,4 +17,3 @@ module.exports = {
     "@semantic-release/github",
   ],
 };
-
diff --git a/azuredevops_build_definition_deploy/main.tf b/azuredevops_build_definition_deploy/main.tf
@@ -54,27 +54,6 @@ resource "azuredevops_build_definition" "pipeline" {
     }
   }
 
-  # todo not works
-  # dynamic "ci_trigger" {
-  #   for_each = var.ci_trigger
-
-  #   content {
-  #     override {
-  #       batch                            = false
-  #       max_concurrent_builds_per_branch = 1
-  #       polling_interval                 = 0
-  #       branch_filter {
-  #         include = ci_trigger.value.branch_filter.include
-  #         exclude = ci_trigger.value.branch_filter.exclude
-  #       }
-  #       path_filter {
-  #         include = ci_trigger.value.path_filter.include
-  #         exclude = ci_trigger.value.path_filter.exclude
-  #       }
-  #     }
-  #   }
-  # }
-
   dynamic "variable" {
     for_each = var.variables
     iterator = variable
@@ -113,6 +92,12 @@ resource "azuredevops_build_definition" "pipeline" {
       }
     }
   }
+
+  lifecycle {
+    ignore_changes = [
+      pull_request_trigger.0.override.0.auto_cancel,
+    ]
+  }
 }
 
 # This is to work around an issue with azuredevops_resource_authorization

diff --git a/azuredevops_build_definition_generic/main.tf b/azuredevops_build_definition_generic/main.tf
@@ -76,6 +76,12 @@ resource "azuredevops_build_definition" "pipeline" {
       allow_override = false
     }
   }
+
+  lifecycle {
+    ignore_changes = [
+      pull_request_trigger.0.override.0.auto_cancel,
+    ]
+  }
 }
 
 # This is to work around an issue with azuredevops_resource_authorization

diff --git a/azuredevops_build_definition_resource_switcher/README.md b/azuredevops_build_definition_resource_switcher/README.md
@@ -34,7 +34,7 @@ locals {
 module "my_service_switcher" {
   source = "git::https://github.com/pagopa/azuredevops-tf-modules.git//azuredevops_build_definition_resource_switcher?ref=<ref_version>"
   path   = var.my_variables.pipeline.path
-  
+
   providers = {
     azurerm = azurerm.dev
   }
@@ -124,7 +124,7 @@ repository = {
   - `stop_time`: stop time, expressed in `HH:mm` format, when to scale down/stop the cluster
   - `rg`: resource group name of the cluster to manage
   - `node_pool_exclusions`: (Optional) list of node pool names to exclude from the switcher elaboration
-  - `force`: (Optional) If your cluster has PDB which prevents scaling down, use force to completely shut down the node pools without using the scale. Default false 
+  - `force`: (Optional) If your cluster has PDB which prevents scaling down, use force to completely shut down the node pools without using the scale. Default false
   - `user`: configuration for `user` typed node pools
     - `nodes_on_start`: minimum and maximum number of nodes to be configured in the autoscaler when the node pool is started. expressed in `<min>,<max>` format
     - `nodes_on_stop`: minimum and maximum number of nodes to be configured in the autoscaler when the node pool is stopped. expressed in `<min>,<max>` format
@@ -172,7 +172,7 @@ repository = {
 First of all, you need to create a new `tf` file for dedicated to the new resource, similar to `storage_account_pipeline.tf` or `aks_pipeline.tf`, in which you will:
 
 - customize the variables passed to the pipeline template
-- change the names of the resources to avoid overlapping 
+- change the names of the resources to avoid overlapping
 - parse the scheduling configuration for your resource
 - change the name of the pipeline template that will be used (`repository.yml_path`)
 

diff --git a/azuredevops_build_definition_resource_switcher/aks_pipeline.tf b/azuredevops_build_definition_resource_switcher/aks_pipeline.tf
@@ -226,4 +226,3 @@ resource "azuredevops_pipeline_authorization" "aks_service_connection_ids_author
 
   type = "endpoint"
 }
-
diff --git a/azuredevops_build_definition_resource_switcher/main.tf b/azuredevops_build_definition_resource_switcher/main.tf
@@ -2,5 +2,3 @@ locals {
   yml_prefix_name = var.repository.yml_prefix_name == null ? "" : "${var.repository.yml_prefix_name}-"
 
 }
-
-
diff --git a/azuredevops_build_definition_resource_switcher/storage_account_pipeline.tf b/azuredevops_build_definition_resource_switcher/storage_account_pipeline.tf
@@ -160,4 +160,3 @@ resource "azuredevops_pipeline_authorization" "sa_service_connection_ids_authori
 
   type = "endpoint"
 }
-
diff --git a/azuredevops_build_definition_tls_cert_federated/README.md b/azuredevops_build_definition_tls_cert_federated/README.md
@@ -44,7 +44,7 @@ module "secret_core" {
 }
 ```
 
-Create a AZDO service connection for cloning pipeline repo (i.e., `le-azure-acme-tiny`) 
+Create a AZDO service connection for cloning pipeline repo (i.e., `le-azure-acme-tiny`)
 from GitHub with previously retrieved token:
 ```hcl
 resource "azuredevops_serviceendpoint_github" "azure_devops_github_ro" {
@@ -63,7 +63,7 @@ Get Let's Encrypt credentials and store them into KV (requires Docker, it runs a
 ```hcl
 module "letsencrypt" {
   source = "git::https://github.com/pagopa/terraform-azurerm-v3//letsencrypt_credential?ref=v7.20.0"
-  
+
   prefix            = "my"
   env               = "p"
   key_vault_name    = "my-kv"
@@ -75,7 +75,7 @@ Create service connection and related managed identity for editing the certifica
 ```hcl
 module "tls_cert_service_conn" {
   source = "git::https://github.com/pagopa/azuredevops-tf-modules.git//azuredevops_serviceendpoint_federated?ref=v4.0.0"
-  
+
   project_id          = data.azuredevops_project.project.id
   name                = "my-p-tls-cert"
   tenant_id           = "my-tenant-id"
@@ -102,9 +102,9 @@ Finally, use this module for creating pipeline:
 ```hcl
 module "tlscert-portalefatturazione-pagopa-it-cert_az" {
   depends_on = [module.letsencrypt]
-  
+
   source = "git::<https://github.com/pagopa/azuredevops-tf-modules.git//azuredevops_build_definition_tls_cert_federated?ref=v4.1.5>"
-  
+
   project_id = data.azuredevops_project.project.id
   location   = "westeurope"
   repository = {
@@ -116,26 +116,26 @@ module "tlscert-portalefatturazione-pagopa-it-cert_az" {
   name                         = "my.pagopa.it"
   path                         = "my\\TLS-Certificates"
   github_service_connection_id = azuredevops_serviceendpoint_github.azure_devops_github_ro.id
-  
+
   dns_record_name         = ""
   dns_zone_name           = "my.pagopa.it"
   dns_zone_resource_group = "my-dns-rg"
   tenant_id               = "my-tenant-id"
   subscription_name       = "my-sub"
   subscription_id         = "my-sub-id"
-  
+
   credential_key_vault_name           = "my-kv"
   credential_key_vault_resource_group = "my-kv-rg"
-  
+
   variables = {
     CERT_NAME_EXPIRE_SECONDS     = "2592000" #30 days
     KEY_VAULT_SERVICE_CONNECTION = module.tls_cert_service_conn.service_endpoint_name,
     KEY_VAULT_NAME               = "my-kv"
   }
   variables_secret = {}
-  
+
   service_connection_ids_authorization = [ module.tls_cert_service_conn.service_endpoint_id ]
-  
+
   schedules = {
     days_to_build              = ["Thu"]
     schedule_only_with_changes = false
@@ -166,7 +166,7 @@ module "tlscert-portalefatturazione-pagopa-it-cert_az" {
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_azuredevops_serviceendpoint_federated"></a> [azuredevops\_serviceendpoint\_federated](#module\_azuredevops\_serviceendpoint\_federated) | git::https://github.com/pagopa/azuredevops-tf-modules.git//azuredevops_serviceendpoint_federated | v5.2.0 |
+| <a name="module_azuredevops_serviceendpoint_federated"></a> [azuredevops\_serviceendpoint\_federated](#module\_azuredevops\_serviceendpoint\_federated) | git::https://github.com/pagopa/azuredevops-tf-modules.git//azuredevops_serviceendpoint_federated | v5.4.0 |
 | <a name="module_secrets"></a> [secrets](#module\_secrets) | git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault_secrets_query | v7.48.0 |
 
 ## Resources

diff --git a/azuredevops_serviceendpoint_azurerm_limited/versions.tf b/azuredevops_serviceendpoint_azurerm_limited/versions.tf
@@ -24,4 +24,3 @@ terraform {
     }
   }
 }
-
diff --git a/azuredevops_serviceendpoint_azurerm_plan/versions.tf b/azuredevops_serviceendpoint_azurerm_plan/versions.tf
@@ -24,4 +24,3 @@ terraform {
     }
   }
 }
-
diff --git a/azuredevops_serviceendpoint_federated/versions.tf b/azuredevops_serviceendpoint_federated/versions.tf
@@ -12,4 +12,3 @@ terraform {
     }
   }
 }
-