Skip to content
CI

Update restyled-machines template #353

Sign in to view logs

Update restyled-machines template

Update restyled-machines template #353

Workflow file for this run

.github/workflows/ci.yml at 7277048
name: CI
on:
pull_request:
push:
branches: main
permissions:
id-token: write
contents: read
pull-requests: write
env:
LOG_COLOR: always
STACKCTL_CHANGES: /tmp/changes.md
STACKCTL_VERSION: 1.6.0.0
jobs:
validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- run: pip install cfn-lint
- run: cfn-lint
changes:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- id: filter
uses: dorny/paths-filter@v3
with:
filters: |
yamls:
- 'cg-app/stacks/**/*.yaml'
- 'cg-app/templates/**/*.json'
- 'cg-app/templates/**/*.yaml'
list-files: csv
# Make the paths relative to cg-app
- id: format
run: |
{
echo 'files<<EOF'
sed 's%cg-app/%%g' <<'EOM'
${{ steps.filter.outputs.yamls_files }}
EOM
echo 'EOF'
} >> "$GITHUB_OUTPUT"
outputs:
files: ${{ steps.format.outputs.files }}
comment-changes:
if: ${{ github.ref != 'refs/heads/main' }}
needs: changes
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pbrisbin/setup-tool-action@v2
with:
name: stackctl
version: ${{ env.STACKCTL_VERSION }}
url: "https://github.com/freckle/{name}/releases/download/v{version}/{name}-{arch}-{os}.{ext}"
arch: x86_64
os-darwin: osx
subdir: "{name}"
- run: echo 'STACKCTL_FILTER=${{ needs.changes.outputs.files }}' >>"$GITHUB_ENV"
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ vars.AWS_ROLE }}
aws-region: ${{ vars.AWS_REGION }}
- if: ${{ needs.changes.outputs.files != '' }}
working-directory: cg-app
run: stackctl changes --format pr "$STACKCTL_CHANGES"
- run: |
if [[ ! -s "$STACKCTL_CHANGES" ]]; then
echo 'No Stack changes produced by this PR' | tee "$STACKCTL_CHANGES"
fi
- uses: mshick/add-pr-comment@v2
with:
message-path: ${{ env.STACKCTL_CHANGES }}
refresh-message-position: "true"
deploy-changes:
if: ${{ github.ref == 'refs/heads/main' }}
needs: changes
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pbrisbin/setup-tool-action@v2
with:
name: stackctl
version: ${{ env.STACKCTL_VERSION }}
url: "https://github.com/freckle/{name}/releases/download/v{version}/{name}-{arch}-{os}.{ext}"
arch: x86_64
os-darwin: osx
subdir: "{name}"
- run: echo 'STACKCTL_FILTER=${{ needs.changes.outputs.files }}' >>"$GITHUB_ENV"
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ vars.AWS_ROLE }}
aws-region: ${{ vars.AWS_REGION }}
- if: ${{ needs.changes.outputs.files != '' }}
working-directory: cg-app
run: |
stackctl deploy --save-change-sets /tmp/changes --no-confirm --clean
- if: ${{ always() }}
id: notification
env:
GH_TOKEN: ${{ github.token }}
run: |
cat /tmp/changes/*.json |
jq --raw-output '.changes[].resourceChange.action | select(.)' |
sort | uniq -c > changes.txt || true
if [[ ! -s changes.txt ]]; then
echo 'No changes' > changes.txt
fi
{
echo "slack-message<<EOM"
echo '```'
cat changes.txt
echo '```'
echo
gh run view "${{ github.run_id }}" --json jobs --jq ".jobs[] | select(.name == \"${{ github.job }}\") | .url"
echo "EOM"
} >>"$GITHUB_OUTPUT"
- if: ${{ always() }}
uses: zulip/github-actions-zulip/send-message@v1
with:
api-key: ${{ secrets.ZULIP_API_KEY }}
email: ${{ secrets.ZULIP_EMAIL }}
organization-url: ${{ secrets.ZULIP_ORGANIZATION_URL }}
to: 'core team'
type: 'stream'
topic: 'Infra Deployments'
content: |
${{ job.status == 'success' && ':check:' || ':warning:' }} `restyled-io/ops` deployed
${{ steps.notification.outputs.slack-message }}