From 174b3a4783106aa32a5898037f8125f9002f70c8 Mon Sep 17 00:00:00 2001 From: Brian Torres Date: Tue, 18 Feb 2025 20:30:03 -0800 Subject: [PATCH 1/4] use new custom orchestrate and execute custom actions --- .github/workflows/pipelines-root.yml | 34 ++++++++++++++++++++++++++ .github/workflows/pipelines.yml | 36 +++++++++++++++++++++++++++- 2 files changed, 69 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-root.yml b/.github/workflows/pipelines-root.yml index ecd4c116..fd7036ac 100644 --- a/.github/workflows/pipelines-root.yml +++ b/.github/workflows/pipelines-root.yml @@ -139,6 +139,13 @@ jobs: PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-infra-root-write-token.outputs.PIPELINES_TOKEN }} + - name: Pre Orchestrate Custom Action + uses: ./pipelines-actions/.github/custom-actions/pre-orchestrate + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-infra-root-write-token.outputs.PIPELINES_TOKEN }} + - name: Pipelines Orchestrate id: orchestrate uses: ./pipelines-actions/.github/actions/pipelines-orchestrate @@ -147,6 +154,13 @@ jobs: PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-infra-root-write-token.outputs.PIPELINES_TOKEN }} + - name: Post Orchestrate Custom Action + uses: ./pipelines-actions/.github/custom-actions/post-orchestrate + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-infra-root-write-token.outputs.PIPELINES_TOKEN }} + outputs: pipelines_jobs: ${{ steps.orchestrate.outputs.jobs }} @@ -298,6 +312,16 @@ jobs: PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} gruntwork_context: ${{ toJson(steps.gruntwork_context.outputs) }} + - name: Pre Execute Custom Action + uses: ./pipelines-actions/.github/custom-actions/pre-execute + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + account_id: ${{ matrix.jobs.AccountId }} + account_name: ${{ matrix.jobs.Name }} + job: ${{ toJson(matrix.jobs) }} + gruntwork_context: ${{ toJson(steps.gruntwork_context.outputs) }} + - name: "[TerragruntExecute]: Authenticate with AWS and then Invoke Terragrunt" id: terragrunt if: ${{ steps.gruntwork_context.outputs.action == 'TERRAGRUNT_EXECUTE' }} @@ -316,6 +340,16 @@ jobs: infra_live_directory: "." deploy_branch_name: ${{ steps.gruntwork_context.outputs.deploy_branch_name }} + - name: Post Execute Custom Action + uses: ./pipelines-actions/.github/custom-actions/post-execute + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + account_id: ${{ matrix.jobs.AccountId }} + account_name: ${{ matrix.jobs.Name }} + job: ${{ toJson(matrix.jobs) }} + gruntwork_context: ${{ toJson(steps.gruntwork_context.outputs) }} + - name: Get Logs URL id: get_logs_url uses: ./pipelines-actions/.github/actions/pipelines-get-job-logs-url diff --git a/.github/workflows/pipelines.yml b/.github/workflows/pipelines.yml index 4e884e8e..e16d0394 100644 --- a/.github/workflows/pipelines.yml +++ b/.github/workflows/pipelines.yml @@ -37,7 +37,7 @@ on: env: PIPELINES_CLI_VERSION: v0.35.5 - PIPELINES_ACTIONS_VERSION: v3.4.1 + PIPELINES_ACTIONS_VERSION: v3.4.1 # TODO: update to whatever version comes after we merge matching actions PR # GitHub Actions tends to hit resource exhaustion and kill running jobs # if we leave parallelism unbounded, so we set the max to 10 for a sane default. @@ -120,6 +120,13 @@ jobs: PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-propose-infra-change-token.outputs.PIPELINES_TOKEN }} + - name: Pre Orchestrate Custom Action + uses: ./pipelines-actions/.github/custom-actions/pre-orchestrate + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-propose-infra-change-token.outputs.PIPELINES_TOKEN }} + - name: Pipelines Orchestrate id: orchestrate uses: ./pipelines-actions/.github/actions/pipelines-orchestrate @@ -128,6 +135,13 @@ jobs: PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-propose-infra-change-token.outputs.PIPELINES_TOKEN }} + - name: Post Orchestrate Custom Action + uses: ./pipelines-actions/.github/custom-actions/post-orchestrate + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-propose-infra-change-token.outputs.PIPELINES_TOKEN }} + outputs: pipelines_jobs: ${{ steps.orchestrate.outputs.jobs }} @@ -206,6 +220,16 @@ jobs: child_account_id: ${{ matrix.jobs.AdditionalData.ChildAccountId }} account_names: ${{ matrix.jobs.AdditionalData.AccountNames }} + - name: Pre Execute Custom Action + uses: ./pipelines-actions/.github/custom-actions/pre-execute + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + account_id: ${{ matrix.jobs.AccountId }} + account_name: ${{ matrix.jobs.Name }} + job: ${{ toJson(matrix.jobs) }} + gruntwork_context: ${{ toJson(steps.gruntwork_context.outputs) }} + - name: "Run terragrunt ${{ steps.gruntwork_context.outputs.terragrunt_command }} in ${{ steps.gruntwork_context.outputs.working_directory }}" id: terragrunt uses: ./pipelines-actions/.github/actions/pipelines-execute @@ -245,6 +269,16 @@ jobs: step_logs_url: ${{ steps.get_logs_url.outputs.step_logs_url }} PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-propose-infra-change-token.outputs.PIPELINES_TOKEN }} + - name: Post Execute Custom Action + uses: ./pipelines-actions/.github/custom-actions/post-execute + with: + PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} + PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} + account_id: ${{ matrix.jobs.AccountId }} + account_name: ${{ matrix.jobs.Name }} + job: ${{ toJson(matrix.jobs) }} + gruntwork_context: ${{ toJson(steps.gruntwork_context.outputs) }} + outputs: account_id: ${{ matrix.jobs.AccountId }} branch: ${{ steps.gruntwork_context.outputs.branch }} From b487ec0d6fe4196c9f41b5a813d36f275128e23e Mon Sep 17 00:00:00 2001 From: Brian Torres Date: Tue, 18 Feb 2025 20:37:22 -0800 Subject: [PATCH 2/4] Add pipelines-root todo --- .github/workflows/pipelines-root.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-root.yml b/.github/workflows/pipelines-root.yml index fd7036ac..113448d0 100644 --- a/.github/workflows/pipelines-root.yml +++ b/.github/workflows/pipelines-root.yml @@ -39,7 +39,7 @@ on: env: PIPELINES_CLI_VERSION: v0.35.5 - PIPELINES_ACTIONS_VERSION: v3.4.1 + PIPELINES_ACTIONS_VERSION: v3.4.1 # TODO: update to whatever version comes after we merge matching actions PR BOILERPLATE_VERSION: v0.5.16 GRUNTWORK_INSTALLER_VERSION: v0.0.40 From f9b708fa7db397d138d93cdc0de96efb66b08795 Mon Sep 17 00:00:00 2001 From: Brian Torres Date: Wed, 19 Feb 2025 21:24:15 -0800 Subject: [PATCH 3/4] add post-{execute,orchestrate} inputs to mirror the output of the matching step --- .github/workflows/pipelines-root.yml | 4 ++++ .github/workflows/pipelines.yml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/pipelines-root.yml b/.github/workflows/pipelines-root.yml index 113448d0..ad3bbb88 100644 --- a/.github/workflows/pipelines-root.yml +++ b/.github/workflows/pipelines-root.yml @@ -160,6 +160,7 @@ jobs: PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-infra-root-write-token.outputs.PIPELINES_TOKEN }} + jobs: ${{ steps.orchestrate.outputs.jobs }} outputs: pipelines_jobs: ${{ steps.orchestrate.outputs.jobs }} @@ -349,6 +350,9 @@ jobs: account_name: ${{ matrix.jobs.Name }} job: ${{ toJson(matrix.jobs) }} gruntwork_context: ${{ toJson(steps.gruntwork_context.outputs) }} + formatted_plan_output: ${{ steps.terragrunt.outputs.formatted_plan_output }} + execute_stdout_log: ${{ steps.terragrunt.outputs.execute_stdout_log }} + plan_folder: ${{ steps.terragrunt.outputs.plan_folder }} - name: Get Logs URL id: get_logs_url diff --git a/.github/workflows/pipelines.yml b/.github/workflows/pipelines.yml index e16d0394..12241aad 100644 --- a/.github/workflows/pipelines.yml +++ b/.github/workflows/pipelines.yml @@ -141,6 +141,7 @@ jobs: PIPELINES_GRUNTWORK_READ_TOKEN: ${{ steps.pipelines-gruntwork-read-token.outputs.PIPELINES_TOKEN }} PIPELINES_CUSTOMER_ORG_READ_TOKEN: ${{ steps.pipelines-customer-org-read-token.outputs.PIPELINES_TOKEN }} PR_COMMENT_WRITE_TOKEN: ${{ steps.pipelines-propose-infra-change-token.outputs.PIPELINES_TOKEN }} + jobs: ${{ steps.orchestrate.outputs.jobs }} outputs: pipelines_jobs: ${{ steps.orchestrate.outputs.jobs }} @@ -278,6 +279,9 @@ jobs: account_name: ${{ matrix.jobs.Name }} job: ${{ toJson(matrix.jobs) }} gruntwork_context: ${{ toJson(steps.gruntwork_context.outputs) }} + formatted_plan_output: ${{ steps.terragrunt.outputs.formatted_plan_output }} + execute_stdout_log: ${{ steps.terragrunt.outputs.execute_stdout_log }} + plan_folder: ${{ steps.terragrunt.outputs.plan_folder }} outputs: account_id: ${{ matrix.jobs.AccountId }} From a164195d36a0a8f9549c7608f4f892fd2ae4034a Mon Sep 17 00:00:00 2001 From: Brian T Date: Wed, 4 Jun 2025 22:03:35 -0700 Subject: [PATCH 4/4] change to special actions version for testing --- .github/workflows/pipelines-root.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-root.yml b/.github/workflows/pipelines-root.yml index 1d459b10..6960f9e0 100644 --- a/.github/workflows/pipelines-root.yml +++ b/.github/workflows/pipelines-root.yml @@ -39,7 +39,7 @@ on: env: PIPELINES_CLI_VERSION: v0.39.0 - PIPELINES_ACTIONS_VERSION: v3.6.4 + PIPELINES_ACTIONS_VERSION: add-orchestrate-execute-actions BOILERPLATE_VERSION: v0.5.16 GRUNTWORK_INSTALLER_VERSION: v0.0.40