Read All Values from TFVars #63
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Terragrunt plan DEV" | |
env: | |
ENVIRONMENT: dev | |
ACCOUNT_ID: ${{ secrets.DEV_ACCOUNT_ID }} | |
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
on: | |
workflow_dispatch: | |
pull_request: | |
paths: | |
- ".env" | |
- "aws/**" | |
- "env/$ENVIRONMENT/**" | |
- "env/terragrunt.hcl" | |
- ".github/workflows/terragrunt_plan_$ENVIRONMENT.yml" | |
permissions: | |
id-token: write # This is required for requesting the OIDC JWT | |
contents: write # This is required for actions/checkout | |
pull-requests: write | |
jobs: | |
terragrunt-filter: | |
runs-on: ubuntu-latest | |
outputs: | |
common: ${{ steps.filter.outputs.common }} | |
ecr: ${{ steps.filter.outputs.ecr }} | |
ses_receiving_emails: ${{ steps.filter.outputs.ses_receiving_emails }} | |
ses_to_sqs_email_callbacks: ${{ steps.filter.outputs.ses_to_sqs_email_callbacks }} | |
sns_to_sqs_sms_callbacks: ${{ steps.filter.outputs.sns_to_sqs_sms_callbacks }} | |
pinpoint_to_sqs_sms_callbacks: ${{ steps.filter.outputs.pinpoint_to_sqs_sms_callbacks }} | |
dns: ${{ steps.filter.outputs.dns }} | |
ses_validation_dns_entries: ${{ steps.filter.outputs.ses_validation_dns_entries }} | |
eks: ${{ steps.filter.outputs.eks }} | |
rds: ${{ steps.filter.outputs.rds }} | |
lambda-api: ${{ steps.filter.outputs.lambda-api }} | |
heartbeat: ${{ steps.filter.outputs.heartbeat }} | |
database-tools: ${{ steps.filter.outputs.database-tools }} | |
quicksight: ${{ steps.filter.outputs.quicksight }} | |
lambda-google-cidr: ${{ steps.filter.outputs.lambda-google-cidr }} | |
system_status: ${{ steps.filter.outputs.system_status }} | |
system_status_static_site: ${{ steps.filter.outputs.system_status_static_site }} | |
newrelic: ${{ steps.filter.outputs.newrelic }} | |
steps: | |
- uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 | |
id: filter | |
with: | |
filters: | | |
common: | |
- '.github/workflows/terragrunt-plan-${{env.ENVIRONMENT}}.yml' | |
- 'aws/common/**' | |
- 'env/${{env.ENVIRONMENT}}/common/**' | |
- 'env/terragrunt.hcl' | |
dns: | |
- 'aws/dns/**' | |
- 'env/${{env.ENVIRONMENT}}/dns/**' | |
ses_validation_dns_entries: | |
- 'aws/ses_validation_dns_entries/**' | |
- 'env/${{env.ENVIRONMENT}}/ses_validation_dns_entries/**' | |
ecr: | |
- 'aws/ecr/**' | |
- 'env/${{env.ENVIRONMENT}}/ecr/**' | |
eks: | |
- 'aws/eks/**' | |
- 'env/${{env.ENVIRONMENT}}/eks/**' | |
elasticache: | |
- 'aws/elasticache/**' | |
- 'env/${{env.ENVIRONMENT}}/elasticache/**' | |
rds: | |
- 'aws/rds/**' | |
- 'env/${{env.ENVIRONMENT}}/rds/**' | |
cloudfront: | |
- 'aws/cloudfront/**' | |
- 'env/${{env.ENVIRONMENT}}/cloudfront/**' | |
lambda-api: | |
- 'aws/lambda-api/**' | |
- 'env/${{env.ENVIRONMENT}}/lambda-api/**' | |
lambda-admin-pr: | |
- 'aws/lambda-admin-pr/**' | |
- 'env/${{env.ENVIRONMENT}}/lambda-admin-pr/**' | |
performance-test: | |
- 'aws/performance-test/**' | |
- 'env/${{env.ENVIRONMENT}}/performance-test/**' | |
heartbeat: | |
- 'aws/heartbeat/**' | |
- 'env/${{env.ENVIRONMENT}}/heartbeat/**' | |
database-tools: | |
- 'aws/database-tools/**' | |
- 'env/${{env.ENVIRONMENT}}/database-tools/**' | |
system_status: | |
- 'aws/system_status/**' | |
- 'env/${{env.ENVIRONMENT}}/system_status/**' | |
system_status_static_site: | |
- 'aws/system_status_static_site/**' | |
- 'env/${{env.ENVIRONMENT}}/system_status_static_site/**' | |
quicksight: | |
- 'aws/quicksight/**' | |
- 'env/${{env.ENVIRONMENT}}/quicksight/**' | |
lambda-google-cidr: | |
- 'aws/lambda-google-cidr/**' | |
- 'env/${{env.ENVIRONMENT}}/lambda-google-cidr/**' | |
ses_receiving_emails: | |
- 'aws/ses_receiving_emails/**' | |
- 'env/${{env.ENVIRONMENT}}/ses_receiving_emails/**' | |
ses_to_sqs_email_callbacks: | |
- 'aws/ses_to_sqs_email_callbacks/**' | |
- 'env/${{env.ENVIRONMENT}}/ses_to_sqs_email_callbacks/**' | |
sns_to_sqs_sms_callbacks: | |
- 'aws/sns_to_sqs_sms_callbacks/**' | |
- 'env/${{env.ENVIRONMENT}}/sns_to_sqs_sms_callbacks/**' | |
pinpoint_to_sqs_sms_callbacks: | |
- 'aws/pinpoint_to_sqs_sms_callbacks/**' | |
- 'env/${{env.ENVIRONMENT}}/pinpoint_to_sqs_sms_callbacks/**' | |
newrelic: | |
- 'aws/newrelic/**' | |
- 'env/${{env.ENVIRONMENT}}/newrelic/**' | |
terragrunt-plan-common: | |
if: | | |
needs.terragrunt-filter.outputs.common == 'true' | |
runs-on: ubuntu-latest | |
needs: terragrunt-filter | |
env: | |
COMPONENT: common | |
steps: | |
- name: Install 1Pass CLI | |
run: | | |
curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
sudo dpkg -i 1pass.deb | |
- name: Retrieve TFVars | |
run: | | |
op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
- name: Checkout | |
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
- name: setup-terraform | |
uses: ./.github/actions/setup-terraform | |
with: | |
role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
role_session_name: NotifyTerraformPlan | |
- name: Terragrunt plan ${{env.COMPONENT}} | |
run: | | |
op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
cd env/${{env.ENVIRONMENT}}/${{env.COMPONENT}} | |
terragrunt plan --terragrunt-non-interactive | |
terragrunt-plan-ecr: | |
if: | | |
always() && | |
needs.terragrunt-filter.outputs.ecr == 'true' && | |
!contains(needs.*.result, 'failure') && | |
!contains(needs.*.result, 'cancelled') | |
runs-on: ubuntu-latest | |
needs: terragrunt-filter | |
env: | |
COMPONENT: ecr | |
steps: | |
- name: Install 1Pass CLI | |
run: | | |
curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
sudo dpkg -i 1pass.deb | |
- name: Retrieve TFVars | |
run: | | |
op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
- name: Checkout | |
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
- name: setup-terraform | |
uses: ./.github/actions/setup-terraform | |
with: | |
role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
role_session_name: NotifyTerraformPlan | |
- name: Terragrunt plan ${{env.COMPONENT}} | |
run: | | |
op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
cd env/${{env.ENVIRONMENT}}/${{env.COMPONENT}} | |
terragrunt plan --terragrunt-non-interactive | |
terragrunt-plan-ses_receiving_emails: | |
if: | | |
always() && | |
(needs.terragrunt-filter.outputs.ses_receiving_emails == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
!contains(needs.*.result, 'failure') && | |
!contains(needs.*.result, 'cancelled') | |
runs-on: ubuntu-latest | |
needs: terragrunt-filter | |
env: | |
COMPONENT: ses_receiving_emails | |
steps: | |
- name: Install 1Pass CLI | |
run: | | |
curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
sudo dpkg -i 1pass.deb | |
- name: Retrieve TFVars | |
run: | | |
op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
- name: Checkout | |
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
- name: setup-terraform | |
uses: ./.github/actions/setup-terraform | |
with: | |
role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
role_session_name: NotifyTerraformPlan | |
- name: Terragrunt plan ${{env.COMPONENT}} | |
run: | | |
op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
cd env/${{env.ENVIRONMENT}}/${{env.COMPONENT}} | |
terragrunt plan --terragrunt-non-interactive | |
# terragrunt-plan-dns: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.dns == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ses_receiving_emails] | |
# env: | |
# COMPONENT: dns | |
# steps: | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Terragrunt plan ${{env.COMPONENT}} | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
# cd env/${{env.ENVIRONMENT}}/${{env.COMPONENT}} | |
# terragrunt plan --terragrunt-non-interactive | |
# terragrunt-plan-ses_validation_dns_entries: | |
# if: | | |
# always() && | |
# needs.terragrunt-filter.outputs.ses_validation_dns_entries == 'true' && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-dns] | |
# env: | |
# COMPONENT: ses_validation_dns_entries | |
# steps: | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Terragrunt plan ${{env.COMPONENT}} | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
# cd env/${{env.ENVIRONMENT}}/${{env.COMPONENT}} | |
# terragrunt plan --terragrunt-non-interactive | |
# terragrunt-plan-cloudfront: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.cloudfront == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common] | |
# env: | |
# COMPONENT: cloudfront | |
# steps: | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Terragrunt plan ${{env.COMPONENT}} | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > /var/tmp/${{env.ENVIRONMENT}}.tfvars | |
# cd env/${{env.ENVIRONMENT}}/${{env.COMPONENT}} | |
# terragrunt plan --terragrunt-non-interactive | |
# terragrunt-plan-eks: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.eks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-dns,terragrunt-plan-cloudfront] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/eks/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan eks | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/eks" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: eks" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-elasticache: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.elasticache == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/elasticache/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan elasticache | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/elasticache" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: elasticache" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-rds: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.rds == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/rds/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan rds | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/rds" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: rds" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-lambda-api: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.lambda-api == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr,terragrunt-plan-rds] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/lambda-api/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan lambda-api | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/lambda-api" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: lambda-api" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-lambda-admin-pr: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.lambda-admin-pr == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-elasticache,terragrunt-plan-ecr] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/lambda-admin-pr/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan lambda-admin-pr | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/lambda-admin-pr" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: lambda-admin-pr" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-performance-test: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.performance-test == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/performance-test/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan performance-test | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/performance-test" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: performance-test" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-heartbeat: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.heartbeat == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/heartbeat/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan heartbeat | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/heartbeat" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: heartbeat" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-database-tools: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.database-tools == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-rds] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/database-tools/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan database-tools | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/database-tools" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: database-tools" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-quicksight: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.quicksight == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-rds] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/quicksight/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan quicksight | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/quicksight" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: quicksight" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-lambda-google-cidr: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.lambda-google-cidr == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/lambda-google-cidr/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan lambda-google-cidr | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/lambda-google-cidr" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: lambda-google-cidr" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-ses_to_sqs_email_callbacks: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.ses_to_sqs_email_callbacks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/ses_to_sqs_email_callbacks/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan ses_to_sqs_email_callbacks | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/ses_to_sqs_email_callbacks" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: ses_to_sqs_email_callbacks" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-sns_to_sqs_sms_callbacks: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.sns_to_sqs_sms_callbacks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/sns_to_sqs_sms_callbacks/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan sns_to_sqs_sms_callbacks | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/sns_to_sqs_sms_callbacks" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: sns_to_sqs_sms_callbacks" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-pinpoint_to_sqs_sms_callbacks: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.pinpoint_to_sqs_sms_callbacks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/pinpoint_to_sqs_sms_callbacks/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan pinpoint_to_sqs_sms_callbacks | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/pinpoint_to_sqs_sms_callbacks" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: pinpoint_to_sqs_sms_callbacks" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-system_status: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.system_status == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr,terragrunt-plan-rds,terragrunt-plan-eks] | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/system_status/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan system_status | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/system_status" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: system_status" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# terragrunt-plan-system_status_static_site: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.system_status_static_site == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: terragrunt-filter | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/system_status_static_site/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan aws/system_status_static_site | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/system_status_static_site" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: system_status_static_site" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# skip-conftest: "true" | |
# terragrunt-plan-newrelic: | |
# if: | | |
# always() && | |
# (needs.terragrunt-filter.outputs.newrelic == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
# !contains(needs.*.result, 'failure') && | |
# !contains(needs.*.result, 'cancelled') | |
# runs-on: ubuntu-latest | |
# needs: terragrunt-filter | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
# - name: setup-terraform | |
# uses: ./.github/actions/setup-terraform | |
# with: | |
# role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan | |
# role_session_name: NotifyTerraformPlan | |
# - name: Install 1Pass CLI | |
# run: | | |
# curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
# sudo dpkg -i 1pass.deb | |
# - name: Retrieve TFVars | |
# run: | | |
# op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/newrelic/${{env.ENVIRONMENT}}.tfvars | |
# - name: Terragrunt plan aws/newrelic | |
# uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba | |
# with: | |
# directory: "env/${{env.ENVIRONMENT}}/newrelic" | |
# comment-delete: "true" | |
# comment-title: "${{env.ENVIRONMENT}}: newrelic" | |
# github-token: "${{ secrets.GITHUB_TOKEN }}" | |
# terragrunt: "true" | |
# skip-conftest: "true" |