fixing up a broken app deploy #4881
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # name: "Terragrunt plan STAGING" | |
| # on: | |
| # workflow_dispatch: | |
| # pull_request: | |
| # paths: | |
| # - ".env" | |
| # - "aws/**" | |
| # - "env/staging/**" | |
| # - "env/terragrunt.hcl" | |
| # - ".github/workflows/terragrunt_plan_staging.yml" | |
| # permissions: | |
| # id-token: write # This is required for requesting the OIDC JWT | |
| # contents: write # This is required for actions/checkout | |
| # pull-requests: write | |
| # env: | |
| # TARGET_ENV_PATH: staging | |
| # AWS_REGION: ca-central-1 | |
| # TF_VAR_new_relic_api_key: ${{ secrets.STAGING_NEW_RELIC_API_KEY }} | |
| # TF_VAR_new_relic_account_id: ${{ secrets.STAGING_NEW_RELIC_ACCOUNT_ID }} | |
| # TF_VAR_new_relic_slack_webhook_url: ${{ secrets.STAGING_NEW_RELIC_SLACK_WEBHOOK_URL }} | |
| # TF_VAR_base_domain: ${{secrets.STAGING_BASE_DOMAIN}} | |
| # TF_VAR_alt_base_domain: ${{secrets.STAGING_ALT_BASE_DOMAIN}} | |
| # TF_VAR_dbtools_password: ${{ secrets.STAGING_DBTOOLS_PASSWORD }} | |
| # TF_VAR_heartbeat_api_key: ${{ secrets.STAGING_HEARTBEAT_API_KEY }} | |
| # TF_VAR_heartbeat_sms_number: ${{ secrets.STAGING_HEARTBEAT_SMS_NUMBER }} | |
| # TF_VAR_rds_cluster_password: ${{ secrets.STAGING_RDS_CLUSTER_PASSWORD }} | |
| # TF_VAR_app_db_user_password: ${{ secrets.STAGING_APP_DB_USER_PASSWORD }} | |
| # TF_VAR_quicksight_db_user_password: ${{ secrets.STAGING_QUICKSIGHT_DB_USER_PASSWORD }} | |
| # TF_VAR_cloudwatch_opsgenie_alarm_webhook: "" | |
| # TF_VAR_cloudwatch_slack_webhook_warning_topic: ${{ secrets.STAGING_CLOUDWATCH_SLACK_WEBHOOK }} | |
| # TF_VAR_cloudwatch_slack_webhook_critical_topic: ${{ secrets.STAGING_CLOUDWATCH_SLACK_WEBHOOK }} | |
| # TF_VAR_cloudwatch_slack_webhook_general_topic: ${{ secrets.STAGING_CLOUDWATCH_SLACK_WEBHOOK }} | |
| # TF_VAR_notify_o11y_google_oauth_client_id: ${{ secrets.NOTIFY_O11Y_GOOGLE_OAUTH_CLIENT_ID_STAGING }} | |
| # TF_VAR_notify_o11y_google_oauth_client_secret: ${{ secrets.NOTIFY_O11Y_GOOGLE_OAUTH_CLIENT_SECRET_STAGING }} | |
| # TF_VAR_sentinel_customer_id: ${{ secrets.SENTINEL_CUSTOMER_ID }} | |
| # TF_VAR_sentinel_shared_key: ${{ secrets.SENTINEL_SHARED_KEY }} | |
| # TF_VAR_slack_channel_warning_topic: "notification-staging-ops" | |
| # TF_VAR_slack_channel_critical_topic: "notification-staging-ops" | |
| # TF_VAR_slack_channel_general_topic: "notification-staging-ops" | |
| # TF_VAR_sqlalchemy_database_reader_uri: ${{ secrets.STAGING_SQLALCHEMY_DATABASE_READER_URI }} | |
| # TF_VAR_system_status_admin_url: "https://staging.notification.cdssandbox.xyz" | |
| # TF_VAR_system_status_api_url: "https://api.staging.notification.cdssandbox.xyz" | |
| # TF_VAR_system_status_bucket_name: "notification-canada-ca-staging-system-status" | |
| # TF_VAR_new_relic_license_key: ${{ secrets.STAGING_NEW_RELIC_LICENSE_KEY }} | |
| # TF_VAR_waf_secret: ${{secrets.STAGING_WAF_SECRET}} | |
| # # Prevents repeated creation of the Slack lambdas if already existing. | |
| # # See: https://github.com/terraform-aws-modules/terraform-aws-notify-slack/issues/84 | |
| # TF_RECREATE_MISSING_LAMBDA_PACKAGE: false | |
| # TF_VAR_perf_test_phone_number: ${{ secrets.PERF_TEST_PHONE_NUMBER }} | |
| # TF_VAR_perf_test_email: ${{ secrets.PERF_TEST_EMAIL }} | |
| # TF_VAR_perf_test_domain: ${{ secrets.PERF_TEST_DOMAIN }} | |
| # TF_VAR_perf_test_auth_header: ${{ secrets.PERF_TEST_AUTH_HEADER }} | |
| # TF_VAR_client_vpn_access_group_id: ${{ secrets.STAGING_CLIENT_VPN_ACCESS_GROUP_ID }} | |
| # TF_VAR_client_vpn_saml_metadata: ${{ secrets.STAGING_CLIENT_VPN_SAML_METADATA }} | |
| # TF_VAR_client_vpn_self_service_saml_metadata: ${{ secrets.STAGING_CLIENT_VPN_SELF_SERVICE_SAML_METADATA }} | |
| # TF_VAR_pr_bot_installation_id: ${{ secrets.NOTIFY_PR_BOT_INSTALLATION_ID_MANIFESTS }} | |
| # TF_VAR_pr_bot_app_id: ${{ secrets.NOTIFY_PR_BOT_APP_ID }} | |
| # TF_VAR_pr_bot_private_key: ${{ secrets.NOTIFY_PR_BOT_PRIVATE_KEY }} | |
| # TF_VAR_budget_sre_bot_webhook: ${{ secrets.STAGING_BUDGET_SRE_BOT_WEBHOOK }} | |
| # TF_VAR_enable_sentinel_forwarding: true | |
| # TF_VAR_aws_xray_sdk_enabled: true | |
| # jobs: | |
| # terragrunt-filter: | |
| # runs-on: ubuntu-latest | |
| # outputs: | |
| # common: ${{ steps.filter.outputs.common }} | |
| # ecr: ${{ steps.filter.outputs.ecr }} | |
| # ses_receiving_emails: ${{ steps.filter.outputs.ses_receiving_emails }} | |
| # ses_to_sqs_email_callbacks: ${{ steps.filter.outputs.ses_to_sqs_email_callbacks }} | |
| # sns_to_sqs_sms_callbacks: ${{ steps.filter.outputs.sns_to_sqs_sms_callbacks }} | |
| # pinpoint_to_sqs_sms_callbacks: ${{ steps.filter.outputs.pinpoint_to_sqs_sms_callbacks }} | |
| # dns: ${{ steps.filter.outputs.dns }} | |
| # ses_validation_dns_entries: ${{ steps.filter.outputs.ses_validation_dns_entries }} | |
| # eks: ${{ steps.filter.outputs.eks }} | |
| # rds: ${{ steps.filter.outputs.rds }} | |
| # lambda-api: ${{ steps.filter.outputs.lambda-api }} | |
| # heartbeat: ${{ steps.filter.outputs.heartbeat }} | |
| # database-tools: ${{ steps.filter.outputs.database-tools }} | |
| # quicksight: ${{ steps.filter.outputs.quicksight }} | |
| # lambda-google-cidr: ${{ steps.filter.outputs.lambda-google-cidr }} | |
| # system_status: ${{ steps.filter.outputs.system_status }} | |
| # system_status_static_site: ${{ steps.filter.outputs.system_status_static_site }} | |
| # newrelic: ${{ steps.filter.outputs.newrelic }} | |
| # steps: | |
| # - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 | |
| # id: filter | |
| # with: | |
| # filters: | | |
| # common: | |
| # - '.github/workflows/terragrunt-plan-staging.yml' | |
| # - 'aws/common/**' | |
| # - 'env/staging/common/**' | |
| # - 'env/terragrunt.hcl' | |
| # - 'env/staging/env_vars.hcl' | |
| # dns: | |
| # - 'aws/dns/**' | |
| # - 'env/staging/dns/**' | |
| # ses_validation_dns_entries: | |
| # - 'aws/ses_validation_dns_entries/**' | |
| # - 'env/staging/ses_validation_dns_entries/**' | |
| # ecr: | |
| # - 'aws/ecr/**' | |
| # - 'env/staging/ecr/**' | |
| # eks: | |
| # - 'aws/eks/**' | |
| # - 'env/staging/eks/**' | |
| # elasticache: | |
| # - 'aws/elasticache/**' | |
| # - 'env/staging/elasticache/**' | |
| # rds: | |
| # - 'aws/rds/**' | |
| # - 'env/staging/rds/**' | |
| # cloudfront: | |
| # - 'aws/cloudfront/**' | |
| # - 'env/staging/cloudfront/**' | |
| # lambda-api: | |
| # - 'aws/lambda-api/**' | |
| # - 'env/staging/lambda-api/**' | |
| # lambda-admin-pr: | |
| # - 'aws/lambda-admin-pr/**' | |
| # - 'env/staging/lambda-admin-pr/**' | |
| # performance-test: | |
| # - 'aws/performance-test/**' | |
| # - 'env/staging/performance-test/**' | |
| # heartbeat: | |
| # - 'aws/heartbeat/**' | |
| # - 'env/staging/heartbeat/**' | |
| # database-tools: | |
| # - 'aws/database-tools/**' | |
| # - 'env/staging/database-tools/**' | |
| # system_status: | |
| # - 'aws/system_status/**' | |
| # - 'env/staging/system_status/**' | |
| # system_status_static_site: | |
| # - 'aws/system_status_static_site/**' | |
| # - 'env/staging/system_status_static_site/**' | |
| # quicksight: | |
| # - 'aws/quicksight/**' | |
| # - 'env/staging/quicksight/**' | |
| # lambda-google-cidr: | |
| # - 'aws/lambda-google-cidr/**' | |
| # - 'env/staging/lambda-google-cidr/**' | |
| # ses_receiving_emails: | |
| # - 'aws/ses_receiving_emails/**' | |
| # - 'env/staging/ses_receiving_emails/**' | |
| # ses_to_sqs_email_callbacks: | |
| # - 'aws/ses_to_sqs_email_callbacks/**' | |
| # - 'env/staging/ses_to_sqs_email_callbacks/**' | |
| # sns_to_sqs_sms_callbacks: | |
| # - 'aws/sns_to_sqs_sms_callbacks/**' | |
| # - 'env/staging/sns_to_sqs_sms_callbacks/**' | |
| # pinpoint_to_sqs_sms_callbacks: | |
| # - 'aws/pinpoint_to_sqs_sms_callbacks/**' | |
| # - 'env/staging/pinpoint_to_sqs_sms_callbacks/**' | |
| # newrelic: | |
| # - 'aws/newrelic/**' | |
| # - 'env/staging/newrelic/**' | |
| # terragrunt-plan-common: | |
| # if: | | |
| # needs.terragrunt-filter.outputs.common == 'true' | |
| # runs-on: ubuntu-latest | |
| # needs: terragrunt-filter | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan common | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/common" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: common" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-ecr: | |
| # if: | | |
| # always() && | |
| # needs.terragrunt-filter.outputs.ecr == 'true' && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: terragrunt-filter | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan ECR | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/ecr" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: ecr" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-ses_receiving_emails: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.ses_receiving_emails == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan ses_receiving_emails | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/ses_receiving_emails" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: ses_receiving_emails" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-dns: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.dns == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ses_receiving_emails] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan dns | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/dns" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: dns" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-ses_validation_dns_entries: | |
| # if: | | |
| # always() && | |
| # needs.terragrunt-filter.outputs.ses_validation_dns_entries == 'true' && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-dns] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan ses_validation_dns_entries | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/ses_validation_dns_entries" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: ses_validation_dns_entries" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-cloudfront: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.cloudfront == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan cloudfront | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/cloudfront" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: cloudfront" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-eks: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.eks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-dns,terragrunt-plan-cloudfront] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan eks | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/eks" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: eks" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-elasticache: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.elasticache == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan elasticache | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/elasticache" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: elasticache" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-rds: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.rds == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan rds | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/rds" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: rds" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-lambda-api: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.lambda-api == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr,terragrunt-plan-rds] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan lambda-api | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/lambda-api" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: lambda-api" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-lambda-admin-pr: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.lambda-admin-pr == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-elasticache,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan lambda-admin-pr | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/lambda-admin-pr" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: lambda-admin-pr" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-performance-test: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.performance-test == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan performance-test | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/performance-test" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: performance-test" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-heartbeat: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.heartbeat == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan heartbeat | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/heartbeat" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: heartbeat" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-database-tools: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.database-tools == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-rds] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan database-tools | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/database-tools" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: database-tools" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-quicksight: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.quicksight == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-rds] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan quicksight | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/quicksight" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: quicksight" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-lambda-google-cidr: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.lambda-google-cidr == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan lambda-google-cidr | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/lambda-google-cidr" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: lambda-google-cidr" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-ses_to_sqs_email_callbacks: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.ses_to_sqs_email_callbacks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan ses_to_sqs_email_callbacks | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/ses_to_sqs_email_callbacks" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: ses_to_sqs_email_callbacks" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-sns_to_sqs_sms_callbacks: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.sns_to_sqs_sms_callbacks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan sns_to_sqs_sms_callbacks | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/sns_to_sqs_sms_callbacks" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: sns_to_sqs_sms_callbacks" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-pinpoint_to_sqs_sms_callbacks: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.pinpoint_to_sqs_sms_callbacks == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan pinpoint_to_sqs_sms_callbacks | |
| # uses: cds-snc/terraform-plan@7f4ce4a4bdffaba639d32a45272804e37a569408 # v3.0.6 | |
| # with: | |
| # directory: "env/staging/pinpoint_to_sqs_sms_callbacks" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: pinpoint_to_sqs_sms_callbacks" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-system_status: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.system_status == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr,terragrunt-plan-rds,terragrunt-plan-eks] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan system_status | |
| # uses: cds-snc/terraform-plan@v3 | |
| # with: | |
| # directory: "env/staging/system_status" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: system_status" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # terragrunt-plan-system_status_static_site: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.system_status_static_site == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: terragrunt-filter | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan aws/system_status_static_site | |
| # uses: cds-snc/terraform-plan@v3 | |
| # with: | |
| # directory: "env/staging/system_status_static_site" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: system_status_static_site" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # skip-conftest: "true" | |
| # terragrunt-plan-newrelic: | |
| # if: | | |
| # always() && | |
| # (needs.terragrunt-filter.outputs.newrelic == 'true' || needs.terragrunt-filter.outputs.common == 'true') && | |
| # !contains(needs.*.result, 'failure') && | |
| # !contains(needs.*.result, 'cancelled') | |
| # runs-on: ubuntu-latest | |
| # needs: terragrunt-filter | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| # - name: setup-terraform | |
| # uses: ./.github/actions/setup-terraform | |
| # with: | |
| # role_to_assume: arn:aws:iam::239043911459:role/notification-terraform-plan | |
| # role_session_name: NotifyTerraformPlan | |
| # - name: Terragrunt plan aws/newrelic | |
| # uses: cds-snc/terraform-plan@v3 | |
| # with: | |
| # directory: "env/staging/newrelic" | |
| # comment-delete: "true" | |
| # comment-title: "Staging: newrelic" | |
| # github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| # terragrunt: "true" | |
| # skip-conftest: "true" |