Skip to content

Fix typo in validate-deployment workflow (issue #7) #23

Fix typo in validate-deployment workflow (issue #7)

Fix typo in validate-deployment workflow (issue #7) #23

Workflow file for this run

name: Continuous Integration
on:
pull_request_target: {}
permissions:
contents: read
jobs:
qa:
permissions:
contents: read
uses: ./.github/workflows/qa.yml
with:
ref: ${{ github.event.pull_request.head.sha }}
publish-qa-results:
name: Publish QA Results
permissions:
contents: read
pull-requests: write
if: needs.qa.result != 'skipped' || needs.qa.result != 'cancelled'
needs:
- qa
uses: "./.github/workflows/publish-qa-results.yml"
with:
api-test-outcome: ${{ needs.qa.outputs.api-test-outcome }}
api-test-coverage-markdown-report: ${{ needs.qa.outputs.api-test-coverage-markdown-report }}
web-test-outcome: ${{ needs.qa.outputs.web-test-outcome }}
web-test-coverage-markdown-report: ${{ needs.qa.outputs.web-test-coverage-markdown-report }}
eslint-outcome: ${{ needs.qa.outputs.eslint-outcome }}
tflint-outcome: ${{ needs.qa.outputs.tflint-outcome }}
pr-number: ${{ github.event.pull_request.number }}
write-summary: true
write-comment: true
build:
permissions:
contents: read
packages: write
name: Build deployment artifacts
uses: ./.github/workflows/build.yml
with:
ref: ${{ github.event.pull_request.head.sha }}
build-api-image: true
api-image-push: true
api-image-args-ref: ${{ github.ref }}
api-image-tag-latest: false
api-image-tag-pr: "${{ github.event.pull_request.number }}"
api-image-version: "rc-pr-${{ github.event.pull_request.number }}"
api-image-upload-attestations: true
api-image-artifacts-retention-days: 14
build-api-functions: true
api-function-artifact-retention-days: 14
build-web: true
web-artifact-retention-days: 14
web-dotenv: |
API_URL=api.staging.cpf.usdr.dev
aws-auth:
name: Configure AWS Credentials
permissions:
contents: read
id-token: write
uses: ./.github/workflows/aws-auth.yml
with:
aws-region: us-west-2
secrets:
role-to-assume: ${{ secrets.CI_ROLE_ARN }}
gpg-passphrase: ${{ secrets.TFPLAN_SECRET }}
tf-plan:
name: Plan Terraform
permissions:
contents: read
needs:
- aws-auth
- build
uses: ./.github/workflows/terraform-plan.yml
if: needs.build.outputs.build-api-image-result == 'success' && needs.build.outputs.build-web-result == 'success' && needs.aws-auth.result == 'success'
with:
ref: ${{ github.event.pull_request.head.sha }}
concurrency-group: run_terraform-staging
api-functions-artifacts-key: ${{ needs.build.outputs.api-functions-artifacts-key }}
api-functions-artifacts-path: ${{ needs.build.outputs.api-functions-artifacts-path }}
api-image-tag: ${{ github.event.pull_request.head.sha }}
api-image-digest: ${{ needs.build.outputs.api-image-digest }}
web-artifacts-key: ${{ needs.build.outputs.web-artifacts-key }}
web-artifacts-path: ${{ needs.build.outputs.web-artifacts-path }}
aws-region: us-west-2
environment-key: staging
tf-backend-config-file: staging.s3.tfbackend
tf-var-file: staging.tfvars
upload-artifacts: false
artifacts-retention-days: 14
secrets:
aws-access-key-id: ${{ needs.aws-auth.outputs.aws-access-key-id }}
aws-secret-access-key: ${{ needs.aws-auth.outputs.aws-secret-access-key }}
aws-session-token: ${{ needs.aws-auth.outputs.aws-session-token }}
datadog-api-key: ${{ secrets.DATADOG_API_KEY }}
datadog-app-key: ${{ secrets.DATADOG_APP_KEY }}
gpg-passphrase: ${{ secrets.TFPLAN_SECRET }}
publish-tf-plan:
name: Publish Terraform Plan
permissions:
contents: read
pull-requests: write
if: needs.tf-plan.result != 'skipped' || needs.tf-plan.result != 'cancelled'
needs:
- tf-plan
uses: ./.github/workflows/publish-terraform-plan.yml
with:
write-summary: true
write-comment: true
pr-number: ${{ github.event.pull_request.number }}
tf-fmt-outcome: ${{ needs.tf-plan.outputs.fmt-outcome }}
tf-init-outcome: ${{ needs.tf-plan.outputs.init-outcome }}
tf-plan-outcome: ${{ needs.tf-plan.outputs.plan-outcome }}
tf-plan-output: ${{ needs.tf-plan.outputs.plan-output }}
tf-validate-outcome: ${{ needs.tf-plan.outputs.validate-outcome }}
tf-validate-output: ${{ needs.tf-plan.outputs.validate-output }}