Assemble inventory #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Assemble inventory | |
| on: | |
| workflow_dispatch: | |
| jobs: | |
| generate_inventory: | |
| runs-on: kubernetes | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set env | |
| run: echo "BRANCH_NAME=update/inventory" >> $GITHUB_ENV | |
| - name: Terraform init | |
| run: terraform init | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.TF_STATE_BUCKET_ACC_KEY }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.TF_STATE_BUCKET_SEC_KEY }} | |
| - name: Generate inventory | |
| id: generate-inventory | |
| run: ./ci/assemble_inventory.sh > /cache/current-inventory | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.TF_STATE_BUCKET_ACC_KEY }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.TF_STATE_BUCKET_SEC_KEY }} | |
| - name: Check if inventory is cached | |
| id: inventory-cache | |
| run: | | |
| [ -f /cache/inventory-cache ] && verdict=exists || verdict=missing | |
| echo "VERDICT=$verdict" >> "$GITHUB_OUTPUT" | |
| - name: Compare inventories | |
| if: steps.inventory-cache.outputs.VERDICT == 'exists' | |
| id: inventory-comparison | |
| run: ./ci/compare_inventories.sh | |
| - uses: actions/checkout@v4 | |
| name: Check out ansible repo | |
| if: steps.inventory-comparison.outputs.VERDICT == 'is_different' | |
| with: | |
| repository: "KlopfiNet/ansible" | |
| sparse-checkout: inventories | |
| ssh-key: ${{ secrets.KEY_KLOPFI_BOT }} | |
| - name: Update inventory in remote | |
| if: steps.inventory-comparison.outputs.VERDICT == 'is_different' | |
| run: | | |
| INVENTORY_FILE_NAME=all.ini | |
| cp /cache/current-inventory ./inventories/$INVENTORY_FILE_NAME.ini | |
| git config user.name "klopfi-bot" | |
| git config user.email "[email protected]" | |
| git config push.autoSetupRemote true | |
| if [ $(git ls-remote --heads origin $BRANCH_NAME | grep $BRANCH_NAME | wc -l) -gt 0 ]; then | |
| git checkout $BRANCH_NAME | |
| else | |
| git checkout -b $BRANCH_NAME | |
| fi | |
| git add ./inventories/INVENTORY_FILE_NAME.ini | |
| git commit -m "Update inventory" | |
| git push | |
| - name: Pull request | |
| if: steps.inventory-comparison.outputs.VERDICT == 'is_different' | |
| env: | |
| GH_TOKEN: ${{ secrets.GH_BOT_PAT }} | |
| run: | | |
| if [ -z "$GH_TOKEN" ]; then | |
| echo "::error title=GH_TOKEN_MISSING::Missing env var GH_TOKEN" | |
| exit 1 | |
| else | |
| gh auth login -p ssh --skip-ssh-key | |
| fi | |
| # Check if a PR already exists | |
| if [ $(gh pr list -s open -H $BRANCH_BAME --json id | jq length) -eq 0 ]; then | |
| gh pr create -a ThisIsntTheWay -B $BRANCH_BAME -H master -t "Update inventory" -b "Update inventory" | |
| echo "::notice title=PR_CREATED::A pull request has been created" | |
| else | |
| echo "::notice title=PR_EXISTS::A pull request is already active" | |
| fi | |
| - name: Cache new inventory | |
| id: cache-inventory-save | |
| run: cp /cache/current-inventory /cache/inventory-cache |