ci: bump local-dev image version #260

Workflow file for this run

	name: Infrastructure CD

	on:
	push:
	branches:
	- master
	paths-ignore:
	- 'machine-images/**'
	pull_request:
	repository_dispatch:
	types:
	- golden-image-ci
	workflow_dispatch:

	permissions:
	contents: write

	jobs:
	infrastructure-cd:
	runs-on: ubuntu-latest
	defaults:
	run:
	shell: bash
	env:
	TF_VAR_tenancy_ocid: ${{ vars.TF_VAR_TENANCY_OCID }}
	TF_VAR_user_ocid: ${{ vars.TF_VAR_USER_OCID }}
	TF_VAR_private_key: ${{ secrets.TF_VAR_PRIVATE_KEY }}
	TF_VAR_fingerprint: ${{ vars.TF_VAR_FINGERPRINT }}
	AWS_ACCESS_KEY_ID: ${{ vars.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	if: \|
	github.event_name == 'push' \|\|
	github.event_name == 'pull_request' \|\|
	(github.event_name == 'repository_dispatch' && github.event.client_payload.flag == 'true') \|\|
	github.event_name == 'workflow_dispatch'

	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

	- name: Set up provisioning tool
	uses: hashicorp/setup-terraform@v3
	- name: Initialize provisioning tool
	run: terraform init
	- name: Plan infrastructure changes
	env:
	CERTIFICATE: ${{ secrets.CERTIFICATE }}
	PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
	OCI_INSTANCES_SSH_PUBLIC_KEY: ${{ vars.OCI_INSTANCES_SSH_PUBLIC_KEY }}
	TF_VAR_KEY_VALUE_STORE_PASSWORD: ${{ secrets.KEY_VALUE_STORE_PASSWORD }}
	TF_VAR_vault_cert_private_key: ${{ secrets.VAULT_PRIVATE_KEY }}
	run: \|
	echo "${CERTIFICATE}" > ./certificates/cert.pem
	echo "${PRIVATE_KEY}" > ./certificates/key.pem
	echo -n "${OCI_INSTANCES_SSH_PUBLIC_KEY}" > ./certificates/ssh-key-2024-03-16.key.pub
	echo -n "${OCI_PRIVATE_KEY}" > ./certificates/[email protected]_2024-03-02T19_23_13.049Z.pem
	terraform plan \
	-input=false
	- name: Provision infrastructure
	if: \|
	github.event_name == 'push' \|\|
	github.event_name == 'repository_dispatch' \|\|
	github.event_name == 'workflow_dispatch'
	id: provisioning-infrastructure
	env:
	CERTIFICATE: ${{ secrets.CERTIFICATE }}
	PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
	OCI_INSTANCES_SSH_PUBLIC_KEY: ${{ vars.OCI_INSTANCES_SSH_PUBLIC_KEY }}
	TF_VAR_KEY_VALUE_STORE_PASSWORD: ${{ secrets.KEY_VALUE_STORE_PASSWORD }}
	TF_VAR_vault_cert_private_key: ${{ secrets.VAULT_PRIVATE_KEY }}
	run: \|
	echo "${CERTIFICATE}" > ./certificates/cert.pem
	echo "${PRIVATE_KEY}" > ./certificates/key.pem
	echo -n "${OCI_INSTANCES_SSH_PUBLIC_KEY}" > ./certificates/ssh-key-2024-03-16.key.pub
	echo -n "${OCI_PRIVATE_KEY}" > ./certificates/[email protected]_2024-03-02T19_23_13.049Z.pem
	terraform apply \
	-auto-approve \
	-input=false
	- name: Commit imported variables
	if: steps.provisioning-infrastructure.conclusion == 'success'
	continue-on-error: true
	run: \|
	git config --local user.email "github-actions[bot]@users.noreply.github.com"
	git config --local user.name "github-actions[bot]"
	git add machine-images/imported-vars.pkr.hcl
	git commit -m "github-actions[bot]: Updated imported variables for machine images"
	- name: Push changes
	if: steps.provisioning-infrastructure.conclusion == 'success'
	uses: ad-m/github-push-action@master
	with:
	github_token: ${{ secrets.PUSH_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: bump local-dev image version #260

Workflow file

ci: bump local-dev image version #260

Jobs

Run details

Workflow file for this run