From 44af498b60fa1427d0a494a005cbad51900fbdee Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com> Date: Sun, 1 Dec 2024 02:31:47 +0000 Subject: [PATCH] fix: grept apply --- .github/workflows/e2e.yml | 96 ++++++++--------------------- .github/workflows/linting.yml | 6 +- .github/workflows/version-check.yml | 2 +- avm | 8 ++- avm.bat | 2 +- main.tf | 3 + 6 files changed, 42 insertions(+), 75 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 7bb2c47..920ab58 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -1,71 +1,29 @@ --- -name: e2e test + name: test examples + on: + pull_request: + types: ['opened', 'reopened', 'synchronize'] + merge_group: + workflow_dispatch: + + jobs: + check: + runs-on: ubuntu-latest + steps: + - name: Checking for Fork + shell: pwsh + run: | + $isFork = "${{ github.event.pull_request.head.repo.fork }}" + if($isFork -eq "true") { + echo "### WARNING: This workflow is disabled for forked repositories. Please follow the [release branch process](https://azure.github.io/Azure-Verified-Modules/contributing/terraform/terraform-contribution-flow/#5-create-a-pull-request-to-the-upstream-repository) if end to end tests are required." >> $env:GITHUB_STEP_SUMMARY + } -on: - pull_request: - types: ['opened', 'reopened', 'synchronize'] - merge_group: - workflow_dispatch: - -permissions: - contents: read - id-token: write - -jobs: - getexamples: - if: github.event.repository.name != 'terraform-azurerm-avm-template' - runs-on: ubuntu-latest - outputs: - examples: ${{ steps.getexamples.outputs.examples }} - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 - - name: get examples - id: getexamples - uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-getexamples@main - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - - testexamples: - if: github.event.repository.name != 'terraform-azurerm-avm-template' - runs-on: [ self-hosted, 1ES.Pool=terraform-azurerm-avm-res-compute-disk ] - needs: getexamples - environment: test - env: - TF_IN_AUTOMATION: 1 - TF_VAR_enable_telemetry: false - strategy: - matrix: - example: ${{ fromJson(needs.getexamples.outputs.examples) }} - fail-fast: false - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 - - - name: Test example - shell: bash - run: | - set -e - MAX_RETRIES=10 - RETRY_COUNT=0 - until [ $RETRY_COUNT -ge $MAX_RETRIES ] - do - az login --identity --username $MSI_ID > /dev/null && break - RETRY_COUNT=$[$RETRY_COUNT+1] - sleep 10 - done - if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then - echo "Failed to login after $MAX_RETRIES attempts." - exit 1 - fi - export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id') - export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId') - export ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId') - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make test-example - - # This job is only run when all the previous jobs are successful. - # We can use it for PR validation to ensure all examples have completed. - testexamplescomplete: - if: github.event.repository.name != 'terraform-azurerm-avm-template' - runs-on: ubuntu-latest - needs: testexamples - steps: - - run: echo "All tests passed" + run-e2e-tests: + if: github.event.pull_request.head.repo.fork == false + uses: Azure/terraform-azurerm-avm-template/.github/workflows/test-examples-template.yml@main + name: end to end + secrets: inherit + permissions: + id-token: write + contents: read + \ No newline at end of file diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 254164d..864db46 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: check docs uses: Azure/terraform-azurerm-avm-template/.github/actions/docs-check@main @@ -32,7 +32,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: lint terraform uses: Azure/terraform-azurerm-avm-template/.github/actions/linting@main @@ -45,7 +45,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: avmfix uses: Azure/terraform-azurerm-avm-template/.github/actions/avmfix@main diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml index c117502..8719641 100644 --- a/.github/workflows/version-check.yml +++ b/.github/workflows/version-check.yml @@ -16,7 +16,7 @@ jobs: if: github.event.repository.name != 'terraform-azurerm-avm-template' runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: Check version uses: Azure/terraform-azurerm-avm-template/.github/actions/version-check@main with: diff --git a/avm b/avm index 6668be7..1c6b0d2 100755 --- a/avm +++ b/avm @@ -18,10 +18,16 @@ if [ -z "$1" ]; then exit 1 fi +# Mount .azure directory if it exists +AZURE_VOLUME="" +if [ -d "$HOME/.azure" ]; then + AZURE_VOLUME="-v $HOME/.azure:/home/runtimeuser/.azure" +fi + # Check if we are running in a container # If we are then just run make directly if [ -z "$AVM_IN_CONTAINER" ]; then - $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm -v /etc/passwd:/etc/passwd -v /etc/group:/etc/group -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1" + $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm $AZURE_VOLUME -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1" else make "$1" fi diff --git a/avm.bat b/avm.bat index cdfa812..6b177be 100644 --- a/avm.bat +++ b/avm.bat @@ -18,6 +18,6 @@ IF "%~1"=="" ( ) REM Run the make target with CONTAINER_RUNTIME -%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1 +%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src --user "1000:1000" -e ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1 ENDLOCAL diff --git a/main.tf b/main.tf index d92a234..ac30f91 100644 --- a/main.tf +++ b/main.tf @@ -59,11 +59,13 @@ resource "azurerm_managed_disk" "this" { dynamic "encryption_settings" { for_each = var.encryption_settings == null ? [] : [var.encryption_settings] + content { enabled = encryption_settings.value.enabled dynamic "disk_encryption_key" { for_each = encryption_settings.value.disk_encryption_key == null ? [] : [encryption_settings.value.disk_encryption_key] + content { secret_url = disk_encryption_key.value.secret_url source_vault_id = disk_encryption_key.value.source_vault_id @@ -71,6 +73,7 @@ resource "azurerm_managed_disk" "this" { } dynamic "key_encryption_key" { for_each = encryption_settings.value.key_encryption_key == null ? [] : [encryption_settings.value.key_encryption_key] + content { key_url = key_encryption_key.value.key_url source_vault_id = key_encryption_key.value.source_vault_id