feat(workflows): Schedule release workflow, use terraform-modules-vmseries-ci-workflows, execute Terratest for examples (plan for PR, deploy for release workflow)

[sebastianczech]

Prerequisites

Before merging this PR, legacy examples needs to be removed in #327 (this PR is not createing Makefiles for legacy examples).

Description

PR delivers:

• new GitHub action with OIDC for AWS
• changes in GitHub workflows for PR and Release
• schedule for Release workflow
• Makefiles for all examples (beside legacy ones) and modules
• makefile.sh script used to execute Terraform and Terratest
• simple tests for all examples (beside legacy ones)

After merging that PR:

• pull requests examples will be tested by Terratest, which is internally calling terraform plan without deploying infrastructure into cloud
• release workflow will be scheduled for every Thursday @1am UTC and it will deploy all examples

Details

1. added .github/actions/plan_apply/action.yml, which is doing make test, not make plan & apply
2. removed .github/workflows/ci.yml and added .github/workflows/pr_ci.yml
3. removed .github/workflows/release.yml and added .github/workflows/release_ci.yml
4. created makefile.sh with actions validate and test (no plan, apply, idempotence as for Azure VM-Series modules)
5. added Makefile for every example
6. added main_test.go with Terratest for every example
7. in every main_test.go for examples do apply when environment variable DO_APPLY is true
8. added Makefile for every module
9. fixed issues with provider in modules/transit_gateway_peering/versions.tf
10. created examples/combined_design_autoscale/example.tfvars by copying examples/combined_design_autoscale/example-no-natgw-lambda-no-vpc.tfvars and setting desired_cap and min_size to 0
11. fixed examples/standalone_vmseries_with_userdata_bootstrap/ e.g. added missing NACL, added missing name prefix (this one example was not yet refactored and adjusted as other examples for reference architectures)
12. fixed issues forexamples/combined_design_autoscale, which were found while running tests e.g. scaling tags
13. fixed issues for examples/isolated_design, which were found while running tests e.g. VPC peering
14. replaced github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/ into github.com/PaloAltoNetworks/vm-series-gh-actions-aws/go/ in test files
15. moved tests/internal/testskeleton and tests/internal/helpers into go/testskeleton and go/helpers
16. extended go/testskeleton

Next steps (proposition)

Before merging this PR:

1. merge refactor: Remove legacy examples #327 to remove legacy examples without Makefile
2. decide if we are going to deploy examples in 1 Terraform version or in all supported (file .github/workflows/release_ci.yml, line 23)

In later stages in new PRs:

1. create new repository terraform-modules-vmseries-tests-skeleton with test skeleton (files currently in go\testskeleton and go\helpers (as test skeleton is going to be used for VM-Series modules for all clouds, not only AWS)
2. add integration tests for modules (folder tests), which are working only with terraform plan (this kind of tests are going to be executed for PR CI)
3. simplify existing integration tests for modules (folder tests), which are deploying every module (this kind of tests are going to be executed for Release CI)
4. extend GitHub workflows to execute modules tests from folder tests for PR CI (only plan) and for Release CI (with apply)
5. define AWS_REGION in repository settings -> secrets and variables -> variables and remove temporary solution from .github/actions/plan_apply/action.yml, lines 46:47

Motivation and Context

In issue #86 there was a need to execute Terratest for modules and examples. In order to automate the process, GitHub actions and workflows needs to be extended.

How Has This Been Tested?

Code was tested on internal clone as described in PaloAltoNetworks/terraform-modules-swfw-ci-workflows#37.

Types of changes

• New feature (non-breaking change which adds functionality)

Checklist

• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes if appropriate.
• All new and existing tests passed.

[sebastianczech]

Only failed actions are for legacy examples, for which Makefiles were not created. After merging #327, this PR will be updated and all actions will succeeded.

[FoSix]

the comments below do not affect the overall: 👍🏻 👍 👍

[sebastianczech]

The root cause for most failing actions is new certificates issued by GitHuh, which impact on OIDC integration and missing new thumbprint in AWS IAM settings for identity provider as described in issue 327.

[FoSix]

👍🏻

[lstadnik]

however I did not test the code, but the PR should be introduced to create the baseline for future development in our CI apply approach.

The assumptions was checked, already discussed and approved.

Great work.

[migara]

Great work 🚀