Convert integration AWS ES to gen (+ improve rules in gen format) #2571
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a basic workflow to help you get started with Actions | |
| name: Generator | |
| on: [push, pull_request] | |
| jobs: | |
| pre_job: | |
| # continue-on-error: true # Uncomment once integration is finished | |
| runs-on: ubuntu-latest | |
| # Map a step output to a job output | |
| outputs: | |
| should_skip: ${{ steps.skip_check.outputs.should_skip }} | |
| steps: | |
| - id: skip_check | |
| name: Skip Duplicate Actions | |
| uses: fkirc/[email protected] | |
| with: | |
| concurrent_skipping: 'same_content' | |
| do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' | |
| paths: '["scripts/**", "Makefile", ".github/workflows/generator.yml"]' | |
| test: | |
| needs: pre_job | |
| if: ${{ needs.pre_job.outputs.should_skip != 'true' }} | |
| runs-on: ubuntu-latest | |
| container: | |
| image: "claranet/terraform-ci:latest" | |
| env: | |
| SFX_AUTH_TOKEN: ${{ secrets.SFX_TOKEN }} | |
| TF_VAR_pagerduty_integration_id: ${{ secrets.PAGERDUTY_INTEGRATION }} | |
| TF_VAR_environment: "ci-testing" | |
| # Steps represent a sequence of tasks that will be executed as part of the job | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.5.7 | |
| terraform_wrapper: false | |
| - name: Generate tmp module using example configs preset and import it into example stack | |
| run: | | |
| make init-module internal_generator ${TF_VAR_environment} | |
| for config in scripts/templates/examples/*.yaml; do | |
| for template in variables detector; do | |
| j2 scripts/templates/${template}.tf.j2 ${config} >> modules/internal_generator-${TF_VAR_environment}/gen.tf | |
| done | |
| done | |
| ./scripts/stack/bootstrap.sh | |
| echo -e "module \"generated\" {\nsource=\"../../modules/internal_generator-${TF_VAR_environment}\"\n$(cat common/modules-args.txt)\n}" > examples/stack/detectors.tf | |
| - name: Terraform init | |
| if: env.SFX_AUTH_TOKEN != null | |
| run: terraform -chdir=examples/stack init | |
| - name: Terraform validate | |
| if: env.SFX_AUTH_TOKEN != null | |
| run: terraform -chdir=examples/stack validate | |
| - name: Enable destroy | |
| if: env.SFX_AUTH_TOKEN != null | |
| run: echo "enabled=1" >> $GITHUB_ENV | |
| id: destroy | |
| - name: Terraform Apply | |
| if: env.SFX_AUTH_TOKEN != null | |
| run: echo yes | terraform -chdir=examples/stack apply -input=false -lock=false -refresh=false | |
| - name: Terraform Destroy | |
| if: always() && steps.destroy.outputs.enabled == '1' && env.SFX_AUTH_TOKEN != null | |
| run: echo yes | terraform -chdir=examples/stack destroy -input=false -lock=false -refresh=false | |