diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index b2ac22c..ce01449 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -41,53 +41,13 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 - name: Test example - shell: bash + uses: Azure/terraform-azurerm-avm-template/.github/actions/1es-runner-auth-docker@main env: SECRETS_CONTEXT: ${{ toJson(secrets) }} VARS_CONTEXT: ${{ toJson(vars) }} - run: | - set -e - MAX_RETRIES=10 - RETRY_COUNT=0 - until [ $RETRY_COUNT -ge $MAX_RETRIES ] - do - az login --identity --username $MSI_ID > /dev/null && break - RETRY_COUNT=$[$RETRY_COUNT+1] - sleep 10 - done - if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then - echo "Failed to login after $MAX_RETRIES attempts." - exit 1 - fi - - declare -A secrets - eval "$(echo $SECRETS_CONTEXT | jq -r 'to_entries[] | @sh "secrets[\(.key|tostring)]=\(.value|tostring)"')" - - declare -A variables - eval "$(echo $VARS_CONTEXT | jq -r 'to_entries[] | @sh "variables[\(.key|tostring)]=\(.value|tostring)"')" - - for key in "${!secrets[@]}"; do - if [[ $key = \TF_VAR_* ]]; then - lowerKey=$(echo "$key" | tr '[:upper:]' '[:lower:]') - finalKey=${lowerKey/tf_var_/TF_VAR_} - export "$finalKey"="${secrets[$key]}" - fi - done - - for key in "${!variables[@]}"; do - if [[ $key = \TF_VAR_* ]]; then - lowerKey=$(echo "$key" | tr '[:upper:]' '[:lower:]') - finalKey=${lowerKey/tf_var_/TF_VAR_} - export "$finalKey"="${variables[$key]}" - fi - done - - echo -e "Custom environment variables:\n$(env | grep TF_VAR_ | grep -v ' "TF_VAR_')" - - export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id') - export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId') - export ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId') - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true --env-file <(env | grep TF_VAR_ | grep -v ' "TF_VAR_') mcr.microsoft.com/azterraform:latest make test-example + with: + docker-params: -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} + makefile-target: test-example # This job is only run when all the previous jobs are successful. # We can use it for PR validation to ensure all examples have completed. diff --git a/.github/workflows/terraform-test.yml b/.github/workflows/terraform-test.yml new file mode 100644 index 0000000..3115b10 --- /dev/null +++ b/.github/workflows/terraform-test.yml @@ -0,0 +1,31 @@ +--- +name: terraform test + +on: + pull_request: + types: ['opened', 'reopened', 'synchronize'] + merge_group: + workflow_dispatch: + +permissions: + contents: read + id-token: write + +jobs: + terraformtest: + if: github.event.repository.name != 'terraform-azurerm-avm-template' + runs-on: [ self-hosted, 1ES.Pool=terraform-azurerm-avm-template ] + environment: test + env: + TF_IN_AUTOMATION: 1 + TF_VAR_enable_telemetry: false + steps: + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + + - name: Terraform test + uses: Azure/terraform-azurerm-avm-template/.github/actions/1es-runner-auth-docker@main + env: + SECRETS_CONTEXT: ${{ toJson(secrets) }} + VARS_CONTEXT: ${{ toJson(vars) }} + with: + makefile-target: terraform-test