Merge pull request #1738 from aztfmod/revert-1732-feature/add_ddos_pr… #33

Workflow file for this run

.github/workflows/standalone-networking.yaml at b9e8109

	#
	# Copyright (c) Microsoft Corporation
	# Licensed under the MIT License.
	#

	name: standalone-networking

	on:
	push:
	paths:
	- 'network*'
	- 'modules/networking/**'
	- 'examples/networking/**'
	- '.github/workflows/networking.'

	env:
	TF_CLI_ARGS: "-no-color"
	TF_CLI_ARGS_destroy: "-auto-approve -refresh=false"
	ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
	ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
	ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
	TF_REGISTRY_DISCOVERY_RETRY: 5
	TF_REGISTRY_CLIENT_TIMEOUT: 15
	ROVER_RUNNER: true

	jobs:
	load_scenarios:
	runs-on: ubuntu-latest
	outputs:
	matrix: ${{ steps.load_scenarios.outputs.matrix }}
	steps:
	- uses: actions/checkout@v3
	- id: load_scenarios
	run: \|
	cases=$(cat ./.github/workflows/standalone-networking.json \| jq -c .)
	echo "matrix=${cases}" >> $GITHUB_OUTPUT

	testcases:
	name: test
	runs-on: ubuntu-latest
	needs: load_scenarios

	strategy:
	fail-fast: false
	matrix: ${{fromJSON(needs.load_scenarios.outputs.matrix)}}

	container:
	image: aztfmod/rover:1.5.3-2307.2007
	options: --user 0

	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- name: Create environment variables
	run: \|
	cd ${GITHUB_WORKSPACE}/examples/${{ matrix.config_files }}
	FILE_NAME=$(echo ${{ matrix.config_files }} \| sed 's./..g' \| xargs)
	echo STATE_FILE=${TF_DATA_DIR}/tfstates/${FILE_NAME}.tfstate >> $GITHUB_ENV
	echo PLAN_FILE=${TF_DATA_DIR}/tfstates/${FILE_NAME}.plan >> $GITHUB_ENV
	echo CURRENT_FOLDER=${GITHUB_WORKSPACE}/examples/${{ matrix.config_files }} >> $GITHUB_ENV
	echo PARAMETER_FILES=$(find ${GITHUB_WORKSPACE}/examples/${{ matrix.config_files }} \| grep .tfvars \| sed 's/.*/-var-file=&/' \| xargs) >> $GITHUB_ENV

	- name: Login azure
	run: \|
	az login --service-principal -u '${{ env.ARM_CLIENT_ID }}' -p '${{ env.ARM_CLIENT_SECRET }}' --tenant '${{ env.ARM_TENANT_ID }}'
	az account set -s ${{ env.ARM_SUBSCRIPTION_ID }}

	- name: Terraform Init example
	id: tf_init
	run: \|
	terraform -chdir=${GITHUB_WORKSPACE}/examples \
	init -upgrade=true \| grep -P '^- (?=Downloading\|Using\|Finding\|Installing)\|^[^-]'

	- name: Terraform Plan example
	id: tf_plan
	run: \|
	terraform -chdir=${GITHUB_WORKSPACE}/examples \
	plan \
	${{ env.PARAMETER_FILES }} \
	-var tags='{testing_job_id='"${{ github.run_id }}"'}' \
	-var var_folder_path=${{ env.CURRENT_FOLDER }} \
	-refresh=true \
	-input=false \
	-state=${{ env.STATE_FILE }} \
	-out=${{ env.PLAN_FILE }}

	- name: Terraform Apply example
	id: tf_apply
	if: steps.tf_plan.outcome == 'success'
	run: \|
	terraform -chdir=${GITHUB_WORKSPACE}/examples \
	apply \
	-parallelism=30 \
	-state=${{ env.STATE_FILE }} \
	${{ env.PLAN_FILE }}

	- name: Terraform Destroy planning example
	id: tf_destroy_plan
	if: steps.tf_plan.outcome == 'success'
	run: \|
	terraform -chdir=${GITHUB_WORKSPACE}/examples \
	plan \
	${{ env.PARAMETER_FILES }} \
	-var tags='{testing_job_id='"${{ github.run_id }}"'}' \
	-var var_folder_path=${{ env.CURRENT_FOLDER }} \
	-refresh=true \
	-input=false \
	-destroy \
	-state=${{ env.STATE_FILE }} \
	-out=${{ env.PLAN_FILE }}-destroy

	- name: Terraform Destroy apply example
	id: tf_destroy_apply
	if: steps.tf_destroy_plan.outcome == 'success'
	run: \|
	terraform -chdir=${GITHUB_WORKSPACE}/examples \
	apply \
	-refresh=false \
	-parallelism=30 \
	-auto-approve \
	-state=${{ env.STATE_FILE }} \
	${{ env.PLAN_FILE }}-destroy

	purge:
	name: purge
	runs-on: ubuntu-latest
	if: ${{ failure() \|\| cancelled() }}

	needs: [testcases]

	container:
	image: aztfmod/rover:1.5.3-2307.2007
	options: --user 0

	steps:
	- name: Login azure
	run: \|
	az login --service-principal -u '${{ env.ARM_CLIENT_ID }}' -p '${{ env.ARM_CLIENT_SECRET }}' --tenant '${{ env.ARM_TENANT_ID }}'
	az account set -s ${{ env.ARM_SUBSCRIPTION_ID }}

	- name: Complete purge
	run: \|
	for i in `az monitor diagnostic-settings subscription list -o tsv --query "value[?contains(name, '${{ github.run_id }}' )].name"`; do echo "purging subscription diagnostic-settings: $i" && $(az monitor diagnostic-settings subscription delete --name $i --yes); done
	for i in `az monitor log-profiles list -o tsv --query '[].name'`; do az monitor log-profiles delete --name $i; done
	for i in `az ad group list --query "[?contains(displayName, '${{ github.run_id }}')].id" -o tsv`; do echo "purging Azure AD group: $i" && $(az ad group delete --verbose --group $i \|\| true); done
	for i in `az ad app list --query "[?contains(displayName, '${{ github.run_id }}')].appId" -o tsv`; do echo "purging Azure AD app: $i" && $(az ad app delete --verbose --id $i \|\| true); done
	for i in `az keyvault list-deleted --query "[?tags.testing_job_id=='${{ github.run_id }}'].name" -o tsv`; do az keyvault purge --name $i; done
	for i in `az group list --query "[?tags.testing_job_id=='${{ github.run_id }}'].name" -o tsv`; do echo "purging resource group: $i" && $(az group delete -n $i -y --no-wait \|\| true); done
	for i in `az role assignment list --query "[?contains(roleDefinitionName, '${{ github.run_id }}')].roleDefinitionName" -o tsv`; do echo "purging role assignment: $i" && $(az role assignment delete --role $i \|\| true); done
	for i in `az role definition list --query "[?contains(roleName, '${{ github.run_id }}')].roleName" -o tsv`; do echo "purging custom role definition: $i" && $(az role definition delete --name $i \|\| true); done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #1738 from aztfmod/revert-1732-feature/add_ddos_pr… #33

Workflow file

Merge pull request #1738 from aztfmod/revert-1732-feature/add_ddos_pr… #33

Jobs

Run details

Workflow file for this run