Skip to content

Commit

Permalink
[EC-138] Add Terraform configuration to manage repository settings (#253
Browse files Browse the repository at this point in the history
)
  • Loading branch information
Krusty93 authored Feb 9, 2024
1 parent 45ff3df commit cb11242
Show file tree
Hide file tree
Showing 26 changed files with 363 additions and 416 deletions.
17 changes: 3 additions & 14 deletions .github/workflows/opex_api.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
name: Opex Dashboard B4f Onboarding

# Controls when the workflow will run
on:
push:
branches:
Expand All @@ -12,30 +11,21 @@ on:

env:
TEMPLATE_DIR: azure-dashboard
ARM_USE_OIDC: true
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID_CD }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
API_NAME: api-selfcare-onboarding
DOCKER_IMAGE_TAG: sha256:04d8ead53c772d23b094c2a395292dc159e6f2905e1b13b5f828f31eac6eb27f

permissions:
id-token: write
contents: read

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
build:
# The type of runner that the job will run on
runs-on: ubuntu-22.04

environment: 'prod-cd'

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Checkout
id: checkout
# from https://github.com/actions/checkout/commits/main
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
persist-credentials: false
Expand All @@ -48,7 +38,6 @@ jobs:
echo "TERRAFORM_VERSION=`cat .terraform-version`" >> $GITHUB_ENV
- name: Setup Terraform
# from https://github.com/hashicorp/setup-terraform/commits/main
uses: hashicorp/setup-terraform@69c00852f1304c321337f45a105731218c2d5544
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
Expand All @@ -58,7 +47,7 @@ jobs:
environment: prod
api-name: ${{ env.API_NAME }}
config: .opex/${{ env.API_NAME }}/env/prod/config.yaml
client-id: ${{ secrets.AZURE_CLIENT_ID_CD }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
client-id: ${{ secrets.ARM_CLIENT_ID }}
tenant-id: ${{ vars.ARM_TENANT_ID }}
subscription-id: ${{ vars.ARM_SUBSCRIPTION_ID }}
docker-version: ${{ env.DOCKER_IMAGE_TAG }}
17 changes: 3 additions & 14 deletions .github/workflows/opex_api_pnpg.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
name: Opex Dashboard B4f Onboarding PNPG

# Controls when the workflow will run
on:
push:
branches:
Expand All @@ -12,30 +11,21 @@ on:

env:
TEMPLATE_DIR: azure-dashboard
ARM_USE_OIDC: true
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID_CD }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
API_NAME: api-selfcare-onboarding-pnpg
DOCKER_IMAGE_TAG: sha256:04d8ead53c772d23b094c2a395292dc159e6f2905e1b13b5f828f31eac6eb27f

permissions:
id-token: write
contents: read

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
build:
# The type of runner that the job will run on
runs-on: ubuntu-22.04

environment: 'prod-cd'

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Checkout
id: checkout
# from https://github.com/actions/checkout/commits/main
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
persist-credentials: false
Expand All @@ -48,7 +38,6 @@ jobs:
echo "TERRAFORM_VERSION=`cat .terraform-version`" >> $GITHUB_ENV
- name: Setup Terraform
# from https://github.com/hashicorp/setup-terraform/commits/main
uses: hashicorp/setup-terraform@69c00852f1304c321337f45a105731218c2d5544
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
Expand All @@ -58,7 +47,7 @@ jobs:
environment: prod
api-name: ${{ env.API_NAME }}
config: .opex/${{ env.API_NAME }}/env/prod/config.yaml
client-id: ${{ secrets.AZURE_CLIENT_ID_CD }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
client-id: ${{ secrets.ARM_CLIENT_ID }}
tenant-id: ${{ vars.ARM_TENANT_ID }}
subscription-id: ${{ vars.ARM_SUBSCRIPTION_ID }}
docker-version: ${{ env.DOCKER_IMAGE_TAG }}
37 changes: 37 additions & 0 deletions .github/workflows/pr_ms.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
name: Code Review onboarding-backend
on:
workflow_dispatch:

pull_request:
types:
- synchronize
- reopened
- ready_for_review
paths:
- '.github/workflows/pr_ms.yml'
- '.github/workflows/release_ms.yml'
- '.github/workflows/release_ms_pnpg.yml'
- '!.devops/**'
- '!helm/**'
- '!**.md'
- '!**ignore'
- '!infra/**'
- '!.terraform-version'
- '!CODEOWNERS'

jobs:

code_review:
uses: pagopa/selfcare-commons/.github/workflows/call_code_review_spring.yml@EC-149-template-git-hub-workflows
name: 'Code Review'
secrets: inherit
if: github.base_ref == 'main' && github.event_name == 'pull_request'
with:
pr_number: ${{ github.event.pull_request.number }}
source_branch: ${{ github.head_ref }}
target_branch: ${{ github.base_ref }}
sonar_key: 'pagopa_selfcare-onboarding-backend'

docker_build:
uses: pagopa/selfcare-commons/.github/workflows/call_code_review_docker.yml@EC-149-template-git-hub-workflows
name: 'Docker'
46 changes: 46 additions & 0 deletions .github/workflows/release_ms.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: Release ms-onboarding-backend

on:
workflow_dispatch:

push:
branches:
- main
- releases/*
paths:
- '!.devops/**'
- '!helm/**'
- '!**.md'
- '!**ignore'
- '!infra/**'
- '!.terraform-version'
- '!CODEOWNERS'

jobs:

release_dev:
uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows
name: '[Dev] OnboardingBackend ms Release'
if: startsWith(github.ref_name, 'releases/') != true
secrets: inherit
with:
environment: dev
dir: 'infra'

release_uat:
uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows
name: '[UAT] OnboardingBackend ms Release'
if: startsWith(github.ref_name, 'releases/')
secrets: inherit
with:
environment: uat
dir: 'infra'

release_prod:
uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows
name: '[Prod] OnboardingBackend ms Release'
if: startsWith(github.ref_name, 'releases/')
secrets: inherit
with:
environment: prod
dir: 'infra'
3 changes: 1 addition & 2 deletions .github/workflows/release_open_api.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,13 @@ on:
branches:
- release-dev
types: [ opened, synchronize, reopened ]
workflow_dispatch: #allow to run github action manually
workflow_dispatch:
permissions:
contents: write
jobs:
build:
runs-on: ubuntu-latest
permissions: write-all
#if: github.event.pull_request.merged == true
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Set up JDK 17
Expand Down
11 changes: 10 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -40,4 +40,13 @@ build/

### VS Code ###
.vscode/
.DS_Store
.DS_Store

**/.terraform/*
*.tfstate
*.tfstate.*
**/.tfsec/*
override.tf
override.tf.json
*_override.tf
*_override.tf.json
1 change: 0 additions & 1 deletion .identity/.terraform-version

This file was deleted.

64 changes: 0 additions & 64 deletions .identity/.terraform.lock.hcl

This file was deleted.

14 changes: 0 additions & 14 deletions .identity/00_data.tf

This file was deleted.

Loading

0 comments on commit cb11242

Please sign in to comment.