Merge pull request #293 from ShotaroMatsuya:test/test-1 #233
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Apply | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| TF_VAR_WEBHOOK_PATH: ${{ secrets.WEBHOOK_PATH }} | |
| TF_VAR_github_token: ${{ secrets.TF_VAR_github_token }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| apply: | |
| name: Apply | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| dir: [ | |
| terraform/keeping, | |
| terraform/scheduling | |
| ] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 2 | |
| - name: Find PR associated with the commit | |
| id: pr_search | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| PR_NUMBER="$(git log -1 --pretty=format:%B | grep 'Merge pull request #' | cut -d '#' -f2 | cut -d ' ' -f1)" | |
| echo "Associated PR number is ${PR_NUMBER}" | |
| echo "pr_number=${PR_NUMBER}" >> "$GITHUB_OUTPUT" | |
| - name: Get PR labels | |
| id: pr_labels | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| PR_NUMBER=${{ steps.pr_search.outputs.pr_number }} | |
| LABELS="$(gh pr view $PR_NUMBER --json labels --jq '.labels[].name'| tr '\n' ' ')" | |
| echo "Labels are ${LABELS}" | |
| echo "labels=${LABELS}" >> "$GITHUB_OUTPUT" | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/minecraft-test-github-actions | |
| role-session-name: github-actions-test-session | |
| aws-region: ap-northeast-1 | |
| - name: Set up Python 3.9 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: 3.9 | |
| - name: Install Terraform | |
| if: ${{ !contains(steps.pr_labels.outputs.labels, 'no-apply') }} | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: 1.7.5 | |
| - name: Create Mapping Yaml | |
| if: ${{ matrix.dir == 'terraform/scheduling' && !contains(steps.pr_labels.outputs.labels, 'no-apply') }} | |
| working-directory: ${{ matrix.dir }} | |
| run: | | |
| cat << EOF > secrets.yaml | |
| OPS: ${{ secrets.WHITELIST_PLAYERS }} | |
| WHITELIST: ${{ secrets.WHITELIST_PLAYERS }} | |
| WEBHOOK_PATH: ${{ secrets.WEBHOOK_PATH }} | |
| S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }} | |
| S3_PREFIX_NAME: ${{ secrets.S3_PREFIX_NAME }} | |
| FILTERING_STRINGS: ${{ secrets.FILTERING_STRINGS }} | |
| EOF | |
| - name: Apply | |
| if: ${{ !contains(steps.pr_labels.outputs.labels, 'no-apply') }} | |
| run: | | |
| DIFF=$(git diff --name-only HEAD^ terraform/modules ${{ matrix.dir }}) | |
| if [[ ${DIFF} = *keeping* || ${DIFF} = *scheduling* || ${DIFF} = *modules* ]]; then | |
| cd ${{ matrix.dir }} | |
| terraform init -lock=false | |
| terraform get | |
| terraform apply -lock=false -auto-approve | |
| fi | |
| shell: bash |