mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-28 02:18:50 +00:00
43b8a97ee1
Bumps [hashicorp/tfc-workflows-github](https://github.com/hashicorp/tfc-workflows-github) from 1.3.0 to 1.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/tfc-workflows-github/releases">hashicorp/tfc-workflows-github's releases</a>.</em></p> <blockquote> <h2>v1.3.1</h2> <ul> <li>Bug fixes and enhancements from <a href="https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.3.1">tfc-workflows-tooling@v1.3.1</a></li> <li>Compiles for Linux regardless of current CPU architecture when using the provided Dockerfile by <a href="https://github.com/ggambetti"><code>@ggambetti</code></a> <a href="https://redirect.github.com/hashicorp/tfc-workflows-tooling/pull/113">hashicorp/tfc-workflows-tooling#113</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/tfc-workflows-github/blob/main/CHANGELOG.md">hashicorp/tfc-workflows-github's changelog</a>.</em></p> <blockquote> <h1>v1.3.1</h1> <ul> <li>Bug fixes and enhancements from <a href="https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.3.1">tfc-workflows-tooling@v1.3.1</a></li> <li>Compiles for Linux regardless of current CPU architecture when using the provided Dockerfile by <a href="https://github.com/ggambetti"><code>@ggambetti</code></a> <a href="https://redirect.github.com/hashicorp/tfc-workflows-tooling/pull/113">hashicorp/tfc-workflows-tooling#113</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="5bd1031f2e"><code>5bd1031</code></a> Merge pull request <a href="https://redirect.github.com/hashicorp/tfc-workflows-github/issues/2974">#2974</a> from hashicorp/release/v1.3.1</li> <li><a href="b2e72f369d"><code>b2e72f3</code></a> fix: link in changelog entry</li> <li><a href="29b0596744"><code>29b0596</code></a> prepare v1.3.1 release</li> <li><a href="3fa28309b9"><code>3fa2830</code></a> Merge pull request <a href="https://redirect.github.com/hashicorp/tfc-workflows-github/issues/2950">#2950</a> from lucymhdavies/patch-1</li> <li><a href="485f3828af"><code>485f382</code></a> Correct links to starter workflow templates</li> <li><a href="0207987bdb"><code>0207987</code></a> Merge pull request <a href="https://redirect.github.com/hashicorp/tfc-workflows-github/issues/1675">#1675</a> from hashicorp/mjyocca/disable-workflows</li> <li><a href="0c302783ed"><code>0c30278</code></a> chore: disable sync workflow</li> <li><a href="9d17c9cb09"><code>9d17c9c</code></a> Merge pull request <a href="https://redirect.github.com/hashicorp/tfc-workflows-github/issues/45">#45</a> from hashicorp/TF-11430/rebrand</li> <li><a href="a39678613f"><code>a396786</code></a> docs: update workflow file refs to HCP Terraform</li> <li><a href="b793b8fe2e"><code>b793b8f</code></a> chore: rename workflow filenames</li> <li>Additional commits viewable in <a href="https://github.com/hashicorp/tfc-workflows-github/compare/v1.3.0...v1.3.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
94 lines
3.1 KiB
YAML
94 lines
3.1 KiB
YAML
name: Continuous Delivery
|
|
on:
|
|
# Used for debugging the workflow by manually calling it
|
|
workflow_dispatch:
|
|
inputs:
|
|
deploy-staging:
|
|
description: "Also deploy to staging. By default the deploy is not executed when triggering this workflow manually."
|
|
type: boolean
|
|
default: false
|
|
required: false
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
# Builds images that match what's default in docker-compose.yml for
|
|
# local development.
|
|
build-dev-images:
|
|
uses: ./.github/workflows/_build_artifacts.yml
|
|
secrets: inherit
|
|
with:
|
|
image_prefix: "dev"
|
|
stage: "debug"
|
|
profile: "debug"
|
|
|
|
# Builds debug images with release binaries for compatibility tests in case the merge_group was skipped.
|
|
build-test-images:
|
|
uses: ./.github/workflows/_build_artifacts.yml
|
|
secrets: inherit
|
|
with:
|
|
image_prefix: "debug"
|
|
stage: "debug"
|
|
profile: "release"
|
|
|
|
# Re-run CI checks to make sure everything's green, since "Merging as administrator"
|
|
# won't trigger these in the merge group.
|
|
ci:
|
|
uses: ./.github/workflows/ci.yml
|
|
secrets: inherit
|
|
with:
|
|
profile: "release"
|
|
stage: "release"
|
|
|
|
deploy-staging:
|
|
if: ${{ github.event_name != 'workflow_dispatch' || inputs.deploy-staging }}
|
|
runs-on: ubuntu-22.04
|
|
environment: gcp_staging
|
|
permissions:
|
|
contents: write
|
|
# Cancel old workflow runs if new code is pushed
|
|
concurrency:
|
|
group: "staging-deploy-${{ github.workflow }}-${{ github.ref }}"
|
|
cancel-in-progress: false
|
|
needs: ci
|
|
env:
|
|
TF_CLOUD_ORGANIZATION: "firezone"
|
|
TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}"
|
|
TF_WORKSPACE: "staging"
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Tool Versions
|
|
id: versions
|
|
uses: marocchino/tool-versions-action@v1.2.0
|
|
- uses: hashicorp/setup-terraform@v3
|
|
with:
|
|
terraform_version: ${{ steps.versions.outputs.terraform }}
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
ref: ${{ github.event.workflow_run.head_branch }}
|
|
- name: Upload Configuration
|
|
uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.3.1
|
|
id: apply-upload
|
|
with:
|
|
workspace: ${{ env.TF_WORKSPACE }}
|
|
# Subdirectory is set in the project settings:
|
|
# https://app.terraform.io/app/firezone/workspaces/staging/settings/general
|
|
directory: "./"
|
|
- name: Create Plan Run
|
|
uses: hashicorp/tfc-workflows-github/actions/create-run@v1.3.1
|
|
id: apply-run
|
|
env:
|
|
TF_VAR_image_tag: '"${{ github.sha }}"'
|
|
with:
|
|
workspace: ${{ env.TF_WORKSPACE }}
|
|
configuration_version:
|
|
${{ steps.apply-upload.outputs.configuration_version_id }}
|
|
- name: Apply
|
|
uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.3.1
|
|
if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
|
|
id: apply
|
|
with:
|
|
run: ${{ steps.apply-run.outputs.run_id }}
|
|
comment: "Apply Run from GitHub Actions CI ${{ github.sha }}"
|