mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-06 11:23:48 -05:00
fe6921e243
This changeset accounts for having to explicitly install Terraform and updates our user configuration in several environments to account for team member changes. Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
91 lines
3.0 KiB
YAML
91 lines
3.0 KiB
YAML
name: Verify Infrastructure
|
|
|
|
on:
|
|
schedule:
|
|
# cron format: 'minute hour dayofmonth month dayofweek'
|
|
# this will run at noon UTC every day (7am EST / 8am EDT)
|
|
- cron: '0 12 * * *'
|
|
|
|
jobs:
|
|
check_staging_drift:
|
|
runs-on: ubuntu-latest
|
|
name: Check for drift of staging terraform configuration
|
|
environment: staging
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
# Looks like we need to install Terraform ourselves now!
|
|
# https://github.com/actions/runner-images/issues/10796#issuecomment-2417064348
|
|
- name: Setup Terraform
|
|
uses: hashicorp/setup-terraform@v3
|
|
with:
|
|
terraform_version: "^1.7.5"
|
|
terraform_wrapper: false
|
|
|
|
- name: Check for drift
|
|
uses: dflook/terraform-check@v1
|
|
env:
|
|
AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }}
|
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }}
|
|
TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }}
|
|
TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }}
|
|
with:
|
|
path: terraform/staging
|
|
|
|
check_demo_drift:
|
|
runs-on: ubuntu-latest
|
|
name: Check for drift of demo terraform configuration
|
|
environment: demo
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
ref: 'production'
|
|
|
|
# Looks like we need to install Terraform ourselves now!
|
|
# https://github.com/actions/runner-images/issues/10796#issuecomment-2417064348
|
|
- name: Setup Terraform
|
|
uses: hashicorp/setup-terraform@v3
|
|
with:
|
|
terraform_version: "^1.7.5"
|
|
terraform_wrapper: false
|
|
|
|
- name: Check for drift
|
|
uses: dflook/terraform-check@v1
|
|
env:
|
|
AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }}
|
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }}
|
|
TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }}
|
|
TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }}
|
|
with:
|
|
path: terraform/demo
|
|
|
|
check_prod_drift:
|
|
runs-on: ubuntu-latest
|
|
name: Check for drift of production terraform configuration
|
|
environment: production
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
ref: 'production'
|
|
|
|
# Looks like we need to install Terraform ourselves now!
|
|
# https://github.com/actions/runner-images/issues/10796#issuecomment-2417064348
|
|
- name: Setup Terraform
|
|
uses: hashicorp/setup-terraform@v3
|
|
with:
|
|
terraform_version: "^1.7.5"
|
|
terraform_wrapper: false
|
|
|
|
- name: Check for drift
|
|
uses: dflook/terraform-check@v1
|
|
env:
|
|
AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }}
|
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }}
|
|
TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }}
|
|
TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }}
|
|
with:
|
|
path: terraform/production
|