-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathoriginal.yaml
151 lines (118 loc) · 4.9 KB
/
original.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: "CI"
on:
workflow_dispatch:
inputs:
fmt_outcome:
description: "tf fmt result"
required: true
# code_scan_outcome:
# description: "code scan result"
# required: true
init_outcome:
description: "tf init result"
required: true
plan_outcome:
description: "tf plan result"
required: true
scan_check_outcome:
description: "scan check outcome"
required: true
fmt_logs:
description: "tf logs output"
required: true
code_scan_logs:
description: "code_scan_logs output"
required: true
policy_exec:
description: "policy_exec output"
required: true
plan_logs:
description: "tf plan output"
required: true
jobs:
ci:
name: "Terraform CI - Execution"
runs-on: ubuntu-latest
steps:
- name: Github Check Summary
uses: actions/github-script@v3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
function renderOutcome (outcome) {
if (outcome === 'success') {
return '✅';
} else {
return '❌';
}
}
function renderOutput (output, message = 'No errors') {
if (output) {
return output;
} else {
return message;
}
}
const summary = `
| Check | Description | Status |
|----------------------|-------------------------------------------------------------------------------------------|----------------------------------------------------------|
| Format & Style | Formatting linter that looks for stylistic issues (i.e. \`tf fmt\`) | ${renderOutcome('${{ inputs.fmt_outcome }}')} |
| Code Scan | Scans Terraform Code using tools such as "terrascan" to look for security or other issues | ${renderOutcome('${{ inputs.code_scan_outcome }}')} |
| Initialization | Terraform Initialization, \`tf init\` | ${renderOutcome('${{ inputs.init_outcome }}')} |
| Plan | Terraform Plan, \`tf plan\` | ${renderOutcome('${{ inputs.plan_outcome }}')} |
| Policy Check | Policies written using Open Policy Agent that are run against the \`tf plan\` output | ${renderOutcome('${{ inputs.scan_check_outcome }}')} |
---
**Author:** @${{ github.actor }}
**Latest Commit:** ${{ github.event.pull_request.head.sha }}
`.trim();
const text = `
#### Terraform - Code Scan (Super Linter)
View the full **Code Scan** output below.
<details><summary>Show Results</summary>
\`\`\`bash
${renderOutput(`${{ inputs.code_scan_logs }}`)}
\`\`\`
</details>
---
#### Terraform - Format
View the full **terraform fmt** output below.
<details><summary>Show Results</summary>
\`\`\`bash
${renderOutput(`${{ inputs.fmt_logs.content }}`)}
\`\`\`
</details>
---
#### Policy - Check
View the full \`policy check\` output below.
<details><summary>Show Results</summary>
\`\`\`json
${renderOutput(JSON.stringify(JSON.parse('${{ inputs.policy_exec }}'), null, 2))}
\`\`\`
</details>
---
#### Terraform - Plan
View the full **terraform plan** output below.
<details><summary>Show Plan</summary>
\`\`\`bash
${renderOutput(`${{ inputs.plan_logs}}`)}
\`\`\`
</details>
`.trim();
const baseParams = {
owner: '${{ github.repository_owner }}',
repo: '${{ github.event.repository.name }}',
};
const result = await github.checks.create({
head_sha: '${{ github.event.pull_request.head.sha }}',
name: 'Terraform CI - Summary',
owner: '${{ github.repository_owner }}',
repo: '${{ github.event.repository.name }}',
conclusion: '${{ job.status }}',
output: {
title: 'Terraform CI - Summary',
text,
summary
}
});
core.info(JSON.stringify(result.data));
core.info(JSON.stringify({ status: result.status, url: result.url }));