[IOPLT-611] Add Load test users (#1063) #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: WEU - Core TF Apply (PROD) | |
| # This pipeline starts automatically when a PR is merged into 'main'. | |
| # | |
| # It is responsible for managing only the legacy part (West Europe), | |
| # ensuring that changes have occurred exclusively within the directories listed in "paths." | |
| # It ignores the folders related to the new mode, indicated by the symbol '!', which denotes an excluded path. | |
| # | |
| # This pipeline will use the terraform.sh script, which first executes a plan and then an apply, both of which must be approved by the team. | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - "src/core/**" | |
| - ".github/workflows/core_deploy_weu.yaml" | |
| - "!src/core/prod/**" | |
| - "!src/core/_modules/**" | |
| - "!.github/workflows/core_deploy.yaml" | |
| permissions: | |
| id-token: write | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-cd | |
| cancel-in-progress: true | |
| env: | |
| ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} | |
| ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
| ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} | |
| ARM_USE_OIDC: true | |
| ARM_USE_AZUREAD: true | |
| ARM_STORAGE_USE_AZUREAD: true | |
| DIR: src/core | |
| AZURE_ENVIRONMENT: prod | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| jobs: | |
| terraform_plan_job: | |
| name: Terraform Plan | |
| runs-on: self-hosted | |
| environment: prod-ci | |
| steps: | |
| - name: Checkout | |
| id: checkout | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| persist-credentials: false | |
| fetch-depth: 0 | |
| - name: Azure Login | |
| id: az_login | |
| uses: azure/login@6b2456866fc08b011acb422a92a4aa20e2c4de32 # v2.1.0 | |
| with: | |
| client-id: ${{ env.ARM_CLIENT_ID }} | |
| tenant-id: ${{ env.ARM_TENANT_ID }} | |
| subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} | |
| - name: Set Terraform Version | |
| id: env_tf_version | |
| run: | | |
| echo "terraform_version=$(cat .terraform-version)" >> $GITHUB_OUTPUT | |
| - uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 | |
| id: terraform_setup | |
| name: Setup Terraform | |
| with: | |
| terraform_version: ${{ steps.env_tf_version.outputs.terraform_version}} | |
| terraform_wrapper: true | |
| - name: Terraform plan | |
| shell: bash | |
| working-directory: ${{ env.DIR }} | |
| env: | |
| AZURE_ENVIRONMENT: prod | |
| run: | | |
| bash ./terraform.sh plan ${{ env.AZURE_ENVIRONMENT }} -lock-timeout=3000s -out=tfplan-${{ env.AZURE_ENVIRONMENT }}-${{ github.sha }} -input=false | |
| - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 | |
| id: artifact_upload | |
| name: Upload plans as artifacts | |
| env: | |
| AZURE_ENVIRONMENT: prod | |
| with: | |
| name: tfplan-output | |
| if-no-files-found: error | |
| path: | | |
| **/tfplan-${{ env.AZURE_ENVIRONMENT }}-* | |
| outputs: | |
| terraform_version: ${{ steps.env_tf_version.outputs.terraform_version}} | |
| terraform_apply_job: | |
| name: Terraform Apply | |
| runs-on: self-hosted | |
| environment: prod-cd | |
| needs: [terraform_plan_job] | |
| steps: | |
| - name: Checkout | |
| id: checkout | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| persist-credentials: false | |
| fetch-depth: 0 | |
| - uses: actions/download-artifact@f44cd7b40bfd40b6aa1cc1b9b5b7bf03d3c67110 | |
| id: artifact_download | |
| name: Download plans as artifact | |
| with: | |
| name: tfplan-output | |
| - name: Azure Login | |
| id: az_login | |
| uses: azure/login@6b2456866fc08b011acb422a92a4aa20e2c4de32 # v2.1.0 | |
| with: | |
| client-id: ${{ env.ARM_CLIENT_ID }} | |
| tenant-id: ${{ env.ARM_TENANT_ID }} | |
| subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} | |
| - uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 | |
| id: terraform_setup | |
| name: Setup Terraform | |
| with: | |
| terraform_version: ${{ needs.terraform_plan_job.outputs.terraform_version }} | |
| terraform_wrapper: true | |
| - name: Terraform init | |
| id: terraform_init | |
| shell: bash | |
| working-directory: ${{ env.DIR }} | |
| env: | |
| AZURE_ENVIRONMENT: prod | |
| run: | | |
| bash ./terraform.sh init ${{ env.AZURE_ENVIRONMENT }} | |
| - name: Terraform apply | |
| id: terraform_apply | |
| shell: bash | |
| working-directory: ${{ env.DIR }} | |
| env: | |
| AZURE_ENVIRONMENT: prod | |
| run: | | |
| terraform apply -lock-timeout=3000s -auto-approve -input=false tfplan-${{ env.AZURE_ENVIRONMENT }}-${{ github.sha }} |