-
Notifications
You must be signed in to change notification settings - Fork 2
166 lines (163 loc) · 6.45 KB
/
run.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
name: Sync Terraform Modules
run-name: sync
on:
workflow_dispatch:
inputs:
cloud-id:
description: "Which cloud to sync (aws, azure, gcp, all)"
required: true
default: "all"
type: choice
options:
- all
- aws
- azure
- gcp
repo_ref:
description: "Which tag/branch to select from the source repo"
default: "main"
type: string
jobs:
generate-matrix:
name: Generate Matrix
runs-on: ubuntu-latest
outputs: # this job outputs a matrix for the next job
clouds: ${{ steps.process_cloud_choice.outputs.clouds }}
steps: # this step looks at the cloud inputs and creates a relevant matrix for the next job
- name: Process choice of cloud(s) for matrix
id: process_cloud_choice
run: |
if [[ "${{ inputs.cloud-id }}" == "aws" ]]; then
echo "clouds={ \"selected_clouds\" : [ \"aws\" ] }" >> $GITHUB_OUTPUT
elif [[ "${{ inputs.cloud-id }}" == "azure" ]]; then
echo "clouds={ \"selected_clouds\" : [ \"azure\" ] }" >> $GITHUB_OUTPUT
elif [[ "${{ inputs.cloud-id }}" == "gcp" ]]; then
echo "clouds={ \"selected_clouds\" : [ \"gcp\" ] }" >> $GITHUB_OUTPUT
elif [[ "${{ inputs.cloud-id }}" == "all" ]]; then
echo "clouds={ \"selected_clouds\" : [ \"aws\", \"azure\", \"gcp\" ] }" >> $GITHUB_OUTPUT
fi
generate-docs:
name: Generate ${{ matrix.cloudid }} module docs
runs-on: ubuntu-latest
needs: generate-matrix
strategy:
fail-fast: false # treat each job as separate
matrix: # matrix comes from previous job
cloudid: ${{ fromJSON(needs.generate-matrix.outputs.clouds).selected_clouds }}
steps:
- name: Set cloud-specific repo env
run: |
if [[ "${{ matrix.cloudid }}" == "aws" ]]; then
echo "repo=terraform-aws-swfw-modules" >> $GITHUB_ENV
elif [[ "${{ matrix.cloudid }}" == "azure" ]]; then
echo "repo=terraform-azurerm-swfw-modules" >> $GITHUB_ENV
elif [[ "${{ matrix.cloudid }}" == "gcp" ]]; then
echo "repo=terraform-google-swfw-modules" >> $GITHUB_ENV
fi
- name: Checkout module repo for ${{ matrix.cloudid }}
uses: actions/checkout@v3
with:
repository: PaloAltoNetworks/${{ env.repo }}
path: ${{ env.repo }}
ref: "${{ inputs.repo_ref }}"
- name: Checkout local scripts
# if: steps.check_commit.outputs.changes != 'false'
uses: actions/checkout@v3
with:
path: "scripts"
- name: Setup Python
# if: steps.check_commit.outputs.changes != 'false'
uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: "pip" # caching pip dependencies
- name: Install Python Dependencies
# if: steps.check_commit.outputs.changes != 'false'
run: |
python -m pip install --upgrade pip
pip install -r ./scripts/requirements.txt
- name: Generate module readmes for pan.dev
# if: steps.check_commit.outputs.changes != 'false'
run: |
tree .
python ./scripts/process_modules_readmes.py "./${{ env.repo }}/modules" "./output/vmseries/modules"
python ./scripts/process_modules_readmes.py --type refarch "./${{ env.repo }}/examples" "./output/vmseries/reference-architectures"
python ./scripts/process_modules_readmes.py --type example "./${{ env.repo }}/examples" "./output/vmseries/examples"
- name: Save module readmes
# if: steps.check_commit.outputs.changes != 'false'
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.cloudid }}
path: output
sync-to-pan-dev:
name: Sync to pan.dev
runs-on: ubuntu-latest
needs: generate-docs
env:
SWFW_DIR: pan.dev/products/terraform/docs/swfw
steps:
- name: Download module readmes
uses: actions/download-artifact@v3
with:
path: output
- name: Checkout pan.dev repo
uses: actions/checkout@v3
with:
repository: PaloAltoNetworks/pan.dev
path: pan.dev
- name: Print output
run: |
tree output
- name: Print pan.dev
run: |
tree "$SWFW_DIR"
- name: Add generated docs to pan.dev
run: |
if [ -d output/aws ]; then
rm -rf "$SWFW_DIR/aws/modules/*"
rm -rf "$SWFW_DIR/aws/reference-architectures/*"
rsync -av output/aws/ "$SWFW_DIR/aws/"
fi
if [ -d output/azure ]; then
rm -rf "$SWFW_DIR/azure/modules/*"
rm -rf "$SWFW_DIR/azure/reference-architectures/*"
rsync -av output/azure/ "$SWFW_DIR/azure/"
fi
if [ -d output/gcp ]; then
rm -rf "$SWFW_DIR/gcp/modules/*"
rm -rf "$SWFW_DIR/gcp/reference-architectures/*"
rsync -av output/gcp/ "$SWFW_DIR/gcp/"
fi
- name: Print pan.dev after
run: |
tree "$SWFW_DIR"
cd "$SWFW_DIR" && git status
- name: Generate GitHub token
id: generate-token
uses: tibdex/github-app-token@v1
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
installation_id: ${{ secrets.APP_INSTALL_ID }}
- name: Create pull request
uses: peter-evans/create-pull-request@v5
id: create-pull-request
with:
token: ${{ steps.generate-token.outputs.token }}
path: pan.dev
branch: sync-${{ inputs.cloud-id }}-terraform-module-docs
delete-branch: true
commit-message: "Sync ${{ inputs.cloud-id }} Terraform module documentation"
title: "Sync ${{ inputs.cloud-id }} Terraform module documentation to pan.dev"
body: "This PR was automatically generated by a workflow."
- name: Pull Request results
run: |
echo "${{ toJSON(steps.create-pull-request.outputs) }}"
- name: Print no pull request
if: steps.create-pull-request.outputs.pull-request-number == ''
run: |
echo "::notice ::No action taken, no changes to commit"
- name: Print pull request
if: steps.create-pull-request.outputs.pull-request-number
run: |
echo "::notice ::PR ${{ steps.create-pull-request.outputs.pull-request-operation }}: ${{ steps.create-pull-request.outputs.pull-request-url }}"