From 5d7cd837b286080fa8f38912fdcb867544d571fd Mon Sep 17 00:00:00 2001 From: jandroav Date: Wed, 3 Jan 2024 14:00:25 +0100 Subject: [PATCH 01/52] chore(generate.yml): add environment variables for Spacelift API key to create-action-repo job chore(generate.yml): remove TF_VAR_BOT_TOKEN environment variable from plan and apply steps chore(main.tf): update terraform backend configuration to use remote backend on spacelift.io for the liquibase organization and workspace "liquibase-github-actions" --- .github/workflows/generate.yml | 8 ++++---- main.tf | 3 ++- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 90bccec..277ed31 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -26,6 +26,10 @@ jobs: path: commands.json create-action-repo: + env: + SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} + SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} + SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} runs-on: ubuntu-latest needs: [ create-command-list ] steps: @@ -57,8 +61,6 @@ jobs: id: plan run: terraform plan -no-color continue-on-error: true - env: - TF_VAR_BOT_TOKEN: ${{ secrets.GHA_GENERATOR_ADMIN_TOKEN }} - name: Terraform Plan Status if: steps.plan.outcome == 'failure' @@ -66,8 +68,6 @@ jobs: - name: Terraform Apply run: terraform apply -auto-approve - env: - TF_VAR_BOT_TOKEN: ${{ secrets.GHA_GENERATOR_ADMIN_TOKEN }} generate-action: runs-on: ubuntu-latest diff --git a/main.tf b/main.tf index 4ef790c..bd0ce8f 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,6 @@ terraform { - cloud { + backend "remote" { + hostname = "spacelift.io" organization = "liquibase" workspaces { name = "liquibase-github-actions" From ca021fc5ca4e607e7f5bb79feaa1e71716fb9399 Mon Sep 17 00:00:00 2001 From: jandroav Date: Wed, 3 Jan 2024 14:10:00 +0100 Subject: [PATCH 02/52] chore(main.tf): remove unused backend configuration in terraform block --- main.tf | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/main.tf b/main.tf index bd0ce8f..4c2770f 100644 --- a/main.tf +++ b/main.tf @@ -1,11 +1,5 @@ terraform { - backend "remote" { - hostname = "spacelift.io" - organization = "liquibase" - workspaces { - name = "liquibase-github-actions" - } - } + required_providers { github = { source = "integrations/github" From 1693d3dc7a729a9ba60ff6dbc01603a6ef239468 Mon Sep 17 00:00:00 2001 From: jandroav Date: Wed, 3 Jan 2024 14:13:30 +0100 Subject: [PATCH 03/52] chore(main.tf): add remote backend configuration for Terraform to use Spacelift.io as the backend feat(main.tf): configure Terraform to use the "liquibase-github-actions" workspace in the "liquibase" organization on Spacelift.io as the backend --- main.tf | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 4c2770f..bd0ce8f 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,11 @@ terraform { - + backend "remote" { + hostname = "spacelift.io" + organization = "liquibase" + workspaces { + name = "liquibase-github-actions" + } + } required_providers { github = { source = "integrations/github" From d36f91db9baa7616df8ea128771f2c577fb2e178 Mon Sep 17 00:00:00 2001 From: jandroav Date: Wed, 3 Jan 2024 14:25:08 +0100 Subject: [PATCH 04/52] chore(generate.yml): remove unnecessary Terraform setup step The Terraform setup step was removed because it is not needed for the current workflow. --- .github/workflows/generate.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 277ed31..b79a5a3 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -35,11 +35,6 @@ jobs: steps: - uses: actions/checkout@v3 - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} - - uses: actions/download-artifact@v3 with: name: commands-$LIQUIBASE_VERSION From e2a203be0e1c13b218709fa341738956a7709121 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 12:49:52 +0100 Subject: [PATCH 05/52] chore(generate.yml): update environment variable names for Spacelift API key fix(generate.yml): add -lock=false flag to terraform plan and terraform apply commands to prevent locking the state file during execution --- .github/workflows/generate.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index b79a5a3..33d80a5 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -27,9 +27,8 @@ jobs: create-action-repo: env: - SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} - SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} - SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} + TF_TOKEN_spacelift_io: ${{ secrets.SPACELIFT_API_KEY }} + runs-on: ubuntu-latest needs: [ create-command-list ] steps: @@ -54,7 +53,7 @@ jobs: - name: Terraform Plan id: plan - run: terraform plan -no-color + run: terraform plan -no-color -lock=false continue-on-error: true - name: Terraform Plan Status @@ -62,7 +61,7 @@ jobs: run: exit 1 - name: Terraform Apply - run: terraform apply -auto-approve + run: terraform apply -auto-approve -lock=false generate-action: runs-on: ubuntu-latest From 35755c65c74f5e95553b5d595e99cfea348ea4e1 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 13:24:46 +0100 Subject: [PATCH 06/52] chore(generate.yml): add environment variable TF_VAR_BOT_TOKEN to provide the admin token for the generator action repository chore(generate.yml): add environment variable TF_TOKEN_spacelift_io to provide the Spacelift API key for the generator action repository --- .github/workflows/generate.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 33d80a5..8bd7cf6 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -27,6 +27,7 @@ jobs: create-action-repo: env: + TF_VAR_BOT_TOKEN: ${{ secrets.GHA_GENERATOR_ADMIN_TOKEN }} TF_TOKEN_spacelift_io: ${{ secrets.SPACELIFT_API_KEY }} runs-on: ubuntu-latest From 6463faa085fc037f189985729f34b209c113ef39 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 13:35:09 +0100 Subject: [PATCH 07/52] chore(main.tf): remove unused backend configuration in terraform file --- main.tf | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/main.tf b/main.tf index bd0ce8f..4c2770f 100644 --- a/main.tf +++ b/main.tf @@ -1,11 +1,5 @@ terraform { - backend "remote" { - hostname = "spacelift.io" - organization = "liquibase" - workspaces { - name = "liquibase-github-actions" - } - } + required_providers { github = { source = "integrations/github" From 1eba2958813988fe2f7edb3b5fc96baa1cfbc611 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 13:36:39 +0100 Subject: [PATCH 08/52] chore(main.tf): add remote backend configuration for Terraform to use Spacelift.io as the backend feat(main.tf): configure Terraform to use the "liquibase-github-actions" workspace in the "liquibase" organization on Spacelift.io as the backend --- main.tf | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 4c2770f..bd0ce8f 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,11 @@ terraform { - + backend "remote" { + hostname = "spacelift.io" + organization = "liquibase" + workspaces { + name = "liquibase-github-actions" + } + } required_providers { github = { source = "integrations/github" From 7014c8cfb43f0aa9463c9cb8c4109852c7e2501d Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 13:43:18 +0100 Subject: [PATCH 09/52] fix(generate.yml): remove unnecessary -lock=false flag from terraform apply command The -lock=false flag is not necessary for the terraform apply command. Removing it improves the readability of the command and avoids confusion. --- .github/workflows/generate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 8bd7cf6..689cd71 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -62,7 +62,7 @@ jobs: run: exit 1 - name: Terraform Apply - run: terraform apply -auto-approve -lock=false + run: terraform apply -auto-approve generate-action: runs-on: ubuntu-latest From 76a10c3228b616e4e56643b934700657e5f282d8 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 13:48:35 +0100 Subject: [PATCH 10/52] fix(generate.yml): add -lock=false flag to terraform apply command to prevent locking the state file during apply feat(generate.yml): add Terraform State Push step to push errored.tfstate file to remote state backend, even if previous steps failed --- .github/workflows/generate.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 689cd71..d155670 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -62,7 +62,12 @@ jobs: run: exit 1 - name: Terraform Apply - run: terraform apply -auto-approve + run: terraform apply -auto-approve -lock=false + continue-on-error: true + + - name: Terraform State Push + run: terraform state push errored.tfstate + continue-on-error: true generate-action: runs-on: ubuntu-latest From 1710f567f502ae3e593350757b43029d204bbf04 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 13:53:04 +0100 Subject: [PATCH 11/52] fix(generate.yml): update Terraform State Push step to disable locking to prevent errors during state push --- .github/workflows/generate.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index d155670..603593c 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -66,8 +66,7 @@ jobs: continue-on-error: true - name: Terraform State Push - run: terraform state push errored.tfstate - continue-on-error: true + run: terraform state push errored.tfstate -lock=false generate-action: runs-on: ubuntu-latest From 6eb96b8cfcca380faac8646d5840ec8e806e52f0 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 13:59:30 +0100 Subject: [PATCH 12/52] fix(generate.yml): add -force flag to terraform state push command to force push the errored.tfstate file --- .github/workflows/generate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 603593c..e312fa5 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -66,7 +66,7 @@ jobs: continue-on-error: true - name: Terraform State Push - run: terraform state push errored.tfstate -lock=false + run: terraform state push -lock=false -force errored.tfstate generate-action: runs-on: ubuntu-latest From 6ffa4fe01106e41af820a903870a776cfda9b00b Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 14:04:37 +0100 Subject: [PATCH 13/52] fix(generate.yml): add cat command to print contents of errored.tfstate before pushing state to Terraform backend The `generate.yml` workflow file was modified to add a `cat` command before pushing the state to the Terraform backend. This change was made to print the contents of the `errored.tfstate` file for debugging purposes. --- .github/workflows/generate.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index e312fa5..fc56f12 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -66,7 +66,9 @@ jobs: continue-on-error: true - name: Terraform State Push - run: terraform state push -lock=false -force errored.tfstate + run: | + cat errored.tfstate + terraform state push -lock=false -force errored.tfstate generate-action: runs-on: ubuntu-latest From 0e59cfa5c281290e8906ee21417e42b2fab71a89 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 14:14:01 +0100 Subject: [PATCH 14/52] fix(generate.yml): increment serial number and update terraform version in errored.tfstate file The `generate.yml` workflow file was updated to fix an issue with the `Terraform State Push` step. The following changes were made: - Added a command to display the contents of the `errored.tfstate` file. - Added variables `STATE_FILE`, `current_serial`, and `new_serial` to store the current and new serial numbers. - Incremented the current serial number by 1 and stored it in `new_serial`. - Updated the `errored.tfstate` file by using `jq` to add the new serial number and update the terraform version. - Added a command to display the contents of the updated `errored.tfstate` file. - Updated the `terraform state push` command to use the updated `errored.tfstate` file with the lock disabled and force enabled. --- .github/workflows/generate.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index fc56f12..0f66e4f 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -67,6 +67,13 @@ jobs: - name: Terraform State Push run: | + cat errored.tfstate + STATE_FILE="errored.tfstate" + current_serial=$(jq -r '.serial' "$STATE_FILE") + echo "Current serial: $current_serial" + new_serial=$((current_serial + 1)) + echo "New serial: $new_serial" + jq ". + {\"serial\": $new_serial, \"terraform_version\": \"1.5.7\"}" "$STATE_FILE" > tmpfile && mv tmpfile "$STATE_FILE" cat errored.tfstate terraform state push -lock=false -force errored.tfstate From 045e6bf023706cc0d56536bb01429e9e2fa2903d Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 14:23:46 +0100 Subject: [PATCH 15/52] chore(main.tf): add required_version to terraform block to enforce a specific version of Terraform (1.5.7) chore(main.tf): update backend hostname and organization to match new spacelift.io configuration --- main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/main.tf b/main.tf index bd0ce8f..41ee30c 100644 --- a/main.tf +++ b/main.tf @@ -1,4 +1,5 @@ terraform { + required_version = "1.5.7" backend "remote" { hostname = "spacelift.io" organization = "liquibase" From 8f0ff5bdc6ac1de543282d413013314ca5eb6443 Mon Sep 17 00:00:00 2001 From: Alejandro Alvarez Date: Thu, 4 Jan 2024 14:49:34 +0100 Subject: [PATCH 16/52] downgrade terraform version for spacelift --- .github/workflows/generate.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 90bccec..41e393b 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -35,6 +35,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} + terraform_version: "1.5.7" - uses: actions/download-artifact@v3 with: From cebae87f31dc69a16c3297e1e89b5c1178a90ab2 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 14:51:14 +0100 Subject: [PATCH 17/52] chore(generate.yml): comment out unused steps in the workflow file The unused steps in the generate.yml workflow file have been commented out to improve readability and prevent unnecessary execution of those steps. --- .github/workflows/generate.yml | 123 +++++++++++++++++---------------- 1 file changed, 64 insertions(+), 59 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 0f66e4f..42a4643 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -40,6 +40,11 @@ jobs: name: commands-$LIQUIBASE_VERSION path: ./ + - name: Terraform Setup + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: "1.5.7" + - name: Terraform Format id: fmt run: terraform fmt @@ -54,69 +59,69 @@ jobs: - name: Terraform Plan id: plan - run: terraform plan -no-color -lock=false + run: terraform plan -no-color continue-on-error: true - name: Terraform Plan Status if: steps.plan.outcome == 'failure' run: exit 1 - - name: Terraform Apply - run: terraform apply -auto-approve -lock=false - continue-on-error: true - - - name: Terraform State Push - run: | - cat errored.tfstate - STATE_FILE="errored.tfstate" - current_serial=$(jq -r '.serial' "$STATE_FILE") - echo "Current serial: $current_serial" - new_serial=$((current_serial + 1)) - echo "New serial: $new_serial" - jq ". + {\"serial\": $new_serial, \"terraform_version\": \"1.5.7\"}" "$STATE_FILE" > tmpfile && mv tmpfile "$STATE_FILE" - cat errored.tfstate - terraform state push -lock=false -force errored.tfstate - - generate-action: - runs-on: ubuntu-latest - needs: [ create-command-list, create-action-repo ] - strategy: - matrix: - commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} - steps: - - uses: actions/checkout@v3 - - - run: echo ${{ matrix.commands }} - - - name: Install Protoc - uses: arduino/setup-protoc@v1 - with: - version: '3.x' - repo-token: ${{ secrets.BOT_TOKEN }} - - - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" - - - name: Configure git user - run: | - git config --global init.defaultBranch main - git config --global user.name "liquibot" - git config --global user.email "liquibot@liquibase.org" - - - name: Push Action to Repo - run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION - env: - BOT_TOKEN: ${{ secrets.BOT_TOKEN }} + # - name: Terraform Apply + # run: terraform apply -auto-approve -lock=false + # continue-on-error: true + + # - name: Terraform State Push + # run: | + # cat errored.tfstate + # STATE_FILE="errored.tfstate" + # current_serial=$(jq -r '.serial' "$STATE_FILE") + # echo "Current serial: $current_serial" + # new_serial=$((current_serial + 1)) + # echo "New serial: $new_serial" + # jq ". + {\"serial\": $new_serial, \"terraform_version\": \"1.5.7\"}" "$STATE_FILE" > tmpfile && mv tmpfile "$STATE_FILE" + # cat errored.tfstate + # terraform state push -lock=false -force errored.tfstate + + # generate-action: + # runs-on: ubuntu-latest + # needs: [ create-command-list, create-action-repo ] + # strategy: + # matrix: + # commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} + # steps: + # - uses: actions/checkout@v3 + + # - run: echo ${{ matrix.commands }} + + # - name: Install Protoc + # uses: arduino/setup-protoc@v1 + # with: + # version: '3.x' + # repo-token: ${{ secrets.BOT_TOKEN }} + + # - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" + + # - name: Configure git user + # run: | + # git config --global init.defaultBranch main + # git config --global user.name "liquibot" + # git config --global user.email "liquibot@liquibase.org" + + # - name: Push Action to Repo + # run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION + # env: + # BOT_TOKEN: ${{ secrets.BOT_TOKEN }} - output-action: - runs-on: ubuntu-latest - needs: [ generate-action ] - steps: - - uses: actions/checkout@v3 - - - uses: actions/download-artifact@v3 - with: - name: commands-$LIQUIBASE_VERSION - path: ./ - - - name: Output Action Edit Link - run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" + # output-action: + # runs-on: ubuntu-latest + # needs: [ generate-action ] + # steps: + # - uses: actions/checkout@v3 + + # - uses: actions/download-artifact@v3 + # with: + # name: commands-$LIQUIBASE_VERSION + # path: ./ + + # - name: Output Action Edit Link + # run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" From af4c3079fe1a6eb0c80a9c418d7e59d90c00a99a Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 14:52:02 +0100 Subject: [PATCH 18/52] chore(generate.yml): update hashicorp/setup-terraform action to version 3 to ensure compatibility with the latest features and improvements chore(generate.yml): remove unused cli_config_credentials_token parameter from hashicorp/setup-terraform action --- .github/workflows/generate.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index efcd695..dc5f116 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -36,9 +36,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 + uses: hashicorp/setup-terraform@v3 with: - cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} terraform_version: "1.5.7" - uses: actions/download-artifact@v3 @@ -46,11 +45,6 @@ jobs: name: commands-$LIQUIBASE_VERSION path: ./ - - name: Terraform Setup - uses: hashicorp/setup-terraform@v3 - with: - terraform_version: "1.5.7" - - name: Terraform Format id: fmt run: terraform fmt From 519723f2fa45877c9d5c55c4cd56b358970ca535 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 14:57:03 +0100 Subject: [PATCH 19/52] chore(main.tf): remove unused backend configuration for remote state management chore(main.tf): remove unnecessary workspace configuration for remote state management --- main.tf | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/main.tf b/main.tf index 41ee30c..a2cb4c9 100644 --- a/main.tf +++ b/main.tf @@ -1,12 +1,6 @@ terraform { required_version = "1.5.7" - backend "remote" { - hostname = "spacelift.io" - organization = "liquibase" - workspaces { - name = "liquibase-github-actions" - } - } + required_providers { github = { source = "integrations/github" From 83d86856741b83571062a2f2740fb242a9a8fb6c Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 16:08:01 +0100 Subject: [PATCH 20/52] chore(main.tf): add remote backend configuration for Terraform state management to store state in spacelift.io organization and workspace "liquibase-github-actions" feat(main.tf): update github_repository resource to use for_each to create multiple repositories based on local.commands, and improve resource configuration formatting for better readability --- .terraform.lock.hcl | 24 ------------------------ main.tf | 24 +++++++++++++++--------- 2 files changed, 15 insertions(+), 33 deletions(-) delete mode 100644 .terraform.lock.hcl diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl deleted file mode 100644 index 4444d2d..0000000 --- a/.terraform.lock.hcl +++ /dev/null @@ -1,24 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/integrations/github" { - version = "4.31.0" - constraints = "~> 4.0" - hashes = [ - "h1:fm77HQzGPdMeRGbu6xn/3CtQsHfHbaZdfIhIbgJj1kY=", - "zh:07208ecc74804fbdd554830de79627f3e58633fc417b12dc29aafaceae01e427", - "zh:0dca3802a7ea1ba4812c866bf202e62aef6c8995db8856fdb5b4d1d81b505518", - "zh:24e6a56b34b3e0dca6ca0d6f22d0a31dda6a3256713492902c39ce9edd14acbd", - "zh:42e41fa4e61218973615b7e5d564119bb5c728ee40b881539964cd704632d8c0", - "zh:6aa6bb04fdc00c3c762122e96ee7c19abfb8e42dc5d3a720b5767dbb4cfa274d", - "zh:74ea4bbad825eee831d37940760459786460fe492e1b30acb5c91c9edd14a5ea", - "zh:8e170f6d5e46c08fbc3b5ff251075382f75b53a66a83b7b005099fb99ad94f24", - "zh:9164b611e7318e3d08cc84513d3d8c27bd12336a7721a894cb3d346b60286233", - "zh:91d3397f021c5a9fedff36f84635ffc3169224494629bb4a578356a05091e182", - "zh:b061e1529499bf40f8f14c9c8116787dd50f6fd3d64ad38d77cd39db77e98ae9", - "zh:c9daff626f7a55c01db79b6ccc462948bf854d976c73def306ae9ae09e5afe1b", - "zh:ec7e223ae7d6292b8425b7190e801f1098a647d2aee3132761d37fd75cfcfe07", - "zh:f2001b2a2f7049fc74ffe54d7bc48c9dfec80956f468a2c8a550c5071d077dbd", - "zh:f75ec1e71924c50b346bced15883c626f697ffd3ee6c4bb2835e4170fe65215a", - ] -} diff --git a/main.tf b/main.tf index a2cb4c9..2e7c76d 100644 --- a/main.tf +++ b/main.tf @@ -1,6 +1,12 @@ terraform { required_version = "1.5.7" - + backend "remote" { + hostname = "spacelift.io" + organization = "liquibase" + workspaces { + name = "liquibase-github-actions" + } + } required_providers { github = { source = "integrations/github" @@ -19,12 +25,12 @@ locals { } resource "github_repository" "liquibase-github-actions" { - for_each = toset(local.commands) - name = replace(each.key, " ", "-") - description = "Official GitHub Action to run Liquibase ${title(replace(each.key, "-", " "))}" - visibility = "public" - has_downloads = false - has_issues = false - has_projects = false - has_wiki = false + for_each = toset(local.commands) + name = replace(each.key, " ", "-") + description = "Official GitHub Action to run Liquibase ${title(replace(each.key, "-", " "))}" + visibility = "public" + has_downloads = false + has_issues = false + has_projects = false + has_wiki = false } From 73a7e35e916d85980657648817b77267cb6dc373 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 16:51:19 +0100 Subject: [PATCH 21/52] chore(main.tf): remove unused backend configuration to simplify the Terraform configuration fix(main.tf): update the owner of the GitHub provider to "liquibase" to match the correct organization refactor(main.tf): remove unused resource "github_repository" to clean up the Terraform configuration --- main.tf | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/main.tf b/main.tf index 2e7c76d..a7c66e5 100644 --- a/main.tf +++ b/main.tf @@ -1,12 +1,5 @@ terraform { required_version = "1.5.7" - backend "remote" { - hostname = "spacelift.io" - organization = "liquibase" - workspaces { - name = "liquibase-github-actions" - } - } required_providers { github = { source = "integrations/github" @@ -17,20 +10,11 @@ terraform { provider "github" { token = var.BOT_TOKEN - owner = "liquibase-github-actions" + owner = "liquibase" } locals { commands = jsondecode(file("${path.module}/commands.json")) } -resource "github_repository" "liquibase-github-actions" { - for_each = toset(local.commands) - name = replace(each.key, " ", "-") - description = "Official GitHub Action to run Liquibase ${title(replace(each.key, "-", " "))}" - visibility = "public" - has_downloads = false - has_issues = false - has_projects = false - has_wiki = false -} + From b5e329474dcd70950c0f7fe67707173a57aad33e Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 16:53:15 +0100 Subject: [PATCH 22/52] chore(main.tf): update provider owner from "liquibase" to "liquibase-github-actions" for better clarity and accuracy feat(main.tf): add resource block to create GitHub repositories based on commands defined in commands.json file, with appropriate naming and descriptions --- main.tf | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index a7c66e5..bd335c2 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,6 @@ terraform { required_version = "1.5.7" + required_providers { github = { source = "integrations/github" @@ -10,11 +11,20 @@ terraform { provider "github" { token = var.BOT_TOKEN - owner = "liquibase" + owner = "liquibase-github-actions" } locals { commands = jsondecode(file("${path.module}/commands.json")) } - +resource "github_repository" "liquibase-github-actions" { + for_each = toset(local.commands) + name = replace(each.key, " ", "-") + description = "Official GitHub Action to run Liquibase ${title(replace(each.key, "-", " "))}" + visibility = "public" + has_downloads = false + has_issues = false + has_projects = false + has_wiki = false +} From f011bdf12f76e071bd0b606923740cc4e6a8bf6b Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 17:01:22 +0100 Subject: [PATCH 23/52] chore(.gitignore): remove unused 'commands.json' file from being tracked by git feat(commands.json): add 'commands.json' file containing a list of available commands for the application --- .gitignore | 1 - commands.json | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 commands.json diff --git a/.gitignore b/.gitignore index fd4bf8d..746acc6 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,5 @@ protoc-gen-liquibase notes liquibase_libs .terraform -commands.json action .fleet \ No newline at end of file diff --git a/commands.json b/commands.json new file mode 100644 index 0000000..81b657f --- /dev/null +++ b/commands.json @@ -0,0 +1 @@ +["calculate-checksum","changelog-sync","changelog-sync-sql","changelog-sync-to-tag","changelog-sync-to-tag-sql","checks bulk-set","checks copy","checks create","checks customize","checks delete","checks disable","checks enable","checks reset","checks run","checks show","clear-checksums","connect","db-doc","diff","diff-changelog","drop-all","execute-sql","flow","flow validate","future-rollback-count-sql","future-rollback-from-tag-sql","future-rollback-sql","generate-changelog","history","init copy","init project","init start-h2","list-locks","mark-next-changeset-ran","mark-next-changeset-ran-sql","release-locks","rollback","rollback-count","rollback-count-sql","rollback-one-changeset","rollback-one-changeset-sql","rollback-one-update","rollback-one-update-sql","rollback-sql","rollback-to-date","rollback-to-date-sql","set-contexts","set-labels","snapshot","snapshot-reference","status","tag","tag-exists","unexpected-changesets","update","update-count","update-count-sql","update-one-changeset","update-one-changeset-sql","update-sql","update-testing-rollback","update-to-tag","update-to-tag-sql","validate"] \ No newline at end of file From c217578ef12ce8534cdea50b0492417e9fdd7be3 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 17:04:15 +0100 Subject: [PATCH 24/52] chore(main.tf): update commands list in locals to include all available commands The commands list in locals was updated to include all available commands for the Liquibase GitHub Actions. This ensures that all commands are accounted for and can be used in the Terraform configuration. --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index bd335c2..f8f83f8 100644 --- a/main.tf +++ b/main.tf @@ -15,7 +15,7 @@ provider "github" { } locals { - commands = jsondecode(file("${path.module}/commands.json")) + commands = jsondecode(["calculate-checksum","changelog-sync","changelog-sync-sql","changelog-sync-to-tag","changelog-sync-to-tag-sql","checks bulk-set","checks copy","checks create","checks customize","checks delete","checks disable","checks enable","checks reset","checks run","checks show","clear-checksums","connect","db-doc","diff","diff-changelog","drop-all","execute-sql","flow","flow validate","future-rollback-count-sql","future-rollback-from-tag-sql","future-rollback-sql","generate-changelog","history","init copy","init project","init start-h2","list-locks","mark-next-changeset-ran","mark-next-changeset-ran-sql","release-locks","rollback","rollback-count","rollback-count-sql","rollback-one-changeset","rollback-one-changeset-sql","rollback-one-update","rollback-one-update-sql","rollback-sql","rollback-to-date","rollback-to-date-sql","set-contexts","set-labels","snapshot","snapshot-reference","status","tag","tag-exists","unexpected-changesets","update","update-count","update-count-sql","update-one-changeset","update-one-changeset-sql","update-sql","update-testing-rollback","update-to-tag","update-to-tag-sql","validate"]) } resource "github_repository" "liquibase-github-actions" { From 13d5995c9851c6469746ff379b97413f988c3a2e Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 17:08:03 +0100 Subject: [PATCH 25/52] chore(main.tf): refactor commands variable to use double quotes for consistency and readability --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index f8f83f8..c5158f5 100644 --- a/main.tf +++ b/main.tf @@ -15,7 +15,7 @@ provider "github" { } locals { - commands = jsondecode(["calculate-checksum","changelog-sync","changelog-sync-sql","changelog-sync-to-tag","changelog-sync-to-tag-sql","checks bulk-set","checks copy","checks create","checks customize","checks delete","checks disable","checks enable","checks reset","checks run","checks show","clear-checksums","connect","db-doc","diff","diff-changelog","drop-all","execute-sql","flow","flow validate","future-rollback-count-sql","future-rollback-from-tag-sql","future-rollback-sql","generate-changelog","history","init copy","init project","init start-h2","list-locks","mark-next-changeset-ran","mark-next-changeset-ran-sql","release-locks","rollback","rollback-count","rollback-count-sql","rollback-one-changeset","rollback-one-changeset-sql","rollback-one-update","rollback-one-update-sql","rollback-sql","rollback-to-date","rollback-to-date-sql","set-contexts","set-labels","snapshot","snapshot-reference","status","tag","tag-exists","unexpected-changesets","update","update-count","update-count-sql","update-one-changeset","update-one-changeset-sql","update-sql","update-testing-rollback","update-to-tag","update-to-tag-sql","validate"]) + commands = jsondecode("[\"calculate-checksum\",\"changelog-sync\",\"changelog-sync-sql\",\"changelog-sync-to-tag\",\"changelog-sync-to-tag-sql\",\"checks bulk-set\",\"checks copy\",\"checks create\",\"checks customize\",\"checks delete\",\"checks disable\",\"checks enable\",\"checks reset\",\"checks run\",\"checks show\",\"clear-checksums\",\"connect\",\"db-doc\",\"diff\",\"diff-changelog\",\"drop-all\",\"execute-sql\",\"flow\",\"flow validate\",\"future-rollback-count-sql\",\"future-rollback-from-tag-sql\",\"future-rollback-sql\",\"generate-changelog\",\"history\",\"init copy\",\"init project\",\"init start-h2\",\"list-locks\",\"mark-next-changeset-ran\",\"mark-next-changeset-ran-sql\",\"release-locks\",\"rollback\",\"rollback-count\",\"rollback-count-sql\",\"rollback-one-changeset\",\"rollback-one-changeset-sql\",\"rollback-one-update\",\"rollback-one-update-sql\",\"rollback-sql\",\"rollback-to-date\",\"rollback-to-date-sql\",\"set-contexts\",\"set-labels\",\"snapshot\",\"snapshot-reference\",\"status\",\"tag\",\"tag-exists\",\"unexpected-changesets\",\"update\",\"update-count\",\"update-count-sql\",\"update-one-changeset\",\"update-one-changeset-sql\",\"update-sql\",\"update-testing-rollback\",\"update-to-tag\",\"update-to-tag-sql\",\"validate\"]") } resource "github_repository" "liquibase-github-actions" { From 089744d792295cb58b14afd0e9ffd84837e4b8a6 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 18:32:30 +0100 Subject: [PATCH 26/52] chore(.gitignore): add commands.json to the list of ignored files feat(main.tf): add remote backend configuration for Terraform to store state in spacelift.io organization workspace "liquibase-github-actions" refactor(main.tf): replace hardcoded commands list with reading commands from commands.json file --- .gitignore | 1 + commands.json | 1 - main.tf | 10 ++++++++-- 3 files changed, 9 insertions(+), 3 deletions(-) delete mode 100644 commands.json diff --git a/.gitignore b/.gitignore index 746acc6..fd4bf8d 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,6 @@ protoc-gen-liquibase notes liquibase_libs .terraform +commands.json action .fleet \ No newline at end of file diff --git a/commands.json b/commands.json deleted file mode 100644 index 81b657f..0000000 --- a/commands.json +++ /dev/null @@ -1 +0,0 @@ -["calculate-checksum","changelog-sync","changelog-sync-sql","changelog-sync-to-tag","changelog-sync-to-tag-sql","checks bulk-set","checks copy","checks create","checks customize","checks delete","checks disable","checks enable","checks reset","checks run","checks show","clear-checksums","connect","db-doc","diff","diff-changelog","drop-all","execute-sql","flow","flow validate","future-rollback-count-sql","future-rollback-from-tag-sql","future-rollback-sql","generate-changelog","history","init copy","init project","init start-h2","list-locks","mark-next-changeset-ran","mark-next-changeset-ran-sql","release-locks","rollback","rollback-count","rollback-count-sql","rollback-one-changeset","rollback-one-changeset-sql","rollback-one-update","rollback-one-update-sql","rollback-sql","rollback-to-date","rollback-to-date-sql","set-contexts","set-labels","snapshot","snapshot-reference","status","tag","tag-exists","unexpected-changesets","update","update-count","update-count-sql","update-one-changeset","update-one-changeset-sql","update-sql","update-testing-rollback","update-to-tag","update-to-tag-sql","validate"] \ No newline at end of file diff --git a/main.tf b/main.tf index c5158f5..2e7c76d 100644 --- a/main.tf +++ b/main.tf @@ -1,6 +1,12 @@ terraform { required_version = "1.5.7" - + backend "remote" { + hostname = "spacelift.io" + organization = "liquibase" + workspaces { + name = "liquibase-github-actions" + } + } required_providers { github = { source = "integrations/github" @@ -15,7 +21,7 @@ provider "github" { } locals { - commands = jsondecode("[\"calculate-checksum\",\"changelog-sync\",\"changelog-sync-sql\",\"changelog-sync-to-tag\",\"changelog-sync-to-tag-sql\",\"checks bulk-set\",\"checks copy\",\"checks create\",\"checks customize\",\"checks delete\",\"checks disable\",\"checks enable\",\"checks reset\",\"checks run\",\"checks show\",\"clear-checksums\",\"connect\",\"db-doc\",\"diff\",\"diff-changelog\",\"drop-all\",\"execute-sql\",\"flow\",\"flow validate\",\"future-rollback-count-sql\",\"future-rollback-from-tag-sql\",\"future-rollback-sql\",\"generate-changelog\",\"history\",\"init copy\",\"init project\",\"init start-h2\",\"list-locks\",\"mark-next-changeset-ran\",\"mark-next-changeset-ran-sql\",\"release-locks\",\"rollback\",\"rollback-count\",\"rollback-count-sql\",\"rollback-one-changeset\",\"rollback-one-changeset-sql\",\"rollback-one-update\",\"rollback-one-update-sql\",\"rollback-sql\",\"rollback-to-date\",\"rollback-to-date-sql\",\"set-contexts\",\"set-labels\",\"snapshot\",\"snapshot-reference\",\"status\",\"tag\",\"tag-exists\",\"unexpected-changesets\",\"update\",\"update-count\",\"update-count-sql\",\"update-one-changeset\",\"update-one-changeset-sql\",\"update-sql\",\"update-testing-rollback\",\"update-to-tag\",\"update-to-tag-sql\",\"validate\"]") + commands = jsondecode(file("${path.module}/commands.json")) } resource "github_repository" "liquibase-github-actions" { From a58a494afd3cb643acafce981753f88cb3fc05a2 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 18:35:06 +0100 Subject: [PATCH 27/52] fix(generate.yml): add -lock=false flag to the terraform plan command to disable locking and prevent potential issues with concurrent runs --- .github/workflows/generate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index dc5f116..0e0c940 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -59,7 +59,7 @@ jobs: - name: Terraform Plan id: plan - run: terraform plan -no-color + run: terraform plan -no-color -lock=false continue-on-error: true - name: Terraform Plan Status From 8498233f0157e9dc8d4691b184e59a4bfd253d4e Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 18:40:21 +0100 Subject: [PATCH 28/52] chore(generate.yml): uncomment Terraform Apply and Terraform State Push steps chore(generate.yml): uncomment generate-action and output-action steps The Terraform Apply and Terraform State Push steps were uncommented to enable the execution of Terraform apply and state push commands. This is necessary for the deployment and management of infrastructure resources. The generate-action and output-action steps were also uncommented to enable the generation of commands and the output of the action edit link. These steps are crucial for the overall workflow and automation process. --- .github/workflows/generate.yml | 116 ++++++++++++++++----------------- 1 file changed, 58 insertions(+), 58 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 0e0c940..1f07450 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -66,62 +66,62 @@ jobs: if: steps.plan.outcome == 'failure' run: exit 1 - # - name: Terraform Apply - # run: terraform apply -auto-approve -lock=false - # continue-on-error: true - - # - name: Terraform State Push - # run: | - # cat errored.tfstate - # STATE_FILE="errored.tfstate" - # current_serial=$(jq -r '.serial' "$STATE_FILE") - # echo "Current serial: $current_serial" - # new_serial=$((current_serial + 1)) - # echo "New serial: $new_serial" - # jq ". + {\"serial\": $new_serial, \"terraform_version\": \"1.5.7\"}" "$STATE_FILE" > tmpfile && mv tmpfile "$STATE_FILE" - # cat errored.tfstate - # terraform state push -lock=false -force errored.tfstate - - # generate-action: - # runs-on: ubuntu-latest - # needs: [ create-command-list, create-action-repo ] - # strategy: - # matrix: - # commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} - # steps: - # - uses: actions/checkout@v3 - - # - run: echo ${{ matrix.commands }} - - # - name: Install Protoc - # uses: arduino/setup-protoc@v1 - # with: - # version: '3.x' - # repo-token: ${{ secrets.BOT_TOKEN }} - - # - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" - - # - name: Configure git user - # run: | - # git config --global init.defaultBranch main - # git config --global user.name "liquibot" - # git config --global user.email "liquibot@liquibase.org" - - # - name: Push Action to Repo - # run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION - # env: - # BOT_TOKEN: ${{ secrets.BOT_TOKEN }} + - name: Terraform Apply + run: terraform apply -auto-approve -lock=false + continue-on-error: true + + - name: Terraform State Push + run: | + cat errored.tfstate + STATE_FILE="errored.tfstate" + current_serial=$(jq -r '.serial' "$STATE_FILE") + echo "Current serial: $current_serial" + new_serial=$((current_serial + 1)) + echo "New serial: $new_serial" + jq ". + {\"serial\": $new_serial, \"terraform_version\": \"1.5.7\"}" "$STATE_FILE" > tmpfile && mv tmpfile "$STATE_FILE" + cat errored.tfstate + terraform state push -lock=false -force errored.tfstate + + generate-action: + runs-on: ubuntu-latest + needs: [ create-command-list, create-action-repo ] + strategy: + matrix: + commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} + steps: + - uses: actions/checkout@v3 + + - run: echo ${{ matrix.commands }} + + - name: Install Protoc + uses: arduino/setup-protoc@v1 + with: + version: '3.x' + repo-token: ${{ secrets.BOT_TOKEN }} + + - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" + + - name: Configure git user + run: | + git config --global init.defaultBranch main + git config --global user.name "liquibot" + git config --global user.email "liquibot@liquibase.org" + + - name: Push Action to Repo + run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION + env: + BOT_TOKEN: ${{ secrets.BOT_TOKEN }} - # output-action: - # runs-on: ubuntu-latest - # needs: [ generate-action ] - # steps: - # - uses: actions/checkout@v3 - - # - uses: actions/download-artifact@v3 - # with: - # name: commands-$LIQUIBASE_VERSION - # path: ./ - - # - name: Output Action Edit Link - # run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" + output-action: + runs-on: ubuntu-latest + needs: [ generate-action ] + steps: + - uses: actions/checkout@v3 + + - uses: actions/download-artifact@v3 + with: + name: commands-$LIQUIBASE_VERSION + path: ./ + + - name: Output Action Edit Link + run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" From de5be5822086b6456b3648ad76e3fde29fd1c244 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 18:45:54 +0100 Subject: [PATCH 29/52] chore(generate.yml): remove Terraform State Push step from the workflow The Terraform State Push step was removed from the workflow as it was causing errors and is no longer needed. --- .github/workflows/generate.yml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 1f07450..69d18cb 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -70,18 +70,6 @@ jobs: run: terraform apply -auto-approve -lock=false continue-on-error: true - - name: Terraform State Push - run: | - cat errored.tfstate - STATE_FILE="errored.tfstate" - current_serial=$(jq -r '.serial' "$STATE_FILE") - echo "Current serial: $current_serial" - new_serial=$((current_serial + 1)) - echo "New serial: $new_serial" - jq ". + {\"serial\": $new_serial, \"terraform_version\": \"1.5.7\"}" "$STATE_FILE" > tmpfile && mv tmpfile "$STATE_FILE" - cat errored.tfstate - terraform state push -lock=false -force errored.tfstate - generate-action: runs-on: ubuntu-latest needs: [ create-command-list, create-action-repo ] From a42921e741e0c488262ef8c15aeb8aecb96ace08 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 18:46:11 +0100 Subject: [PATCH 30/52] chore(generate.yml): remove trailing whitespace to improve code readability --- .github/workflows/generate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 69d18cb..0a9e8c1 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -99,7 +99,7 @@ jobs: run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION env: BOT_TOKEN: ${{ secrets.BOT_TOKEN }} - + output-action: runs-on: ubuntu-latest needs: [ generate-action ] From eaf39724855deb8a0b5610bad13dcc518dd7c93c Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 18:52:46 +0100 Subject: [PATCH 31/52] chore(terraform): add .terraform.lock.hcl file to track provider version and constraints A new file `.terraform.lock.hcl` has been added to the repository. This file is automatically maintained by `terraform init` command and should not be manually edited. It tracks the version and constraints of the provider `registry.terraform.io/integrations/github`. The current version is `4.31.0` and the constraints are set to `~> 4.0`. The file includes a list of hashes for the provider's artifacts to ensure integrity and security. --- .terraform.lock.hcl | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .terraform.lock.hcl diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl new file mode 100644 index 0000000..8533965 --- /dev/null +++ b/.terraform.lock.hcl @@ -0,0 +1,24 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/integrations/github" { + version = "4.31.0" + constraints = "~> 4.0" + hashes = [ + "h1:fm77HQzGPdMeRGbu6xn/3CtQsHfHbaZdfIhIbgJj1kY=", + "zh:07208ecc74804fbdd554830de79627f3e58633fc417b12dc29aafaceae01e427", + "zh:0dca3802a7ea1ba4812c866bf202e62aef6c8995db8856fdb5b4d1d81b505518", + "zh:24e6a56b34b3e0dca6ca0d6f22d0a31dda6a3256713492902c39ce9edd14acbd", + "zh:42e41fa4e61218973615b7e5d564119bb5c728ee40b881539964cd704632d8c0", + "zh:6aa6bb04fdc00c3c762122e96ee7c19abfb8e42dc5d3a720b5767dbb4cfa274d", + "zh:74ea4bbad825eee831d37940760459786460fe492e1b30acb5c91c9edd14a5ea", + "zh:8e170f6d5e46c08fbc3b5ff251075382f75b53a66a83b7b005099fb99ad94f24", + "zh:9164b611e7318e3d08cc84513d3d8c27bd12336a7721a894cb3d346b60286233", + "zh:91d3397f021c5a9fedff36f84635ffc3169224494629bb4a578356a05091e182", + "zh:b061e1529499bf40f8f14c9c8116787dd50f6fd3d64ad38d77cd39db77e98ae9", + "zh:c9daff626f7a55c01db79b6ccc462948bf854d976c73def306ae9ae09e5afe1b", + "zh:ec7e223ae7d6292b8425b7190e801f1098a647d2aee3132761d37fd75cfcfe07", + "zh:f2001b2a2f7049fc74ffe54d7bc48c9dfec80956f468a2c8a550c5071d077dbd", + "zh:f75ec1e71924c50b346bced15883c626f697ffd3ee6c4bb2835e4170fe65215a", + ] +} \ No newline at end of file From c15579cedbf5caa34bdd24617a63e59aa0bd6673 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 18:54:15 +0100 Subject: [PATCH 32/52] chore(.terraform.lock.hcl): add newline at the end of the file for consistency and to adhere to best practices --- .terraform.lock.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index 8533965..4444d2d 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -21,4 +21,4 @@ provider "registry.terraform.io/integrations/github" { "zh:f2001b2a2f7049fc74ffe54d7bc48c9dfec80956f468a2c8a550c5071d077dbd", "zh:f75ec1e71924c50b346bced15883c626f697ffd3ee6c4bb2835e4170fe65215a", ] -} \ No newline at end of file +} From c2d9f647def9c57aabbcda10f92a244a513c5f0e Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 22:33:30 +0100 Subject: [PATCH 33/52] fix(generate.yml): add `-reconfigure` flag to `terraform init` command to ensure proper initialization of the Terraform workspace feat(generate.yml): add steps to pull and push the current state file to/from the Terraform backend to ensure consistency and synchronization --- .github/workflows/generate.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 0a9e8c1..dbb059b 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -51,7 +51,11 @@ jobs: - name: Terraform Init id: init - run: terraform init + run: terraform init -reconfigure + + - name: Terraform Pull state + id: pull + run: terraform state pull > current_state.tfstate - name: Terraform Validate id: validate @@ -70,6 +74,10 @@ jobs: run: terraform apply -auto-approve -lock=false continue-on-error: true + - name: Terraform Push state + id: push + run: terraform state push current_state.tfstate + generate-action: runs-on: ubuntu-latest needs: [ create-command-list, create-action-repo ] From 0ad35d495f0121b5a2a9dfecaa1358d4104c4cf7 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 22:35:26 +0100 Subject: [PATCH 34/52] fix(generate.yml): add -lock=false flag to the terraform state push command to disable locking when pushing state --- .github/workflows/generate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index dbb059b..49016c9 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -76,7 +76,7 @@ jobs: - name: Terraform Push state id: push - run: terraform state push current_state.tfstate + run: terraform state push -lock=false current_state.tfstate generate-action: runs-on: ubuntu-latest From 8b0021a20e3b0ba9780e0806bce4317c46d4dd51 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 4 Jan 2024 22:53:30 +0100 Subject: [PATCH 35/52] fix(generate.yml): change output file name from current_state.tfstate to current.tfstate in the Terraform Pull state step fix(generate.yml): add terraform init -force-copy -backend=false command in the Terraform Pull state step to ensure a clean initialization fix(generate.yml): add terraform init -reconfigure command in the Terraform Push state step to reconfigure the backend before pushing the state fix(generate.yml): change output file name from current_state.tfstate to current.tfstate in the Terraform Push state step --- .github/workflows/generate.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 49016c9..95c70b8 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -55,7 +55,9 @@ jobs: - name: Terraform Pull state id: pull - run: terraform state pull > current_state.tfstate + run: | + terraform state pull > current.tfstate + terraform init -force-copy -backend=false - name: Terraform Validate id: validate @@ -76,7 +78,9 @@ jobs: - name: Terraform Push state id: push - run: terraform state push -lock=false current_state.tfstate + run: | + terraform init -reconfigure + terraform state push -lock=false current.tfstate generate-action: runs-on: ubuntu-latest From 4a195c3c0ac0077634dd63c9029a492aaed86fc7 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:00:16 +0100 Subject: [PATCH 36/52] chore(generate.yml): update workflow to install spacectl instead of terraform and add support for local preview of infrastructure changes chore(main.tf): remove backend configuration for remote state as it is no longer needed with the switch to spacectl --- .github/workflows/generate.yml | 47 +++++++++++++--------------------- .terraform.lock.hcl | 24 ----------------- main.tf | 8 ------ 3 files changed, 18 insertions(+), 61 deletions(-) delete mode 100644 .terraform.lock.hcl diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 95c70b8..cf98057 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -35,10 +35,10 @@ jobs: steps: - uses: actions/checkout@v3 - - name: Setup Terraform - uses: hashicorp/setup-terraform@v3 - with: - terraform_version: "1.5.7" + - name: Install spacectl + uses: spacelift-io/setup-spacectl@main + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: actions/download-artifact@v3 with: @@ -51,36 +51,25 @@ jobs: - name: Terraform Init id: init - run: terraform init -reconfigure - - - name: Terraform Pull state - id: pull - run: | - terraform state pull > current.tfstate - terraform init -force-copy -backend=false + run: terraform init - name: Terraform Validate id: validate run: terraform validate -no-color - - name: Terraform Plan - id: plan - run: terraform plan -no-color -lock=false - continue-on-error: true - - - name: Terraform Plan Status - if: steps.plan.outcome == 'failure' - run: exit 1 - - - name: Terraform Apply - run: terraform apply -auto-approve -lock=false - continue-on-error: true - - - name: Terraform Push state - id: push - run: | - terraform init -reconfigure - terraform state push -lock=false current.tfstate + - name: Preview infrastructure + env: + SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} + SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} + SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} + run: spacectl stack local-preview --id liquibase-github-actions + + # - name: Deploy infrastructure + # env: + # SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} + # SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} + # SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} + # run: spacectl stack deploy --id liquibase-github-actions generate-action: runs-on: ubuntu-latest diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl deleted file mode 100644 index 4444d2d..0000000 --- a/.terraform.lock.hcl +++ /dev/null @@ -1,24 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/integrations/github" { - version = "4.31.0" - constraints = "~> 4.0" - hashes = [ - "h1:fm77HQzGPdMeRGbu6xn/3CtQsHfHbaZdfIhIbgJj1kY=", - "zh:07208ecc74804fbdd554830de79627f3e58633fc417b12dc29aafaceae01e427", - "zh:0dca3802a7ea1ba4812c866bf202e62aef6c8995db8856fdb5b4d1d81b505518", - "zh:24e6a56b34b3e0dca6ca0d6f22d0a31dda6a3256713492902c39ce9edd14acbd", - "zh:42e41fa4e61218973615b7e5d564119bb5c728ee40b881539964cd704632d8c0", - "zh:6aa6bb04fdc00c3c762122e96ee7c19abfb8e42dc5d3a720b5767dbb4cfa274d", - "zh:74ea4bbad825eee831d37940760459786460fe492e1b30acb5c91c9edd14a5ea", - "zh:8e170f6d5e46c08fbc3b5ff251075382f75b53a66a83b7b005099fb99ad94f24", - "zh:9164b611e7318e3d08cc84513d3d8c27bd12336a7721a894cb3d346b60286233", - "zh:91d3397f021c5a9fedff36f84635ffc3169224494629bb4a578356a05091e182", - "zh:b061e1529499bf40f8f14c9c8116787dd50f6fd3d64ad38d77cd39db77e98ae9", - "zh:c9daff626f7a55c01db79b6ccc462948bf854d976c73def306ae9ae09e5afe1b", - "zh:ec7e223ae7d6292b8425b7190e801f1098a647d2aee3132761d37fd75cfcfe07", - "zh:f2001b2a2f7049fc74ffe54d7bc48c9dfec80956f468a2c8a550c5071d077dbd", - "zh:f75ec1e71924c50b346bced15883c626f697ffd3ee6c4bb2835e4170fe65215a", - ] -} diff --git a/main.tf b/main.tf index 2e7c76d..a48b919 100644 --- a/main.tf +++ b/main.tf @@ -1,12 +1,4 @@ terraform { - required_version = "1.5.7" - backend "remote" { - hostname = "spacelift.io" - organization = "liquibase" - workspaces { - name = "liquibase-github-actions" - } - } required_providers { github = { source = "integrations/github" From c54161b6db7a05d9c9be7e6a19fa4b1ae60bc938 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:04:08 +0100 Subject: [PATCH 37/52] fix(generate.yml): update spacectl command to use 'preview' instead of 'local-preview' for consistency with other commands --- .github/workflows/generate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index cf98057..f54ed3a 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -62,7 +62,7 @@ jobs: SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} - run: spacectl stack local-preview --id liquibase-github-actions + run: spacectl stack preview --id liquibase-github-actions # - name: Deploy infrastructure # env: From 1f1c5dbd04427e810211d96b456d1c8f3178167a Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:09:33 +0100 Subject: [PATCH 38/52] chore(generate.yml): comment out unused workflow steps to improve readability and reduce noise in the file --- .github/workflows/generate.yml | 86 +++++++++++++++++----------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index f54ed3a..1e572a6 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -71,46 +71,46 @@ jobs: # SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} # run: spacectl stack deploy --id liquibase-github-actions - generate-action: - runs-on: ubuntu-latest - needs: [ create-command-list, create-action-repo ] - strategy: - matrix: - commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} - steps: - - uses: actions/checkout@v3 - - - run: echo ${{ matrix.commands }} - - - name: Install Protoc - uses: arduino/setup-protoc@v1 - with: - version: '3.x' - repo-token: ${{ secrets.BOT_TOKEN }} - - - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" - - - name: Configure git user - run: | - git config --global init.defaultBranch main - git config --global user.name "liquibot" - git config --global user.email "liquibot@liquibase.org" - - - name: Push Action to Repo - run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION - env: - BOT_TOKEN: ${{ secrets.BOT_TOKEN }} - - output-action: - runs-on: ubuntu-latest - needs: [ generate-action ] - steps: - - uses: actions/checkout@v3 - - - uses: actions/download-artifact@v3 - with: - name: commands-$LIQUIBASE_VERSION - path: ./ - - - name: Output Action Edit Link - run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" + # generate-action: + # runs-on: ubuntu-latest + # needs: [ create-command-list, create-action-repo ] + # strategy: + # matrix: + # commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} + # steps: + # - uses: actions/checkout@v3 + + # - run: echo ${{ matrix.commands }} + + # - name: Install Protoc + # uses: arduino/setup-protoc@v1 + # with: + # version: '3.x' + # repo-token: ${{ secrets.BOT_TOKEN }} + + # - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" + + # - name: Configure git user + # run: | + # git config --global init.defaultBranch main + # git config --global user.name "liquibot" + # git config --global user.email "liquibot@liquibase.org" + + # - name: Push Action to Repo + # run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION + # env: + # BOT_TOKEN: ${{ secrets.BOT_TOKEN }} + + # output-action: + # runs-on: ubuntu-latest + # needs: [ generate-action ] + # steps: + # - uses: actions/checkout@v3 + + # - uses: actions/download-artifact@v3 + # with: + # name: commands-$LIQUIBASE_VERSION + # path: ./ + + # - name: Output Action Edit Link + # run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" From d5b80f3d2d0135e270cae07a99de680eee07318f Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:12:43 +0100 Subject: [PATCH 39/52] fix(generate.yml): change 'spacectl stack preview' command to 'spacectl stack local-preview' to run the stack locally instead of in the cloud --- .github/workflows/generate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 1e572a6..0d640b6 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -62,7 +62,7 @@ jobs: SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} - run: spacectl stack preview --id liquibase-github-actions + run: spacectl stack local-preview --id liquibase-github-actions # - name: Deploy infrastructure # env: From 9bd14935c9719cde81cd8b294c2019b832c7ee39 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:16:46 +0100 Subject: [PATCH 40/52] fix(main.tf): fix file path for commands.json to be relative to the current directory instead of the module directory --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index a48b919..05a7bdb 100644 --- a/main.tf +++ b/main.tf @@ -13,7 +13,7 @@ provider "github" { } locals { - commands = jsondecode(file("${path.module}/commands.json")) + commands = jsondecode(file("commands.json")) } resource "github_repository" "liquibase-github-actions" { From c39192136ad0ad123707c725c750051937b0a731 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:19:59 +0100 Subject: [PATCH 41/52] chore(generate.yml): add ls -ltr command before running spacectl stack local-preview to debug the issue fix(main.tf): fix the path to commands.json file to use the module path for better reliability --- .github/workflows/generate.yml | 4 +++- main.tf | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 0d640b6..ec6e80d 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -62,7 +62,9 @@ jobs: SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} - run: spacectl stack local-preview --id liquibase-github-actions + run: | + ls -ltr + spacectl stack local-preview --id liquibase-github-actions # - name: Deploy infrastructure # env: diff --git a/main.tf b/main.tf index 05a7bdb..a48b919 100644 --- a/main.tf +++ b/main.tf @@ -13,7 +13,7 @@ provider "github" { } locals { - commands = jsondecode(file("commands.json")) + commands = jsondecode(file("${path.module}/commands.json")) } resource "github_repository" "liquibase-github-actions" { From 1c02d4f878a30b08930ea375132bd97f068e7ee9 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:20:26 +0100 Subject: [PATCH 42/52] chore(.gitignore): remove unused "commands.json" file from git tracking --- .gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitignore b/.gitignore index fd4bf8d..746acc6 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,5 @@ protoc-gen-liquibase notes liquibase_libs .terraform -commands.json action .fleet \ No newline at end of file From b8ba8c7dae6901e42f45d8b4858ad9740e5407a9 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:25:25 +0100 Subject: [PATCH 43/52] chore(generate.yml): remove commands.json from .gitignore to allow uploading the file to Spacelift chore(generate.yml): update comment to explain the reason for removing commands.json from .gitignore chore(gitignore): remove newline at end of file --- .github/workflows/generate.yml | 3 ++- .gitignore | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index ec6e80d..56e2c43 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -63,7 +63,8 @@ jobs: SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} run: | - ls -ltr + # We need to remove commands.json from the .gitignore file because Spacelift respects .gitignore files and the fil won't be uploaded + sed -i '/commands\.json/d' .gitignore spacectl stack local-preview --id liquibase-github-actions # - name: Deploy infrastructure diff --git a/.gitignore b/.gitignore index 746acc6..fd4bf8d 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,6 @@ protoc-gen-liquibase notes liquibase_libs .terraform +commands.json action .fleet \ No newline at end of file From 46b52cc14cfee7ec629729a313df4d34443fdb90 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:27:14 +0100 Subject: [PATCH 44/52] chore(generate.yml): uncomment deploy infrastructure step to enable deployment of infrastructure chore(generate.yml): uncomment generate-action and output-action steps to enable generation and output of action --- .github/workflows/generate.yml | 100 ++++++++++++++++----------------- 1 file changed, 50 insertions(+), 50 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 56e2c43..d7558c4 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -67,53 +67,53 @@ jobs: sed -i '/commands\.json/d' .gitignore spacectl stack local-preview --id liquibase-github-actions - # - name: Deploy infrastructure - # env: - # SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} - # SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} - # SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} - # run: spacectl stack deploy --id liquibase-github-actions - - # generate-action: - # runs-on: ubuntu-latest - # needs: [ create-command-list, create-action-repo ] - # strategy: - # matrix: - # commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} - # steps: - # - uses: actions/checkout@v3 - - # - run: echo ${{ matrix.commands }} - - # - name: Install Protoc - # uses: arduino/setup-protoc@v1 - # with: - # version: '3.x' - # repo-token: ${{ secrets.BOT_TOKEN }} - - # - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" - - # - name: Configure git user - # run: | - # git config --global init.defaultBranch main - # git config --global user.name "liquibot" - # git config --global user.email "liquibot@liquibase.org" - - # - name: Push Action to Repo - # run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION - # env: - # BOT_TOKEN: ${{ secrets.BOT_TOKEN }} - - # output-action: - # runs-on: ubuntu-latest - # needs: [ generate-action ] - # steps: - # - uses: actions/checkout@v3 - - # - uses: actions/download-artifact@v3 - # with: - # name: commands-$LIQUIBASE_VERSION - # path: ./ - - # - name: Output Action Edit Link - # run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" + - name: Deploy infrastructure + env: + SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} + SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} + SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} + run: spacectl stack deploy --id liquibase-github-actions + + generate-action: + runs-on: ubuntu-latest + needs: [ create-command-list, create-action-repo ] + strategy: + matrix: + commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} + steps: + - uses: actions/checkout@v3 + + - run: echo ${{ matrix.commands }} + + - name: Install Protoc + uses: arduino/setup-protoc@v1 + with: + version: '3.x' + repo-token: ${{ secrets.BOT_TOKEN }} + + - run: make generate VERSION=$LIQUIBASE_VERSION COMMAND="${{ matrix.commands }}" + + - name: Configure git user + run: | + git config --global init.defaultBranch main + git config --global user.name "liquibot" + git config --global user.email "liquibot@liquibase.org" + + - name: Push Action to Repo + run: ./scripts/push-to-repository.sh "${{ matrix.commands }}" $LIQUIBASE_VERSION + env: + BOT_TOKEN: ${{ secrets.BOT_TOKEN }} + + output-action: + runs-on: ubuntu-latest + needs: [ generate-action ] + steps: + - uses: actions/checkout@v3 + + - uses: actions/download-artifact@v3 + with: + name: commands-$LIQUIBASE_VERSION + path: ./ + + - name: Output Action Edit Link + run: ./scripts/output-release-edit.sh "v$LIQUIBASE_VERSION" From 9c5f039a2852767ae0536ea7015bbee2fac5ca85 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:47:59 +0100 Subject: [PATCH 45/52] chore(generate.yml): remove commands.json from .gitignore to allow uploading it to Spacelift fix(generate.yml): update spacectl commands to include necessary flags for local preview and deployment --- .github/workflows/generate.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index d7558c4..4cf7655 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -62,17 +62,14 @@ jobs: SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} - run: | - # We need to remove commands.json from the .gitignore file because Spacelift respects .gitignore files and the fil won't be uploaded - sed -i '/commands\.json/d' .gitignore - spacectl stack local-preview --id liquibase-github-actions + run: spacectl stack local-preview --id liquibase-github-actions --disregard-gitignore=true - name: Deploy infrastructure env: SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} - run: spacectl stack deploy --id liquibase-github-actions + run: spacectl stack deploy --id liquibase-github-actions --auto-confirm generate-action: runs-on: ubuntu-latest From b874569f003937088070cb530c4bf38b6e956f3e Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:52:45 +0100 Subject: [PATCH 46/52] fix(generate.yml): add condition to deploy infrastructure and generate action jobs to only run on the main branch --- .github/workflows/generate.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 4cf7655..c9a00e1 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -65,6 +65,7 @@ jobs: run: spacectl stack local-preview --id liquibase-github-actions --disregard-gitignore=true - name: Deploy infrastructure + if: github.ref == 'refs/heads/main' env: SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} @@ -74,6 +75,7 @@ jobs: generate-action: runs-on: ubuntu-latest needs: [ create-command-list, create-action-repo ] + if: github.ref == 'refs/heads/main' strategy: matrix: commands: ${{ fromJSON(needs.create-command-list.outputs.matrix) }} From 8f92db31c303eaf5d57f5bee3cb476b943d90607 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 09:56:21 +0100 Subject: [PATCH 47/52] fix(generate.yml): update spacectl stack deploy command to include setting current commit before deployment The previous command only deployed the stack without setting the current commit. This caused issues with tracking the deployed version. The updated command now sets the current commit to the latest commit SHA before deploying the stack. --- .github/workflows/generate.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index c9a00e1..88a91f4 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -70,7 +70,9 @@ jobs: SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }} SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} - run: spacectl stack deploy --id liquibase-github-actions --auto-confirm + run: | + spacectl stack set-current-commit --id liquibase-github-actions --commit ${{ github.sha }} + spacectl stack deploy --id liquibase-github-actions --auto-confirm generate-action: runs-on: ubuntu-latest From f743fe45f37e0d426bb191e8b5b41d3398344eb5 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 10:06:54 +0100 Subject: [PATCH 48/52] chore(generate.yml): add workflow step to check for changes in commands.json file feat(generate.yml): add workflow step to commit and push changes in commands.json file if changes are found fix(generate.yml): remove unnecessary --commit flag from spacectl stack set-current-commit command --- .github/workflows/generate.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 88a91f4..c5a62af 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -64,6 +64,21 @@ jobs: SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} run: spacectl stack local-preview --id liquibase-github-actions --disregard-gitignore=true + - name: Check for commands.json changes + id: check_changes + run: | + git diff --exit-code || echo "Changes found" + + - name: Commit and push commands.json changes + if: steps.check_changes.outputs.code == '0' + run: | + git config --global init.defaultBranch main + git config --global user.name "liquibot" + git config --global user.email "liquibot@liquibase.org" + git add commands.json + git commit -m "Update commands.json" -a + git push + - name: Deploy infrastructure if: github.ref == 'refs/heads/main' env: @@ -71,7 +86,7 @@ jobs: SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }} SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} run: | - spacectl stack set-current-commit --id liquibase-github-actions --commit ${{ github.sha }} + spacectl stack set-current-commit --id liquibase-github-actions spacectl stack deploy --id liquibase-github-actions --auto-confirm generate-action: From b4633e425d70b68d86614d0962b752e8e2b23a63 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 10:12:32 +0100 Subject: [PATCH 49/52] chore(generate.yml): update git command to add commands.json file forcefully to the commit fix(generate.yml): update commit message to indicate changes in commands.json file --- .github/workflows/generate.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 7bcb5aa..77cc0ca 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -67,15 +67,14 @@ jobs: - name: Check for commands.json changes id: check_changes run: | - git diff --exit-code || echo "Changes found" + git diff --exit-code || echo "Changes in commands.json found" - name: Commit and push commands.json changes if: steps.check_changes.outputs.code == '0' run: | - git config --global init.defaultBranch main git config --global user.name "liquibot" git config --global user.email "liquibot@liquibase.org" - git add commands.json + git add --force commands.json git commit -m "Update commands.json" -a git push From 5f68799966755b030caf95271d5e9f37b97f56dc Mon Sep 17 00:00:00 2001 From: liquibot Date: Fri, 5 Jan 2024 09:14:13 +0000 Subject: [PATCH 50/52] Update commands.json --- commands.json | 1 + 1 file changed, 1 insertion(+) create mode 100644 commands.json diff --git a/commands.json b/commands.json new file mode 100644 index 0000000..81b657f --- /dev/null +++ b/commands.json @@ -0,0 +1 @@ +["calculate-checksum","changelog-sync","changelog-sync-sql","changelog-sync-to-tag","changelog-sync-to-tag-sql","checks bulk-set","checks copy","checks create","checks customize","checks delete","checks disable","checks enable","checks reset","checks run","checks show","clear-checksums","connect","db-doc","diff","diff-changelog","drop-all","execute-sql","flow","flow validate","future-rollback-count-sql","future-rollback-from-tag-sql","future-rollback-sql","generate-changelog","history","init copy","init project","init start-h2","list-locks","mark-next-changeset-ran","mark-next-changeset-ran-sql","release-locks","rollback","rollback-count","rollback-count-sql","rollback-one-changeset","rollback-one-changeset-sql","rollback-one-update","rollback-one-update-sql","rollback-sql","rollback-to-date","rollback-to-date-sql","set-contexts","set-labels","snapshot","snapshot-reference","status","tag","tag-exists","unexpected-changesets","update","update-count","update-count-sql","update-one-changeset","update-one-changeset-sql","update-sql","update-testing-rollback","update-to-tag","update-to-tag-sql","validate"] \ No newline at end of file From cec91f773376b2b37b7d2710f884a1ebf92b723a Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 10:16:46 +0100 Subject: [PATCH 51/52] chore(.gitignore): add .terraform.lock.hcl to the list of ignored files to prevent it from being tracked by git --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index fd4bf8d..b95a54e 100644 --- a/.gitignore +++ b/.gitignore @@ -5,4 +5,5 @@ liquibase_libs .terraform commands.json action -.fleet \ No newline at end of file +.fleet +.terraform.lock.hcl \ No newline at end of file From a35a9a43943d2f100f71fa8e8c7d378941562abd Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 5 Jan 2024 10:19:28 +0100 Subject: [PATCH 52/52] chore(generate.yml): remove unnecessary step to check for changes in commands.json fix(generate.yml): allow commit and push step to continue even if there are errors to prevent workflow failure --- .github/workflows/generate.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 77cc0ca..4589eb8 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -64,13 +64,8 @@ jobs: SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }} run: spacectl stack local-preview --id liquibase-github-actions --disregard-gitignore=true - - name: Check for commands.json changes - id: check_changes - run: | - git diff --exit-code || echo "Changes in commands.json found" - - name: Commit and push commands.json changes - if: steps.check_changes.outputs.code == '0' + continue-on-error: true run: | git config --global user.name "liquibot" git config --global user.email "liquibot@liquibase.org"