chore(deps): update terraform aws to v5.23.1 #109
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: ['main'] | |
| concurrency: | |
| group: '${{ github.workflow }} @ ${{ github.ref }}' | |
| cancel-in-progress: false | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| permissions: | |
| id-token: write # Required for aws-actions/configure-aws-credentials | |
| contents: read # Required for actions/checkout | |
| jobs: | |
| docker: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: arm64 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| terraform: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::803205869942:role/github-actions-aredn-cloud-tunnel | |
| aws-region: us-east-1 | |
| - name: Terraform Init | |
| run: cd infra && terraform init | |
| - name: Place secret variables | |
| run: | | |
| echo "${TFVARS}" | base64 -d > infra/variables.tfvars | |
| env: | |
| TFVARS: ${{ secrets.TFVARS }} | |
| - name: Terraform Apply | |
| run: cd infra && terraform apply -no-color -auto-approve -var-file=variables.tfvars | |
| terraform-gcp: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::803205869942:role/github-actions-aredn-cloud-tunnel | |
| aws-region: us-east-1 | |
| - name: Configure GCP Credentials | |
| uses: google-github-actions/auth@v1.1.1 | |
| with: | |
| create_credentials_file: 'true' | |
| workload_identity_provider: 'projects/820302097205/locations/global/workloadIdentityPools/aredn-cloud-tunnel-gcp/providers/github' | |
| service_account: 'oidc-service-account@supernode-401805.iam.gserviceaccount.com' | |
| - name: Terraform Init | |
| run: cd infra-gcp && terraform init | |
| - name: Place secret variables | |
| run: | | |
| echo "${TFVARS}" | base64 -d > infra-gcp/variables.tfvars | |
| env: | |
| TFVARS: ${{ secrets.GCP_TFVARS }} | |
| - name: Terraform Apply | |
| run: cd infra-gcp && terraform apply -no-color -auto-approve -var-file=variables.tfvars |