#github-actions (2023-12)
Discussions related to GitHub Actions
2023-12-01
Hi every one, I have other question I need make a merge only to a commit especify, the option is only with comand checkout?
you can checkout a specific commit like this https://devopscube.com/checkout-clone-specific-git-commit-id-sha/
2023-12-07
Hi!
From the cloudposse/github-action-pre-commit docs:
By default, all hooks are run.
Here’s a sample step configuration that only runs the flake8 hook against all the files (use the template above except for the pre-commit action):
- uses: cloudposse/[email protected]
with:
extra_args: flake8 --all-files
How to run multiple hooks, BUT NOT a single hook OR all hooks? This fails:
- uses: cloudposse/[email protected]
with:
extra_args: black mypy isort flake8 --all-files
I don’t think it’s possible.
What might be better is to create a run step that runs your specific hook then find and run an action that pushes up changes.
jobs:
precommit:
steps:
- use: actions/checkout@v4
- run: |
pre-commit run flake8
# another action that pushes up changes if any changes exist
Hi @RB and thank you for the feedback
np! if you find a better solution, please post here. this is just my personal perspective
2023-12-08
2023-12-14
GitHub Actions – Artifacts v4 is now Generally Available GitHub Actions - Artifacts v4 is now Generally Available The post GitHub Actions – Artifacts v4 is now Generally Available appeared first on The GitHub Blog.
I noticed this :
the names do not match from the README
thanks for pointing that out. We’re currently refactoring these repos (and READMEs) so we’ll add that to the list of items to fix
@Erik Osterman (Cloud Posse) https://cloudposse.slack.com/archives/C02M0Q4UGLC/p1702588213423799?thread_ts=1702587900.414939&cid=C02M0Q4UGLC
2023-12-19
@Igor Rodionov I’m trying to implement a new pipeline with atmos and GitHub actions using this https://atmos.tools/integrations/github-actions/atmos-terraform-plan, and I just tried v2, and it does not work, the example does not have the right values
I have the bucket, dynamo, github provider and all that ready, I literally need to add the action and test a plan
mmm this does not work and the example is not correct
is missing has-affected-stacks: ${{ steps.affected.outputs.has-affected-stacks }}
and the matrix I guess is now what it was the stacks before?
@jose.amengual give a moment
no problem, and thanks for jumping on this so quick
Ok. It seem I know the problem
could you pls try to add input nested-matrices-count: 1
and try
it seem I missed that in documentation
if it will solve your problem, I will deeply describe what this input is about
I did add that
this is what I have :
name: Pull Request
on:
pull_request:
branches: [ 'main' ]
types: [opened, synchronize, reopened, closed, labeled, unlabeled]
jobs:
atmos-affected:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- id: affected
uses: cloudposse/github-action-atmos-affected-stacks@v2
with:
atmos-gitops-config-path: ./.github/config/atmos-gitops.yaml
nested-matrices-count: 1
outputs:
affected: ${{ steps.affected.outputs.affected }}
matrix: ${{ steps.affected.outputs.matrix }}
has-affected-stacks: ${{ steps.affected.outputs.has-affected-stacks }}
atmos-plan:
needs: ["atmos-affected"]
if: ${{ needs.atmos-affected.outputs.has-affected-stacks }}
name: ${{ matrix.stack_slug }}
runs-on: ['self-hosted']
strategy:
max-parallel: 10
fail-fast: false # Don't fail fast to avoid locking TF State
matrix: ${{ fromJson(needs.atmos-affected.outputs.stacks) }}
## Avoid running the same stack in parallel mode (from different workflows)
concurrency:
group: ${{ matrix.stack_slug }}
cancel-in-progress: false
steps:
- name: Plan Atmos Component
uses: cloudposse/github-action-atmos-terraform-plan@v1
with:
component: ${{ matrix.component }}
stack: ${{ matrix.stack }}
but I think this is wrong too matrix: ${{ fromJson(needs.atmos-affected.outputs.stacks) }}
if: ${{ needs.atmos-affected.outputs.has-affected-stacks == 'true' }}
sure
you right
that’s typo
so it should be ? fromJson(needs.atmos-affected.outputs.matrix?
yes
ok, testing…..
now is doing something
so far so good
so, coming back to nested-matrices-count - if you will hit the problem 256 matrix limit for terraform plan GHA you can use it to extend the limit up to 65k with nested matrixes and reusable workflows workaround
that’s what we have in this setting. But I’m not sure if we have example workflows for that pattern published yet
my jobs are Waiting for a runner to pick up this job...
crap….. I do not have self-hosted……
changing….
should be the run-on be github or matrix?
atmos-plan:
needs: ["atmos-affected"]
if: ${{ needs.atmos-affected.outputs.has-affected-stacks == 'true' }}
name: ${{ matrix.stack_slug }}
runs-on: ['github']
I do not have self hosted runners
‘ubuntu-latest’
ohhhh
ok now thay are running but no PRs created
just checking in what is going on now
I think the problem is here :
jq -rc --arg key settings.github.actions_enabled '. | getpath($key | split("."))' OUTPUT_FILE
I do not have that setting
is that something I can set globally?
can you explain this ?
terraform-state-role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-core-ue2-auto-gitops-gha
terraform-plan-role: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops
terraform-apply-role: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops
I have cptest-core-ue2-auto-gitops-gha role in my automation account
and I have cptest-core-gbl-identity-gitops in the identity account
which one is which?
@marcelo.eguino
@marcelo.eguino
@jose.amengual sorry I was off.
ok
- Stacks that should be handled with github actions should have
settings: github: actions_enabled: true
example
components:
terraform:
gha-tester:
settings:
github:
actions_enabled: true
metadata:
component: s3-bucket
inherits:
- s3-bucket/defaults
vars:
#enabled: false
name: gha-testing-2
tags:
foo: bar
2
This is roles provided by https://github.com/cloudposse/terraform-aws-components/tree/main/modules/gitops#outputs component that you have to install
it would be used to store tf plan in separate s3 bucket
I solved that issue now I’m getting
Assuming role with OIDC
Authenticated as assumedRoleId AROAWXCPEFSPJEZ4EJXCW:atmos-terraform-plan-gitops
Run set +e
Error:
'atmos.yaml' CLI config files not found in any of the searched paths: system dir, home dir, current dir, ENV vars.
You can download a sample config and adapt it to your requirements from <https://raw.githubusercontent.com/cloudposse/atmos/master/examples/complete/atmos.yaml>
with module.account_map.data.utils_component_config.config[0],
on .terraform/modules/account_map/modules/remote-state/main.tf line 1, in data "utils_component_config" "config":
1: data "utils_component_config" "config" {
my atmos.yaml base_path: "."
I’m trying to override the ATMOS_CLI_CONFIG ENV and I think the action is maybe not using the right dir?
I see
--output /home/runner/work/terraform-aws-infrastructure/terraform-aws-infrastructure/metadata/summary-pepe-ue1-nonprod-aws-config.md \
is repeating the checkout dir
before I the error I see ATMOS_CLI_CONFIG_PATH: /home/runner/work/terraform-aws-infrastructure/terraform-aws-infrastructure/atmos.yaml
and my action config is atmos-config-path: atmos.yaml
so maybe this part of the action is setting duplicating the path
# Set ATMOS_BASE_PATH allow `cloudposse/utils` provider to read atmos config from the correct path
ATMOS_BASE_PATH="./"
echo "ATMOS_BASE_PATH=$(realpath ${ATMOS_BASE_PATH:-./})" >> $GITHUB_ENV
@Igor Rodionov
when you have some time , please let me know what the base_path should be and if I had to copy the atmos.yaml to some other directory
This question better to address @Andriy Knysh (Cloud Posse)