Skip to content

Commit ae37686

Browse files
h1manshu98h1manshu98
authored
fix: terraform destroy data-type and helm --set flag to pass secrets and multiple values. (#128)
1 parent c138c5a commit ae37686

File tree

2 files changed

+50
-30
lines changed

2 files changed

+50
-30
lines changed

.github/workflows/helm.yml

Lines changed: 39 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -36,28 +36,36 @@ on:
3636
required: true
3737
type: string
3838
description: 'Timeout for helm install step in seconds'
39-
default: '120s'
40-
set-parameters:
41-
required: false
42-
type: string
43-
description: 'Overriding the default values'
4439
values-file-path:
45-
required: true
40+
required: false
4641
type: string
4742
description: 'Values file path from helm chart directory'
4843
history-max:
4944
required: true
5045
type: number
5146
description: 'number of revisions stored in the revision history.'
52-
default: 7
5347
namespace:
5448
required: false
5549
type: string
5650
description: 'Boundary for Kubernetes resources'
5751
rollback:
5852
required: false
59-
type: string
53+
type: boolean
6054
description: 'Environment name for rollback'
55+
revision:
56+
required: false
57+
type: number
58+
description: 'If this argument is omitted or set to 0, it will roll back to the previous release.'
59+
uninstall:
60+
required: false
61+
type: boolean
62+
default: false
63+
description: 'Set true to uninstall helmchart'
64+
role-duration-seconds:
65+
required: false
66+
type: number
67+
default: 900
68+
description: 'The assumed role duration in seconds, if assuming a role. Defaults to 1 hour.'
6169
secrets:
6270
AWS_ACCESS_KEY_ID:
6371
description: 'AWS Access Key ID'
@@ -74,6 +82,9 @@ on:
7482
AZURE_CREDENTIALS:
7583
description: 'Azure Credentilas'
7684
required: false
85+
set-parameters:
86+
required: false
87+
description: 'Overriding the default values using --set flag'
7788
jobs:
7889
helm-action:
7990
runs-on: ubuntu-latest
@@ -91,7 +102,7 @@ jobs:
91102
aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }}
92103
role-to-assume: ${{ secrets.BUILD_ROLE }}
93104
aws-region: ${{ inputs.aws_region }}
94-
role-duration-seconds: 900
105+
role-duration-seconds: ${{ inputs.role-duration-seconds }}
95106
role-skip-session-tagging: true
96107

97108
- name: Install Azure CLI
@@ -105,32 +116,38 @@ jobs:
105116
if [ "${{ inputs.provider }}" = "azure" ]; then
106117
az aks get-credentials --resource-group ${{ inputs.resource-group }} --name ${{ inputs.azure-cluster-name }}
107118
else
108-
aws eks --region ${{ inputs.aws-region }} update-kubeconfig --name ${{ inputs.eks-cluster-name }}
119+
aws eks update-kubeconfig --name ${{ inputs.eks-cluster-name }} --region ${{ inputs.aws_region }}
109120
fi
110121
111122
- name: helm lint
112-
if: ${{ inputs.rollback != 'rollback' }}
123+
if: ${{ inputs.rollback != true && inputs.uninstall != true }}
113124
run: |
114-
helm lint ${{ inputs.helm-chart-directory }}
125+
helm lint ${{ inputs.helm-chart-directory }} -f ${{ inputs.values-file-path }}
115126
116127
- name: helm template
117-
if: ${{ inputs.rollback != 'rollback' }}
128+
if: ${{ inputs.rollback != true && inputs.uninstall != true }}
118129
run: |
119-
helm template ${{ inputs.helm-chart-directory }}
130+
helm template ${{ inputs.helm-chart-directory }} -f ${{ inputs.values-file-path }}
120131
121132
- name: helm install and upgrade2
122-
if: ${{ inputs.rollback != 'rollback' }}
133+
if: ${{ inputs.rollback != true && inputs.uninstall != true }}
123134
run: |
124-
if [ -n "${{ inputs.set-parameters }}" ]; then
125-
helm upgrade --install --atomic --create-namespace --wait --history-max ${{ inputs.history-max }} --debug \
126-
${{ inputs.release-name }} ${{ inputs.helm-chart-directory }} ${{ inputs.set-parameters }} -f ${{ inputs.values-file-path }} --namespace=${{ inputs.namespace }} --timeout ${{ inputs.timeout }}
135+
if [ -n "${{ secrets.set-parameters }}" ]; then
136+
helm upgrade --install ${{ inputs.release-name }} ${{ inputs.helm-chart-directory }} -f ${{ inputs.values-file-path }} --namespace=${{ inputs.namespace }} --create-namespace ${{ secrets.set-parameters }} \
137+
--history-max ${{ inputs.history-max }} --atomic --wait --debug --timeout ${{ inputs.timeout }}
127138
else
128-
helm upgrade --install --atomic --create-namespace --wait --history-max ${{ inputs.history-max }} --debug \
129-
${{ inputs.release-name }} ${{ inputs.helm-chart-directory }} -f ${{ inputs.values-file-path }} --namespace=${{ inputs.namespace }} --timeout ${{ inputs.timeout }}
139+
helm upgrade --install ${{ inputs.release-name }} ${{ inputs.helm-chart-directory }} -f ${{ inputs.values-file-path }} --namespace=${{ inputs.namespace }} --create-namespace \
140+
--history-max ${{ inputs.history-max }} --atomic --wait --debug --timeout ${{ inputs.timeout }}
130141
fi
131142
132143
- name: Rollback Helm Release
133-
if: ${{ inputs.rollback == 'rollback' }}
144+
if: ${{ inputs.rollback == true && inputs.uninstall != true }}
145+
run: |
146+
export HISTORY_COUNT=$(helm history ${{ inputs.release-name }} -n ${{ inputs.namespace }} | head -2 | tail -1 | awk '{print $1}')
147+
helm rollback ${{ inputs.release-name }} -n ${{ inputs.namespace }} ${{ inputs.revision }} --debug || ( echo "Valid revision values can be greater than or equal to $HISTORY_COUNT" && exit 1 )
148+
149+
- name: Uninstall Helm Release
150+
if: ${{ inputs.uninstall == true }}
134151
run: |
135-
helm rollback ${{ inputs.release-name }} -n ${{ inputs.namespace }}
152+
helm uninstall ${{ inputs.release-name }} -n ${{ inputs.namespace }}
136153
...

.github/workflows/terraform_workflow.yml

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,6 @@ on:
1010
provider:
1111
required: true
1212
type: string
13-
default: aws
1413
description: 'Cloud provider to run the workflow. e.g. azurerm, aws, gcp or digitalocean'
1514
aws_region:
1615
required: false
@@ -26,9 +25,10 @@ on:
2625
type: string
2726
description: 'Terraform var file directory. e.g. vars/dev.tfvars'
2827
destroy:
29-
type: string
28+
required: false
29+
type: boolean
3030
default: false
31-
description: 'you want to destroy infra or not'
31+
description: 'Set true to to destroy terraform infrastructure.'
3232
approvers:
3333
required: false
3434
type: string
@@ -66,6 +66,9 @@ on:
6666
GCP_CREDENTIALS:
6767
required: false
6868
description: 'The Google Cloud JSON service account key to use for authentication'
69+
DIGITALOCEAN_ACCESS_TOKEN:
70+
required: false
71+
description: 'The DigitalOcean Personal Access Token for Application & API'
6972
env-vars:
7073
required: false
7174
description: 'Pass required environment variables'
@@ -124,7 +127,7 @@ jobs:
124127
terraform_version: ${{ inputs.terraform_version }}
125128

126129
- name: 'Terraform Format'
127-
if: ${{ inputs.destroy != 'true' }}
130+
if: ${{ inputs.destroy != true }}
128131
id: fmt
129132
uses: 'dflook/terraform-fmt-check@v1'
130133
with:
@@ -137,7 +140,7 @@ jobs:
137140
terraform init
138141
139142
- name: 'Terraform validate'
140-
if: ${{ inputs.destroy != 'true' }}
143+
if: ${{ inputs.destroy != true }}
141144
id: validate
142145
uses: dflook/terraform-validate@v1
143146
with:
@@ -148,7 +151,7 @@ jobs:
148151
run: |
149152
export exitcode=0
150153
cd ${{ inputs.working_directory }}
151-
if [ "${{ inputs.destroy }}" = "true" ]; then
154+
if [ "${{ inputs.destroy }}" = true ]; then
152155
if [ -n "${{ inputs.var_file }}" ]; then
153156
terraform plan -destroy -out tfplan --var-file=${{ inputs.var_file }}
154157
else
@@ -194,7 +197,7 @@ jobs:
194197
issue-title: "Terraform Plan for Infrastructure Update"
195198

196199
- name: terraform apply
197-
if: ${{ inputs.destroy != 'true' }}
200+
if: ${{ inputs.destroy != true }}
198201
run: |
199202
if [ -n "${{ inputs.var_file }}" ]; then
200203
cd ${{ inputs.working_directory }}
@@ -205,7 +208,7 @@ jobs:
205208
fi
206209
207210
- name: Terraform destroy
208-
if: ${{ inputs.destroy == 'true' }}
211+
if: ${{ inputs.destroy == true }}
209212
id: destroy
210213
run: |
211214
if [ -n "${{ inputs.var_file }}" ]; then

0 commit comments

Comments
 (0)