diff --git a/.github/workflows/core-network-services-deployment.yml b/.github/workflows/core-network-services-deployment.yml index 8900588ee..9297bae69 100644 --- a/.github/workflows/core-network-services-deployment.yml +++ b/.github/workflows/core-network-services-deployment.yml @@ -12,6 +12,7 @@ on: - 'terraform/modules/firewall-policy/**' - '!**.md' - '.github/workflows/core-network-services-deployment.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' pull_request: branches: - main @@ -21,6 +22,7 @@ on: - 'terraform/modules/core-monitoring/**' - '!**.md' - '.github/workflows/core-network-services-deployment.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' workflow_dispatch: permissions: @@ -38,5 +40,5 @@ jobs: working-directory: "terraform/environments/core-network-services" environment: production secrets: - modernisation_platform_environments: "${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }}" - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} \ No newline at end of file diff --git a/.github/workflows/core-security-deployment.yml b/.github/workflows/core-security-deployment.yml index 6d4d39be9..d28ec5daa 100644 --- a/.github/workflows/core-security-deployment.yml +++ b/.github/workflows/core-security-deployment.yml @@ -11,6 +11,7 @@ on: - 'terraform/modules/core-monitoring/**' - '!**.md' - '.github/workflows/core-security-deployment.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' pull_request: branches: - main @@ -20,6 +21,7 @@ on: - 'terraform/modules/core-monitoring/**' - '!**.md' - '.github/workflows/core-security-deployment.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' workflow_dispatch: permissions: @@ -37,5 +39,5 @@ jobs: working-directory: "terraform/environments/core-security" environment: production secrets: - modernisation_platform_environments: "${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }}" - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} \ No newline at end of file diff --git a/.github/workflows/core-shared-services-deployment.yml b/.github/workflows/core-shared-services-deployment.yml index 18a3f1fef..952fe6551 100644 --- a/.github/workflows/core-shared-services-deployment.yml +++ b/.github/workflows/core-shared-services-deployment.yml @@ -12,6 +12,7 @@ on: - 'terraform/modules/kms/**' - '!**.md' - '.github/workflows/core-shared-services-deployment.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' pull_request: branches: - main @@ -22,6 +23,7 @@ on: - 'terraform/modules/kms/**' - '!**.md' - '.github/workflows/core-shared-services-deployment.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' workflow_run: workflows: ["Terraform: New environment"] types: [completed] @@ -43,5 +45,5 @@ jobs: working-directory: "terraform/environments/core-shared-services" environment: production secrets: - modernisation_platform_environments: "${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }}" - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} \ No newline at end of file diff --git a/.github/workflows/core-vpc-development-deployment.yml b/.github/workflows/core-vpc-development-deployment.yml index ee3fa80e2..ed9124d86 100644 --- a/.github/workflows/core-vpc-development-deployment.yml +++ b/.github/workflows/core-vpc-development-deployment.yml @@ -19,6 +19,7 @@ on: - 'terraform/modules/vpc-nacls/**' - 'terraform/modules/ram-resource-share/**' - 'terraform/modules/core-vpc-tgw-routes/**' + - '.github/workflows/reusable_terraform_plan_apply.yml' - '!**.md' pull_request: branches: @@ -37,6 +38,7 @@ on: - 'terraform/modules/vpc-nacls/**' - 'terraform/modules/ram-resource-share/**' - 'terraform/modules/core-vpc-tgw-routes/**' + - '.github/workflows/reusable_terraform_plan_apply.yml' - '!**.md' workflow_dispatch: @@ -60,8 +62,8 @@ jobs: working-directory: "terraform/environments/core-vpc" environment: development secrets: - modernisation_platform_environments: "${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }}" - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} member-account-ram-association: runs-on: [ ubuntu-latest ] diff --git a/.github/workflows/core-vpc-preproduction-deployment.yml b/.github/workflows/core-vpc-preproduction-deployment.yml index bab20ccd8..026b61842 100644 --- a/.github/workflows/core-vpc-preproduction-deployment.yml +++ b/.github/workflows/core-vpc-preproduction-deployment.yml @@ -19,6 +19,7 @@ on: - 'terraform/modules/vpc-nacls/**' - 'terraform/modules/ram-resource-share/**' - 'terraform/modules/core-vpc-tgw-routes/**' + - '.github/workflows/reusable_terraform_plan_apply.yml' - '!**.md' pull_request: branches: @@ -37,6 +38,7 @@ on: - 'terraform/modules/vpc-nacls/**' - 'terraform/modules/ram-resource-share/**' - 'terraform/modules/core-vpc-tgw-routes/**' + - '.github/workflows/reusable_terraform_plan_apply.yml' - '!**.md' workflow_dispatch: @@ -59,8 +61,8 @@ jobs: working-directory: "terraform/environments/core-vpc" environment: preproduction secrets: - modernisation_platform_environments: "${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }}" - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} member-account-ram-association: runs-on: [ ubuntu-latest ] diff --git a/.github/workflows/core-vpc-production-deployment.yml b/.github/workflows/core-vpc-production-deployment.yml index b5252c8c8..874e145ab 100644 --- a/.github/workflows/core-vpc-production-deployment.yml +++ b/.github/workflows/core-vpc-production-deployment.yml @@ -19,6 +19,7 @@ on: - 'terraform/modules/vpc-nacls/**' - 'terraform/modules/ram-resource-share/**' - 'terraform/modules/core-vpc-tgw-routes/**' + - '.github/workflows/reusable_terraform_plan_apply.yml' - '!**.md' pull_request: branches: @@ -37,6 +38,7 @@ on: - 'terraform/modules/vpc-nacls/**' - 'terraform/modules/ram-resource-share/**' - 'terraform/modules/core-vpc-tgw-routes/**' + - '.github/workflows/reusable_terraform_plan_apply.yml' - '!**.md' workflow_dispatch: @@ -59,8 +61,8 @@ jobs: working-directory: "terraform/environments/core-vpc" environment: production secrets: - modernisation_platform_environments: "${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }}" - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} member-account-ram-association: runs-on: [ ubuntu-latest ] diff --git a/.github/workflows/core-vpc-test-deployment.yml b/.github/workflows/core-vpc-test-deployment.yml index 3dad441e2..e1786a43f 100644 --- a/.github/workflows/core-vpc-test-deployment.yml +++ b/.github/workflows/core-vpc-test-deployment.yml @@ -59,8 +59,8 @@ jobs: working-directory: "terraform/environments/core-vpc" environment: test secrets: - modernisation_platform_environments: "${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }}" - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} member-account-ram-association: runs-on: [ ubuntu-latest ] diff --git a/.github/workflows/modernisation-platform-account.yml b/.github/workflows/modernisation-platform-account.yml index 0908397af..166f60745 100644 --- a/.github/workflows/modernisation-platform-account.yml +++ b/.github/workflows/modernisation-platform-account.yml @@ -7,6 +7,7 @@ on: - '!**.md' - '.github/workflows/modernisation-platform-account.yml' - 'collaborators.json' + - '.github/workflows/reusable_terraform_plan_apply.yml' branches: - main pull_request: @@ -15,6 +16,7 @@ on: - '!**.md' - '.github/workflows/modernisation-platform-account.yml' - 'collaborators.json' + - '.github/workflows/reusable_terraform_plan_apply.yml' branches: - main types: [opened, edited, reopened, synchronize] @@ -35,5 +37,5 @@ jobs: working-directory: "terraform/modernisation-platform-account" workflow_id: "modernisation-platform-account" secrets: - modernisation_platform_environments: ${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} diff --git a/.github/workflows/reusable_terraform_plan_apply.yml b/.github/workflows/reusable_terraform_plan_apply.yml index 0e84afbbf..2a02064a3 100644 --- a/.github/workflows/reusable_terraform_plan_apply.yml +++ b/.github/workflows/reusable_terraform_plan_apply.yml @@ -51,6 +51,9 @@ jobs: with: environment_management: ${{ needs.retrieve-secrets.outputs.environment_management }} slack_webhook_url: ${{ needs.retrieve-secrets.outputs.slack_webhook_url }} + pagerduty_token: ${{ needs.retrieve-secrets.outputs.pagerduty_token }} + pagerduty_userapi_token: ${{ needs.retrieve-secrets.outputs.pagerduty_userapi_token }} + terraform_github_token: ${{ needs.retrieve-secrets.outputs.terraform_github_token }} PASSPHRASE: ${{ secrets.PASSPHRASE }} - name: Set up variables diff --git a/.github/workflows/terraform-github.yml b/.github/workflows/terraform-github.yml index 6eb5e6470..a577ad1c4 100644 --- a/.github/workflows/terraform-github.yml +++ b/.github/workflows/terraform-github.yml @@ -41,9 +41,8 @@ jobs: working-directory: "terraform/github" workflow_id: "github" secrets: - modernisation_platform_environments: ${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }} - gh_workflow_token: ${{ secrets.TERRAFORM_GITHUB_TOKEN }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} create-github-environments: runs-on: ubuntu-latest diff --git a/.github/workflows/terraform-pagerduty.yml b/.github/workflows/terraform-pagerduty.yml index 832c3f768..0446e3867 100644 --- a/.github/workflows/terraform-pagerduty.yml +++ b/.github/workflows/terraform-pagerduty.yml @@ -6,6 +6,7 @@ on: - 'terraform/pagerduty/**' - '!**.md' - '.github/workflows/terraform-pagerduty.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' branches: - main pull_request: @@ -13,6 +14,7 @@ on: - 'terraform/pagerduty/**' - '!**.md' - '.github/workflows/terraform-pagerduty.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' branches: - main types: [opened, edited, reopened, synchronize] @@ -33,7 +35,5 @@ jobs: working-directory: "terraform/pagerduty" workflow_id: "pagerduty" secrets: - modernisation_platform_environments: ${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }} - pagerduty_token: ${{ secrets.PAGERDUTY_TOKEN }} - pagerduty_userapi_token: ${{ secrets.PAGERDUTY_USERAPI_TOKEN}} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} \ No newline at end of file diff --git a/.github/workflows/terraform-single-sign-on.yml b/.github/workflows/terraform-single-sign-on.yml index b0dc320bc..9fcfc3d8c 100644 --- a/.github/workflows/terraform-single-sign-on.yml +++ b/.github/workflows/terraform-single-sign-on.yml @@ -6,6 +6,7 @@ on: - 'terraform/single-sign-on/**' - '!**.md' - '.github/workflows/terraform-single-sign-on.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' branches: - main pull_request: @@ -13,6 +14,7 @@ on: - 'terraform/single-sign-on/**' - '!**.md' - '.github/workflows/terraform-single-sign-on.yml' + - '.github/workflows/reusable_terraform_plan_apply.yml' branches: - main types: [opened, edited, reopened, synchronize] @@ -33,5 +35,5 @@ jobs: working-directory: "terraform/single-sign-on" workflow_id: "single-sign-on" secrets: - modernisation_platform_environments: ${{ secrets.MODERNISATION_PLATFORM_ENVIRONMENTS }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file + MODERNISATION_PLATFORM_ACCOUNT_NUMBER: "${{ secrets.MODERNISATION_PLATFORM_ACCOUNT_NUMBER }}" + PASSPHRASE: ${{ secrets.PASSPHRASE }} \ No newline at end of file