Create Initial Implementation for Buncombe Data Collection #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pull Request Checks | |
| on: | |
| pull_request: | |
| branches: [main, live] | |
| jobs: | |
| backend-tests: | |
| name: Backend Tests | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./serverless | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Use Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "npm" | |
| cache-dependency-path: "./serverless/package-lock.json" | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Run backend tests | |
| run: npm test | |
| - name: Run linting | |
| run: npm run lint | |
| - name: Check TypeScript build | |
| run: npx tsc --noEmit | |
| terraform-plan-dev: | |
| name: Terraform Plan (Dev) | |
| if: github.base_ref == 'main' | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./infra/terraform | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: latest | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-2 | |
| - name: Terraform Init | |
| working-directory: ./infra/terraform/dev | |
| run: terraform init | |
| - name: Set Terraform environment variables | |
| run: | | |
| echo "TF_VAR_alert_email=${{ vars.ALERT_EMAIL }}" >> $GITHUB_ENV | |
| - name: Terraform Plan | |
| working-directory: ./infra/terraform/dev | |
| run: | | |
| terraform plan -no-color > plan_full.txt || { exit_code=$?; cat plan_full.txt; echo "plan<<EOF" >> $GITHUB_OUTPUT; cat plan_full.txt >> $GITHUB_OUTPUT; echo "EOF" >> $GITHUB_OUTPUT; echo "has_changes=true" >> $GITHUB_OUTPUT; exit $exit_code; } | |
| cat plan_full.txt | |
| # Check if there are any changes planned | |
| if grep -q "No changes" plan_full.txt; then | |
| echo "has_changes=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "has_changes=true" >> $GITHUB_OUTPUT | |
| # Extract only the meaningful plan output (skipping "Refreshing state..." lines) | |
| grep -v "Refreshing state" plan_full.txt > plan_changes.txt | |
| echo "plan<<EOF" >> $GITHUB_OUTPUT | |
| cat plan_changes.txt >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| fi | |
| id: plan-dev | |
| - name: Add Dev Plan Comment | |
| if: steps.plan-dev.outputs.has_changes == 'true' | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const output = `#### Terraform Dev Plan 📋 | |
| \`\`\`terraform | |
| ${{ steps.plan-dev.outputs.plan || 'No output available' }} | |
| \`\`\` | |
| `; | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: output | |
| }) | |
| terraform-plan-prod: | |
| name: Terraform Plan (Prod) | |
| if: github.base_ref == 'live' | |
| runs-on: ubuntu-latest | |
| environment: prod | |
| defaults: | |
| run: | |
| working-directory: ./infra/terraform | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: "1.11.4" | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-2 | |
| - name: Terraform Init | |
| working-directory: ./infra/terraform/prod | |
| run: terraform init | |
| - name: Set Terraform environment variables | |
| run: | | |
| echo "TF_VAR_alert_email=${{ vars.ALERT_EMAIL }}" >> $GITHUB_ENV | |
| - name: Terraform Plan | |
| working-directory: ./infra/terraform/prod | |
| run: | | |
| terraform plan -no-color > plan_full.txt || { exit_code=$?; cat plan_full.txt; echo "plan<<EOF" >> $GITHUB_OUTPUT; cat plan_full.txt >> $GITHUB_OUTPUT; echo "EOF" >> $GITHUB_OUTPUT; echo "has_changes=true" >> $GITHUB_OUTPUT; exit $exit_code; } | |
| cat plan_full.txt | |
| # Check if there are any changes planned | |
| if grep -q "No changes" plan_full.txt; then | |
| echo "has_changes=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "has_changes=true" >> $GITHUB_OUTPUT | |
| # Extract only the meaningful plan output (skipping "Refreshing state..." lines) | |
| grep -v "Refreshing state" plan_full.txt > plan_changes.txt | |
| echo "plan<<EOF" >> $GITHUB_OUTPUT | |
| cat plan_changes.txt >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| fi | |
| id: plan-prod | |
| - name: Add Prod Plan Comment | |
| if: steps.plan-prod.outputs.has_changes == 'true' | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const output = `#### Terraform Prod Plan 🏭 | |
| \`\`\`terraform | |
| ${{ steps.plan-prod.outputs.plan || 'No output available' }} | |
| \`\`\` | |
| `; | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: output | |
| }) |