From 47fbcd8b0ea582e3b8ba5bda6bdb8acaedc846ff Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 11:49:00 +0300 Subject: [PATCH 01/70] Optionally delay destroy in github actions to allow investigation --- .github/workflows/dsf_single_account_cli.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 56caece23..376fb7b6f 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -9,6 +9,11 @@ on: branch: required: true type: string + delay_destroy: + description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + type: boolean + default: false + required: true workflow_call: inputs: @@ -74,6 +79,7 @@ env: AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_KEY_PATH: "aws_key.cer" + DESTORY_DELAY_SECONDS: 3600 permissions: contents: read @@ -220,6 +226,11 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + # This step makes time for investigating the failed resources before destroying them + - name: Conditional Delay + if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + run: sleep $DESTORY_DELAY_SECONDS + - name: Terraform Destroy if: always() run: terraform -chdir=$EXAMPLE_DIR destroy -auto-approve From 9d21860fad0906fe08dd3fe3eb6b90a99915b8a3 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 13:29:22 +0300 Subject: [PATCH 02/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_poc_cli.yml | 11 +++++++++++ .github/workflows/dsf_poc_cli_azure.yml | 12 ++++++++++++ .github/workflows/dsf_single_account_cli.yml | 4 ++-- .github/workflows/sonar_multi_account_cli.yml | 11 +++++++++++ .github/workflows/sonar_poc_cli.yml | 12 ++++++++++++ .github/workflows/sonar_single_account_cli.yml | 11 +++++++++++ 6 files changed, 59 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index eea682dd1..b90df9006 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -9,6 +9,11 @@ on: explicit_ref: required: true type: string + delay_destroy: + description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + type: boolean + default: false + required: true secrets: AWS_ACCESS_KEY_ID: required: true @@ -55,6 +60,7 @@ env: TF_INPUT: 0 AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + DESTORY_DELAY_SECONDS: 1800 permissions: contents: read @@ -218,6 +224,11 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + # This step allows time for investigation of the failed resources before destroying them + - name: Conditional Delay + if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + run: sleep $DESTORY_DELAY_SECONDS + - name: Terraform Destroy id: destroy if: always() diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 466c9a890..ed13a4c00 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -9,6 +9,12 @@ on: explicit_ref: required: true type: string + delay_destroy: + description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + type: boolean + default: false + required: true + secrets: AWS_ACCESS_KEY_ID: required: true @@ -55,6 +61,7 @@ env: ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} + DESTORY_DELAY_SECONDS: 1800 permissions: contents: read @@ -244,6 +251,11 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + # This step allows time for investigation of the failed resources before destroying them + - name: Conditional Delay + if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + run: sleep $DESTORY_DELAY_SECONDS + - name: Terraform Destroy id: destroy if: always() diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 376fb7b6f..a1feb9999 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -79,7 +79,7 @@ env: AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_KEY_PATH: "aws_key.cer" - DESTORY_DELAY_SECONDS: 3600 + DESTORY_DELAY_SECONDS: 1800 permissions: contents: read @@ -226,7 +226,7 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys - # This step makes time for investigating the failed resources before destroying them + # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} run: sleep $DESTORY_DELAY_SECONDS diff --git a/.github/workflows/sonar_multi_account_cli.yml b/.github/workflows/sonar_multi_account_cli.yml index 40d229753..f497ce401 100644 --- a/.github/workflows/sonar_multi_account_cli.yml +++ b/.github/workflows/sonar_multi_account_cli.yml @@ -9,6 +9,11 @@ on: branch: required: true type: string + delay_destroy: + description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + type: boolean + default: false + required: true workflow_call: inputs: @@ -40,6 +45,7 @@ env: TF_WORKSPACE: "multi_account" JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_KEY_PATH: "aws_key.cer" + DESTORY_DELAY_SECONDS: 1800 permissions: contents: read @@ -154,6 +160,11 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + # This step allows time for investigation of the failed resources before destroying them + - name: Conditional Delay + if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + run: sleep $DESTORY_DELAY_SECONDS + - name: Terraform Destroy if: always() run: terraform -chdir=$EXAMPLE_DIR destroy -auto-approve diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index b88c8a729..83fd0efa2 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -9,6 +9,12 @@ on: explicit_ref: required: true type: string + delay_destroy: + description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + type: boolean + default: false + required: true + secrets: AWS_ACCESS_KEY_ID: required: true @@ -49,6 +55,7 @@ env: TF_VAR_allowed_ssh_cidrs: "[\"82.0.0.0/8\", \"62.0.0.0/8\", \"94.0.0.0/8\"]" AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + DESTORY_DELAY_SECONDS: 1800 permissions: contents: read @@ -183,6 +190,11 @@ jobs: port: 22 script: ip addr | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1' + # This step allows time for investigation of the failed resources before destroying them + - name: Conditional Delay + if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + run: sleep $DESTORY_DELAY_SECONDS + - name: Terraform Destroy id: destroy if: always() diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index 5a2527514..23ebfb6ef 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -9,6 +9,11 @@ on: branch: required: true type: string + delay_destroy: + description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + type: boolean + default: false + required: true workflow_call: inputs: @@ -34,6 +39,7 @@ env: JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_REGION: ap-southeast-1 TF_WORKSPACE: single_account + DESTORY_DELAY_SECONDS: 1800 permissions: contents: read @@ -227,6 +233,11 @@ jobs: envs: REMOTE_EXAMPLE_DIR,TF_WORKSPACE script: terraform -chdir=$REMOTE_EXAMPLE_DIR output -json + # This step allows time for investigation of the failed resources before destroying them + - name: Conditional Delay + if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + run: sleep $DESTORY_DELAY_SECONDS + - name: Terraform Destroy # if: always() uses: appleboy/ssh-action@v1.0.0 From 3dd72a97558bfd830b303d1a1f48657cba7faad1 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 14:15:36 +0300 Subject: [PATCH 03/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_poc_cli.yml | 2 +- .github/workflows/dsf_poc_cli_azure.yml | 2 +- .github/workflows/dsf_single_account_cli.yml | 2 +- .github/workflows/sonar_multi_account_cli.yml | 2 +- .github/workflows/sonar_poc_cli.yml | 2 +- .github/workflows/sonar_single_account_cli.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index b90df9006..c629cd209 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -10,7 +10,7 @@ on: required: true type: string delay_destroy: - description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + description: 'Delay the destroy step and subsequent steps to allow investigation' type: boolean default: false required: true diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index ed13a4c00..f7f275e5e 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -10,7 +10,7 @@ on: required: true type: string delay_destroy: - description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + description: 'Delay the destroy step and subsequent steps to allow investigation' type: boolean default: false required: true diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index a1feb9999..a86c74ab4 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -10,7 +10,7 @@ on: required: true type: string delay_destroy: - description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + description: 'Delay the destroy step and subsequent steps to allow investigation' type: boolean default: false required: true diff --git a/.github/workflows/sonar_multi_account_cli.yml b/.github/workflows/sonar_multi_account_cli.yml index f497ce401..3324560ec 100644 --- a/.github/workflows/sonar_multi_account_cli.yml +++ b/.github/workflows/sonar_multi_account_cli.yml @@ -10,7 +10,7 @@ on: required: true type: string delay_destroy: - description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + description: 'Delay the destroy step and subsequent steps to allow investigation' type: boolean default: false required: true diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 83fd0efa2..bb24f8263 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -10,7 +10,7 @@ on: required: true type: string delay_destroy: - description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + description: 'Delay the destroy step and subsequent steps to allow investigation' type: boolean default: false required: true diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index 23ebfb6ef..675a4f0b9 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -10,7 +10,7 @@ on: required: true type: string delay_destroy: - description: 'Whether to delay the destroy step and subsequent steps to allow investigation' + description: 'Delay the destroy step and subsequent steps to allow investigation' type: boolean default: false required: true From 776b2e6d0bec3bf181549905fcb5e482c909eac3 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 14:40:55 +0300 Subject: [PATCH 04/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_poc_cli.yml | 7 +++++-- .github/workflows/dsf_poc_cli_azure.yml | 7 +++++-- .github/workflows/dsf_single_account_cli.yml | 7 +++++-- .github/workflows/sonar_multi_account_cli.yml | 7 +++++-- .github/workflows/sonar_poc_cli.yml | 7 +++++-- .github/workflows/sonar_single_account_cli.yml | 7 +++++-- 6 files changed, 30 insertions(+), 12 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index c629cd209..301de1780 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -60,7 +60,7 @@ env: TF_INPUT: 0 AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - DESTORY_DELAY_SECONDS: 1800 + DESTROY_DELAY_SECONDS: 1800 permissions: contents: read @@ -227,7 +227,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} - run: sleep $DESTORY_DELAY_SECONDS + run: | + destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy id: destroy diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index f7f275e5e..36fcf0fa2 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -61,7 +61,7 @@ env: ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - DESTORY_DELAY_SECONDS: 1800 + DESTROY_DELAY_SECONDS: 1800 permissions: contents: read @@ -254,7 +254,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} - run: sleep $DESTORY_DELAY_SECONDS + run: | + destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy id: destroy diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index a86c74ab4..2430e7638 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -79,7 +79,7 @@ env: AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_KEY_PATH: "aws_key.cer" - DESTORY_DELAY_SECONDS: 1800 + DESTROY_DELAY_SECONDS: 1800 permissions: contents: read @@ -229,7 +229,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} - run: sleep $DESTORY_DELAY_SECONDS + run: | + destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy if: always() diff --git a/.github/workflows/sonar_multi_account_cli.yml b/.github/workflows/sonar_multi_account_cli.yml index 3324560ec..c005b4a85 100644 --- a/.github/workflows/sonar_multi_account_cli.yml +++ b/.github/workflows/sonar_multi_account_cli.yml @@ -45,7 +45,7 @@ env: TF_WORKSPACE: "multi_account" JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_KEY_PATH: "aws_key.cer" - DESTORY_DELAY_SECONDS: 1800 + DESTROY_DELAY_SECONDS: 1800 permissions: contents: read @@ -163,7 +163,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} - run: sleep $DESTORY_DELAY_SECONDS + run: | + destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy if: always() diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index bb24f8263..5a256c3f6 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -55,7 +55,7 @@ env: TF_VAR_allowed_ssh_cidrs: "[\"82.0.0.0/8\", \"62.0.0.0/8\", \"94.0.0.0/8\"]" AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - DESTORY_DELAY_SECONDS: 1800 + DESTROY_DELAY_SECONDS: 1800 permissions: contents: read @@ -193,7 +193,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} - run: sleep $DESTORY_DELAY_SECONDS + run: | + destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy id: destroy diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index 675a4f0b9..e8a3767fa 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -39,7 +39,7 @@ env: JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_REGION: ap-southeast-1 TF_WORKSPACE: single_account - DESTORY_DELAY_SECONDS: 1800 + DESTROY_DELAY_SECONDS: 1800 permissions: contents: read @@ -236,7 +236,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} - run: sleep $DESTORY_DELAY_SECONDS + run: | + destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy # if: always() From 1401d443c043488f41fb362173319d59e648e188 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 14:45:12 +0300 Subject: [PATCH 05/70] Optionally delay destroy in github actions to allow investigation time --- modules/aws/mx/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/aws/mx/main.tf b/modules/aws/mx/main.tf index 890b716e1..94834cedf 100644 --- a/modules/aws/mx/main.tf +++ b/modules/aws/mx/main.tf @@ -62,7 +62,7 @@ locals { ] https_auth_header = base64encode("admin:${var.mx_password}") - timeout = 60 * 40 + timeout = 60 * 1 readiness_commands = templatefile("${path.module}/readiness.tftpl", { mx_address = local.mx_address_for_api From ead44735af91e30f82932b2835d40616fc0e360a Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 14:47:53 +0300 Subject: [PATCH 06/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_single_account_cli.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index e8a3767fa..d5704300e 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -236,10 +236,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} - run: | - destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - sleep $DESTROY_DELAY_SECONDS + run: | + destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy # if: always() From 167d02bd962e2a6068f71bacee1ff5267477024f Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 15:35:22 +0300 Subject: [PATCH 07/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_poc_cli.yml | 2 +- .github/workflows/dsf_poc_cli_azure.yml | 2 +- .github/workflows/dsf_single_account_cli.yml | 2 +- .github/workflows/sonar_multi_account_cli.yml | 2 +- .github/workflows/sonar_poc_cli.yml | 2 +- .github/workflows/sonar_single_account_cli.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index 301de1780..173058715 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -226,7 +226,7 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + if: ${{ failure() && github.event.inputs.delay_destory == true }} run: | destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 36fcf0fa2..713bd68fa 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -253,7 +253,7 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + if: ${{ failure() && github.event.inputs.delay_destory == true }} run: | destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 2430e7638..53d3f92a0 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,7 +228,7 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + if: ${{ failure() && github.event.inputs.delay_destory == true }} run: | destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/sonar_multi_account_cli.yml b/.github/workflows/sonar_multi_account_cli.yml index c005b4a85..7b10500bf 100644 --- a/.github/workflows/sonar_multi_account_cli.yml +++ b/.github/workflows/sonar_multi_account_cli.yml @@ -162,7 +162,7 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + if: ${{ failure() && github.event.inputs.delay_destory == true }} run: | destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 5a256c3f6..c23a35b94 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -192,7 +192,7 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + if: ${{ failure() && github.event.inputs.delay_destory == true }} run: | destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index d5704300e..7fe2feb41 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -235,7 +235,7 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == 'true' }} + if: ${{ failure() && github.event.inputs.delay_destory == true }} run: | destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} From 249d0741d36c1ec16fb42924d1d5440c2c846019 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 15:38:17 +0300 Subject: [PATCH 08/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 53d3f92a0..4cb44ab9c 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,7 +228,7 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == true }} + if: ${{ failure() }} run: | destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} From 4b9f7102ad76a5de884fc12a7192161f43c8932b Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 15:40:58 +0300 Subject: [PATCH 09/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 4cb44ab9c..772047938 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -230,7 +230,7 @@ jobs: - name: Conditional Delay if: ${{ failure() }} run: | - destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 + destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} sleep $DESTROY_DELAY_SECONDS From 937c165e2bb365839631b9789b38dd20ec530213 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 15:44:11 +0300 Subject: [PATCH 10/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 772047938..2231b2ab4 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,10 +228,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() }} + if: ${{ failure() && inputs.delay_destory }} run: | destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ destroy_delay_minutes }} minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy From 6306ce0c4dd9f1b62fad9dd0a4c0354585dee3b2 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 15:48:15 +0300 Subject: [PATCH 11/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 2231b2ab4..aeee87664 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -230,7 +230,7 @@ jobs: - name: Conditional Delay if: ${{ failure() && inputs.delay_destory }} run: | - destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) + destroy_delay_minutes=(($DESTROY_DELAY_SECONDS / 60)) curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ destroy_delay_minutes }} minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} sleep $DESTROY_DELAY_SECONDS From 303f508561002904f9dca653a10435f2a1953bf3 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 15:55:31 +0300 Subject: [PATCH 12/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index aeee87664..9ccdba7fa 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,10 +228,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && inputs.delay_destory }} + if: ${{ failure() && inputs.delay_destory == 'true' }} run: | - destroy_delay_minutes=(($DESTROY_DELAY_SECONDS / 60)) - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ destroy_delay_minutes }} minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have "$destroy_delay_minutes" minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy From 4fc622b42436699cee551ce941a40aa263dd7bd4 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:00:46 +0300 Subject: [PATCH 13/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 9ccdba7fa..f4762b509 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,10 +228,11 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && inputs.delay_destory == 'true' }} + if: ${{ failure() && inputs.delay_destroy == 'true' }} run: | destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have "$destroy_delay_minutes" minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "Sleeping for $destroy_delay_minutes seconds before destroying the environment" sleep $DESTROY_DELAY_SECONDS - name: Terraform Destroy From ef38c7c3e4ae3cb476c66749b17f8f2aed6042ce Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:02:52 +0300 Subject: [PATCH 14/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index f4762b509..e4be8f793 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,8 +228,10 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && inputs.delay_destroy == 'true' }} + if: ${{ failure() }} run: | + echo "delay_destory: ${{ inputs.delay_destroy }}" + echo "Failure status: ${{ failure() }}" destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have "$destroy_delay_minutes" minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "Sleeping for $destroy_delay_minutes seconds before destroying the environment" From af8bacec4be20c129088b05b33904e5198cea4cd Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:03:05 +0300 Subject: [PATCH 15/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index e4be8f793..a67f19173 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -230,7 +230,7 @@ jobs: - name: Conditional Delay if: ${{ failure() }} run: | - echo "delay_destory: ${{ inputs.delay_destroy }}" + echo "delay_destroy: ${{ inputs.delay_destroy }}" echo "Failure status: ${{ failure() }}" destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have "$destroy_delay_minutes" minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} From 415e46643e8477ccbfa607cc52b062fda03bbfaa Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:05:28 +0300 Subject: [PATCH 16/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index a67f19173..75d619ea5 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -231,7 +231,6 @@ jobs: if: ${{ failure() }} run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" - echo "Failure status: ${{ failure() }}" destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have "$destroy_delay_minutes" minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "Sleeping for $destroy_delay_minutes seconds before destroying the environment" From c7e7b24d1b21bd22eae5022fe8ded2cf5357c9ba Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:11:49 +0300 Subject: [PATCH 17/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 75d619ea5..104253de4 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -231,10 +231,12 @@ jobs: if: ${{ failure() }} run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" - destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have "$destroy_delay_minutes" minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - echo "Sleeping for $destroy_delay_minutes seconds before destroying the environment" - sleep $DESTROY_DELAY_SECONDS + if [ "${{ inputs.delay_destroy }}" == "true" ]; then + destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${destroy_delay_minutes} minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "Sleeping for $destroy_delay_minutes seconds before destroying the environment" + sleep $DESTROY_DELAY_SECONDS + fi - name: Terraform Destroy if: always() From 35ad7697c77d4fdc2e9a911d483352e7ab27c981 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:18:17 +0300 Subject: [PATCH 18/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 104253de4..0430a9302 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -232,11 +232,12 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - destroy_delay_minutes=($DESTROY_DELAY_SECONDS / 60) - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${destroy_delay_minutes} minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "Sleeping for $destroy_delay_minutes seconds before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi + env: + - destroy_delay_minutes: $DESTROY_DELAY_SECONDS / 60 - name: Terraform Destroy if: always() From 917548bdd97ee9d5b85dad7265f86ddd45bdefca Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:18:40 +0300 Subject: [PATCH 19/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 0430a9302..c20639e5b 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -233,7 +233,7 @@ jobs: echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - echo "Sleeping for $destroy_delay_minutes seconds before destroying the environment" + echo "\nSleeping for $destroy_delay_minutes seconds before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi env: From d56be18b030d5d47e019a4d371908c7d46c9426d Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:21:20 +0300 Subject: [PATCH 20/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index c20639e5b..bb8b275b2 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -232,12 +232,10 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - echo "\nSleeping for $destroy_delay_minutes seconds before destroying the environment" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $((DESTROY_DELAY_SECONDS / 60)) minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "\nSleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi - env: - - destroy_delay_minutes: $DESTROY_DELAY_SECONDS / 60 - name: Terraform Destroy if: always() From c2af60503afbcaa3484def9ef2b73527b6c2169f Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:24:22 +0300 Subject: [PATCH 21/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index bb8b275b2..6c7b5b850 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -232,8 +232,8 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $((DESTROY_DELAY_SECONDS / 60)) minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - echo "\nSleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ DESTROY_DELAY_SECONDS / 60}} minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "\nSleeping for $(DESTROY_DELAY_SECONDS / 60) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi From c1a04e419f3e0ec1436e01b22cc13cb815efc10c Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:27:33 +0300 Subject: [PATCH 22/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 6c7b5b850..b65677863 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -232,8 +232,9 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ DESTROY_DELAY_SECONDS / 60}} minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - echo "\nSleeping for $(DESTROY_DELAY_SECONDS / 60) minutes before destroying the environment" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "" + echo "Sleeping for $(DESTROY_DELAY_SECONDS / 60) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi From aa50c1fd772e6cb636dba918c099f2b6fc02eca4 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:28:29 +0300 Subject: [PATCH 23/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index b65677863..2c041adae 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -234,7 +234,7 @@ jobs: if [ "${{ inputs.delay_destroy }}" == "true" ]; then curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" - echo "Sleeping for $(DESTROY_DELAY_SECONDS / 60) minutes before destroying the environment" + echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi From f1dbb8cf5eaea494c3eb7d5176b82c9d82ed88a4 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:30:33 +0300 Subject: [PATCH 24/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 2c041adae..5bf84fc7f 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -232,7 +232,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 96b1f23cdd8258b7fe91ab672e902ec346c1b12f Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:39:43 +0300 Subject: [PATCH 25/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 5bf84fc7f..8f1f03f65 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -232,7 +232,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ inputs.workspace }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 58f22c934c6cc195131e8ff4b3132ed2e3a6b0d1 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:46:56 +0300 Subject: [PATCH 26/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 8f1f03f65..1a9f62172 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -232,7 +232,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ inputs.workspace }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 8fbbe95e1142661cd5dccd9d18664cf6631631a6 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:47:18 +0300 Subject: [PATCH 27/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 1a9f62172..23d8b039d 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -79,7 +79,7 @@ env: AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_KEY_PATH: "aws_key.cer" - DESTROY_DELAY_SECONDS: 1800 + DESTROY_DELAY_SECONDS: 30 permissions: contents: read From 61d1c1ac1d0453e0aad48b71a9c043033b7b7f28 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:48:52 +0300 Subject: [PATCH 28/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 23d8b039d..ecccedd1c 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -226,6 +226,16 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + - name: Check how was the workflow run + id: check-trigger + if: ${{ failure() }} + run: | + if [ "${{ github.event_name }}" == "schedule" ]; then + echo "run-by=Automation" >> $GITHUB_OUTPUT + else + echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT + fi + # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay if: ${{ failure() }} @@ -261,16 +271,6 @@ jobs: run: | aws ec2 revoke-security-group-ingress --group-id ${{ vars.SYDNEY_SG_ID }} --security-group-rule-ids ${{ env.sg_id_for_sydney }} - - name: Check how was the workflow run - id: check-trigger - if: ${{ failure() }} - run: | - if [ "${{ github.event_name }}" == "schedule" ]; then - echo "run-by=Automation" >> $GITHUB_OUTPUT - else - echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT - fi - # Send job failure to Slack - name: Send Slack When Failure run: | From 9c6bf2a9a2b67137482571e877cd83977e2894db Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:49:22 +0300 Subject: [PATCH 29/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index ecccedd1c..099f00c99 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 672632e96f21f1504e4a9ef5fb2b5bd9df633d04 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:53:47 +0300 Subject: [PATCH 30/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 099f00c99..7e6703e8c 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${TF_WORKSPACE} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 48af4d5f393dd05bc6bca55613a93de274e366e8 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:55:54 +0300 Subject: [PATCH 31/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 7e6703e8c..1836e2a28 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,11 +242,13 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${TF_WORKSPACE} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi + env: + - TF_WORKSPACE: ${{ env.TF_WORKSPACE }} - name: Terraform Destroy if: always() From 5575165cc8d27626de608a26bd5c36650c3ebd1a Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:56:58 +0300 Subject: [PATCH 32/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 1836e2a28..566e43ba3 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 474da2dd12d5389e699e7ac8641f99b95e8f9f5c Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 16:58:02 +0300 Subject: [PATCH 33/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 566e43ba3..17b878e18 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -248,7 +248,7 @@ jobs: sleep $DESTROY_DELAY_SECONDS fi env: - - TF_WORKSPACE: ${{ env.TF_WORKSPACE }} + TF_WORKSPACE: ${{ env.TF_WORKSPACE }} - name: Terraform Destroy if: always() From cd03136e9c4d18c68a437fce4bbe97366a119827 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:02:27 +0300 Subject: [PATCH 34/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 17b878e18..ff1f075be 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} 1 $(TF_WORKSPACE) 2 ${{ TF_WORKSPACE }} 3 ${ TF_WORKSPACE } automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 6fe0bbc8251baa3413c7bb05234e91306bc1fce4 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:07:17 +0300 Subject: [PATCH 35/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index ff1f075be..86f6858da 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} 1 $(TF_WORKSPACE) 2 ${{ TF_WORKSPACE }} 3 ${ TF_WORKSPACE } automation Failed*\nYou have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\n:clock1: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 7d2fe332c5e046abcf756cf51fb70ccdc26f632f Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:08:26 +0300 Subject: [PATCH 36/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 86f6858da..dcfe0843c 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\n:clock1: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n:clock1: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 7bdf7352ea274760de0a3f113a7dbd6c2c2c6f27 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:15:01 +0300 Subject: [PATCH 37/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index dcfe0843c..32504f8e2 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,13 +242,11 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n:clock1: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ github.env.TF_WORKSPACE }} automation Failed*\n:clock1: :clock2: :clock3: :clock4: :clock5: :clock6: :clock7: :clock8: :clock9: :clock10: :clock11: :clock12: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi - env: - TF_WORKSPACE: ${{ env.TF_WORKSPACE }} - name: Terraform Destroy if: always() From 43d20ba45b04b171647acba598abb3a61d333ebe Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:20:21 +0300 Subject: [PATCH 38/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 32504f8e2..bd1dac6ca 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ github.env.TF_WORKSPACE }} automation Failed*\n:clock1: :clock2: :clock3: :clock4: :clock5: :clock6: :clock7: :clock8: :clock9: :clock10: :clock11: :clock12: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n:alarm_clock: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 4fb7a9f6c42089785bb0232b4e559937b5af0d77 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:24:48 +0300 Subject: [PATCH 39/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index bd1dac6ca..a98e1eb9a 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n:alarm_clock: You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation\"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From ae1de47ae887791bcd1fce44b44e84eb769086de Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:31:03 +0300 Subject: [PATCH 40/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index a98e1eb9a..2a0a2b0ed 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation\"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data "{\"text\":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}\", \"channel\": \"#edsf_automation\"}" ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From a19ac2dcb3903bf20eba5e3408125fc29bc788eb Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:35:40 +0300 Subject: [PATCH 41/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 2a0a2b0ed..b02f6c311 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,7 +242,8 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - curl -X POST -H 'Content-type: application/json' --data "{\"text\":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}\", \"channel\": \"#edsf_automation\"}" ${{ secrets.SLACK_WEBHOOK_URL }} + echo "{\"text\":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}\", \"channel\": \"#edsf_automation\"}" > payload.json + curl -X POST -H 'Content-type: application/json' --data @payload.json ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From a1548d84a5a4e97cecb2d488f5f2f0257d0eb6d9 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:39:29 +0300 Subject: [PATCH 42/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index b02f6c311..8fa055cc6 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -242,8 +242,8 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - echo "{\"text\":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}\", \"channel\": \"#edsf_automation\"}" > payload.json - curl -X POST -H 'Content-type: application/json' --data @payload.json ${{ secrets.SLACK_WEBHOOK_URL }} + echo "Workspace is: $TF_WORKSPACE" + curl -X POST -H 'Content-type: application/json' --data '{"text":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation\"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 53a3acd984dee154a8b640159e49450a31e3bbec Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:43:37 +0300 Subject: [PATCH 43/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 8fa055cc6..076b02040 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -243,11 +243,13 @@ jobs: echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then echo "Workspace is: $TF_WORKSPACE" - curl -X POST -H 'Content-type: application/json' --data '{"text":\":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation\"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi + env: + TF_WORKSPACE: ${{ env.TF_WORKSPACE }} - name: Terraform Destroy if: always() From 1a0f61943280b90e9d8d1a86fe0357d3b0cafa32 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:51:12 +0300 Subject: [PATCH 44/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 076b02040..0fe85fad4 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -105,6 +105,7 @@ jobs: find ./examples/ -type f -exec sed -i -f sed.expr {} \; - name: Set Workspace + if: always() run: | if [ ${{ inputs.branch }} == 'master' ] || [ ${{ inputs.branch }} == 'dev' ]; then echo "TF_WORKSPACE=dsf_single_account_${{ inputs.branch }}" >> $GITHUB_ENV From 23a7e0990a41774af45d7e4cf46f394d4c019f35 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:51:26 +0300 Subject: [PATCH 45/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 0fe85fad4..0833d0f5d 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -249,8 +249,6 @@ jobs: echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS fi - env: - TF_WORKSPACE: ${{ env.TF_WORKSPACE }} - name: Terraform Destroy if: always() From ac47e0c6c28016c18c657befa4e2a8e7fcb090f1 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:53:58 +0300 Subject: [PATCH 46/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 0833d0f5d..87f1109a7 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -244,7 +244,7 @@ jobs: echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then echo "Workspace is: $TF_WORKSPACE" - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} $TF_WORKSPACE automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${TF_WORKSPACE} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 636c0d211ae0c326933d9b837ea4f31d9ba37ff7 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:56:47 +0300 Subject: [PATCH 47/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 87f1109a7..462197fa3 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -244,7 +244,7 @@ jobs: echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then echo "Workspace is: $TF_WORKSPACE" - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${TF_WORKSPACE} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${ TF_WORKSPACE } automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 0d0a9f6f9185522aa006130eae12302e5165d2bf Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:58:09 +0300 Subject: [PATCH 48/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 462197fa3..3a5ed3da7 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -244,7 +244,7 @@ jobs: echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then echo "Workspace is: $TF_WORKSPACE" - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${ TF_WORKSPACE } automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From 01eaa72e30a876b1f08d3d06c57afe48b2ec8e3c Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 17:59:04 +0300 Subject: [PATCH 49/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 3a5ed3da7..207dee11f 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -244,7 +244,7 @@ jobs: echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then echo "Workspace is: $TF_WORKSPACE" - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" sleep $DESTROY_DELAY_SECONDS From c89d6d453d96718be9cf0d59613ce5bfc4cff181 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 18:07:49 +0300 Subject: [PATCH 50/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_poc_cli.yml | 33 ++++++++++------- .github/workflows/dsf_poc_cli_azure.yml | 33 ++++++++++------- .github/workflows/dsf_single_account_cli.yml | 3 +- .github/workflows/sonar_multi_account_cli.yml | 37 +++++++++++-------- .github/workflows/sonar_poc_cli.yml | 23 ++++++++++-- .../workflows/sonar_single_account_cli.yml | 35 ++++++++++-------- 6 files changed, 99 insertions(+), 65 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index 173058715..ff66081ba 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -224,13 +224,28 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + - name: Check how was the workflow run + id: check-trigger + if: ${{ failure() }} + run: | + if [ "${{ github.event_name }}" == "schedule" ]; then + echo "run-by=Automation" >> $GITHUB_OUTPUT + else + echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT + fi + # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == true }} + if: ${{ failure() }} run: | - destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - sleep $DESTROY_DELAY_SECONDS + echo "delay_destroy: ${{ inputs.delay_destroy }}" + if [ "${{ inputs.delay_destroy }}" == "true" ]; then + echo "Terraform workspace: $TF_WORKSPACE" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "" + echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" + sleep $DESTROY_DELAY_SECONDS + fi - name: Terraform Destroy id: destroy @@ -249,16 +264,6 @@ jobs: env: TF_WORKSPACE: default - - name: Check how was the workflow run - id: check-trigger - if: ${{ failure() }} - run: | - if [ "${{ github.event_name }}" == "schedule" ]; then - echo "run-by=Automation" >> $GITHUB_OUTPUT - else - echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT - fi - # Send job failure to Slack - name: Send Slack When Failure run: | diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 713bd68fa..3afe5ad0a 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -251,13 +251,28 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + - name: Check how was the workflow run + id: check-trigger + if: ${{ failure() }} + run: | + if [ "${{ github.event_name }}" == "schedule" ]; then + echo "run-by=Automation" >> $GITHUB_OUTPUT + else + echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT + fi + # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == true }} + if: ${{ failure() }} run: | - destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - sleep $DESTROY_DELAY_SECONDS + echo "delay_destroy: ${{ inputs.delay_destroy }}" + if [ "${{ inputs.delay_destroy }}" == "true" ]; then + echo "Terraform workspace: $TF_WORKSPACE" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "" + echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" + sleep $DESTROY_DELAY_SECONDS + fi - name: Terraform Destroy id: destroy @@ -276,16 +291,6 @@ jobs: env: TF_WORKSPACE: default - - name: Check how was the workflow run - id: check-trigger - if: ${{ failure() }} - run: | - if [ "${{ github.event_name }}" == "schedule" ]; then - echo "run-by=Automation" >> $GITHUB_OUTPUT - else - echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT - fi - # Send job failure to Slack - name: Send Slack When Failure run: | diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 207dee11f..f4cb8cf2e 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -105,7 +105,6 @@ jobs: find ./examples/ -type f -exec sed -i -f sed.expr {} \; - name: Set Workspace - if: always() run: | if [ ${{ inputs.branch }} == 'master' ] || [ ${{ inputs.branch }} == 'dev' ]; then echo "TF_WORKSPACE=dsf_single_account_${{ inputs.branch }}" >> $GITHUB_ENV @@ -243,7 +242,7 @@ jobs: run: | echo "delay_destroy: ${{ inputs.delay_destroy }}" if [ "${{ inputs.delay_destroy }}" == "true" ]; then - echo "Workspace is: $TF_WORKSPACE" + echo "Terraform workspace: $TF_WORKSPACE" curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} echo "" echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" diff --git a/.github/workflows/sonar_multi_account_cli.yml b/.github/workflows/sonar_multi_account_cli.yml index 7b10500bf..0ca9b8c2e 100644 --- a/.github/workflows/sonar_multi_account_cli.yml +++ b/.github/workflows/sonar_multi_account_cli.yml @@ -160,13 +160,28 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + - name: Check how was the workflow run + id: check-trigger + if: ${{ failure() }} + run: | + if [ "${{ github.event_name }}" == "schedule" ]; then + echo "run-by=Automation" >> $GITHUB_OUTPUT + else + echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT + fi + # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == true }} + if: ${{ failure() }} run: | - destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - sleep $DESTROY_DELAY_SECONDS + echo "delay_destroy: ${{ inputs.delay_destroy }}" + if [ "${{ inputs.delay_destroy }}" == "true" ]; then + echo "Terraform workspace: $TF_WORKSPACE" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "" + echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" + sleep $DESTROY_DELAY_SECONDS + fi - name: Terraform Destroy if: always() @@ -180,22 +195,12 @@ jobs: if: always() run: aws ec2 revoke-security-group-ingress --group-id ${{ vars.JUMP_SERVER_SG_ID }} --security-group-rule-ids ${{ env.sg_id }} - - name: Check how was the workflow run - id: check-trigger - if: ${{ failure() }} - run: | - if [ "${{ github.event_name }}" == "schedule" ]; then - echo "run-by=Automation" >> $GITHUB_OUTPUT - else - echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT - fi - # Send job failure to Slack - name: Send Slack When Failure run: | if [ ${{ inputs.branch }} == 'master' ]; then - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*Multi Account Prod ${{ inputs.workspace }} automation Failed*\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#dsfkit-prod"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*Sonar Multi Account Prod ${{ inputs.workspace }} automation Failed*\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#dsfkit-prod"}' ${{ secrets.SLACK_WEBHOOK_URL }} else - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*Multi Account Dev nightly ${{ inputs.workspace }} automation Failed*\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*Sonar Multi Account Dev nightly ${{ inputs.workspace }} automation Failed*\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} fi if: ${{ failure() }} diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index c23a35b94..6cb2f1ec9 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -190,13 +190,28 @@ jobs: port: 22 script: ip addr | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1' + - name: Check how was the workflow run + id: check-trigger + if: ${{ failure() }} + run: | + if [ "${{ github.event_name }}" == "schedule" ]; then + echo "run-by=Automation" >> $GITHUB_OUTPUT + else + echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT + fi + # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == true }} + if: ${{ failure() }} run: | - destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - sleep $DESTROY_DELAY_SECONDS + echo "delay_destroy: ${{ inputs.delay_destroy }}" + if [ "${{ inputs.delay_destroy }}" == "true" ]; then + echo "Terraform workspace: $TF_WORKSPACE" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "" + echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" + sleep $DESTROY_DELAY_SECONDS + fi - name: Terraform Destroy id: destroy diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index 7fe2feb41..d2c0263a6 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -233,13 +233,28 @@ jobs: envs: REMOTE_EXAMPLE_DIR,TF_WORKSPACE script: terraform -chdir=$REMOTE_EXAMPLE_DIR output -json + - name: Check how was the workflow run + if: ${{ failure() }} + id: check-trigger + run: | + if [ "${{ github.event_name }}" == "schedule" ]; then + echo "run-by=Automation" >> $GITHUB_OUTPUT + else + echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT + fi + # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() && github.event.inputs.delay_destory == true }} - run: | - destroy_delay_minutes = $DESTROY_DELAY_SECONDS / 60 - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*DSF Single Account ${{ inputs.workspace }} automation Failed*\nYou have $destroy_delay_minutes minutes to investigate the environment before it is destroyed.\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - sleep $DESTROY_DELAY_SECONDS + if: ${{ failure() }} + run: | + echo "delay_destroy: ${{ inputs.delay_destroy }}" + if [ "${{ inputs.delay_destroy }}" == "true" ]; then + echo "Terraform workspace: $TF_WORKSPACE" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "" + echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" + sleep $DESTROY_DELAY_SECONDS + fi - name: Terraform Destroy # if: always() @@ -258,16 +273,6 @@ jobs: if: always() run: aws ec2 revoke-security-group-ingress --group-id ${{ vars.JUMP_SERVER_SG_ID }} --security-group-rule-ids ${{ env.sg_id }} - - name: Check how was the workflow run - if: ${{ failure() }} - id: check-trigger - run: | - if [ "${{ github.event_name }}" == "schedule" ]; then - echo "run-by=Automation" >> $GITHUB_OUTPUT - else - echo "run-by=${{ github.actor }}" >> $GITHUB_OUTPUT - fi - # Send job failure to Slack - name: Send Slack When Failure run: | From 34afb220f522651c2af344ab36df6f65ce595b0a Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 18:08:32 +0300 Subject: [PATCH 51/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index f4cb8cf2e..6b89810d3 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -79,7 +79,7 @@ env: AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_KEY_PATH: "aws_key.cer" - DESTROY_DELAY_SECONDS: 30 + DESTROY_DELAY_SECONDS: 1800 permissions: contents: read From e911a5723227c0dcee86abc1a211987a3aa5bdcf Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 19:09:08 +0300 Subject: [PATCH 52/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 6b89810d3..81f84c7d4 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -219,13 +219,17 @@ jobs: run: terraform -chdir=$EXAMPLE_DIR output -json - name: Collect Artifacts + id: collect-artifacts if: always() - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: collected-keys path: | ${{ env.EXAMPLE_DIR }}/ssh_keys + - name: Output artifact URL + run: echo 'Artifact URL is ${{ steps.collect-artifacts.outputs.artifact-url }} and ID is ${{ steps.collect-artifacts.outputs.artifact-id }}' + - name: Check how was the workflow run id: check-trigger if: ${{ failure() }} From c26e773b14ae9e73a01a0c51632477b6554db0d1 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 19:10:51 +0300 Subject: [PATCH 53/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 81f84c7d4..f0ea24043 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,7 +228,7 @@ jobs: ${{ env.EXAMPLE_DIR }}/ssh_keys - name: Output artifact URL - run: echo 'Artifact URL is ${{ steps.collect-artifacts.outputs.artifact-url }} and ID is ${{ steps.collect-artifacts.outputs.artifact-id }}' + run: echo 'Artifact URL is ${{ steps.collect-artifacts.outputs.artifact-url }} and ID is ${{ steps.collect-artifacts.outputs.artifact-id }}' - name: Check how was the workflow run id: check-trigger From 629afd9dddc7b053ee27e94cc17a841b81518775 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 19:14:09 +0300 Subject: [PATCH 54/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index f0ea24043..8d3549159 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,7 +228,7 @@ jobs: ${{ env.EXAMPLE_DIR }}/ssh_keys - name: Output artifact URL - run: echo 'Artifact URL is ${{ steps.collect-artifacts.outputs.artifact-url }} and ID is ${{ steps.collect-artifacts.outputs.artifact-id }}' + run: echo "Artifact URL is ${{ steps.collect-artifacts.outputs.artifact-url }} and ID is ${{ steps.collect-artifacts.outputs.artifact-id }}" - name: Check how was the workflow run id: check-trigger From 9df595abdab8dc74f78fada4ac063b8a4adcbb0c Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 19:17:01 +0300 Subject: [PATCH 55/70] Optionally delay destroy in github actions to allow investigation time --- .../workflows/sonar_single_account_cli.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index d2c0263a6..96c8da7e3 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -245,16 +245,16 @@ jobs: # This step allows time for investigation of the failed resources before destroying them - name: Conditional Delay - if: ${{ failure() }} - run: | - echo "delay_destroy: ${{ inputs.delay_destroy }}" - if [ "${{ inputs.delay_destroy }}" == "true" ]; then - echo "Terraform workspace: $TF_WORKSPACE" - curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} - echo "" - echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" - sleep $DESTROY_DELAY_SECONDS - fi + if: ${{ failure() }} + run: | + echo "delay_destroy: ${{ inputs.delay_destroy }}" + if [ "${{ inputs.delay_destroy }}" == "true" ]; then + echo "Terraform workspace: $TF_WORKSPACE" + curl -X POST -H 'Content-type: application/json' --data '{"text":":exclamation: :exclamation: :exclamation:\n*${{ github.workflow }} ${{ env.TF_WORKSPACE }} automation Failed*\n You have ${{ env.DESTROY_DELAY_SECONDS }} seconds to investigate the environment before it is destroyed :alarm_clock:\n\nRun by: ${{ steps.check-trigger.outputs.run-by }}", "channel": "#edsf_automation"}' ${{ secrets.SLACK_WEBHOOK_URL }} + echo "" + echo "Sleeping for $((DESTROY_DELAY_SECONDS / 60)) minutes before destroying the environment" + sleep $DESTROY_DELAY_SECONDS + fi - name: Terraform Destroy # if: always() From b631bde54c5ca9699407823341c67bd07c5a3835 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 19:58:31 +0300 Subject: [PATCH 56/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 8d3549159..88e507de1 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -228,6 +228,7 @@ jobs: ${{ env.EXAMPLE_DIR }}/ssh_keys - name: Output artifact URL + if: always() run: echo "Artifact URL is ${{ steps.collect-artifacts.outputs.artifact-url }} and ID is ${{ steps.collect-artifacts.outputs.artifact-id }}" - name: Check how was the workflow run From c1339ad05a367997eee627f65bbb94bfa979493a Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 20:05:53 +0300 Subject: [PATCH 57/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_poc_cli.yml | 3 ++- .github/workflows/dsf_poc_cli_azure.yml | 3 ++- .github/workflows/dsf_single_account_cli.yml | 4 ---- .github/workflows/sonar_poc_cli.yml | 3 ++- .github/workflows/sonar_single_account_cli.yml | 9 +++++++++ 5 files changed, 15 insertions(+), 7 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index ff66081ba..da5d05fe8 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -217,8 +217,9 @@ jobs: run: terraform -chdir=$EXAMPLE_DIR output -json - name: Collect Artifacts + id: collect-artifacts if: always() - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: collected-keys path: | diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 3afe5ad0a..82eb7da0d 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -244,8 +244,9 @@ jobs: run: terraform -chdir=$EXAMPLE_DIR output -json - name: Collect Artifacts + id: collect-artifacts if: always() - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: collected-keys path: | diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 88e507de1..1ac23e269 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -227,10 +227,6 @@ jobs: path: | ${{ env.EXAMPLE_DIR }}/ssh_keys - - name: Output artifact URL - if: always() - run: echo "Artifact URL is ${{ steps.collect-artifacts.outputs.artifact-url }} and ID is ${{ steps.collect-artifacts.outputs.artifact-id }}" - - name: Check how was the workflow run id: check-trigger if: ${{ failure() }} diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 6cb2f1ec9..3f710a600 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -163,8 +163,9 @@ jobs: run: terraform -chdir=$EXAMPLE_DIR output -json - name: Collect Artifacts + id: collect-artifacts if: always() - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: collected-keys path: | diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index 96c8da7e3..548a1676d 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -233,6 +233,15 @@ jobs: envs: REMOTE_EXAMPLE_DIR,TF_WORKSPACE script: terraform -chdir=$REMOTE_EXAMPLE_DIR output -json + - name: Collect Artifacts + id: collect-artifacts + if: always() + uses: actions/upload-artifact@v4 + with: + name: collected-keys + path: | + ${{ env.EXAMPLE_DIR }}/ssh_keys + - name: Check how was the workflow run if: ${{ failure() }} id: check-trigger From 3d02362e86403f165d27338d7710b19c7642caac Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 20:13:52 +0300 Subject: [PATCH 58/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_single_account_cli.yml | 2 +- .github/workflows/sonar_multi_account_cli.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 1ac23e269..56e60d167 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -78,7 +78,7 @@ env: AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} - AWS_KEY_PATH: "aws_key.cer" + AWS_KEY_PATH: "jump_server_key.cer" DESTROY_DELAY_SECONDS: 1800 permissions: diff --git a/.github/workflows/sonar_multi_account_cli.yml b/.github/workflows/sonar_multi_account_cli.yml index 0ca9b8c2e..30f490432 100644 --- a/.github/workflows/sonar_multi_account_cli.yml +++ b/.github/workflows/sonar_multi_account_cli.yml @@ -44,7 +44,7 @@ env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} TF_WORKSPACE: "multi_account" JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} - AWS_KEY_PATH: "aws_key.cer" + AWS_KEY_PATH: "jump_server_key.cer" DESTROY_DELAY_SECONDS: 1800 permissions: From 3681b57005207be48aa49741d4893b7be24ad84b Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Apr 2024 20:22:38 +0300 Subject: [PATCH 59/70] Optionally delay destroy in github actions to allow investigation time --- modules/aws/mx/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/aws/mx/main.tf b/modules/aws/mx/main.tf index 94834cedf..890b716e1 100644 --- a/modules/aws/mx/main.tf +++ b/modules/aws/mx/main.tf @@ -62,7 +62,7 @@ locals { ] https_auth_header = base64encode("admin:${var.mx_password}") - timeout = 60 * 1 + timeout = 60 * 40 readiness_commands = templatefile("${path.module}/readiness.tftpl", { mx_address = local.mx_address_for_api From 3a849aec4e431de0f27c1ecfa0b6b12511118ea3 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:19:13 +0300 Subject: [PATCH 60/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 3f710a600..f180b710f 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -66,12 +66,14 @@ jobs: fail-fast: false matrix: include: - - workspace: basic_cli-${{ github.run_number }}-${{ github.run_attempt }} + - test_name: Sonar Basic CLI + workspace: basic_cli-${{ github.run_number }}-${{ github.run_attempt }} example_dir: ./examples/aws/poc/sonar_basic_deployment aws_region: eu-west-2 hub_output: '.dsf_hub.value.public_dns' gw_output: '.dsf_agentless_gw.value."agentless-gw-0".private_ip' - - workspace: hadr_cli-${{ github.run_number }}-${{ github.run_attempt }} + - name: Sonar HADR CLI + workspace: hadr_cli-${{ github.run_number }}-${{ github.run_attempt }} example_dir: ./examples/aws/poc/sonar_hadr_deployment aws_region: eu-west-1 hub_output: '.dsf_hubs.value.main.public_dns' @@ -80,6 +82,7 @@ jobs: name: 'Terraform ${{ matrix.workspace }}' runs-on: ubuntu-latest env: + TEST_NAME_SAFE: ${{ matrix.test_name | replace(' ', '_') | lower }} EXAMPLE_DIR: ${{ matrix.example_dir }} TF_WORKSPACE: ${{ matrix.workspace }} AWS_REGION: ${{ matrix.aws_region }} @@ -167,9 +170,9 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys + name: collected-keys-$TEST_NAME_SAFE path: | - ${{ env.EXAMPLE_DIR }}/ssh_keys + $EXAMPLE_DIR/ssh_keys - name: Set Environment Variables run: | From 7085c5430ca088a62539c6f5337bd7acf00ad932 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:22:47 +0300 Subject: [PATCH 61/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index f180b710f..ada9997ab 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -82,7 +82,7 @@ jobs: name: 'Terraform ${{ matrix.workspace }}' runs-on: ubuntu-latest env: - TEST_NAME_SAFE: ${{ matrix.test_name | replace(' ', '_') | lower }} + TEST_NAME_SAFE: ${{ replace(replace(matrix.test_name, ' ', '_'), ' ', '') | lower }} EXAMPLE_DIR: ${{ matrix.example_dir }} TF_WORKSPACE: ${{ matrix.workspace }} AWS_REGION: ${{ matrix.aws_region }} From dd203c396f413d52bfabe9d35dfe1a6230026c43 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:24:47 +0300 Subject: [PATCH 62/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index ada9997ab..c9ddc59d8 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -67,12 +67,14 @@ jobs: matrix: include: - test_name: Sonar Basic CLI + test_name_safe: sonar_basic_cli workspace: basic_cli-${{ github.run_number }}-${{ github.run_attempt }} example_dir: ./examples/aws/poc/sonar_basic_deployment aws_region: eu-west-2 hub_output: '.dsf_hub.value.public_dns' gw_output: '.dsf_agentless_gw.value."agentless-gw-0".private_ip' - name: Sonar HADR CLI + test_name_safe: sonar_hadr_cli workspace: hadr_cli-${{ github.run_number }}-${{ github.run_attempt }} example_dir: ./examples/aws/poc/sonar_hadr_deployment aws_region: eu-west-1 @@ -82,7 +84,7 @@ jobs: name: 'Terraform ${{ matrix.workspace }}' runs-on: ubuntu-latest env: - TEST_NAME_SAFE: ${{ replace(replace(matrix.test_name, ' ', '_'), ' ', '') | lower }} + TEST_NAME_SAFE: ${{ matrix.test_name_safe }} EXAMPLE_DIR: ${{ matrix.example_dir }} TF_WORKSPACE: ${{ matrix.workspace }} AWS_REGION: ${{ matrix.aws_region }} From eeecfd52baafc9515ad31a8d95a7d75491ae43e7 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:26:09 +0300 Subject: [PATCH 63/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index c9ddc59d8..7261c55d9 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -157,15 +157,15 @@ jobs: terraform -chdir=$EXAMPLE_DIR workspace list terraform -chdir=$EXAMPLE_DIR plan - # On push to "main", build or change infrastructure according to Terraform configuration files - # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks - - name: Terraform Apply - # if: github.ref == 'refs/heads/"master"' && github.event_name == 'push' || github.event_name == 'workflow_dispatch' - run: terraform -chdir=$EXAMPLE_DIR apply -auto-approve +# # On push to "main", build or change infrastructure according to Terraform configuration files +# # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks +# - name: Terraform Apply +# # if: github.ref == 'refs/heads/"master"' && github.event_name == 'push' || github.event_name == 'workflow_dispatch' +# run: terraform -chdir=$EXAMPLE_DIR apply -auto-approve - - name: Terraform Output - if: always() - run: terraform -chdir=$EXAMPLE_DIR output -json +# - name: Terraform Output +# if: always() +# run: terraform -chdir=$EXAMPLE_DIR output -json - name: Collect Artifacts id: collect-artifacts @@ -174,7 +174,7 @@ jobs: with: name: collected-keys-$TEST_NAME_SAFE path: | - $EXAMPLE_DIR/ssh_keys + $EXAMPLE_DIR/main.tf - name: Set Environment Variables run: | From d89dc53f167a72469b9073c4ab36d64e58ce4df6 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:28:24 +0300 Subject: [PATCH 64/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 7261c55d9..de4b59acc 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -174,7 +174,7 @@ jobs: with: name: collected-keys-$TEST_NAME_SAFE path: | - $EXAMPLE_DIR/main.tf + ${{ env.EXAMPLE_DIR }}/main.tf - name: Set Environment Variables run: | From 2d7fb8931538636446ea2404b9167d59ddd0a305 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:31:09 +0300 Subject: [PATCH 65/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index de4b59acc..5a05b1292 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -172,9 +172,9 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys-$TEST_NAME_SAFE + name: collected-keys-${{ TEST_NAME_SAFE }} path: | - ${{ env.EXAMPLE_DIR }}/main.tf + ${{ EXAMPLE_DIR }}/main.tf - name: Set Environment Variables run: | @@ -235,11 +235,11 @@ jobs: TF_WORKSPACE: default # Send job failure to Slack - - name: Send Slack by action-slack - uses: 8398a7/action-slack@v3 - with: - status: ${{ job.status }} - fields: author,action,eventName,ref,workflow,pullRequest - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - if: ${{ failure() }} +# - name: Send Slack by action-slack +# uses: 8398a7/action-slack@v3 +# with: +# status: ${{ job.status }} +# fields: author,action,eventName,ref,workflow,pullRequest +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# if: ${{ failure() }} From bccbbd7bfd3731a4c0057b939bea6ca59dc96f65 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:33:39 +0300 Subject: [PATCH 66/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 5a05b1292..65130eee2 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -172,9 +172,9 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys-${{ TEST_NAME_SAFE }} + name: collected-keys-${{ env.TEST_NAME_SAFE }} path: | - ${{ EXAMPLE_DIR }}/main.tf + ${{ env.EXAMPLE_DIR }}/main.tf - name: Set Environment Variables run: | From ebf7439d8e490b7029af77bfb2362af7957ad8bc Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:41:21 +0300 Subject: [PATCH 67/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 65130eee2..99cbd480d 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -66,16 +66,14 @@ jobs: fail-fast: false matrix: include: - - test_name: Sonar Basic CLI - test_name_safe: sonar_basic_cli - workspace: basic_cli-${{ github.run_number }}-${{ github.run_attempt }} + - name: Sonar Basic CLI + workspace: sonar_basic_cli-${{ github.run_number }}-${{ github.run_attempt }} example_dir: ./examples/aws/poc/sonar_basic_deployment aws_region: eu-west-2 hub_output: '.dsf_hub.value.public_dns' gw_output: '.dsf_agentless_gw.value."agentless-gw-0".private_ip' - name: Sonar HADR CLI - test_name_safe: sonar_hadr_cli - workspace: hadr_cli-${{ github.run_number }}-${{ github.run_attempt }} + workspace: sonar_hadr_cli-${{ github.run_number }}-${{ github.run_attempt }} example_dir: ./examples/aws/poc/sonar_hadr_deployment aws_region: eu-west-1 hub_output: '.dsf_hubs.value.main.public_dns' @@ -84,7 +82,6 @@ jobs: name: 'Terraform ${{ matrix.workspace }}' runs-on: ubuntu-latest env: - TEST_NAME_SAFE: ${{ matrix.test_name_safe }} EXAMPLE_DIR: ${{ matrix.example_dir }} TF_WORKSPACE: ${{ matrix.workspace }} AWS_REGION: ${{ matrix.aws_region }} @@ -172,9 +169,9 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys-${{ env.TEST_NAME_SAFE }} + name: collected-keys-${{ env.TF_WORKSPACE }} path: | - ${{ env.EXAMPLE_DIR }}/main.tf + ${{ env.EXAMPLE_DIR }}/ssh_keys - name: Set Environment Variables run: | From 7cf4029142e2bec7184be26e86d2dd1fc7a71a26 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:44:00 +0300 Subject: [PATCH 68/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 99cbd480d..c72b0fffd 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -171,7 +171,7 @@ jobs: with: name: collected-keys-${{ env.TF_WORKSPACE }} path: | - ${{ env.EXAMPLE_DIR }}/ssh_keys + ${{ env.EXAMPLE_DIR }}/main.tf - name: Set Environment Variables run: | From eec180c38efc5268fd8dacbd54c9b587fb7ca80a Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:46:42 +0300 Subject: [PATCH 69/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/sonar_poc_cli.yml | 34 ++++++++++++++--------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index c72b0fffd..b1c4d3768 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -154,15 +154,15 @@ jobs: terraform -chdir=$EXAMPLE_DIR workspace list terraform -chdir=$EXAMPLE_DIR plan -# # On push to "main", build or change infrastructure according to Terraform configuration files -# # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks -# - name: Terraform Apply -# # if: github.ref == 'refs/heads/"master"' && github.event_name == 'push' || github.event_name == 'workflow_dispatch' -# run: terraform -chdir=$EXAMPLE_DIR apply -auto-approve + # On push to "main", build or change infrastructure according to Terraform configuration files + # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks + - name: Terraform Apply + # if: github.ref == 'refs/heads/"master"' && github.event_name == 'push' || github.event_name == 'workflow_dispatch' + run: terraform -chdir=$EXAMPLE_DIR apply -auto-approve -# - name: Terraform Output -# if: always() -# run: terraform -chdir=$EXAMPLE_DIR output -json + - name: Terraform Output + if: always() + run: terraform -chdir=$EXAMPLE_DIR output -json - name: Collect Artifacts id: collect-artifacts @@ -171,7 +171,7 @@ jobs: with: name: collected-keys-${{ env.TF_WORKSPACE }} path: | - ${{ env.EXAMPLE_DIR }}/main.tf + ${{ env.EXAMPLE_DIR }}/ssh_keys - name: Set Environment Variables run: | @@ -232,11 +232,11 @@ jobs: TF_WORKSPACE: default # Send job failure to Slack -# - name: Send Slack by action-slack -# uses: 8398a7/action-slack@v3 -# with: -# status: ${{ job.status }} -# fields: author,action,eventName,ref,workflow,pullRequest -# env: -# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} -# if: ${{ failure() }} + - name: Send Slack by action-slack + uses: 8398a7/action-slack@v3 + with: + status: ${{ job.status }} + fields: author,action,eventName,ref,workflow,pullRequest + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + if: ${{ failure() }} From f3114ce1f7b6c9fbdc9d57907a965c520d573d56 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 28 Apr 2024 19:56:54 +0300 Subject: [PATCH 70/70] Optionally delay destroy in github actions to allow investigation time --- .github/workflows/dsf_poc_cli.yml | 2 +- .github/workflows/dsf_poc_cli_azure.yml | 2 +- .github/workflows/dsf_single_account_cli.yml | 2 +- .github/workflows/sonar_single_account_cli.yml | 4 ++-- .github/workflows/sonar_upgrade.yml | 7 ++++--- 5 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index da5d05fe8..0f4f1bc95 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -221,7 +221,7 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys + name: collected-keys-${{ env.TF_WORKSPACE }} path: | ${{ env.EXAMPLE_DIR }}/ssh_keys diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 82eb7da0d..9e9c4846f 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -248,7 +248,7 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys + name: collected-keys-${{ env.TF_WORKSPACE }} path: | ${{ env.EXAMPLE_DIR }}/ssh_keys diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 56e60d167..546a21ae0 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -223,7 +223,7 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys + name: collected-keys-${{ env.TF_WORKSPACE }} path: | ${{ env.EXAMPLE_DIR }}/ssh_keys diff --git a/.github/workflows/sonar_single_account_cli.yml b/.github/workflows/sonar_single_account_cli.yml index 548a1676d..5f40b90ff 100644 --- a/.github/workflows/sonar_single_account_cli.yml +++ b/.github/workflows/sonar_single_account_cli.yml @@ -38,7 +38,7 @@ env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} AWS_REGION: ap-southeast-1 - TF_WORKSPACE: single_account + TF_WORKSPACE: sonar_single_account_cli DESTROY_DELAY_SECONDS: 1800 permissions: @@ -238,7 +238,7 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: collected-keys + name: collected-keys-${{ env.TF_WORKSPACE }} path: | ${{ env.EXAMPLE_DIR }}/ssh_keys diff --git a/.github/workflows/sonar_upgrade.yml b/.github/workflows/sonar_upgrade.yml index 01c360c46..8e43ad6ee 100644 --- a/.github/workflows/sonar_upgrade.yml +++ b/.github/workflows/sonar_upgrade.yml @@ -200,11 +200,12 @@ jobs: echo agentless_gw_0_ip=$(terraform -chdir=$DEPLOYMENT_EXAMPLE_DIR output -json | jq -r '.sonar.value.agentless_gw_main[0].private_ip') >> $GITHUB_ENV echo dsf_ssh_key_file_name=../../../$DEPLOYMENT_EXAMPLE_DIR/$(terraform -chdir=$DEPLOYMENT_EXAMPLE_DIR output -json | jq -r '.dsf_private_ssh_key_file_path.value') >> $GITHUB_ENV - - name: Collect Artifacts for deployment + - name: Collect Artifacts of deployment + id: collect-artifacts if: always() - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: - name: collected-keys + name: collected-keys-${{ env.TF_WORKSPACE }} path: | ${{ env.DEPLOYMENT_EXAMPLE_DIR }}/ssh_keys