diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 3d20eff..2e32634 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -42,6 +42,9 @@ jobs: - name: Test example shell: bash + env: + SECRETS_CONTEXT: ${{ toJson(secrets) }} + VARS_CONTEXT: ${{ toJson(vars) }} run: | set -e MAX_RETRIES=10 @@ -56,10 +59,35 @@ jobs: echo "Failed to login after $MAX_RETRIES attempts." exit 1 fi + + declare -A secrets + eval "$(echo $SECRETS_CONTEXT | jq -r 'to_entries[] | @sh "secrets[\(.key|tostring)]=\(.value|tostring)"')" + + declare -A variables + eval "$(echo $VARS_CONTEXT | jq -r 'to_entries[] | @sh "variables[\(.key|tostring)]=\(.value|tostring)"')" + + for key in "${!secrets[@]}"; do + if [[ $key = \TF_VAR_* ]]; then + lowerKey=$(echo "$key" | tr '[:upper:]' '[:lower:]') + finalKey=${lowerKey/tf_var_/TF_VAR_} + export "$finalKey"="${secrets[$key]}" + fi + done + + for key in "${!variables[@]}"; do + if [[ $key = \TF_VAR_* ]]; then + lowerKey=$(echo "$key" | tr '[:upper:]' '[:lower:]') + finalKey=${lowerKey/tf_var_/TF_VAR_} + export "$finalKey"="${variables[$key]}" + fi + done + + echo -e "Custom environment variables:\n$(env | grep TF_VAR_ | grep -v ' "TF_VAR_')" + export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id') export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId') export ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId') - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make test-example + docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true --env-file <(env | grep TF_VAR_ | grep -v ' "TF_VAR_') mcr.microsoft.com/azterraform:latest make test-example # This job is only run when all the previous jobs are successful. # We can use it for PR validation to ensure all examples have completed. diff --git a/avm b/avm index 6668be7..1bbbe36 100755 --- a/avm +++ b/avm @@ -18,10 +18,16 @@ if [ -z "$1" ]; then exit 1 fi +# Mount .azure directory if it exists +AZURE_VOLUME="" +if [ -d "$HOME/.azure" ]; then + AZURE_VOLUME="-v $HOME/.azure:/home/runtimeuser/.azure" +fi + # Check if we are running in a container # If we are then just run make directly if [ -z "$AVM_IN_CONTAINER" ]; then - $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm -v /etc/passwd:/etc/passwd -v /etc/group:/etc/group -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1" + $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm $AZURE_VOLUME -v /etc/passwd:/etc/passwd -v /etc/group:/etc/group -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1" else make "$1" fi diff --git a/avm.bat b/avm.bat index cdfa812..9138191 100644 --- a/avm.bat +++ b/avm.bat @@ -18,6 +18,6 @@ IF "%~1"=="" ( ) REM Run the make target with CONTAINER_RUNTIME -%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1 +%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src --user "1000:1000" -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1 ENDLOCAL