[Update OpenAPI] Merge openapi uat using openapi-merge-cli (#507) #218
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: APIM Infra Release | |
on: | |
push: | |
branches: | |
- main | |
- releases/** | |
paths: | |
- infra/apim_v2/** | |
- .github/workflows/apim_infra_plan.yml | |
workflow_dispatch: | |
inputs: | |
environment: | |
required: true | |
type: choice | |
description: "Select the Environment" | |
default: dev | |
options: | |
- dev | |
- uat | |
- prod | |
notification: | |
required: true | |
type: boolean | |
description: "Send notification to Slack" | |
default: true | |
env: | |
DIR: "./infra/apim_v2" | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
ARM_USE_OIDC: true | |
ARM_USE_AZUREAD: true | |
ARM_STORAGE_USE_AZUREAD: true | |
jobs: | |
setup: | |
name: Setup Environment | |
runs-on: 'ubuntu-latest' | |
outputs: | |
environ: ${{ steps.set-env.outputs.environ }} | |
notification: ${{ steps.set-env.outputs.notification }} | |
steps: | |
- name: Set Environment Variable | |
id: set-env | |
run: | | |
if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then | |
echo "environ=${{ github.event.inputs.environment }}" >> $GITHUB_OUTPUT | |
echo "notification=${{ github.event.inputs.notification }}" >> $GITHUB_OUTPUT | |
else | |
if [ "${{ github.ref }}" == "refs/heads/main" ]; then | |
echo "environ=dev" >> $GITHUB_OUTPUT | |
else | |
echo "environ=uat" >> $GITHUB_OUTPUT | |
echo "notification=true" >> $GITHUB_OUTPUT | |
fi | |
fi | |
tf_plan: | |
name: 'Terraform Plan' | |
runs-on: ubuntu-20.04 | |
environment: ${{ needs.setup.outputs.environ }}-ci | |
needs: setup | |
permissions: | |
id-token: write | |
contents: read | |
outputs: | |
terraform_version: ${{ steps.set-terraform-version.outputs.terraform_version}} | |
image_tag: ${{ steps.setsha.outputs.short_sha }} | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
name: Checkout | |
- name: Set Short Git Commit SHA | |
id: setsha | |
run: | | |
calculatedSha=$(git rev-parse --short ${{ github.sha }}) | |
echo "short_sha=sha-$calculatedSha" >> $GITHUB_OUTPUT | |
- name: Set Terraform Version | |
id: set-terraform-version | |
run: | | |
echo "terraform_version=$(cat .terraform-version)" >> $GITHUB_OUTPUT | |
- uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0 | |
name: Setup Terraform | |
with: | |
terraform_version: ${{ steps.set-terraform-version.outputs.terraform_version}} | |
- name: Terraform Plan | |
uses: pagopa/terraform-preapply-azure-action@54ded8cda3437c3f6a9f46baf69cb321ce82f5cd | |
with: | |
client_id: ${{ secrets.ARM_CLIENT_ID }} | |
tenant_id: ${{ vars.ARM_TENANT_ID }} | |
subscription_id: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
dir: ${{ env.DIR }} | |
azure_environment: ${{ needs.setup.outputs.environ }} | |
env: | |
TF_VAR_image_tag: ${{ steps.setsha.outputs.short_sha }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Upload Terraform Plan as Artifact" | |
uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 | |
with: | |
name: tfplan | |
path: ${{ env.DIR }}/tfplan-${{ needs.setup.outputs.environ }}-${{ github.sha }} | |
if-no-files-found: error | |
retention-days: 14 | |
release: | |
name: 'Release' | |
runs-on: ubuntu-20.04 | |
needs: [setup,tf_plan] | |
environment: ${{ needs.setup.outputs.environ }}-cd | |
permissions: | |
id-token: write | |
contents: read | |
env: | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
name: Checkout | |
- name: Azure Login | |
uses: azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1 | |
with: | |
client-id: ${{ secrets.ARM_CLIENT_ID }} | |
tenant-id: ${{ vars.ARM_TENANT_ID }} | |
subscription-id: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
- name: Download Terraform Plan as Artifact | |
uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 | |
with: | |
name: tfplan | |
path: ${{ env.DIR }} | |
- name: Retrieve Terraform Modules from Cache | |
id: cache-terraform-modules | |
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 | |
with: | |
path: ${{ env.DIR }}/.terraform | |
key: terraform-${{ env.DIR }}-${{ github.sha }} | |
restore-keys: | | |
terraform-${{ env.DIR }} | |
- uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0 | |
name: Setup Terraform | |
with: | |
terraform_version: ${{ needs.tf_plan.outputs.terraform_version }} | |
- name: Terraform Init | |
shell: bash | |
working-directory: ${{ env.DIR }} | |
run: | | |
bash ./terraform.sh init ${{ needs.setup.outputs.environ }} | |
- name: Terraform Apply | |
shell: bash | |
working-directory: ${{ env.DIR }} | |
run: | | |
terraform apply -lock-timeout=3000s -auto-approve -input=false tfplan-${{ needs.setup.outputs.environ }}-${{ github.sha }} | |
env: | |
TF_VAR_image_tag: ${{ needs.tf_plan.outputs.image_tag }} | |
update_docs_and_notification_external: | |
name: "[MS External] Update Developer Docs and Notify using Slack" | |
uses: ./.github/workflows/call_update_docs_and_notification.yml | |
needs: [setup,release] | |
with: | |
env: ${{ needs.setup.outputs.environ }} | |
api_folder_path: /api/ms_external_api/v2 | |
docs_openapi_path: developer/external/v2/ms-external-api.json | |
api_title: External API v2 | |
enable_notification: ${{ needs.setup.outputs.notification == 'true' }} | |
secrets: | |
API_NOTIFICATION_TRIGGERS_ID: ${{ secrets.API_NOTIFICATION_TRIGGERS_ID_EXTERNAL }} | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
update_docs_and_notification_support: | |
name: "[Support API] Update Developer Docs and Notify using Slack" | |
uses: ./.github/workflows/call_update_docs_and_notification.yml | |
needs: [setup,release] | |
with: | |
env: ${{ needs.setup.outputs.environ }} | |
api_folder_path: /api/selfcare_support_service/v1 | |
docs_openapi_path: developer/support/v1/selc-support-api.json | |
api_title: Support API v1 | |
enable_notification: ${{ needs.setup.outputs.notification == 'true' }} | |
secrets: | |
API_NOTIFICATION_TRIGGERS_ID: ${{ secrets.API_NOTIFICATION_TRIGGERS_ID_SUPPORT }} | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
update_docs_and_notification_internal: | |
name: "[Internal API] Update Developer Docs and Notify using Slack" | |
uses: ./.github/workflows/call_update_docs_and_notification.yml | |
needs: [setup,release] | |
with: | |
env: ${{ needs.setup.outputs.environ }} | |
api_folder_path: /api/ms_internal_api/v1 | |
docs_openapi_path: developer/internal/v1/selc-internal-api.json | |
api_title: Internal API v1 | |
enable_notification: ${{ needs.setup.outputs.notification == 'true' }} | |
secrets: | |
API_NOTIFICATION_TRIGGERS_ID: ${{ secrets.API_NOTIFICATION_TRIGGERS_ID_INTERNAL }} | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
update_docs_and_notification_support_pnpg: | |
name: "[Support PNPG API] Update Developer Docs and Notify using Slack" | |
uses: ./.github/workflows/call_update_docs_and_notification.yml | |
needs: [setup,release] | |
with: | |
env: ${{ needs.setup.outputs.environ }} | |
api_folder_path: /api_pnpg/pnpg_support_service/v1 | |
docs_openapi_path: developer/support-pnpg/v1/pnpg-support-api.json | |
api_title: Support PNPG API v1 | |
enable_notification: ${{ needs.setup.outputs.notification == 'true' }} | |
is_pnpg: true | |
secrets: | |
API_NOTIFICATION_TRIGGERS_ID: ${{ secrets.API_NOTIFICATION_TRIGGERS_ID_SUPPORT }} | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
update_docs_and_notification_billing_portal: | |
name: "[Billing Portal API] Update Developer Docs and Notify using Slack" | |
uses: ./.github/workflows/call_update_docs_and_notification.yml | |
needs: [setup,release] | |
with: | |
env: ${{ needs.setup.outputs.environ }} | |
api_folder_path: /api/billing-portal-api/v1 | |
docs_openapi_path: developer/billing-portal/v1/billing-portal-api.json | |
api_title: Billing Portal API v1 | |
enable_notification: ${{ needs.setup.outputs.notification == 'true' }} | |
secrets: | |
API_NOTIFICATION_TRIGGERS_ID: ${{ secrets.API_NOTIFICATION_TRIGGERS_ID_BILLING_PORTAL }} | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |