feat: add action workspaces (#16)

* feat: add action workspaces: `aws`, `terraform`, `github`

---------

Co-authored-by: Szymon Rząd <sz.rzad@gmail.com>

Author: 2 people

.editorconfig

@@ -0,0 +1,11 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+tab_width = 2
+indent_style = space
+insert_final_newline = true
+max_line_length = 80
+trim_trailing_whitespace = true

.pre-commit-config.yaml

@@ -0,0 +1,13 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+      - id: check-merge-conflict
+      - id: check-yaml
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: detect-aws-credentials
+      - id: detect-private-key
+      - id: forbid-new-submodules
+      - id: no-commit-to-branch
+      - id: mixed-line-ending

aws/grafana/delete-key/action.yml

@@ -0,0 +1,23 @@
+name: "Delete Grafana Key"
+description: "Delete an access key from a Grafana workspace"
+
+inputs:
+  key-name:
+    description: "The name of the key to remove"
+    required: true
+  workspace-id:
+    description: 'The id of the key workspace'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Delete Grafana key
+      id: delete-grafana-key
+      env:
+        KEY_NAME: ${{ inputs.key-name }}
+        WORKSPACE_ID: ${{ inputs.workspace-id }}
+      shell: bash
+      run: |
+        echo "Deleting key name $KEY_NAME"
+        aws grafana delete-workspace-api-key --key-name "$KEY_NAME" --workspace-id "$WORKSPACE_ID"

aws/grafana/get-details/action.yml

@@ -0,0 +1,29 @@
+name: "Get Grafana Details"
+description: "Get endpoint and workspace-id"
+
+inputs:
+  environment:
+    description: "The workspace environment"
+    required: false
+    default: 'prod'
+
+outputs:
+  endpoint:
+    description: "The Grafana endpoint for this environment"
+    value: ${{ steps.get-grafana-details.outputs.endpoint }}
+  workspace-id:
+    description: "The Grafana workspace id of the environment"
+    value: ${{ steps.get-grafana-details.outputs.workspace-id }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Get Grafana Details
+      id: get-grafana-details
+      shell: bash
+      run: |
+        echo "getting details for '${{ inputs.environment }}'"
+        WORKSPACE_ID=$(aws grafana list-workspaces | jq -r '.workspaces[] | select( .tags.Env == "${{ inputs.environment }}") | select( .tags.Name == "grafana-9") | .id')
+        ENDPOINT=$(aws grafana list-workspaces | jq -r '.workspaces[] | select( .tags.Env == "${{ inputs.environment }}") | select( .tags.Name == "grafana-9") | .endpoint')
+        echo "endpoint=$ENDPOINT" >> $GITHUB_OUTPUT
+        echo "workspace-id=$WORKSPACE_ID" >> $GITHUB_OUTPUT

aws/grafana/get-key/action.yml

@@ -0,0 +1,33 @@
+name: "Get Grafana Key"
+description: "Generate a key to access a Grafana workspace"
+
+inputs:
+  key-prefix:
+    description: "The prefix for the key name"
+    required: true
+  workspace-id:
+    description: "The id of the key workspace"
+    required: true
+
+outputs:
+  key-name:
+    description: "The complete key name"
+    value: ${{ steps.get-grafana-key.outputs.key-name }}
+  key:
+    description: "The key value"
+    value: ${{ steps.get-grafana-key.outputs.key }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Get Grafana key
+      id: get-grafana-key
+      env:
+        KEY_PREFIX: ${{ inputs.key-prefix }}
+      shell: bash
+      run: |
+        KEY_NAME="$KEY_PREFIX-${{ github.run_id }}-${{ github.run_attempt }}-$RANDOM"
+        echo $KEY_NAME
+        KEY=$(aws grafana create-workspace-api-key --key-name "$KEY_NAME" --key-role "ADMIN" --seconds-to-live 300 --workspace-id "${{ inputs.workspace-id }}" | jq -r .key)
+        echo "key-name=$KEY_NAME" >> $GITHUB_OUTPUT
+        echo "key=$KEY" >> $GITHUB_OUTPUT

github/latest_release/action.yml

@@ -0,0 +1,38 @@
+name: "Get latest release version"
+description: "Gets the version number of the latest release"
+
+outputs:
+  version:
+    description: "The version number of the latest release"
+    value: ${{ steps.clean_version.outputs.version }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Get latest release
+      id: latest_release
+      uses: pozetroninc/github-action-get-latest-release@master
+      with:
+        repository: ${{ github.repository }}
+        excludes: draft
+
+    - name: Get release value
+      id: get_value
+      uses: actions/github-script@v6
+      env:
+        LATEST_TAG: ${{ steps.latest_release.outputs.release }}
+      with:
+        result-encoding: string
+        script: |
+          if (context.eventName == "release") {
+            return context.payload.release.tag_name
+          } else {
+            return process.env.LATEST_TAG
+          }
+
+    - name: Clean version
+      id: clean_version
+      shell: bash
+      run: |
+        version=$(echo "${{ steps.get_value.outputs.result }}" | sed 's/v//g')
+        echo "version=$version" >> $GITHUB_OUTPUT

terraform/apply/action.yml

@@ -0,0 +1,21 @@
+name: "Apply Terraform changes"
+description: "Deploys Terraform infrastructure"
+
+inputs:
+  environment:
+    description: "The environment to deploy to"
+    required: true
+  terraform-path:
+    description: "The path passed to Terraform e.g. -chdir=<terraform-path>"
+    required: false
+    default: 'terraform'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Terraform Apply
+      id: apply
+      shell: bash
+      env:
+        TF_WORKSPACE: ${{ inputs.environment }}
+      run: terraform -chdir=${{ inputs.terraform-path }} apply -var-file="vars/${{ inputs.environment }}.tfvars" -auto-approve -no-color

terraform/check-fmt/action.yml

@@ -0,0 +1,17 @@
+name: "Check Terraform format"
+description: "Validates that Terraform fmt is valid"
+
+inputs:
+  terraform-path:
+    description: "The path passed to Terraform e.g. -chdir=<terraform-path>"
+    required: false
+    default: 'terraform'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Check Terraform Formatting
+      id: fmt
+      shell: bash
+      continue-on-error: false
+      run: terraform -chdir=${{ inputs.terraform-path }} fmt -recursive -check

terraform/init/action.yml

@@ -0,0 +1,21 @@
+name: "Init Terraform"
+description: "Initializes Terraform"
+
+inputs:
+  environment:
+    description: "The running environment"
+    required: true
+  terraform-path:
+    description: "The path passed to Terraform e.g. -chdir=<terraform-path>"
+    required: false
+    default: 'terraform'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Init Terraform
+      id: init
+      env:
+        TF_WORKSPACE: ${{ inputs.environment }}
+      shell: bash
+      run: terraform -chdir=${{ inputs.terraform-path }} init -var-file="vars/${{ inputs.environment }}.tfvars" -no-color

terraform/plan/action.yml

@@ -0,0 +1,104 @@
+name: "Terraform Plan"
+description: "Run a Terraform plan"
+
+inputs:
+  environment:
+    description: "The environment to deploy to"
+    required: true
+  terraform-path:
+    description: "The path passed to Terraform e.g. -chdir=<terraform-path>"
+    required: false
+    default: 'terraform'
+  github-token:
+    description: "The GitHub token, needed to update PRs"
+    required: false
+    default: ''
+  upload-plan-file:
+    description: "Upload the plan file to the GitHub artifacts"
+    required: false
+    default: 'true'
+  upload-output-file:
+    description: "Upload the plan output to the GitHub artifacts"
+    required: false
+    default: 'true'
+  add-output-to-pr:
+    description: "Add the plan output to the current PR if there is one"
+    required: false
+    default: 'true'
+
+outputs:
+  plan-file:
+    description: "Plan File"
+    value: ${{ steps.plan.outputs.plan-file }}
+  output-file:
+    description: "Human Readable plan of action"
+    value: ${{ steps.plan.outputs.output-file }}
+  plan:
+    description: "Human Readable plan of action"
+    value: ${{ steps.plan.outputs.stdout }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Terraform Plan
+      id: plan
+      shell: bash
+      env:
+        TF_WORKSPACE: ${{ inputs.environment }}
+      run: |
+        terraform -chdir=${{ inputs.terraform-path }} plan -var-file="vars/${{ inputs.environment }}.tfvars" -no-color -out=/tmp/plan.tfplan
+        echo "plan-file=/tmp/plan.tfplan" >> $GITHUB_OUTPUT
+        terraform -chdir=${{ inputs.terraform-path }} show -no-color /tmp/plan.tfplan > /tmp/plan.txt
+        echo "output-file=/tmp/plan.txt" >> $GITHUB_OUTPUT
+
+    - uses: actions/upload-artifact@v3
+      if: ${{ inputs.upload-plan-file == 'true' }}
+      with:
+        name: plan.tfplan
+        path: ${{ steps.plan.outputs.plan-file }}
+
+    - uses: actions/upload-artifact@v3
+      if: ${{ inputs.upload-output-file == 'true' }}
+      with:
+        name: plan.txt
+        path: ${{ steps.plan.outputs.output-file }}
+
+    - name: Add Plan to PR
+      if: ${{ github.event_name == 'pull_request' || inputs.add-output-to-pr == 'true' }}
+      uses: actions/github-script@v6
+      env:
+        PLAN_FILE: ${{ steps.plan.outputs.output-file }}
+      with:
+        github-token: ${{ inputs.github-token }}
+        script: |
+          const { promises: fs } = require('fs');
+
+          const MAX_LENGTH = 65535;
+          const ellipsis = `\n...\n`;
+
+          const prefix = `<details><summary>Show Plan</summary>
+
+          \`\`\`\n
+          `;
+          const postfix = `
+          \`\`\`
+
+          </details>
+
+          *Action: \`${{ github.event_name }}\`*`;
+
+          let content = await fs.readFile(process.env.PLAN_FILE, 'utf8')
+          let output = prefix + content + postfix;
+
+          if (output.length > MAX_LENGTH) {
+            let l = MAX_LENGTH - prefix.length - postfix.length - ellipsis.length;
+            content = content.slice(0, l);
+            output = prefix + content + ellipsis + postfix;
+          }
+
+          github.rest.issues.createComment({
+            issue_number: context.issue.number,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            body: output
+          });