diff --git a/.github/actions/templates/avm-getCalculatedJobControls/action.yml b/.github/actions/templates/avm-getCalculatedJobControls/action.yml new file mode 100644 index 0000000000..8a015b1ea9 --- /dev/null +++ b/.github/actions/templates/avm-getCalculatedJobControls/action.yml @@ -0,0 +1,91 @@ +######################################################### +## 'Get Workflow Controls' Composite Action ## +######################################################### +## +## This composite action contains the logic to calcuate the actions the workflow should run (e.g. only static, static + deployment, etc.) based on the type of trigger & the files changed. +## +######################################################### +## +##-------------------------------------------## +## ACTION PARAMETERS ## +##-------------------------------------------## +## +## |========================================================================================================================================================================| +## | Parameter | Required | Default | Description | Example | +## |--------------|----------|---------|----------------------------------------------------------------------------------|-------------------------------------------------| +## | workflowPath | true | '' | The path to the workflow file used to retrieve default workflow input parameters | '.github/workflows/avm.res.key-vault.vault.yml' | +## | modulePath | true | '' | The path to the module handled by this pipeline | 'avm/res/key-vault/vault' | +## |========================================================================================================================================================================| +## +######################################################### +## +##----------------------------------------## +## ACTION OUTPUTS ## +##----------------------------------------## +## +## |==============================================================================================| +## | Output | Description | +## |-------------------|--------------------------------------------------------------------------| +## | calculatedJobControls | An estimated pipeline action caluclated by evaluation changed files. | +## |==============================================================================================| +## +##---------------------------------------------## + +name: "Get Workflow Controls" +description: "Get Workflow Controls" + +inputs: + workflowPath: + description: "The path to the workflow file used to retrieve default workflow input parameters." + required: true + modulePath: + description: "The path to the module's folder" + required: true + +outputs: + calculatedJobControls: + description: "The calculated actions to be executed, based on which files changed & inputs configured." + value: ${{ steps.get-workflow-controls.outputs.calculatedJobControls }} + +runs: + using: "composite" + steps: + - name: Get (calculated) workflow controls + id: get-workflow-controls + run: | + # Grouping task logs + Write-Output '::group::Investigate GitHub event' + + # Load used functions + . (Join-Path $env:GITHUB_WORKSPACE 'avm' 'utilities' 'pipelines' 'workflows' 'Get-CalculatedJobControlObject.ps1') + + if(Test-Path $env:GITHUB_EVENT_PATH) { + # $content = Get-Content $env:GITHUB_EVENT_PATH -Raw | ConvertFrom-Json + + $functionInput = @{ + # Commit = $content.after + ModulePath = '${{ inputs.modulePath }}' + GitHubEvent = '${{ github.event_name }}' + WorkflowPath = '${{ inputs.workflowPath }}' + RepoRoot = $env:GITHUB_WORKSPACE + } + if('${{ github.event_name }}' -eq 'workflow_dispatch') { + $functionInput['WorkflowParameters'] = ('${{ toJSON(github.event.inputs) }}' | ConvertFrom-Json -AsHashTable) + } + + Write-Verbose "Invoke task with" -Verbose + Write-Verbose ($functionInput | ConvertTo-Json | Out-String) -Verbose + + $result = Get-CalculatedJobControlObject @functionInput + + # Output values to be accessed by next jobs + $calculatedJobControls = @{} + foreach($parameterName in $result.Keys) { + Write-Verbose ('Passing output [{0}] with value [{1}]' -f $parameterName, $result[$parameterName]) -Verbose + $calculatedJobControls[$parameterName] = $result[$parameterName].toString() + } + Write-Output ('{0}={1}' -f 'calculatedJobControls', ($calculatedJobControls | ConvertTo-Json -Compress)) >> $env:GITHUB_OUTPUT + + } + Write-Output '::endgroup::' + shell: pwsh diff --git a/.github/actions/templates/avm-getWorkflowInput/action.yml b/.github/actions/templates/avm-getWorkflowInput/action.yml deleted file mode 100644 index 8c686805d9..0000000000 --- a/.github/actions/templates/avm-getWorkflowInput/action.yml +++ /dev/null @@ -1,108 +0,0 @@ -######################################################### -## 'Get workflow input' Composite Action ## -######################################################### -## -## This composite action contains the logic to read workflow runtime parameters and publih their value as a workflow output. -## This is essential in case a module workflow was not triggered via the 'workflow_dispatch' method, so these runtime parameters will not be available to use when the workflow runs. -## To solve this, the action reads the workflow file for the module, and looks for the default values of the workflow inputs and publishes them as an output, regardless of how the workflow was triggered. -## -## Currently publishes the runtime parameter(s): -## - removeDeployment -## -######################################################### -## -##-------------------------------------------## -## ACTION PARAMETERS ## -##-------------------------------------------## -## -## |===================================================================================================================================================================| -## | Parameter | Required | Default | Description | Example | -## |--------------|----------|---------|----------------------------------------------------------------------------------|--------------------------------------------| -## | workflowPath | true | '' | The path to the workflow file used to retrieve default workflow input parameters | '.github/workflows/ms.keyvault.vaults.yml' | -## |===================================================================================================================================================================| -## -######################################################### -## -##----------------------------------------## -## ACTION OUTPUTS ## -##----------------------------------------## -## -## |==========================================================================================| -## | Output | Description | -## |---------------|--------------------------------------------------------------------------| -## | workflowInput | A table of all pipeline input parameters and their value in JSON format. | -## |==========================================================================================| -## -##---------------------------------------------## - -name: "Get Workflow Input" -description: "Get Workflow Input" - -inputs: - workflowPath: - description: "The path to the workflow file used to retrieve default workflow input parameters." - required: true - -outputs: - workflowInput: - description: "A table of all pipeline input parameters and their value in JSON format." - value: ${{ steps.get-input-param-action.outputs.workflowInput }} - -runs: - using: "composite" - steps: - - name: Get workflow input parameters - id: get-input-param-action - run: | - # Grouping task logs - Write-Output '::group::Get workflow input parameters' - - Write-Verbose "The workflow trigger is: ${{ github.event_name }}" -Verbose - - # When running from workflow_dispatch event get input values - if ('${{ github.event_name }}' -eq 'workflow_dispatch') { - $parameters = '${{ toJSON(github.event.inputs) }}' | ConvertFrom-Json -AsHashTable - - # Output values to be accessed by next jobs - $workflowInput = @{} - foreach($parameterName in $parameters.Keys) { - if([String]::IsNullOrEmpty($parameters[$parameterName])) { - Write-Verbose "Skipping parameter [$parameterName] as it has no explicit or default value" -Verbose - continue - } - - Write-Verbose ('Passing output [{0}] with value [{1}]' -f $parameterName, $parameters[$parameterName]) -Verbose - $workflowInput[$parameterName] = $parameters[$parameterName] - } - Write-Output ('{0}={1}' -f 'workflowInput', ($workflowInput | ConvertTo-Json -Compress)) >> $env:GITHUB_OUTPUT - } - # Otherwise retrieve default values - else { - # Load used functions - . (Join-Path $env:GITHUB_WORKSPACE 'avm' 'utilities' 'pipelines' 'sharedScripts' 'Get-GitHubWorkflowDefaultInput.ps1') - - $functionInput = @{ - workflowPath = '${{ inputs.workflowPath }}' - } - - Write-Verbose "Invoke task with" -Verbose - Write-Verbose ($functionInput | ConvertTo-Json | Out-String) -Verbose - - $workflowParameters = Get-GitHubWorkflowDefaultInput @functionInput -Verbose - - # Output values to be accessed by next jobs - $workflowInput = @{} - foreach($parameterName in $workflowParameters.Keys) { - - if([String]::IsNullOrEmpty($workflowParameters[$parameterName])) { - Write-Verbose "Skipping parameter [$parameterName] as it has no explicit or default value" -Verbose - continue - } - - Write-Verbose ('Passing output [{0}] with value [{1}]' -f $parameterName, $workflowParameters[$parameterName]) -Verbose - $workflowInput[$parameterName] = $workflowParameters[$parameterName].toString() - } - Write-Output ('{0}={1}' -f 'workflowInput', ($workflowInput | ConvertTo-Json -Compress)) >> $env:GITHUB_OUTPUT - } - Write-Output '::endgroup::' - shell: pwsh diff --git a/.github/workflows/avm.res.key-vault.vault.yml b/.github/workflows/avm.res.key-vault.vault.yml index ef558e4569..3a64abec86 100644 --- a/.github/workflows/avm.res.key-vault.vault.yml +++ b/.github/workflows/avm.res.key-vault.vault.yml @@ -24,7 +24,19 @@ on: required: false push: branches: - - main + # - main + - users/alsehr/bu_calculatedPipelineStages + paths: + - ".github/actions/templates/avm-**" + - ".github/workflows/avm.template.module.yml" + - ".github/workflows/avm.res.key-vault.vault.yml" + - "avm/res/key-vault/vault/**" + - "avm/utilities/pipelines/**" + + pull_request: + branches: + # - main + - users/alsehr/bu_calculatedPipelineStages paths: - ".github/actions/templates/avm-**" - ".github/workflows/avm.template.module.yml" @@ -53,9 +65,9 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - - name: "Set input parameters to output variables" - id: get-workflow-param - uses: ./.github/actions/templates/avm-getWorkflowInput + - name: "Get calculated job controls" + id: get-calculated-job-controls + uses: ./.github/actions/templates/avm-getCalculatedJobControls with: workflowPath: "${{ env.workflowPath}}" - name: "Get module test file paths" @@ -64,8 +76,8 @@ jobs: with: modulePath: "${{ env.modulePath }}" outputs: - workflowInput: ${{ steps.get-workflow-param.outputs.workflowInput }} moduleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.moduleTestFilePaths }} + calculatedJobControls : ${{ steps.get-calculated-job-controls.outputs.calculatedJobControls }} psRuleModuleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.psRuleModuleTestFilePaths }} modulePath: "${{ env.modulePath }}" @@ -81,8 +93,8 @@ jobs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml with: - workflowInput: "${{ needs.job_initialize_pipeline.outputs.workflowInput }}" moduleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.moduleTestFilePaths }}" + calculatedJobControls : "${{ needs.job_initialize_pipeline.outputs.calculatedJobControls }}" psRuleModuleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.psRuleModuleTestFilePaths }}" modulePath: "${{ needs.job_initialize_pipeline.outputs.modulePath}}" secrets: inherit diff --git a/.github/workflows/avm.template.module.yml b/.github/workflows/avm.template.module.yml index 4df961c68e..1431ec7c17 100644 --- a/.github/workflows/avm.template.module.yml +++ b/.github/workflows/avm.template.module.yml @@ -3,10 +3,6 @@ name: "avm.template.module" on: workflow_call: inputs: - workflowInput: - type: string - description: "Input from the workflow caller in JSON format" - required: true moduleTestFilePaths: type: string description: "List of relative path to the module test files in JSON format" @@ -19,6 +15,10 @@ on: type: string description: "Relative path to the module folder" required: true + calculatedJobControls: + type: string + description: "The pipeline actions to run based on the changed files" + required: true env: ARM_SUBSCRIPTION_ID: "${{ secrets.ARM_SUBSCRIPTION_ID }}" @@ -34,18 +34,25 @@ jobs: job_module_static_validation: # Note: Please don't change this job name. It is used by the setEnvironment action to define which PS modules to install on runners. name: "Static validation" runs-on: ubuntu-latest - if: (fromJson(inputs.workflowInput)).staticValidation == 'true' + if: (fromJson(inputs.calculatedJobControls)).RunStaticValidation == 'true' steps: - - name: "Checkout" - uses: actions/checkout@v4 + # - name: "Checkout" + # uses: actions/checkout@v4 + # with: + # fetch-depth: 0 + # - name: Set environment + # uses: ./.github/actions/templates/avm-setEnvironment + # - name: "Run tests" + # uses: ./.github/actions/templates/avm-validateModulePester + # with: + # modulePath: "${{ inputs.modulePath }}" + - name: Static validation + uses: azure/powershell@v1 with: - fetch-depth: 0 - - name: Set environment - uses: ./.github/actions/templates/avm-setEnvironment - - name: "Run tests" - uses: ./.github/actions/templates/avm-validateModulePester - with: - modulePath: "${{ inputs.modulePath }}" + azPSVersion: "latest" + inlineScript: | + Write-Host 'Calculated static validation: ${{ fromJson(inputs.calculatedJobControls).RunStaticValidation }}' + Write-Host 'Calculated deployment validation: ${{ fromJson(inputs.calculatedJobControls).RunDeploymentValidation }}' ######################### # PSRule validation # @@ -53,46 +60,63 @@ jobs: job_psrule_test: # Note: Please don't change this job name. It is used by the setEnvironment action to define which PS modules to install on runners. name: "PSRule [${{ matrix.testCases.name }}]" runs-on: ubuntu-latest - if: ${{ inputs.psRuleModuleTestFilePaths != '' && (fromJson(inputs.workflowInput)).staticValidation == 'true' }} + # TODO: We could also consider running this only for changed deployment files? + if: (fromJson(inputs.calculatedJobControls)).RunStaticValidation == 'true' strategy: fail-fast: false matrix: testCases: ${{ fromJson(inputs.psRuleModuleTestFilePaths) }} steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set environment - uses: ./.github/actions/templates/avm-setEnvironment - - name: "Run PSRule validation with [${{ matrix.testCases.path }}]" - uses: ./.github/actions/templates/avm-validateModulePSRule + # - name: Checkout + # uses: actions/checkout@v4 + # - name: Set environment + # uses: ./.github/actions/templates/avm-setEnvironment + # - name: "Run PSRule validation with [${{ matrix.testCases.path }}]" + # uses: ./.github/actions/templates/avm-validateModulePSRule + # with: + # templateFilePath: "${{ inputs.modulePath }}/${{ matrix.testCases.path }}" + # subscriptionId: "${{ secrets.ARM_SUBSCRIPTION_ID }}" + # managementGroupId: "${{ secrets.ARM_MGMTGROUP_ID }}" + # psrulePath: "avm/utilities/pipelines/staticValidation/psrule" #'${{ github.workspace }}/avm' + # psruleBaseline: "Azure.Default" + - name: PSRule + uses: azure/powershell@v1 with: - templateFilePath: "${{ inputs.modulePath }}/${{ matrix.testCases.path }}" - subscriptionId: "${{ secrets.ARM_SUBSCRIPTION_ID }}" - managementGroupId: "${{ secrets.ARM_MGMTGROUP_ID }}" - psrulePath: "avm/utilities/pipelines/staticValidation/psrule" #'${{ github.workspace }}/avm' - psruleBaseline: "Azure.Default" + azPSVersion: "latest" + inlineScript: | + Write-Host 'Running PSRule test for [${{ matrix.testCases.path }}]' + Write-Host 'Calculated static validation: ${{ fromJson(inputs.calculatedJobControls).RunStaticValidation }}' + Write-Host 'Calculated deployment validation: ${{ fromJson(inputs.calculatedJobControls).RunDeploymentValidation }}' job_psrule_test_waf_reliability: # Note: Please don't change this job name. It is used by the setEnvironment action to define which PS modules to install on runners. name: "PSRule - WAF Reliability [${{ matrix.testCases.name }}]" runs-on: ubuntu-latest - if: ${{ inputs.psRuleModuleTestFilePaths != '' && (fromJson(inputs.workflowInput)).staticValidation == 'true' }} + if: ${{ inputs.psRuleModuleTestFilePaths != '' && (fromJson(inputs.calculatedJobControls)).RunStaticValidation == 'true' }} strategy: fail-fast: false matrix: testCases: ${{ fromJson(inputs.psRuleModuleTestFilePaths) }} steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set environment - uses: ./.github/actions/templates/avm-setEnvironment - - name: "Run PSRule validation with [${{ matrix.testCases.path }}]" - uses: ./.github/actions/templates/avm-validateModulePSRule + # - name: Checkout + # uses: actions/checkout@v4 + # - name: Set environment + # uses: ./.github/actions/templates/avm-setEnvironment + # - name: "Run PSRule validation with [${{ matrix.testCases.path }}]" + # uses: ./.github/actions/templates/avm-validateModulePSRule + # with: + # templateFilePath: "${{ inputs.modulePath }}/${{ matrix.testCases.path }}" + # subscriptionId: "${{ secrets.ARM_SUBSCRIPTION_ID }}" + # managementGroupId: "${{ secrets.ARM_MGMTGROUP_ID }}" + # psrulePath: "avm/utilities/pipelines/staticValidation/psrule" #'${{ github.workspace }}/avm' + # psruleBaseline: "Azure.Pillar.Reliability" + - name: PSRule WAF Reliability + uses: azure/powershell@v1 with: - templateFilePath: "${{ inputs.modulePath }}/${{ matrix.testCases.path }}" - subscriptionId: "${{ secrets.ARM_SUBSCRIPTION_ID }}" - managementGroupId: "${{ secrets.ARM_MGMTGROUP_ID }}" - psrulePath: "avm/utilities/pipelines/staticValidation/psrule" #'${{ github.workspace }}/avm' - psruleBaseline: "Azure.Pillar.Reliability" + azPSVersion: "latest" + inlineScript: | + Write-Host 'Running PSRule test for [${{ matrix.testCases.path }}]' + Write-Host 'Calculated static validation: ${{ fromJson(inputs.calculatedJobControls).RunStaticValidation }}' + Write-Host 'Calculated deployment validation: ${{ fromJson(inputs.calculatedJobControls).RunDeploymentValidation }}' ############################# # Deployment validation # @@ -102,7 +126,7 @@ jobs: runs-on: ubuntu-latest if: | !cancelled() && - (fromJson(inputs.workflowInput)).deploymentValidation == 'true' && + (fromJson(inputs.calculatedJobControls)).RunDeploymentValidation == 'true' && needs.job_module_static_validation.result != 'failure' && needs.job_psrule_test_waf_reliability.result != 'failure' needs: @@ -113,26 +137,36 @@ jobs: matrix: testCases: ${{ fromJson(inputs.moduleTestFilePaths) }} steps: - - name: "Checkout" - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set environment - uses: ./.github/actions/templates/avm-setEnvironment + # - name: "Checkout" + # uses: actions/checkout@v4 + # with: + # fetch-depth: 0 + # - name: Set environment + # uses: ./.github/actions/templates/avm-setEnvironment + # with: + # removeDeployment: "${{ fromJson(inputs.workflowInput).removeDeployment }}" + # - name: "Run deployment validation with test file [${{ matrix.testCases.path }}]" + # uses: ./.github/actions/templates/avm-validateModuleDeployment + # with: + # modulePath: "${{ inputs.modulePath }}" + # templateFilePath: "${{ inputs.modulePath }}/${{ matrix.testCases.path }}" + # deploymentMetadataLocation: "WestEurope" + # subscriptionId: "${{ secrets.ARM_SUBSCRIPTION_ID }}" + # managementGroupId: "${{ secrets.ARM_MGMTGROUP_ID }}" + # removeDeployment: "${{ fromJson(inputs.workflowInput).removeDeployment }}" + # customLocation: "${{ fromJson(inputs.workflowInput).customLocation }}" + # env: + # AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + - name: Deployment test task + uses: azure/powershell@v1 with: - removeDeployment: "${{ fromJson(inputs.workflowInput).removeDeployment }}" - - name: "Run deployment validation with test file [${{ matrix.testCases.path }}]" - uses: ./.github/actions/templates/avm-validateModuleDeployment - with: - modulePath: "${{ inputs.modulePath }}" - templateFilePath: "${{ inputs.modulePath }}/${{ matrix.testCases.path }}" - deploymentMetadataLocation: "WestEurope" - subscriptionId: "${{ secrets.ARM_SUBSCRIPTION_ID }}" - managementGroupId: "${{ secrets.ARM_MGMTGROUP_ID }}" - removeDeployment: "${{ fromJson(inputs.workflowInput).removeDeployment }}" - customLocation: "${{ fromJson(inputs.workflowInput).customLocation }}" - env: - AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + azPSVersion: "latest" + inlineScript: | + Write-Host 'Running Deployment test for [${{ matrix.testCases.path }}]' + Write-Host 'GH event: ${{ github.event_name }}' + Write-Host 'Calculated static validation: ${{ fromJson(inputs.calculatedJobControls).RunStaticValidation }}' + Write-Host 'Calculated deployment validation: ${{ fromJson(inputs.calculatedJobControls).RunDeploymentValidation }}' + Write-Host 'Remove: ${{ fromJson(inputs.calculatedJobControls).RunDeploymentRemoval }}' ################## # Publishing # @@ -150,18 +184,24 @@ jobs: - job_module_static_validation - job_module_deploy_validation steps: - - name: "Checkout" - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set environment - uses: ./.github/actions/templates/avm-setEnvironment - - name: "Publishing" - uses: ./.github/actions/templates/avm-publishModule + # - name: "Checkout" + # uses: actions/checkout@v4 + # with: + # fetch-depth: 0 + # - name: Set environment + # uses: ./.github/actions/templates/avm-setEnvironment + # - name: "Publishing" + # uses: ./.github/actions/templates/avm-publishModule + # with: + # templateFilePath: "${{ inputs.modulePath }}/main.bicep" + # env: + # PUBLISH_REGISTRY_SERVER: "${{ secrets.PUBLISH_REGISTRY_SERVER }}" + # PUBLISH_CLIENT_ID: "${{ secrets.PUBLISH_CLIENT_ID }}" + # PUBLISH_TENANT_ID: "${{ secrets.PUBLISH_TENANT_ID }}" + # PUBLISH_SUBSCRIPTION_ID: "${{ secrets.PUBLISH_SUBSCRIPTION_ID }}" + - name: Publish task + uses: azure/powershell@v1 with: - templateFilePath: "${{ inputs.modulePath }}/main.bicep" - env: - PUBLISH_REGISTRY_SERVER: "${{ secrets.PUBLISH_REGISTRY_SERVER }}" - PUBLISH_CLIENT_ID: "${{ secrets.PUBLISH_CLIENT_ID }}" - PUBLISH_TENANT_ID: "${{ secrets.PUBLISH_TENANT_ID }}" - PUBLISH_SUBSCRIPTION_ID: "${{ secrets.PUBLISH_SUBSCRIPTION_ID }}" + azPSVersion: "latest" + inlineScript: | + Write-Host 'Running publishing for [${{ inputs.modulePath }}]' \ No newline at end of file diff --git a/avm/utilities/pipelines/workflows/Get-CalculatedJobControlObject.ps1 b/avm/utilities/pipelines/workflows/Get-CalculatedJobControlObject.ps1 new file mode 100644 index 0000000000..be394e724a --- /dev/null +++ b/avm/utilities/pipelines/workflows/Get-CalculatedJobControlObject.ps1 @@ -0,0 +1,141 @@ +<# +.SYNOPSIS +Based on a `git diff`, calculate which stages to run in the pipeline + +.DESCRIPTION +Based on a `git diff`, calculate which stages to run in the pipeline +- If any files that justify a deployment test have changed, run all tests (e.g., bicep files, ARM template files) +- Else, if any files that justify a static test have changed, run static tests only (e.g., markdown files, unit test files) +- Else run no tests + +.PARAMETER Commit +Mandatory. The commit to compare + +.PARAMETER ModulePath +Mandatory. The path to filter changed files down to + +.EXAMPLE +Get-CalculatedJobControlObject -Commit 'e1f088f7f807db040e79e17d28a656d40dbb2cd8' -ModulePath 'avm/res/key-vault/vault' + +Calculate which pipeline stages should be run based on the currently changed files. +#> +function Get-CalculatedJobControlObject { + + [CmdletBinding()] + param ( + # [Parameter(Mandatory = $true)] + # [string] $Commit, + + [Parameter(Mandatory = $true)] + [string] $ModulePath, + + [Parameter(Mandatory = $true)] + [string] $GitHubEvent, + + [Parameter(Mandatory = $false)] + [hashtable] $WorkflowParameters, + + [Parameter(Mandatory = $true)] + [string] $WorkflowPath, + + [Parameter(Mandatory = $false)] + [string] $RepoRoot = (Get-Item $PSScriptRoot).Parent.Parent.Parent.Parent.FullName + ) + + # Loading helper function + . (Join-Path $repoRoot 'avm' 'utilities' 'pipelines' 'workflows' 'Get-GitHubWorkflowDefaultInput.ps1') + + # CASE 1 Workflow Dispatch + # ======================== + if ($GitHubEvent -eq 'workflow_dispatch') { + $RunStaticValidation = $WorkflowParameters.staticDeployment + $RunDeploymentValidation = $WorkflowParameters.triggerDeployment + $RunDeploymentRemoval = $WorkflowParameters.RunDeploymentRemoval + $RunPublishing = $true + } else { + # CASE 2 - Literally anything else + # ================================ + $workflowParameters = Get-GitHubWorkflowDefaultInput -WorkflowPath $WorkflowPath + $RunDeploymentRemoval = $WorkflowParameters.RunDeploymentRemoval + + # Note: Currently it's not possible to fetch the filters from the triggering workflow. Hence, we'll have to hardcode them here + $pathFilters = @( + '.github/actions/templates/avm-', + '.github/actions/templates/avm.template.module.yml', + $WorkflowPath, + $ModulePath, + 'avm/utilities/pipelines/' + ) + + # TODO: What to do with the `Commit param` ? + if ((git branch --show-current) -eq 'main') { + # If already in main, we'd want to compare with the previous commit + $diffFiles = git diff HEAD^ --name-only -- $pathFilters | Sort-Object -Unique + } else { + # If in a branch, we'd want to compare with main + $diffFiles = git diff 'origin/main' --name-only -- $pathFilters | Sort-Object -Unique + } + + if ($diffFiles) { + + $RunStaticValidation = $true + $RunDeploymentValidation = $true + $RunDeploymentRemoval = $true + $RunPublishing = $true + + $markdownRegex = '(.+\.md)' + $unitTestRegex = '(.+[\\|\/]tests[\\|\/]unit[\\|\/].*)' + $versionRegex = '(.+[\\|\/]version\.json)' + $staticTestRelevantFiles = $diffFiles | Where-Object { + $_ -match "$markdownRegex|$unitTestRegex|$versionRegex" + } + Write-Verbose 'Changed files that justify static tests:' -Verbose + $staticTestRelevantFiles | ForEach-Object { + Write-Verbose "- [$_]" -Verbose + } + + if ($staticTestRelevantFiles.Count -eq $diffFiles.count) { + # All files that changed only justify static tests + Write-Verbose 'Only files that justify static tests were changed.' + $RunDeploymentValidation = $false + } else { + # Also other module files were changed which justify deployment tests + $deploymentTestRelevantFiles = $diffFiles | Where-Object { + $_ -notIn $staticTestRelevantFiles + } + Write-Verbose 'Changed files that justify deployment tests:' -Verbose + $deploymentTestRelevantFiles | ForEach-Object { + Write-Verbose "- [$_]" -Verbose + } + } + } else { + # Run no action + $RunStaticValidation = $false + $RunDeploymentValidation = $false + $RunDeploymentRemoval = $false + $RunPublishing = $false + } + } + + return @{ + RunStaticValidation = $RunStaticValidation + RunDeploymentValidation = $RunDeploymentValidation + RunDeploymentRemoval = $RunDeploymentRemoval + RunPublishing = $RunPublishing + } +} + +# $inputObject = @{ +# # Commit = 'e1f088f7f807db040e79e17d28a656d40dbb2cd8' +# ModulePath = 'avm/res/key-vault/vault' +# GitHubEvent = 'push' +# WorkflowPath = 'C:/dev/ip/Azure-bicep-registry-modules/alexanderSehr-fork/.github/workflows/avm.res.key-vault.vault.yml' + +# # GitHubEvent = 'workflow_dispatch' +# # WorkflowParameters = @{ +# # deploymentValidation = "false" +# # staticValidation = "true" +# # RunDeploymentRemoval = "true" +# # } +# } +# Get-CalculatedJobControlObject @inputObject -Verbose diff --git a/avm/utilities/pipelines/sharedScripts/Get-GitHubWorkflowDefaultInput.ps1 b/avm/utilities/pipelines/workflows/Get-GitHubWorkflowDefaultInput.ps1 similarity index 95% rename from avm/utilities/pipelines/sharedScripts/Get-GitHubWorkflowDefaultInput.ps1 rename to avm/utilities/pipelines/workflows/Get-GitHubWorkflowDefaultInput.ps1 index 77c852f226..76154ed4cd 100644 --- a/avm/utilities/pipelines/sharedScripts/Get-GitHubWorkflowDefaultInput.ps1 +++ b/avm/utilities/pipelines/workflows/Get-GitHubWorkflowDefaultInput.ps1 @@ -37,8 +37,6 @@ function Get-GitHubWorkflowDefaultInput { $workflowParameters[$inputName] = $inputs[$inputName].default } - Write-Verbose 'Get workflow default input complete' - # Return hashtable return $workflowParameters }