kimjunte/juntekim.com
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 13

ses

Browse source
This commit is contained in:
Jun-te Kim 2026-02-08 20:44:26 +00:00
parent 942199632a
commit 02a78dbae2
2 changed files with 64 additions and 78 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

86
.github/workflows/ses-juntekim.yml vendored
View file

@ -2,22 +2,16 @@ name: SES - juntekim.com [Simple Email Service]
on: on:
pull_request: pull_request:
push:
branches:
- main
paths: paths:
- "aws_environment/ses-juntekim/**" - "aws_environment/ses-juntekim/**"
workflow_dispatch:
env: env:
TF_VERSION: "1.6.6" TF_VERSION: "1.6.6"
WORKING_DIR: "aws_environment/ses-juntekim" WORKING_DIR: "aws_environment/ses-juntekim"
jobs: jobs:
terraform: terraform-plan:
name: Terraform SES name: Terraform Plan - SES
runs-on: mealcraft-runners runs-on: mealcraft-runners
permissions: permissions:
@ -28,12 +22,6 @@ jobs:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Install modern Node.js
run: |
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt-get install -y nodejs
node --version
- name: Setup Terraform - name: Setup Terraform
uses: hashicorp/setup-terraform@v3 uses: hashicorp/setup-terraform@v3
with: with:
@ -50,7 +38,6 @@ jobs:
aws --version aws --version
# Optional but recommended once
- name: Verify AWS identity - name: Verify AWS identity
run: aws sts get-caller-identity run: aws sts get-caller-identity
@ -62,72 +49,23 @@ jobs:
working-directory: ${{ env.WORKING_DIR }} working-directory: ${{ env.WORKING_DIR }}
run: terraform validate run: terraform validate
- name: Force unlock stale terraform state
working-directory: ${{ env.WORKING_DIR }}
run: |
# Try to force unlock any stale locks for this specific state file
# The lock ID is found in the error message, so we attempt unlock with common patterns
echo "Attempting to clear stale locks..."
# Get all items from the locks table
ITEMS=$(aws dynamodb scan \
--table-name "terraform-locks" \
--region eu-west-2 \
--output json)
# Extract lock IDs where the Path matches our state file
LOCK_IDS=$(echo "$ITEMS" | jq -r '.Items[] | select(.Path.S == "juntekim-terraform-state/ses/terraform.tfstate") | .ID.S' 2>/dev/null || echo "")
if [ ! -z "$LOCK_IDS" ]; then
while IFS= read -r LOCK_ID; do
if [ ! -z "$LOCK_ID" ]; then
echo "Removing lock: $LOCK_ID"
terraform force-unlock -force "$LOCK_ID" 2>&1 || true
fi
done <<< "$LOCK_IDS"
else
echo "No locks found for ses state file, proceeding..."
fi
continue-on-error: true
- name: Terraform Plan - name: Terraform Plan
if: github.event_name == 'pull_request'
id: plan id: plan
working-directory: ${{ env.WORKING_DIR }} working-directory: ${{ env.WORKING_DIR }}
run: terraform plan -input=false run: terraform plan -input=false -out=tfplan
- name: Wait for terraform-plan workflow - name: Comment Plan on PR
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: actions/github-script@v6 uses: actions/github-script@v6
with: with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: | script: |
const maxAttempts = 120; // 10 minutes with 5 second intervals const fs = require('fs');
let attempt = 0; const planOutput = `${{ steps.plan.outputs.stdout }}`;
while (attempt < maxAttempts) {
const runs = await github.rest.actions.listWorkflowRuns({ github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner, owner: context.repo.owner,
repo: context.repo.repo, repo: context.repo.repo,
workflow_id: 'terraform-plan.yml', body: `## Terraform Plan - SES\n\n\`\`\`\n${planOutput}\n\`\`\``
}); });
continue-on-error: true
const latestPlan = runs.data.workflow_runs[0];
if (latestPlan && (latestPlan.status === 'completed')) {
if (latestPlan.conclusion === 'success') {
console.log('✅ terraform-plan workflow completed successfully');
return;
} else {
throw new Error(`terraform-plan workflow failed with conclusion: ${latestPlan.conclusion}`);
}
}
attempt++;
if (attempt % 12 === 0) {
console.log(`Waiting for terraform-plan... (attempt ${attempt}/${maxAttempts})`);
}
await new Promise(resolve => setTimeout(resolve, 5000));
}
throw new Error('Timeout waiting for terraform-plan workflow');
- name: Terraform Apply
if: github.ref == 'refs/heads/main'
working-directory: ${{ env.WORKING_DIR }}
run: terraform apply -auto-approve -input=false

48
.github/workflows/terraform-apply.yml vendored
View file

@ -56,3 +56,51 @@ jobs:
- name: Print TF_VAR_public_ip - name: Print TF_VAR_public_ip
run: 'echo "📡 Public IP used by Terraform: $TF_VAR_public_ip"' run: 'echo "📡 Public IP used by Terraform: $TF_VAR_public_ip"'
terraform-ses:
if: github.repository != 'hashicorp-education/learn-terraform-github-actions'
name: "Terraform Apply - SES"
runs-on: mealcraft-runners
needs: terraform
permissions:
contents: read
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "1.6.6"
- name: Install AWS CLI v2
run: |
sudo apt-get update
sudo apt-get install -y unzip curl
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version
- name: Verify AWS identity
run: aws sts get-caller-identity
- name: Terraform Init
working-directory: aws_environment/ses-juntekim
run: terraform init
- name: Terraform Validate
working-directory: aws_environment/ses-juntekim
run: terraform validate
- name: Terraform Plan
id: plan
working-directory: aws_environment/ses-juntekim
run: terraform plan -input=false
- name: Terraform Apply
working-directory: aws_environment/ses-juntekim
run: terraform apply -auto-approve -input=false