Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jimweller/lab-iac-yor-tagging
Created by gh-repo-create.sh jimweller lab-iac-yor-tagging public lab (Sat Nov 16 01:36:03 UTC 2024)
https://github.com/jimweller/lab-iac-yor-tagging
lab
Last synced: about 2 months ago
JSON representation
Created by gh-repo-create.sh jimweller lab-iac-yor-tagging public lab (Sat Nov 16 01:36:03 UTC 2024)
- Host: GitHub
- URL: https://github.com/jimweller/lab-iac-yor-tagging
- Owner: jimweller
- Created: 2024-11-16T01:36:04.000Z (2 months ago)
- Default Branch: main
- Last Pushed: 2024-11-18T18:31:26.000Z (2 months ago)
- Last Synced: 2024-11-18T19:39:49.526Z (2 months ago)
- Topics: lab
- Language: Shell
- Size: 6.84 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Terafform+Yor, Automated Taggin of IaC Resources with Github Actions, Prototype/Demo
Demonstrates the ability to have a github action automatically tag teraform
resources in a github action AND commit the changes to the branch when branch protection
rules requires signed commits and squash merging.
## Prerequisites
* A work `git` and `gh` local shell
* A github user that has permissions on this repo and has a gpg key
* The GPG_PRIVATE_KEY and GPG_PASSPHRASE of the above user recorded as secrets in the repo settings
## How it works
* Delete the tags{} block from ssm_param.tf and safe the file
* Run scripts/gh-test.sh which will walk you through a complete PR workflow
* Check the workflows on github
* Check the tags that were injected to the file both locally and remotely
## Caveats
* This repo does not deploy to AWS. That is covered elsewhere.
* Using a github user's GPG is a hack to demonstrate making changes in PRs when branch protection rules requiring signed commits is in place (which is a team standard). Ideally this should be a service account, app, or bot.