im-practices · danielle-casella-adams · Jul 19, 2024 · Jul 19, 2024
@@ -1,4 +1,4 @@
-# Workflow Code: ShinySQUIRREL_v26    DO NOT REMOVE
+# Workflow Code: ShinySQUIRREL_v27    DO NOT REMOVE
 # Purpose:
 #    Validates that the deployed terraform matches what is supposed to be deployed
 #    when it runs at a scheduled time or when someone kicks it off manually.
@@ -26,18 +26,23 @@ on:
   workflow_dispatch:
 
 permissions:
-  # # Required for secretless azure access and deploys
+  # Required for secretless azure access and deploys
   id-token: write
   contents: read
+  actions: read
+  deployments: read
 
 jobs:
   auto-plan-the-tf:
     runs-on: im-linux
 
     strategy:
       matrix:
-        # TODO: verify the environment you want this workflow to check
+        # TODO: verify the environments you want this workflow to check
         environment: [dev, qa, stage, demo, uat, prod]
+
+        # TODO:  verify the instances match the possible values used in the im-deploy-* workflows
+        instance: [na26, na27]  # Other common values are [dev,qa,stage,prod], [primary,secondary] or [slot1,slot2]
 
     environment: ${{ matrix.environment }}
 
@@ -66,54 +71,32 @@ jobs:
         working-directory: '${{ env.TF_WORKING_DIR }}'
 
     steps:
-      # TODO:  SWAT - Need a replacement for determining which release is the latest
+      - name: Get GitHub Deployments for Entity
+        id: get-deployments
+        continue-on-error: true
+        uses: im-open/get-github-deployments@v1
+        with:
+          entity: '' # TODO:  Add the entity name from the 'metadata.name' field in the catalog-info.yml file
+          instance: ${{ matrix.instance }}
+          environment: ${{ matrix.environment }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Determine latest release
         id: get-latest
         uses: actions/github-script@v7
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }} # Special per-job token generated by GH for interacting with the repo
           script: |
-            let labelName = `??currently-in-${{ matrix.environment }}`;
-            try {
-              let owner = context.repo.owner;
-              let repo = context.repo.repo;
-
-              core.info(`Finding issues with label '${labelName}'...`);
-
-              const query = `
-              query {
-                repository(owner: "${owner}", name: "${repo}") {
-                  issues(first: 1, filterBy: {labels: ["${labelName}"]}) {
-                    edges {
-                      node {
-                        title
-                      }
-                    }
-                  }
-                }
-              }`;
-
-              const response = await github.graphql(query);
-
-              if (!response.repository.issues || !response.repository.issues.edges || response.repository.issues.edges.length === 0) {
-                core.info(`There were no issues with label '${labelName}'.  Default to checking against main.`);
-                core.setOutput('VERSION', 'main');
-              }
-              else {
-                const title = response.repository.issues.edges.map(ri => ri.node.title)[0];
-                core.info(`The following issues had label '${labelName}': '${title}'`);
-
-                const regex = /(branch|tag|sha) Deploy: /i;
-                let version = title.replace(regex, '').trim();
-                core.info(`The deployed infrastructure will be compared against ${version}`);
-                core.setOutput('VERSION', version);
-              }
-            } catch (error) {
-              core.info(`An error occurred retrieving issues with the '${labelName}' label: ${error}`);
-              core.info(`You may need to manually remove the ${labelName} from other issues`);
-              core.info('Default to checking tf against main.');
+            const deployments = JSON.parse('${{ steps.get-deployments.outputs.deployments }}');
+            if (!deployments || deployments.length === 0 || !deployments.some(d => d.status === 'SUCCESS')) {
+              core.info('No successful deployments found.  Defaulting to main.');
               core.setOutput('VERSION', 'main');
+              return;
             }
+
+            const successfulDeployments = deployments.filter(d => d.status === 'SUCCESS').sort((a, b) => new Date(b.created_at) - new Date(a.created_at));
+            const latestDeployment = successfulDeployments[0];
+            core.setOutput('VERSION', latestDeployment.ref);
 
       - name: Checkout Repository
         uses: actions/checkout@v4