From 3f816cdfd77b9f26b1fee280fd824f77d6ed7b22 Mon Sep 17 00:00:00 2001 From: Michael Haken Date: Mon, 24 Feb 2025 12:57:51 -0500 Subject: [PATCH 1/5] removing pipeline for now --- pipeline/MultiAZWorkshopPipeline.cs | 17 --------------- pipeline/MultiAzWorkshopPipeline.csproj | 22 ------------------- pipeline/Program.cs | 29 ------------------------- 3 files changed, 68 deletions(-) delete mode 100644 pipeline/MultiAZWorkshopPipeline.cs delete mode 100644 pipeline/MultiAzWorkshopPipeline.csproj delete mode 100644 pipeline/Program.cs diff --git a/pipeline/MultiAZWorkshopPipeline.cs b/pipeline/MultiAZWorkshopPipeline.cs deleted file mode 100644 index a13bd24..0000000 --- a/pipeline/MultiAZWorkshopPipeline.cs +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -using Amazon.CDK; -using Amazon.CDK.AWS.CodePipeline; -using Constructs; - -namespace Amazon.AWSLabs.MultiAZWorkshopPipeline -{ - public class MultiAZWorkshopPipeline : Stack - { - public MultiAZWorkshopPipeline(Construct scope, string id, IStackProps props) : base(scope, id) - { - Pipeline pipeline = new Pipeline(this, "pipeline", new PipelineProps() { - }); - } - } -} \ No newline at end of file diff --git a/pipeline/MultiAzWorkshopPipeline.csproj b/pipeline/MultiAzWorkshopPipeline.csproj deleted file mode 100644 index 41e0cb2..0000000 --- a/pipeline/MultiAzWorkshopPipeline.csproj +++ /dev/null @@ -1,22 +0,0 @@ - - - - - Exe - net9.0 - - Major - disable - enable - - - - - - - - - diff --git a/pipeline/Program.cs b/pipeline/Program.cs deleted file mode 100644 index f397588..0000000 --- a/pipeline/Program.cs +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -using Amazon.CDK; - -namespace Amazon.AWSLabs.MultiAZWorkshopPipeline -{ - sealed class Program - { - public static void Main(string[] args) - { - var app = new App(); - - MultiAZWorkshopPipeline pipeline = new MultiAZWorkshopPipeline(app, "multi-az-workshop-pipeline", new StackProps(){ - StackName = "multi-az-workshop-pipeline", - Env = new Amazon.CDK.Environment() { - Region = Aws.REGION - }, - Synthesizer = new DefaultStackSynthesizer(new DefaultStackSynthesizerProps() { - FileAssetsBucketName = "${AssetsBucketName}", - BucketPrefix = "${AssetsBucketPrefix}", - Qualifier = null, - GenerateBootstrapVersionRule = false - }) - }); - - app.Synth(); - } - } -} From fa7d531a0c5cb446b484a5a1fa36bffe6d0a0bf2 Mon Sep 17 00:00:00 2001 From: Michael Haken Date: Mon, 24 Feb 2025 13:00:52 -0500 Subject: [PATCH 2/5] updated allowed users --- .github/workflows/review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml index 14d7736..6326ba5 100644 --- a/.github/workflows/review.yml +++ b/.github/workflows/review.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Check if review was approved by specific user run: | - if [[ github.event.review.state == 'approved' && github.event.review.user.login == 'hakenmt' ]]; then + if [[ ${{ github.event.review.state }} == 'approved' && ( ${{ github.event.review.user.login }} == 'hakenmt' || ${{ github.event.review.user.login }} == 'github-actions[bot]') ]]; then echo "✅ Test a since review was performed by an allowed user." else "🚨 Workflow requires admin review approval." From 7f388c707b249020007ca3f0615e52040a9acad9 Mon Sep 17 00:00:00 2001 From: Michael Haken Date: Mon, 24 Feb 2025 13:08:32 -0500 Subject: [PATCH 3/5] updating --- .github/workflows/auto-approve.yml | 5 ++++- .github/workflows/build.yml | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml index 8c6a93c..bd92fcf 100644 --- a/.github/workflows/auto-approve.yml +++ b/.github/workflows/auto-approve.yml @@ -1,12 +1,15 @@ name: auto-approve on: - pull_request_target: + pull_request: types: - labeled - opened - synchronize - reopened - ready_for_review + +permissions: {} + jobs: approve: runs-on: ubuntu-latest diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 47ba6a0..95dc4db 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,6 +7,7 @@ on: paths: - app-src/** - cdk/** + - .github/workflows/** permissions: {} From c5b9ef8cab017a49bb3a90449c6c6e005a37e33e Mon Sep 17 00:00:00 2001 From: Michael Haken Date: Mon, 24 Feb 2025 13:11:02 -0500 Subject: [PATCH 4/5] updated badges --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3b307d8..4dddd30 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[Build Workflow](https://github.com/awslabs/multi-az-workshop/actions/workflows/build.yml/badge.svg) [Test Workflow](https://github.com/awslabs/multi-az-workshop/actions/workflows/test.yml/badge.svg) [Publish Workflow](https://github.com/awslabs/multi-az-workshop/actions/workflows/publish.yml/badge.svg) +![Build Workflow](https://github.com/awslabs/multi-az-workshop/actions/workflows/build.yml/badge.svg) ![Test Workflow](https://github.com/awslabs/multi-az-workshop/actions/workflows/test.yml/badge.svg) ![Publish Workflow](https://github.com/awslabs/multi-az-workshop/actions/workflows/publish.yml/badge.svg) ## Advanced Multi-AZ Resilience Patterns ### Building, operating, and testing resilient multi-AZ applications From cdbb6f28820f36bf417d3a245c8e7d86099dd3f3 Mon Sep 17 00:00:00 2001 From: Michael Haken Date: Mon, 24 Feb 2025 13:26:52 -0500 Subject: [PATCH 5/5] updated review workflow --- .github/workflows/review.yml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml index 6326ba5..094aa0a 100644 --- a/.github/workflows/review.yml +++ b/.github/workflows/review.yml @@ -4,15 +4,22 @@ on: pull_request_review: types: [submitted] +permissions: {} + jobs: review: runs-on: ubuntu-latest steps: - - name: Check if review was approved by specific user + - name: Set approval status + id: check_approval run: | - if [[ ${{ github.event.review.state }} == 'approved' && ( ${{ github.event.review.user.login }} == 'hakenmt' || ${{ github.event.review.user.login }} == 'github-actions[bot]') ]]; then - echo "✅ Test a since review was performed by an allowed user." - else - "🚨 Workflow requires admin review approval." - exit 1 - fi \ No newline at end of file + if [[ "${GITHUB_EVENT_REVIEW_STATE}" == "approved" && ("${GITHUB_EVENT_REVIEW_USER_LOGIN}" == "hakenmt" || "${GITHUB_EVENT_REVIEW_USER_LOGIN}" == "github-actions[bot]") ]]; then + echo "✅ Test a since review was performed by an allowed user." + echo "approved=true" >> $GITHUB_ENV + else + echo "🚨 Workflow requires admin review approval." + exit 1 + fi + env: + GITHUB_EVENT_REVIEW_STATE: ${{ github.event.review.state }} + GITHUB_EVENT_REVIEW_USER_LOGIN: ${{ github.event.review.user.login }}