Skip to content

Commit

Permalink
Fix .github/workflows/lets_encrypt.yml (#3979)
Browse files Browse the repository at this point in the history 
* Fix missing env vars.  Add environment selector on manual run.  Comment out schedule.

* Update CHANGELOG for Lets Encrypt fix, and add missing entry for FIREWALL_SKU enhancement

* Fix lint issue - remove trailing space
  • Loading branch information
@jonnyry
jonnyry authored Jun 25, 2024
1 parent 8b762a9 commit 3689c09
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 10 deletions.
26 changes: 16 additions & 10 deletions .github/workflows/lets_encrypt.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,16 @@
name: Renew Lets Encrypt Certificates

on: # yamllint disable-line rule:truthy
schedule:
# 3am each month https://crontab.guru/#0_3_1_*_*
- cron: "0 3 1 * *"
# schedule:
# # 3am each month https://crontab.guru/#0_3_1_*_*
# - cron: "0 3 1 * *"
workflow_dispatch:
inputs:
environment:
description: The environment to run this workflow in
type: environment
default: CICD
required: true

# This will prevent multiple runs of this entire workflow.
# We should NOT cancel in progress runs as that can destabilize the environment.
Expand All @@ -20,7 +26,7 @@ jobs:
renew_letsencrypt_certs:
name: Renew Lets Encrypt Certificates
runs-on: ubuntu-latest
environment: CICD
environment: ${{ github.event.inputs.environment || 'CICD' }}
steps:
- name: Checkout
uses: actions/checkout@v4
Expand All @@ -38,13 +44,13 @@ jobs:
env:
ARM_CLIENT_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientId }}
ARM_CLIENT_SECRET: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientSecret }}
ARM_SUBSCRIPTION_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).tenantId }}
ARM_TENANT_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).subscriptionId }}
ARM_SUBSCRIPTION_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).subscriptionId }}
ARM_TENANT_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).tenantId }}
AZURE_ENVIRONMENT: ${{ vars.AZURE_ENVIRONMENT }}
TRE_ID: ${{ secrets.TRE_ID }}
TERRAFORM_STATE_CONTAINER_NAME:
${{ secrets.TERRAFORM_STATE_CONTAINER_NAME && secrets.TERRAFORM_STATE_CONTAINER_NAME || 'tfstate' }}
MGMT_RESOURCE_GROUP_NAME: ${{ secrets.MGMT_RESOURCE_GROUP_NAME }}
MGMT_STORAGE_ACCOUNT_NAME: ${{ secrets.MGMT_STORAGE_ACCOUNT_NAME }}
TF_VAR_terraform_state_container_name: ${{ secrets.TERRAFORM_STATE_CONTAINER_NAME || 'tfstate' }}
TF_VAR_mgmt_resource_group_name: ${{ secrets.MGMT_RESOURCE_GROUP_NAME }}
TF_VAR_mgmt_storage_account_name: ${{ secrets.MGMT_STORAGE_ACCOUNT_NAME }}
run: |
sudo apt-get install -y python3 python3-venv libaugeas0 \
&& python3 -m venv /opt/certbot/ \
Expand Down
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ FEATURES:
ENHANCEMENTS:
* Add KeyVault Purge Protection Variable ([#3922](https://github.com/microsoft/AzureTRE/issues/3922))
* Make check for email addresses prior to an airlock request being created optional. ([#3904](https://github.com/microsoft/AzureTRE/issues/3904))
* Add Firewall SKU variable ([#3961](https://github.com/microsoft/AzureTRE/issues/3961))

BUG FIXES:
* Update Guacamole Linux VM Images to Ubuntu 22.04 LTS. Part of ([#3523](https://github.com/microsoft/AzureTRE/issues/3523))
Expand All @@ -22,6 +23,7 @@ BUG FIXES:
* Dependency and Vulnerability updates
* Add lifecycle rule to MySQL resources to stop them recreating on `update` ([#3993](https://github.com/microsoft/AzureTRE/issues/3993))
* Fixes broken links on 'Using the Azure TRE -> Custom Templates' page of documentation ([[#4003](https://github.com/microsoft/AzureTRE/issues/4003)])
* Fix 'Renew Lets Encrypt Certificates' GitHub Action ([#3978](https://github.com/microsoft/AzureTRE/issues/3978))

COMPONENTS:

Expand Down

0 comments on commit 3689c09

Please sign in to comment.