diff --git a/.github/auto-release.yml b/.github/auto-release.yml index c78a4d83..b45efb7a 100644 --- a/.github/auto-release.yml +++ b/.github/auto-release.yml @@ -17,6 +17,7 @@ version-resolver: - 'bugfix' - 'bug' - 'hotfix' + - 'no-release' default: 'minor' categories: @@ -46,7 +47,7 @@ template: | replacers: # Remove irrelevant information from Renovate bot -- search: '/---\s+^#.*Renovate configuration(?:.|\n)*?This PR has been generated .*/gm' +- search: '/(?<=---\s)\s*^#.*(Renovate configuration|Configuration)(?:.|\n)*?This PR has been generated .*/gm' replace: '' # Remove Renovate bot banner image - search: '/\[!\[[^\]]*Renovate\][^\]]*\](\([^)]*\))?\s*\n+/gm' diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml index 3f48017d..3a38fae0 100644 --- a/.github/workflows/auto-release.yml +++ b/.github/workflows/auto-release.yml @@ -3,17 +3,24 @@ name: auto-release on: push: branches: - - master + - main + - master + - production jobs: publish: runs-on: ubuntu-latest steps: - # Drafts your next Release notes as Pull Requests are merged into "master" - - uses: release-drafter/release-drafter@v5 - with: - publish: true - prerelease: false - config-name: auto-release.yml - env: - GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + # Get PR from merged commit to master + - uses: actions-ecosystem/action-get-merged-pull-request@v1 + id: get-merged-pull-request + with: + github_token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + # Drafts your next Release notes as Pull Requests are merged into "main" + - uses: release-drafter/release-drafter@v5 + with: + publish: ${{ !contains(steps.get-merged-pull-request.outputs.labels, 'no-release') }} + prerelease: false + config-name: auto-release.yml + env: + GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} diff --git a/examples/complete/deployment.tf b/examples/complete/deployment.tf index 3ecd6844..95c5dfda 100644 --- a/examples/complete/deployment.tf +++ b/examples/complete/deployment.tf @@ -8,18 +8,19 @@ locals { our_account_id = local.enabled ? data.aws_caller_identity.current[0].account_id : "" our_role_arn_prefix = "arn:aws:iam::${local.our_account_id}:role" - deployment_principal_arns = { for k, v in local.test_deployment_role_prefix_map : format("%v/%v", local.our_role_arn_prefix, k) => v } + role_names = { for k, v in local.test_deployment_role_prefix_map : k => module.role_labels[k].id } + deployment_principal_arns = { for k, v in local.role_names : format("%v/%v", local.our_role_arn_prefix, v) => local.test_deployment_role_prefix_map[k] } } data "aws_caller_identity" "current" { count = local.enabled ? 1 : 0 } - -module "statement_ids" { +# The following instantiations of null-label require Terraform >= 0.13.0 +module "sid_labels" { for_each = local.test_deployment_role_prefix_map source = "cloudposse/label/null" - version = "0.24.1" # requires Terraform >= 0.13.0 + version = "0.25.0" attributes = split("-", each.key) delimiter = "" @@ -29,11 +30,21 @@ module "statement_ids" { context = module.this.context } -data "aws_iam_policy_document" "assume_role" { +module "role_labels" { for_each = local.test_deployment_role_prefix_map + source = "cloudposse/label/null" + version = "0.25.0" + + attributes = concat(split("-", each.key), module.this.attributes) + + context = module.this.context +} + +data "aws_iam_policy_document" "assume_role" { + for_each = module.sid_labels statement { - sid = "Enable${module.statement_ids[each.key].id}" + sid = "Enable${each.value.id}" actions = [ "sts:AssumeRole", "sts:TagSession" @@ -49,9 +60,9 @@ data "aws_iam_policy_document" "assume_role" { resource "aws_iam_role" "test_role" { - for_each = local.test_deployment_role_prefix_map + for_each = module.role_labels - name = each.key + name = module.role_labels[each.key].id assume_role_policy = data.aws_iam_policy_document.assume_role[each.key].json } diff --git a/test/src/Makefile b/test/src/Makefile index b1710da2..53e41087 100644 --- a/test/src/Makefile +++ b/test/src/Makefile @@ -16,7 +16,7 @@ init: ## Run tests test: init go mod download - go test -v -timeout 20m -parallel 2 -run TestExamplesComplete + go test -v -timeout 30m -parallel 2 -run TestExamplesComplete ## Run tests in docker container docker/test: