How can I set up multiple working dirs for CI/CD on Ubuntu?

PrashanthP
May 9, 2023
450 views
2 votes
3 Answers

I’m trying to run below YAML file with a job. How can I specify working directory, if I want this to trigger when there is change in any child folders?

For example: below is the snippet of my working directory structure and I want CI to trigger when I make changes to any child folders under Policy folder.

Any changes in Initiative and Definitions should trigger the event.
What should be the working directory path?

name: 'deployment of azure policies'
on:
  push:
    branches: [ "main" ]
  pull_request:
    paths:
        - "Policy/Initiatives/*"

jobs:
  build-and-deploy:
      env:
       TF_IN_AUTOMATION: true
       TF_INPUT: false
       **TF_WORKING_DIR: Policy/Initiatives/**
       ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
       ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
       ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
       ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
      runs-on: ubuntu-latest
      steps:
     # Checkout the repository to the GitHub Actions runner
        - name: Checkout
          uses: actions/checkout@v3

I tried below, but didn’t work:

TF_Working_DIR: "Policy/"

It says no configuration files found (it’s correct as the configuration files are in the child folders).

However, when I mention Policy/Initiatives or Policy/Definitions, the work is working fine.

Answers

I created one Github repository with below folders:-

I agree to the answer by @Philip and @jessehouwing

In order to trigger the github actions from child folder you can use "Policy-Assignment/**/*" and add the below code in your Github workflow:-

 name: 'deployment of azure policies' on:   push:
    branches: [ "main" ]   pull_request:
    paths:
        - "Policy-Assignment/**/*"

jobs:   build-and-deploy:
      env:
       TF_IN_AUTOMATION: true
       TF_INPUT: false
       TF_WORKING_DIR: Policy/Policy-Assignment/**/
       ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
       ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
       ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
       ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
      runs-on: ubuntu-latest
      steps:
     # Checkout the repository to the GitHub Actions runner
        - name: Checkout
          uses: actions/checkout@v3

Output:-

The workflow ran successfully like below:-

UPDATED:-

You can specify the full path to your folder in your code like below:-

name: 'deployment of azure policies'
on:
  push:
    branches: [ "main" ]
  pull_request:
    paths:
        - "Policy-Assignment/**/*"

jobs:
  build-and-deploy:
      env:
       TF_IN_AUTOMATION: true
       TF_INPUT: false
       TF_WORKING_DIR: Policy/Policy-Assignment/Initiatives <add your complete path to Policy-Assignmeent folder as my Policy-Assignment folder is inside Policy folder, I have added path like above>
       ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
       ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
       ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
       ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
      runs-on: ubuntu-latest
      steps:
     # Checkout the repository to the GitHub Actions runner
        - name: Checkout
          uses: actions/checkout@v3
        - name: Terraform Init
          run: terraform init
        - name: Terraform Format
          run: terraform fmt -check
        - name: Terraform Validate
          run: terraform validate -no-color

Output:-

Alternatively, You can make use of find method in your code to find the files from child folders like below:-

name: 'deployment of azure policies'
on:
  push:
    branches: [ "main" ]
  pull_request:
    paths:
        - "Policy-Assignment/**/*"

jobs:
  build-and-deploy:
      env:
       TF_IN_AUTOMATION: true
       TF_INPUT: false
       ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
       ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
       ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
       ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
      runs-on: ubuntu-latest
      steps:
     # Checkout the repository to the GitHub Actions runner
        - name: Checkout
          uses: actions/checkout@v3
        - name: Find configuration files
          run: |
            find Policy-Assignment -name "*.tf"
            find Policy-Assignment -name "*.json"
          id: find_files
        - name: Deploy policies
          run: |
            terraform init
            terraform validate
            terraform plan -var-file=variables.tfvars -out=tfplan -input=false -no-color
            terraform apply -input=false -auto-approve tfplan
          if: steps.find_files.outputs.stdout != ''

Output:-

Initiative i1.json from Initiatives child folder and a.json Policy definition was found and code ran successfully like below:-

Here’s a working "Github" example of a pipeline deploying policies under the "Policies" folder:

name: 'deployment of azure policies' 

env:
  TF_WORKING_DIR: "Policy/Definitions/" 
  ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
  ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
  ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}

on:
  workflow_dispatch:
    branches: [ "main" ]
    paths: 
    - "Policy/Definitions"

jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      contents: read
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v2

    - name: Display GitHub Context
      id: context
      run: echo "$GITHUB_CONTEXT"
    
    - name: Output Working Dir
      id: outputworkingdir
      run: find . -printf '%y %pn'

    - name: 'Az CLI login'
      uses: azure/login@v1
      with:
          client-id: ${{ secrets.AZURE_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
    
    - name: Setup Terraform
      uses: hashicorp/setup-terraform@v2
    
    - name: Terraform Init
      working-directory: ${{ env.TF_WORKING_DIR }}
      id: init
      run: terraform init

    - name: Terraform Plan
      id: plan
      working-directory: ${{ env.TF_WORKING_DIR }}
      run: terraform plan -no-color 2>&1 | tee /tmp/terraform.plan
      continue-on-error: true

You can find the example over HERE.

- jessehouwing
- May 8, 2023 at 12:31 pm
- 0 votes
0
You can use a /** to denote a recursive include.
```
name: 'deployment of azure policies'
on:
  push:
    branches: [ "main" ]
  pull_request:
    paths:
      - "Policy-Assignments/Initiatives/**"
```
See:
- Workflow Syntax – on.<push|pull_request|pull_request_target>.<paths|paths-ignore>
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.