|
| 1 | +name: GCP Tag Naming Convention Update |
| 2 | + |
| 3 | +on: |
| 4 | + workflow_dispatch: |
| 5 | + inputs: |
| 6 | + target_branch: |
| 7 | + description: Target branch for pull request |
| 8 | + type: choice |
| 9 | + required: false |
| 10 | + default: main |
| 11 | + options: |
| 12 | + - main |
| 13 | + - demo/env0 |
| 14 | + - demo/spacelift |
| 15 | + - demo/tfc |
| 16 | + |
| 17 | +concurrency: |
| 18 | + group: gcp-tag-demo |
| 19 | + cancel-in-progress: false |
| 20 | + |
| 21 | +jobs: |
| 22 | + create-pr: |
| 23 | + name: Create PR for naming convention update |
| 24 | + runs-on: ubuntu-latest |
| 25 | + permissions: |
| 26 | + contents: write |
| 27 | + pull-requests: write |
| 28 | + steps: |
| 29 | + - uses: actions/checkout@v6 |
| 30 | + with: |
| 31 | + token: ${{ secrets.GH_PAT }} |
| 32 | + ref: ${{ github.event.inputs.target_branch || 'main' }} |
| 33 | + |
| 34 | + - name: Configure Git |
| 35 | + run: | |
| 36 | + git config user.name "Platform Automation" |
| 37 | + git config user.email "platform-automation@company.com" |
| 38 | +
|
| 39 | + - name: Apply naming convention update |
| 40 | + run: | |
| 41 | + sed -i 's/tags = \[var\.service_name, "allow-ssh"\]/tags = ["svc-${var.service_name}-prod", "allow-ssh"]/' \ |
| 42 | + modules/gcp-service-base/main.tf |
| 43 | +
|
| 44 | + - name: Show changes |
| 45 | + run: | |
| 46 | + echo "## Changes to modules/gcp-service-base/main.tf" >> $GITHUB_STEP_SUMMARY |
| 47 | + echo "" >> $GITHUB_STEP_SUMMARY |
| 48 | + echo '```diff' >> $GITHUB_STEP_SUMMARY |
| 49 | + git diff modules/gcp-service-base/main.tf >> $GITHUB_STEP_SUMMARY || echo "No changes detected" |
| 50 | + echo '```' >> $GITHUB_STEP_SUMMARY |
| 51 | + echo "=== Git diff ===" |
| 52 | + git diff modules/gcp-service-base/main.tf || echo "No changes detected" |
| 53 | +
|
| 54 | + - name: Create branch, commit, and push |
| 55 | + env: |
| 56 | + GH_TOKEN: ${{ secrets.GH_PAT }} |
| 57 | + run: | |
| 58 | + BRANCH="platform/naming-convention-update-$(date +%Y%m%d-%H%M%S)" |
| 59 | + echo "BRANCH=$BRANCH" >> "$GITHUB_ENV" |
| 60 | +
|
| 61 | + git checkout -b "$BRANCH" |
| 62 | + git add modules/gcp-service-base/main.tf |
| 63 | +
|
| 64 | + if git diff --staged --quiet; then |
| 65 | + echo "No changes to commit" |
| 66 | + exit 0 |
| 67 | + fi |
| 68 | +
|
| 69 | + git commit -m "refactor: standardise GCE instance network tags" |
| 70 | + git push -u origin "$BRANCH" |
| 71 | +
|
| 72 | + - name: Open pull request |
| 73 | + env: |
| 74 | + GH_TOKEN: ${{ secrets.GH_PAT }} |
| 75 | + run: | |
| 76 | + TARGET_BRANCH="${{ github.event.inputs.target_branch || 'main' }}" |
| 77 | +
|
| 78 | + BODY="$(printf '%s\n' \ |
| 79 | + '## Summary' \ |
| 80 | + '- Standardise GCE instance network tags to follow the `svc-{name}-prod` convention across all service deployments.' \ |
| 81 | + '' \ |
| 82 | + '## Context' \ |
| 83 | + '- PLAT-2847: Enforce consistent resource tagging convention for GCP compute instances.' \ |
| 84 | + '- This aligns instance tags with the naming standard agreed in the platform architecture review.' \ |
| 85 | + '' \ |
| 86 | + '## Changes' \ |
| 87 | + '- Updated the base service module to apply the new tag format to all managed instances.' \ |
| 88 | + '- Both payments-api and inventory-api instances will receive updated tags on next apply.' \ |
| 89 | + '' \ |
| 90 | + '## Testing' \ |
| 91 | + '- Terraform plan reviewed in CI.' \ |
| 92 | + '- Tag format validated against GCP naming constraints (lowercase, hyphens only).' \ |
| 93 | + )" |
| 94 | +
|
| 95 | + gh pr create \ |
| 96 | + --base "$TARGET_BRANCH" \ |
| 97 | + --head "$BRANCH" \ |
| 98 | + --title "refactor: standardise GCE instance network tags (PLAT-2847)" \ |
| 99 | + --body "$BODY" |
0 commit comments