move test workflows into their own files

.github/workflows/_test-workflows.yaml → .github/workflows/_test-docker-build-push-ecr.yaml

@@ -1,33 +1,16 @@
-name: Test Reusable Workflows
-
 on:
   pull_request:
     branches:
       - main
+    paths:
+      - '.github/workflows/_test-docker-build-push-ecr.yaml'
+      - '.github/workflows/docker-build-push-ecr.yaml'
+      - 'tests/terraform/**'
+  push:
+    branches:
+      - main
 
 jobs:
-  # Enable once we have access to dai sandbox account
-  test_terraform_deploy_basic:
-    uses: ./.github/workflows/tf-deploy-basic.yaml
-    with:
-      github_artifact_path: path/to/artifacts
-      aws_account_id: ${{ vars.aws_account_id }}
-      aws_region: ${{ vars.aws_region }}
-      aws_role_name: ${{ vars.aws_role_name }}
-      environment: foo
-      github_feedback: true
-      tf_deploy_override: true
-      tf_dir: tests/terraform/local
-      tf_vars: var1=value1,var2=value2
-      tf_version: 1.6.6
-
-  test_docker_build:
-    uses: ./.github/workflows/docker-build.yaml
-    with:
-      image_name: test-docker-build
-      docker_context: tests/docker
-      artifact_retention_days: 1
-
   test_docker_build_push_ecr:
     uses: ./.github/workflows/docker-build-push-ecr.yaml
     with:

.github/workflows/_test-docker-build.yaml

@@ -0,0 +1,19 @@
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/_test-docker-build.yaml'
+      - '.github/workflows/docker-build.yaml'
+      - 'tests/terraform/**'
+  push:
+    branches:
+      - main
+
+jobs:
+  test_docker_build:
+    uses: ./.github/workflows/docker-build.yaml
+    with:
+      image_name: test-docker-build
+      docker_context: tests/docker
+      artifact_retention_days: 1

.github/workflows/_test-tf-deploy-basic.yaml

@@ -0,0 +1,26 @@
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/_test-tf-deploy-basic.yaml'
+      - '.github/workflows/tf-deploy-basic.yaml'
+      - 'tests/terraform/**'
+  push:
+    branches:
+      - main
+
+jobs:
+  test_terraform_deploy_basic:
+    uses: ./.github/workflows/tf-deploy-basic.yaml
+    with:
+      github_artifact_path: path/to/artifacts
+      aws_account_id: ${{ vars.aws_account_id }}
+      aws_region: ${{ vars.aws_region }}
+      aws_role_name: ${{ vars.aws_role_name }}
+      environment: foo
+      github_feedback: true
+      tf_deploy_override: true
+      tf_dir: tests/terraform/local
+      tf_vars: var1=value1,var2=value2
+      tf_version: 1.6.6

.github/workflows/lambda-build-node.yaml

@@ -5,7 +5,7 @@ on:
         description: "The Node.js version to use"
         type: string
         required: false
-        default: '20'
+        default: "20"
       source_dir:
         description: "The directory where the Lambda source code is located"
         type: string

.github/workflows/tf-dflook-apply.yaml

@@ -1,4 +1,6 @@
-# Test dflook workflow
+# Terraform Apply Workflow using the action dflook/terraform-github-actions
+# This workflow is used to apply Terraform changes to an environment.
+# This workflow utilizes either github environments variables or workflow inputs to pass to the terraform actions
 on:
   workflow_call:
     inputs:

.github/workflows/tf-dflook-cleanup.yaml

@@ -1,5 +1,6 @@
-# Workflow to cleanup feature branch resources
-#
+# Workflow to cleanup Terraform workspaces
+# Can be used when a PR is closed or merged
+# This workflow will destroy the Terraform workspace and remove the state file from the backend
 on:
   workflow_call:
     inputs:

.github/workflows/tf-dflook-feature.yaml

@@ -1,6 +1,6 @@
-# Workflow to deploy feature branches
+# Terraform feature branch workflow
 # Creates a new terraform workspace based on the branch name
-# This workflow utilizes github environments to store secrets and varibles.
+# This workflow utilizes either github environments variables or workflow inputs to pass to the terraform actions
 on:
   workflow_call:
     inputs:

.github/workflows/tf-dflook-plan.yaml

@@ -1,4 +1,8 @@
-# Terraform Plan Workflow using dflook/terraform-github-actions
+# Terraform Plan Workflow using the action dflook/terraform-github-actions
+# This workflow is used to plan Terraform changes and post the plan to a pull request as a comment. These plans
+# are then used to compare the changes when the apply workflow is run.
+# It also includes terraform validation and formatting steps.
+# This workflow utilizes either github environments variables or workflow inputs to pass to the terraform actions
 on:
   workflow_call:
     inputs:

README.md

@@ -4,6 +4,15 @@ This repository contains a collection of GitHub workflows that are reusable acro
 
 The main goal is to have a single source of truth for all workflows, so that they can be easily updated and reused.
 
+Features include, but are not limited to:
+
+- terraform management
+- aws authentication
+- docker image management
+- lambda builds
+
+The state of these workflows are considered to be in alpha, and are subject to change to suit the needs of projects managed by DAI.
+
 ## Usage
 
 Create a `.github/workflows` directory in your repository and create workflows that reference the workflows in this repository.
@@ -14,22 +23,36 @@ on: push
 jobs:
   my-job:
     uses: <org>/<repo>/.github/workflows/<workflow-name>.yaml@<ref>
+    with:
+      my-input: my-value
 ```
 
+### dflook workflows
+
+[dflook](https://github.com/dflook/terraform-github-actions) actions are an externally maintained set of actions that are used in the workflows.
+The decision to use [dflook](https://github.com/dflook/terraform-github-actions) actions was made to reduce the maintenance burden of the workflows and reuse actions that are well tested and reliable.
+
+Assumptions when using dflook actions:
+
+- inputs are either passed directly to the action or are set as environment variables.
+
+
 ## Releases
 
 Release pipeline is triggered on each PR merged to main, which creates a new release incrementing automatically minor version.
 
 ## Testing
 
-Each workflow should have a `test` job that runs the workflow with all inputs set. This job should be triggered on each PR.
+Each workflow should have a `test` job that runs the workflow with different inputs. This job should be triggered on when changes are detected and push to main.
+
+Test workflows are prefixed with `_test-` and contain the workflow file name. One test workflow per workflow file which can contain multiple jobs.
 
 ## Contributing
 
 Before creating a new shared workflow, check if something similar already exists. If it does, consider updating the existing workflow instead of creating a new one.
 
 If you want to create a new workflow, please follow these steps:
 
-- Name the workflow files similar to the following `<tool/service>-<verb>-<simple description>.yaml`.
+- Name the workflow files similar to the following `<tool/service>-<simple description>.yaml`.
 - The less inputs, the better.
 - Files uses dash-case and variables use snake_case.