From 5297ef377520d5e9b361e31b97fa56973675ba9f Mon Sep 17 00:00:00 2001
From: Samuel <15628653+swibrow@users.noreply.github.com>
Date: Thu, 22 Feb 2024 14:00:40 +0200
Subject: [PATCH] move test workflows into their own files

---
 ....yaml => _test-docker-build-push-ecr.yaml} | 31 +++++--------------
 .github/workflows/_test-docker-build.yaml     | 19 ++++++++++++
 .github/workflows/_test-tf-deploy-basic.yaml  | 26 ++++++++++++++++
 .github/workflows/lambda-build-node.yaml      |  2 +-
 .github/workflows/tf-dflook-apply.yaml        |  4 ++-
 .github/workflows/tf-dflook-cleanup.yaml      |  5 +--
 .github/workflows/tf-dflook-feature.yaml      |  4 +--
 .github/workflows/tf-dflook-plan.yaml         |  6 +++-
 README.md                                     | 27 ++++++++++++++--
 9 files changed, 91 insertions(+), 33 deletions(-)
 rename .github/workflows/{_test-workflows.yaml => _test-docker-build-push-ecr.yaml} (51%)
 create mode 100644 .github/workflows/_test-docker-build.yaml
 create mode 100644 .github/workflows/_test-tf-deploy-basic.yaml

diff --git a/.github/workflows/_test-workflows.yaml b/.github/workflows/_test-docker-build-push-ecr.yaml
similarity index 51%
rename from .github/workflows/_test-workflows.yaml
rename to .github/workflows/_test-docker-build-push-ecr.yaml
index 786f1f1b..60eb69ab 100644
--- a/.github/workflows/_test-workflows.yaml
+++ b/.github/workflows/_test-docker-build-push-ecr.yaml
@@ -1,33 +1,16 @@
-name: Test Reusable Workflows
-
 on:
   pull_request:
     branches:
       - main
+    paths:
+      - '.github/workflows/_test-docker-build-push-ecr.yaml'
+      - '.github/workflows/docker-build-push-ecr.yaml'
+      - 'tests/terraform/**'
+  push:
+    branches:
+      - main
 
 jobs:
-  # Enable once we have access to dai sandbox account
-  test_terraform_deploy_basic:
-    uses: ./.github/workflows/tf-deploy-basic.yaml
-    with:
-      github_artifact_path: path/to/artifacts
-      aws_account_id: ${{ vars.aws_account_id }}
-      aws_region: ${{ vars.aws_region }}
-      aws_role_name: ${{ vars.aws_role_name }}
-      environment: foo
-      github_feedback: true
-      tf_deploy_override: true
-      tf_dir: tests/terraform/local
-      tf_vars: var1=value1,var2=value2
-      tf_version: 1.6.6
-
-  test_docker_build:
-    uses: ./.github/workflows/docker-build.yaml
-    with:
-      image_name: test-docker-build
-      docker_context: tests/docker
-      artifact_retention_days: 1
-
   test_docker_build_push_ecr:
     uses: ./.github/workflows/docker-build-push-ecr.yaml
     with:
diff --git a/.github/workflows/_test-docker-build.yaml b/.github/workflows/_test-docker-build.yaml
new file mode 100644
index 00000000..ebe3dd78
--- /dev/null
+++ b/.github/workflows/_test-docker-build.yaml
@@ -0,0 +1,19 @@
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/_test-docker-build.yaml'
+      - '.github/workflows/docker-build.yaml'
+      - 'tests/terraform/**'
+  push:
+    branches:
+      - main
+
+jobs:
+  test_docker_build:
+    uses: ./.github/workflows/docker-build.yaml
+    with:
+      image_name: test-docker-build
+      docker_context: tests/docker
+      artifact_retention_days: 1
diff --git a/.github/workflows/_test-tf-deploy-basic.yaml b/.github/workflows/_test-tf-deploy-basic.yaml
new file mode 100644
index 00000000..2950a52d
--- /dev/null
+++ b/.github/workflows/_test-tf-deploy-basic.yaml
@@ -0,0 +1,26 @@
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/_test-tf-deploy-basic.yaml'
+      - '.github/workflows/tf-deploy-basic.yaml'
+      - 'tests/terraform/**'
+  push:
+    branches:
+      - main
+
+jobs:
+  test_terraform_deploy_basic:
+    uses: ./.github/workflows/tf-deploy-basic.yaml
+    with:
+      github_artifact_path: path/to/artifacts
+      aws_account_id: ${{ vars.aws_account_id }}
+      aws_region: ${{ vars.aws_region }}
+      aws_role_name: ${{ vars.aws_role_name }}
+      environment: foo
+      github_feedback: true
+      tf_deploy_override: true
+      tf_dir: tests/terraform/local
+      tf_vars: var1=value1,var2=value2
+      tf_version: 1.6.6
diff --git a/.github/workflows/lambda-build-node.yaml b/.github/workflows/lambda-build-node.yaml
index ad6ae82b..2763602b 100644
--- a/.github/workflows/lambda-build-node.yaml
+++ b/.github/workflows/lambda-build-node.yaml
@@ -5,7 +5,7 @@ on:
         description: "The Node.js version to use"
         type: string
         required: false
-        default: '20'
+        default: "20"
       source_dir:
         description: "The directory where the Lambda source code is located"
         type: string
diff --git a/.github/workflows/tf-dflook-apply.yaml b/.github/workflows/tf-dflook-apply.yaml
index a85ef9e2..7b65098e 100644
--- a/.github/workflows/tf-dflook-apply.yaml
+++ b/.github/workflows/tf-dflook-apply.yaml
@@ -1,4 +1,6 @@
-# Test dflook workflow
+# Terraform Apply Workflow using the action dflook/terraform-github-actions
+# This workflow is used to apply Terraform changes to an environment.
+# This workflow utilizes either github environments variables or workflow inputs to pass to the terraform actions
 on:
   workflow_call:
     inputs:
diff --git a/.github/workflows/tf-dflook-cleanup.yaml b/.github/workflows/tf-dflook-cleanup.yaml
index 61fde7ec..5dd35c67 100644
--- a/.github/workflows/tf-dflook-cleanup.yaml
+++ b/.github/workflows/tf-dflook-cleanup.yaml
@@ -1,5 +1,6 @@
-# Workflow to cleanup feature branch resources
-#
+# Workflow to cleanup Terraform workspaces
+# Can be used when a PR is closed or merged
+# This workflow will destroy the Terraform workspace and remove the state file from the backend
 on:
   workflow_call:
     inputs:
diff --git a/.github/workflows/tf-dflook-feature.yaml b/.github/workflows/tf-dflook-feature.yaml
index f9400adf..04625b09 100644
--- a/.github/workflows/tf-dflook-feature.yaml
+++ b/.github/workflows/tf-dflook-feature.yaml
@@ -1,6 +1,6 @@
-# Workflow to deploy feature branches
+# Terraform feature branch workflow
 # Creates a new terraform workspace based on the branch name
-# This workflow utilizes github environments to store secrets and varibles.
+# This workflow utilizes either github environments variables or workflow inputs to pass to the terraform actions
 on:
   workflow_call:
     inputs:
diff --git a/.github/workflows/tf-dflook-plan.yaml b/.github/workflows/tf-dflook-plan.yaml
index ba6201d0..4504e8b9 100644
--- a/.github/workflows/tf-dflook-plan.yaml
+++ b/.github/workflows/tf-dflook-plan.yaml
@@ -1,4 +1,8 @@
-# Terraform Plan Workflow using dflook/terraform-github-actions
+# Terraform Plan Workflow using the action dflook/terraform-github-actions
+# This workflow is used to plan Terraform changes and post the plan to a pull request as a comment. These plans
+# are then used to compare the changes when the apply workflow is run.
+# It also includes terraform validation and formatting steps.
+# This workflow utilizes either github environments variables or workflow inputs to pass to the terraform actions
 on:
   workflow_call:
     inputs:
diff --git a/README.md b/README.md
index 8bef36b2..65dc3548 100644
--- a/README.md
+++ b/README.md
@@ -4,6 +4,15 @@ This repository contains a collection of GitHub workflows that are reusable acro
 
 The main goal is to have a single source of truth for all workflows, so that they can be easily updated and reused.
 
+Features include, but are not limited to:
+
+- terraform management
+- aws authentication
+- docker image management
+- lambda builds
+
+The state of these workflows are considered to be in alpha, and are subject to change to suit the needs of projects managed by DAI.
+
 ## Usage
 
 Create a `.github/workflows` directory in your repository and create workflows that reference the workflows in this repository.
@@ -14,15 +23,29 @@ on: push
 jobs:
   my-job:
     uses: <org>/<repo>/.github/workflows/<workflow-name>.yaml@<ref>
+    with:
+      my-input: my-value
 ```
 
+### dflook workflows
+
+[dflook](https://github.com/dflook/terraform-github-actions) actions are an externally maintained set of actions that are used in the workflows.
+The decision to use [dflook](https://github.com/dflook/terraform-github-actions) actions was made to reduce the maintenance burden of the workflows and reuse actions that are well tested and reliable.
+
+Assumptions when using dflook actions:
+
+- inputs are either passed directly to the action or are set as environment variables.
+
+
 ## Releases
 
 Release pipeline is triggered on each PR merged to main, which creates a new release incrementing automatically minor version.
 
 ## Testing
 
-Each workflow should have a `test` job that runs the workflow with all inputs set. This job should be triggered on each PR.
+Each workflow should have a `test` job that runs the workflow with different inputs. This job should be triggered on when changes are detected and push to main.
+
+Test workflows are prefixed with `_test-` and contain the workflow file name. One test workflow per workflow file which can contain multiple jobs.
 
 ## Contributing
 
@@ -30,6 +53,6 @@ Before creating a new shared workflow, check if something similar already exists
 
 If you want to create a new workflow, please follow these steps:
 
-- Name the workflow files similar to the following `<tool/service>-<verb>-<simple description>.yaml`.
+- Name the workflow files similar to the following `<tool/service>-<simple description>.yaml`.
 - The less inputs, the better.
 - Files uses dash-case and variables use snake_case.