connormaglynn
commented
22 hours ago I also wrote a bash script to go through our Terraform Modules and gather the last release date and commits since the last release - may be of use in the future 🔮🚀👇
#!/bin/bash
# Replace with your GitHub token
GITHUB_TOKEN=$(gh auth token)
# List of repository names (format: owner/repo)
repos=(
"ministryofjustice/modernisation-platform-terraform-bastion-linux"
"ministryofjustice/modernisation-platform-terraform-ecs-cluster"
"ministryofjustice/modernisation-platform-terraform-s3-bucket"
"ministryofjustice/modernisation-platform-terraform-aws-vm-import"
"ministryofjustice/modernisation-platform-terraform-pagerduty-integration"
"ministryofjustice/modernisation-platform-terraform-loadbalancer"
"ministryofjustice/modernisation-platform-terraform-ssm-patching"
"ministryofjustice/modernisation-platform-terraform-ec2-instance"
"ministryofjustice/modernisation-platform-terraform-ec2-autoscaling-group"
"ministryofjustice/modernisation-platform-terraform-lambda-function"
"ministryofjustice/modernisation-platform-terraform-baselines"
"ministryofjustice/modernisation-platform-terraform-cross-account-access"
"ministryofjustice/modernisation-platform-terraform-environments"
"ministryofjustice/modernisation-platform-terraform-iam-superadmins"
"ministryofjustice/modernisation-platform-terraform-member-vpc"
"ministryofjustice/modernisation-platform-github-oidc-provider"
)
# GitHub API base URL
api_url="https://api.github.com/repos"
# Loop through each repository
for repo in "${repos[@]}"; do
# Fetch the latest release information using GitHub API with authentication
release_response=$(curl -s -H "Authorization: token $GITHUB_TOKEN" "$api_url/$repo/releases/latest")
# Extract the release date and the tag name of the latest release
last_release_date=$(echo "$release_response" | jq -r '.published_at')
last_release_tag=$(echo "$release_response" | jq -r '.tag_name')
# Check if there was a valid release
if [ "$last_release_date" != "null" ] && [ "$last_release_tag" != "null" ]; then
# Get the commit SHA for the release tag
last_release_sha=$(curl -s -H "Authorization: token $GITHUB_TOKEN" "$api_url/$repo/git/ref/tags/$last_release_tag" | jq -r '.object.sha')
# Get the default branch (usually main/master)
default_branch=$(curl -s -H "Authorization: token $GITHUB_TOKEN" "$api_url/$repo" | jq -r '.default_branch')
# Get the latest commit SHA on the default branch
latest_commit_sha=$(curl -s -H "Authorization: token $GITHUB_TOKEN" "$api_url/$repo/commits/$default_branch" | jq -r '.sha')
# Count the number of commits since the last release
commit_count=$(curl -s -H "Authorization: token $GITHUB_TOKEN" "$api_url/$repo/compare/$last_release_sha...$latest_commit_sha" | jq -r '.ahead_by')
# Output the repository name, last release date, and number of commits since the last release
echo "$repo,$last_release_date,$commit_count"
else
echo "$repo No releases found"
fi
done
User Story
As a Modernisation Platform Engineer I need/want/expect to take minimal dependency version bumps when I release a new version of a Terraform Module, after I have made a functional change So that I can reduce the time needed to debug any issues and easily identify the cause of any issues, whether that be a dependency version bump or the functional change
Value / Purpose
The purpose of this work is to implement a new dependency management strategy for Terraform Modules, especially regarding CI/CD related dependencies (which tend to be the noisiest), to reduce the number of dependency related changes an engineer needs to release when they make a functional change; and to reduce the number of depency bumps come through in support.
The value of implementing this new strategy will be:
Useful Contacts
@connormaglynn
Additional Information
Definition of Done