Open
Description
currently in digger orchestrator always triggers digger_workflow.yml job
for multi-account setups we have OIDC project-specified role (aws only) and we have environment variable mapping. The drawback for specifying OIDC role in digger.yml is that we need to support it for every different provider. The drawback of environment mapping is that all environments exist in a single workflow.
I propose to introduce workflow_file as an argument to projects in order to allow users to specify target provider (aws account, gcp account, azure subscription etc) within different workflow files and alllow the orchestrator to trigger the right file without knowledge about it
# digger.yml
projects:
name: dev
dir: dev
workflow_file: digger_dev.yml
name: prod
dir: dev
workflow_file: digger_prod.yml
#.github/workflows/digger_dev.yml
name: Digger Workflow
..........
..........
steps:
- uses: actions/checkout@v4
- uses: diggerhq/digger@latest
with:
setup-aws: true
aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
........
.........
#.github/workflows/digger_prod.yml
name: Digger Workflow
..........
..........
steps:
- uses: actions/checkout@v4
- uses: diggerhq/digger@latest
with:
setup-aws: true
aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
........
.........
This offers much more flexibility when using digger with an orchestrator
Metadata
Metadata
Assignees
Labels
No labels