From 884a62df5738d7ec784bd4b1036830ffccc75c61 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Mon, 5 Aug 2024 13:28:02 -0600 Subject: [PATCH 01/18] WIP add drift detection --- .../workflows/pipelines-drift-detection.yml | 104 ++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 .github/workflows/pipelines-drift-detection.yml diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml new file mode 100644 index 00000000..919990b5 --- /dev/null +++ b/.github/workflows/pipelines-drift-detection.yml @@ -0,0 +1,104 @@ +name: Pipelines +run-name: Drift Detection +on: + workflow_call: + inputs: + # This field can be overriden to customize the runner used for pipelines + # workflows. + # + # IMPORTANT: To use self-hosted runners this workflow must be hosted in + # the same GitHub organization as your infra-live repository. + # See https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-self-hosted-runners + # + # The value must be an escaped JSON string that will be decoded to the + # jobs.runs-on field + # See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on + # + # For example: + # - A simple github runner: "\"ubuntu-22.04\"" + # - A list of labels: "[\"self-hosted\", \"linux\"]" + # - A map: "{group: \"ubuntu-runners\", labels: \"ubuntu-20.04-16core\"}" + runner: + type: string + default: '"ubuntu-latest"' + secrets: + PIPELINES_READ_TOKEN: + required: true +env: + PIPELINES_CLI_VERSION: v0.26.0-rc1 + PIPELINES_ACTIONS_VERSION: main + +jobs: + pipelines_drift_detection: + name: Detect Infrastructure Drift + runs-on: ${{ fromJSON(inputs.runner) }} + steps: + - name: Checkout Pipelines Actions + uses: actions/checkout@v4 + with: + path: pipelines-actions + repository: gruntwork-io/pipelines-actions + ref: ${{ env.PIPELINES_ACTIONS_VERSION }} + token: ${{ secrets.PIPELINES_READ_TOKEN }} + + - name: Check out repo code + uses: actions/checkout@v4 + with: + path: infra-live-repo + fetch-depth: 0 + + - name: Bootstrap Workflow + id: gruntwork_context + uses: ./pipelines-actions/.github/actions/pipelines-bootstrap + with: + token: ${{ secrets.PIPELINES_READ_TOKEN }} + working_directory: ./infra-live-repo + terragrunt_command: "run-all plan" + branch: "main" + + - name: "Run terragrunt run-all plan" + id: terragrunt + uses: ./pipelines-actions/.github/actions/pipelines-execute + env: + TERRAGRUNT_AUTH_PROVIDER_CMD: "pipelines auth terragrunt-credentials --ci github-actions --cloud aws --wd ." + with: + token: ${{ secrets.PIPELINES_READ_TOKEN }} + tf_binary: ${{ steps.gruntwork_context.outputs.tf_binary }} + working_directory: ${{ steps.gruntwork_context.outputs.working_directory }} + terragrunt_command: ${{ steps.gruntwork_context.outputs.terragrunt_command }} + infra_live_repo_branch: ${{ steps.gruntwork_context.outputs.branch }} + gruntwork_config_file: ${{ steps.gruntwork_context.outputs.gruntwork_config_file }} + infra_live_repo: "." + infra_live_directory: "." + deploy_branch_name: ${{ steps.gruntwork_context.outputs.deploy_branch_name }} + + - name: "Parse plans" + id: tfplan + shell: bash + env: + WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }} + GH_TOKEN: ${{ github.token }} + PLAN_FOLDER: ${{ steps.terragrunt.outputs.plan_folder}} + run: | + pipelines tfplan detect-drift --working-directory "$WORKING_DIRECTORY" "$PLAN_FOLDER" + + + - name: "Create PR" + id: propose-infra-change + shell: bash + if: ${{ steps.tfplan.outputs. }} + env: + WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }} + BRANCH_NAME: "drift-detection" + + run: | + git_changes=$(git status --porcelein) + if [[ git_changes ]]; then + pipelines scm propose-infra-change \ + --working-directory "$WORKING_DIRECTORY" \ + --change-request-branch-name "$BRANCH_NAME" \ + --commit-message "Drift Detected" + --title "Drift Detected" + --force true + fi + From e0dd0bd55d9daf5dee14b573f9cc041055a3c6b5 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Mon, 5 Aug 2024 13:33:05 -0600 Subject: [PATCH 02/18] Fix broken if statement --- .github/workflows/pipelines-drift-detection.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 919990b5..04444f09 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -86,7 +86,6 @@ jobs: - name: "Create PR" id: propose-infra-change shell: bash - if: ${{ steps.tfplan.outputs. }} env: WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }} BRANCH_NAME: "drift-detection" From 3ce584e9b8ac75cbf185ec643ec68d22d780a21f Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Mon, 5 Aug 2024 13:37:14 -0600 Subject: [PATCH 03/18] Pass root as working directory to bootstrap --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 04444f09..9566c0d8 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -52,7 +52,7 @@ jobs: uses: ./pipelines-actions/.github/actions/pipelines-bootstrap with: token: ${{ secrets.PIPELINES_READ_TOKEN }} - working_directory: ./infra-live-repo + working_directory: "." terragrunt_command: "run-all plan" branch: "main" From 019ec0581c6b29d79c634ffd34484d7854e3c6a0 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Mon, 5 Aug 2024 13:53:52 -0600 Subject: [PATCH 04/18] Fix exclude root dir from run-all plan --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 9566c0d8..8e6e5f2e 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -53,7 +53,7 @@ jobs: with: token: ${{ secrets.PIPELINES_READ_TOKEN }} working_directory: "." - terragrunt_command: "run-all plan" + terragrunt_command: "run-all plan --terragrunt-exclude-dir=." branch: "main" - name: "Run terragrunt run-all plan" From 95070be1a3b44ba46e9326d4473700a17dcf4e9b Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 08:53:48 -0600 Subject: [PATCH 05/18] Fix git change detection --- .github/workflows/pipelines-drift-detection.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 8e6e5f2e..7c217ca9 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -91,13 +91,13 @@ jobs: BRANCH_NAME: "drift-detection" run: | - git_changes=$(git status --porcelein) - if [[ git_changes ]]; then + git_changes=$(git status --porcelain) + if [[ $git_changes ]]; then pipelines scm propose-infra-change \ --working-directory "$WORKING_DIRECTORY" \ --change-request-branch-name "$BRANCH_NAME" \ - --commit-message "Drift Detected" - --title "Drift Detected" + --commit-message "Drift Detected" \ + --title "Drift Detected" \ --force true fi From c9c7eeb97a44d573d0fa001f39d443353db9ef70 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 08:59:22 -0600 Subject: [PATCH 06/18] Working dir for later steps --- .github/workflows/pipelines-drift-detection.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 7c217ca9..6bcb2312 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -74,6 +74,7 @@ jobs: - name: "Parse plans" id: tfplan + working-directory: ./infra-live-repo shell: bash env: WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }} @@ -85,6 +86,7 @@ jobs: - name: "Create PR" id: propose-infra-change + working-directory: ./infra-live-repo shell: bash env: WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }} From 4ea984db84d489c09e09ddf59918d44dcef6a23c Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 10:37:49 -0600 Subject: [PATCH 07/18] Add parallelism limit 6 --- .github/workflows/pipelines-drift-detection.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 6bcb2312..923ff5d6 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -71,6 +71,7 @@ jobs: infra_live_repo: "." infra_live_directory: "." deploy_branch_name: ${{ steps.gruntwork_context.outputs.deploy_branch_name }} + tg_execution_parallelism_limit: 6 - name: "Parse plans" id: tfplan From 50883613e4971d79cb1e87c6e049b860d7aa6cff Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 12:01:27 -0600 Subject: [PATCH 08/18] Use 0.26.0-rc4. Remove paralllelism limit --- .github/workflows/pipelines-drift-detection.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 923ff5d6..be9bec17 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -25,7 +25,7 @@ on: PIPELINES_READ_TOKEN: required: true env: - PIPELINES_CLI_VERSION: v0.26.0-rc1 + PIPELINES_CLI_VERSION: v0.26.0-rc4 PIPELINES_ACTIONS_VERSION: main jobs: @@ -71,7 +71,6 @@ jobs: infra_live_repo: "." infra_live_directory: "." deploy_branch_name: ${{ steps.gruntwork_context.outputs.deploy_branch_name }} - tg_execution_parallelism_limit: 6 - name: "Parse plans" id: tfplan From c054eda76cb0eba75614d54fe7e3a33dabc646e1 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 12:29:09 -0600 Subject: [PATCH 09/18] Fix role used for run-all plan --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index be9bec17..630e9bd9 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -60,7 +60,7 @@ jobs: id: terragrunt uses: ./pipelines-actions/.github/actions/pipelines-execute env: - TERRAGRUNT_AUTH_PROVIDER_CMD: "pipelines auth terragrunt-credentials --ci github-actions --cloud aws --wd ." + TERRAGRUNT_AUTH_PROVIDER_CMD: "pipelines auth terragrunt-credentials --ci github-actions --cloud aws --wd . --event-type pr-synched-created" with: token: ${{ secrets.PIPELINES_READ_TOKEN }} tf_binary: ${{ steps.gruntwork_context.outputs.tf_binary }} From 0314b21f4926d629a106a3fae97b80c7696734e7 Mon Sep 17 00:00:00 2001 From: Yousif Akbar <11247449+yhakbar@users.noreply.github.com> Date: Tue, 6 Aug 2024 15:24:55 -0400 Subject: [PATCH 10/18] feat: Adding cross runner cache persistence --- .github/workflows/pipelines-drift-detection.yml | 9 ++++++++- .github/workflows/pipelines-root.yml | 7 +++++++ .github/workflows/pipelines.yml | 8 ++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 630e9bd9..ed8eb7a9 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -46,7 +46,14 @@ jobs: with: path: infra-live-repo fetch-depth: 0 - + + - name: Cache Providers + id: cache-providers + uses: actions/cache@v4 + with: + path: ~/.cache/terragrunt/providers + key: ${{ runner.os }}-terragrunt-providers + - name: Bootstrap Workflow id: gruntwork_context uses: ./pipelines-actions/.github/actions/pipelines-bootstrap diff --git a/.github/workflows/pipelines-root.yml b/.github/workflows/pipelines-root.yml index 029fdb06..79a77f4b 100644 --- a/.github/workflows/pipelines-root.yml +++ b/.github/workflows/pipelines-root.yml @@ -101,6 +101,13 @@ jobs: path: infra-live-repo fetch-depth: 0 + - name: Cache Providers + id: cache-providers + uses: actions/cache@v4 + with: + path: ~/.cache/terragrunt/providers + key: ${{ runner.os }}-terragrunt-providers + - name: Bootstrap Workflow id: gruntwork_context uses: ./pipelines-actions/.github/actions/pipelines-bootstrap diff --git a/.github/workflows/pipelines.yml b/.github/workflows/pipelines.yml index b5b76171..301b6de0 100644 --- a/.github/workflows/pipelines.yml +++ b/.github/workflows/pipelines.yml @@ -48,6 +48,14 @@ jobs: path: infra-live-repo fetch-depth: 0 + - name: Cache Providers + id: cache-providers + uses: actions/cache@v4 + with: + path: ~/.cache/terragrunt/providers + key: ${{ runner.os }}-terragrunt-providers + + - name: Preflight Checks uses: ./pipelines-actions/.github/actions/pipelines-preflight-action with: From 714b17703f20f11058a85e96767eaac0c2cf4171 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 13:33:38 -0600 Subject: [PATCH 11/18] fix whitespace --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index ed8eb7a9..de065572 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -104,7 +104,7 @@ jobs: if [[ $git_changes ]]; then pipelines scm propose-infra-change \ --working-directory "$WORKING_DIRECTORY" \ - --change-request-branch-name "$BRANCH_NAME" \ + --change-request-branch-name "$BRANCH_NAME" \ --commit-message "Drift Detected" \ --title "Drift Detected" \ --force true From 1f7c6d8e5a69eabc5ce09a5bddf3d814ed1fc005 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 13:46:56 -0600 Subject: [PATCH 12/18] Fix missing GH_TOKEN --- .github/workflows/pipelines-drift-detection.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index de065572..4f890552 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -96,6 +96,7 @@ jobs: working-directory: ./infra-live-repo shell: bash env: + GH_TOKEN: ${{ github.token }} WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }} BRANCH_NAME: "drift-detection" From f47cbe88d15c5345ba69e41097ff6242148f5c6c Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 14:08:21 -0600 Subject: [PATCH 13/18] Use -n for git status check --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 4f890552..a59210bd 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -102,7 +102,7 @@ jobs: run: | git_changes=$(git status --porcelain) - if [[ $git_changes ]]; then + if [[ -n $git_changes ]]; then pipelines scm propose-infra-change \ --working-directory "$WORKING_DIRECTORY" \ --change-request-branch-name "$BRANCH_NAME" \ From 49a46c232c3145908081449b56f81f99ef4762f3 Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 14:30:16 -0600 Subject: [PATCH 14/18] Pipelines CLI v0.26.1 --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index a59210bd..24be4abb 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -25,7 +25,7 @@ on: PIPELINES_READ_TOKEN: required: true env: - PIPELINES_CLI_VERSION: v0.26.0-rc4 + PIPELINES_CLI_VERSION: v0.26.1 PIPELINES_ACTIONS_VERSION: main jobs: From 197a46fc4fc8e5708241ca0aeb64fec474e3697f Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 14:45:19 -0600 Subject: [PATCH 15/18] Fix missing author for create pr --- .github/workflows/pipelines-drift-detection.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 24be4abb..efba5925 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -99,6 +99,8 @@ jobs: GH_TOKEN: ${{ github.token }} WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }} BRANCH_NAME: "drift-detection" + AUTHOR_NAME: ${{ github.actor }} + AUTHOR_EMAIL: ${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com run: | git_changes=$(git status --porcelain) @@ -108,6 +110,8 @@ jobs: --change-request-branch-name "$BRANCH_NAME" \ --commit-message "Drift Detected" \ --title "Drift Detected" \ + --author-name "$AUTHOR_NAME" \ + --author-email "$AUTHOR_EMAIL" \ --force true fi From 6287f8c19daf0bdfbadccc282237b4810b24649f Mon Sep 17 00:00:00 2001 From: Lewis Christie Date: Tue, 6 Aug 2024 15:47:56 -0600 Subject: [PATCH 16/18] Pipelines CLI v0.26.2-rc1 --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index efba5925..4e13fb11 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -25,7 +25,7 @@ on: PIPELINES_READ_TOKEN: required: true env: - PIPELINES_CLI_VERSION: v0.26.1 + PIPELINES_CLI_VERSION: v0.26.2-rc1 PIPELINES_ACTIONS_VERSION: main jobs: From 3b8b322cb8c031a57cc01814d9635b2c5e1a035c Mon Sep 17 00:00:00 2001 From: Yousif Akbar <11247449+yhakbar@users.noreply.github.com> Date: Wed, 7 Aug 2024 09:21:39 -0400 Subject: [PATCH 17/18] test: Testing with provider caching --- .github/workflows/pipelines-drift-detection.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 4e13fb11..3075cd7f 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -27,6 +27,7 @@ on: env: PIPELINES_CLI_VERSION: v0.26.2-rc1 PIPELINES_ACTIONS_VERSION: main + TERRAGRUNT_PROVIDER_CACHE: 1 jobs: pipelines_drift_detection: @@ -62,7 +63,7 @@ jobs: working_directory: "." terragrunt_command: "run-all plan --terragrunt-exclude-dir=." branch: "main" - + - name: "Run terragrunt run-all plan" id: terragrunt uses: ./pipelines-actions/.github/actions/pipelines-execute @@ -78,7 +79,7 @@ jobs: infra_live_repo: "." infra_live_directory: "." deploy_branch_name: ${{ steps.gruntwork_context.outputs.deploy_branch_name }} - + - name: "Parse plans" id: tfplan working-directory: ./infra-live-repo @@ -90,7 +91,7 @@ jobs: run: | pipelines tfplan detect-drift --working-directory "$WORKING_DIRECTORY" "$PLAN_FOLDER" - + - name: "Create PR" id: propose-infra-change working-directory: ./infra-live-repo @@ -101,7 +102,7 @@ jobs: BRANCH_NAME: "drift-detection" AUTHOR_NAME: ${{ github.actor }} AUTHOR_EMAIL: ${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com - + run: | git_changes=$(git status --porcelain) if [[ -n $git_changes ]]; then From 58b8a319f4459df905cf4317ccaf2b330ef57ed2 Mon Sep 17 00:00:00 2001 From: Yousif Akbar <11247449+yhakbar@users.noreply.github.com> Date: Wed, 7 Aug 2024 09:23:16 -0400 Subject: [PATCH 18/18] test: Testing with parallelism restriction --- .github/workflows/pipelines-drift-detection.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml index 3075cd7f..56c92320 100644 --- a/.github/workflows/pipelines-drift-detection.yml +++ b/.github/workflows/pipelines-drift-detection.yml @@ -27,7 +27,7 @@ on: env: PIPELINES_CLI_VERSION: v0.26.2-rc1 PIPELINES_ACTIONS_VERSION: main - TERRAGRUNT_PROVIDER_CACHE: 1 + TERRAGRUNT_PARALLELISM: 10 jobs: pipelines_drift_detection: