Field Engineering Workbench Orb

The FE orb is a collection of mostly bash snippets that are commonly run, with some improvement to encourage best practices.

Available Helpers

Semantic Versioning helpers

There are 3 commands and a job for config.

SemVer: From Git Log (1)

This command will use git log and git tag to find current version, and the specified “bump” {major, minor, patch}

You can alternately just manually set CURRENT_VERSION and SEMVER_INCREMENT

Semver: Bump (4)

Available as a command and a job. Bump runs the incremental logic script based on CURRENT_VERSION and SEMVER_INCREMENT

Semver: Tag Remote (3)

This uses the ‘bumped’ version to push as a new git tag.

Key Commands

Trust GH Keys (1)

This queries api.github.com/meta for current SSH keys, and adds them to the /.ssh/known_hosts

This is safer than use of keyscan which is vulnerable to Man-in-the-middle attacks (MITM).

Workbench Orb Example Config

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28


version: 2.1
orbs:
  terraform: circleci/terraform@3.2.1
  workbench: cci-labs/workbench@0.0.1 # (0)

jobs:
  tf-validate:
    executor: terraform/default
    steps:
      - workbench/trust_gh_keys # (1)
      - run: SomeCustomCHeckout.sh
      - terraform/fmt
      - terraform/validate

workflows:
  main:
    jobs:
      - tf-validate:
          name: Validate Terraform Plan
      - workbench/bump: # (4)
          pre-steps:
            - workbench/semverfromgitlog  # (2)
          post-steps: 
            - workbench/tagremote # (3)
          requires: [Validate Terraform Plan]
          filters:
            branches:
              only: [main]