Skip to content

Apply

Apply #109

Workflow file for this run

name: Apply
on:
workflow_dispatch:
schedule:
- cron: "17 */4 * * *"
push:
paths:
- "**/*.tf"
- "**/*.tfvars"
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: false
permissions:
id-token: write
contents: read
jobs:
apply:
runs-on: ubuntu-latest
env:
TF_CLI_ARGS: "-no-color"
TF_IN_AUTOMATION: "true"
TF_VAR_aws_account_id: ${{ secrets.AWS_ACCOUNT_ID }}
TF_VAR_aws_account_id_secondary: ${{ secrets.AWS_ACCOUNT_ID_SECONDARY }}
steps:
- uses: actions/checkout@v6
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
aws-region: us-east-1
- name: Setup OpenTofu
uses: opentofu/setup-opentofu@v2
with:
tofu_wrapper: false
- name: TF init
run: |
tofu init
- name: TF Validate
run: |
tofu validate
- name: TF Plan & Policy
run: |
./scripts/check-policy.sh -o tfplan
- name: TF Apply
run: |
tofu apply -concise -auto-approve tfplan