-
Notifications
You must be signed in to change notification settings - Fork 0
65 lines (55 loc) · 1.71 KB
/
bootstrap.yaml
File metadata and controls
65 lines (55 loc) · 1.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
name: Bootstrap Terraform State Backend
run-name: Bootstrap Terraform State Backend by @${{ github.actor }}
on:
workflow_dispatch:
inputs:
apply:
description: "Apply changes (if false, only runs plan)"
type: boolean
default: false
destroy:
description: "Destroy state backend resources (WARNING: irreversible)"
type: boolean
default: false
push:
branches:
- nickclyde/setup-terraform
concurrency:
group: bootstrap-terraform-state
cancel-in-progress: false
permissions:
id-token: write
contents: read
jobs:
bootstrap:
name: Bootstrap
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v4
with:
terraform_version: 1.14.7
terraform_wrapper: false
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.TERRAFORM_ROLE_ARN }}
role-session-name: githubBootstrapWorkflow
aws-region: ${{ vars.AWS_REGION }}
- name: Terraform Init
working-directory: terraform/bootstrap
run: terraform init
- name: Terraform Plan
if: ${{ !inputs.apply && !inputs.destroy }}
working-directory: terraform/bootstrap
run: terraform plan
- name: Terraform Apply
# if: ${{ inputs.apply && !inputs.destroy }}
working-directory: terraform/bootstrap
run: terraform apply -auto-approve
- name: Terraform Destroy
if: ${{ inputs.destroy }}
working-directory: terraform/bootstrap
run: terraform destroy -auto-approve