TF scheduled plan infrastructure #147

Workflow file for this run

.github/workflows/scheduled-tf-plan-infrastructure.yml at 72cbf3d

	name: TF scheduled plan infrastructure

	on:
	schedule:
	- cron: '45 5 * * 1-5' # At 05:45 on every working day (Monday to Friday)
	permissions:
	id-token: write
	contents: write

	jobs:
	plan-dev:
	runs-on: ubuntu-latest
	env:
	working_dir: components/terraform
	account: dev
	timeout-minutes: 3
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false

	- name: get AWS credentials
	uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1
	with:
	aws-region: eu-west-2
	role-to-assume: arn:aws:iam::846769538626:role/GithubOIDCProviderIAMRolePermissions-Role-I80RXHT6O1PL
	role-session-name: MySessionName

	- name: setup runner
	uses: ./.github/actions/setup-runtime

	- name: Terraform plan
	id: tf_run
	with:
	account: "dev"
	uses: ./.github/actions/terraform-plan

	- name: get slack credentials
	uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 # v2.0.10
	with:
	secret-ids: \|
	,infrastructure/ds-infrastructure-notifications/slack
	parse-json-secrets: true

	- name: Slack notification
	if: ${{ steps.tf_run.outputs.run_status == '1' }}
	uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
	env:
	tf_run_status: ${{ steps.tf_run.outputs.run_status }}
	with:
	method: chat.postMessage
	token: ${{ env.SLACK_BOT_TOKEN }}
	payload: \|
	channel: ${{ env.SLACK_CHANNEL_ID }}
	text: "`${{ github.event.repository.name }}`\n\n :x: Terraform plan encountered an Error\nAccount: `${{ env.account }}`\nRun ID: `${{ github.run_id }}`\nRun URL: `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`\n\nPlease check the run logs for more details."

	- name: Slack notification
	if: ${{ steps.tf_run.outputs.run_status == '2' }}
	uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
	env:
	tf_run_status: ${{ steps.tf_run.outputs.run_status }}
	with:
	method: chat.postMessage
	token: ${{ env.SLACK_BOT_TOKEN }}
	payload: \|
	channel: ${{ env.SLACK_CHANNEL_ID }}
	text: "`${{ github.event.repository.name }}`\n\n :git-requested-changes: Terraform indicates changes to the infrastructure or service\nAccount: `${{ env.account }}`\nRun ID: `${{ github.run_id }}`\nRun URL: `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`\n\nPlease check the run logs for more details."

	plan-staging:
	runs-on: ubuntu-latest
	env:
	working_dir: components/terraform
	account: staging
	timeout-minutes: 3
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false

	- name: get AWS credentials
	uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1
	with:
	aws-region: eu-west-2
	role-to-assume: arn:aws:iam::337670467269:role/GitHubActionRole
	role-session-name: MySessionName

	- name: setup runner
	uses: ./.github/actions/setup-runtime

	- name: Terraform plan
	id: tf_run
	with:
	account: "staging"
	uses: ./.github/actions/terraform-plan

	- name: get slack credentials
	uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 # v2.0.10
	with:
	secret-ids: \|
	,infrastructure/ds-infrastructure-notifications/slack
	parse-json-secrets: true

	- name: Slack notification
	if: ${{ steps.tf_run.outputs.run_status == '1' }}
	uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
	env:
	tf_run_status: ${{ steps.tf_run.outputs.run_status }}
	with:
	method: chat.postMessage
	token: ${{ env.SLACK_BOT_TOKEN }}
	payload: \|
	channel: ${{ env.SLACK_CHANNEL_ID }}
	text: "`${{ github.event.repository.name }}`\n\n :x: Terraform plan encountered an Error\nAccount: `${{ env.account }}`\nRun ID: `${{ github.run_id }}`\nRun URL: `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`\n\nPlease check the run logs for more details."

	- name: Slack notification
	if: ${{ steps.tf_run.outputs.run_status == '2' }}
	uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
	env:
	tf_run_status: ${{ steps.tf_run.outputs.run_status }}
	with:
	method: chat.postMessage
	token: ${{ env.SLACK_BOT_TOKEN }}
	payload: \|
	channel: ${{ env.SLACK_CHANNEL_ID }}
	text: "`${{ github.event.repository.name }}`\n\n :git-requested-changes: Terraform indicates changes to the infrastructure or service\nAccount: `${{ env.account }}`\nRun ID: `${{ github.run_id }}`\nRun URL: `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`\n\nPlease check the run logs for more details."

	plan-live:
	runs-on: ubuntu-latest
	env:
	working_dir: components/terraform
	account: live
	timeout-minutes: 3
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false

	- name: get AWS credentials
	uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1
	with:
	aws-region: eu-west-2
	role-to-assume: arn:aws:iam::968803923593:role/github-oidc-Role-1QSZDDE2NZQV0
	role-session-name: MySessionName

	- name: setup runner
	uses: ./.github/actions/setup-runtime

	- name: Terraform plan
	id: tf_run
	with:
	account: "live"
	uses: ./.github/actions/terraform-plan

	- name: get slack credentials
	uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 # v2.0.10
	with:
	secret-ids: \|
	,infrastructure/ds-infrastructure-notifications/slack
	parse-json-secrets: true

	- name: Slack notification
	if: ${{ steps.tf_run.outputs.run_status == '1' }}
	uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
	env:
	tf_run_status: ${{ steps.tf_run.outputs.run_status }}
	with:
	method: chat.postMessage
	token: ${{ env.SLACK_BOT_TOKEN }}
	payload: \|
	channel: ${{ env.SLACK_CHANNEL_ID }}
	text: "`${{ github.event.repository.name }}`\n\n :x: Terraform plan encountered an Error\nAccount: `${{ env.account }}`\nRun ID: `${{ github.run_id }}`\nRun URL: `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`\n\nPlease check the run logs for more details."

	- name: Slack notification
	if: ${{ steps.tf_run.outputs.run_status == '2' }}
	uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
	env:
	tf_run_status: ${{ steps.tf_run.outputs.run_status }}
	with:
	method: chat.postMessage
	token: ${{ env.SLACK_BOT_TOKEN }}
	payload: \|
	channel: ${{ env.SLACK_CHANNEL_ID }}
	text: "`${{ github.event.repository.name }}`\n\n :git-requested-changes: Terraform indicates changes to the infrastructure or service\nAccount: `${{ env.account }}`\nRun ID: `${{ github.run_id }}`\nRun URL: `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`\n\nPlease check the run logs for more details."

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

TF scheduled plan infrastructure #147

Workflow file

TF scheduled plan infrastructure #147

Uh oh!

Workflow file for this run