Skip to content

Commit 0b41d43

Browse files
selfcare-github-botselfcare-github-bot
authored
Update call_release_resources_infra.yml
1 parent ab6a901 commit 0b41d43

File tree

1 file changed

+14
-35
lines changed

1 file changed

+14
-35
lines changed

.github/workflows/call_release_resources_infra.yml

Lines changed: 14 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -104,27 +104,16 @@ jobs:
104104
cd ${{ inputs.dir }}
105105
106106
terraform plan -lock-timeout=3000s -out=tfplan-${{ inputs.env.TERRAFORM_ENVIRONMENT }}-${{ github.sha }} -input=false
107-
108-
- name: Encrypt Terraform Plan
109-
working-directory: ${{ inputs.dir }}
107+
108+
- name: Upload Terraform Plan as Artifact
109+
uses: pagopa/dx/actions/terraform-plan-upload@main
110110
env:
111-
ENCRYPTION_PASSPHRASE: ${{ secrets.ARTIFACT_ENC_KEY }}
112-
TFPLAN_FILE: tfplan-${{ inputs.env.TERRAFORM_ENVIRONMENT }}-${{ github.sha }}
113-
run: |
114-
set -euo pipefail
115-
openssl enc -aes-256-cbc -salt -pbkdf2 \
116-
-in "$TFPLAN_FILE" \
117-
-out "${TFPLAN_FILE}.enc" \
118-
-pass env:ENCRYPTION_PASSPHRASE
119-
rm -f "$TFPLAN_FILE"
120-
121-
- name: "Upload Terraform Plan as Artifact"
122-
uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
111+
ARTIFACT_ENC_KEY: ${{ secrets.ARTIFACT_ENC_KEY }}
123112
with:
124-
name: tfplan-enc
125-
path: ${{ inputs.dir }}/tfplan-${{ inputs.env.TERRAFORM_ENVIRONMENT }}-${{ github.sha }}.enc
126-
if-no-files-found: error
127-
retention-days: 14
113+
plan-file: tfplan-${{ inputs.env.TERRAFORM_ENVIRONMENT }}-${{ github.sha }}
114+
working-directory: ${{ inputs.dir }}
115+
artifact-name: terraform-plan
116+
retention-days: 1
128117

129118
apply:
130119
name: 'Terraform Apply'
@@ -151,23 +140,13 @@ jobs:
151140
subscription-id: ${{ vars.ARM_SUBSCRIPTION_ID }}
152141

153142
- name: Download Terraform Plan as Artifact
154-
uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3
155-
with:
156-
name: tfplan-enc
157-
path: ${{ inputs.dir }}
158-
159-
- name: Decrypt Terraform Plan
160-
working-directory: ${{ inputs.dir }}
143+
uses: pagopa/dx/actions/terraform-plan-download@main
161144
env:
162-
ENCRYPTION_PASSPHRASE: ${{ secrets.ARTIFACT_ENC_KEY }}
163-
TFPLAN_FILE: tfplan-${{ inputs.env.TERRAFORM_ENVIRONMENT }}-${{ github.sha }}
164-
run: |
165-
set -euo pipefail
166-
openssl enc -aes-256-cbc -d -pbkdf2 \
167-
-in "${TFPLAN_FILE}.enc" \
168-
-out "$TFPLAN_FILE" \
169-
-pass env:ENCRYPTION_PASSPHRASE
170-
rm -f "${TFPLAN_FILE}.enc"
145+
ARTIFACT_ENC_KEY: ${{ secrets.ARTIFACT_ENC_KEY }}
146+
with:
147+
plan-file: tfplan-${{ inputs.env.TERRAFORM_ENVIRONMENT }}-${{ github.sha }}
148+
working-directory: ${{ inputs.dir }}
149+
artifact-name: terraform-plan
171150

172151
- name: Retrieve Terraform Modules from Cache
173152
id: cache-terraform-modules

0 commit comments

Comments
 (0)