adding ifra test #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Terraform Plan and Apply" | |
| permissions: | |
| id-token: write # required to use OIDC authenticatidddondsadas | |
| contents: read # required to check out the code from the repo | |
| pull-requests: write # allow GH Action to write in the PR | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| jobs: | |
| terraform: | |
| name: "Terraform Plan and Apply" | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Terraform Install | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.1.6 | |
| - name: Terraform Format | |
| id: fmt | |
| run: terraform fmt -check | |
| - name: Configure AWS | |
| id: configure_aws | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: "${{ secrets.AWS_DEPLOYMENT_ROLE }}" | |
| role-duration-seconds: 900 | |
| aws-region: eu-west-1 | |
| role-session-name: OIDCSession | |
| - name: Terraform Init | |
| id: init | |
| run: terraform init | |
| - name: Terraform Select Workspace | |
| id: fmt-workspace | |
| run: "terraform workspace select ${{ secrets.TF_WORKSPACE }} || terraform workspace new ${{ secrets.TF_WORKSPACE }}" | |
| - name: Terraform Validate | |
| id: validate | |
| run: terraform validate | |
| - name: Terraform Plan | |
| id: plan | |
| if: github.event_name == 'push' | |
| run: terraform plan -no-color -input=false | |
| continue-on-error: true | |
| - name: Terraform Validation Report | |
| uses: actions/github-script@v6 | |
| if: github.event_name == 'push' | |
| env: | |
| PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" | |
| with: | |
| github-token: ${{ secrets.GHB_TOKEN }} | |
| script: | | |
| const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` | |
| #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` | |
| #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` | |
| #### Terraform Plan 📖\`${{ steps.plan.outcome }}\` | |
| <details><summary>Show Plan</summary> | |
| \`\`\`\n | |
| ${process.env.PLAN} | |
| \`\`\` | |
| </details> | |
| *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: output | |
| }) | |
| - name: Terraform Plan Status | |
| if: steps.plan.outcome == 'failure' | |
| run: exit 1 | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| run: terraform apply -auto-approve -input=false |