-
Notifications
You must be signed in to change notification settings - Fork 0
70 lines (64 loc) · 2.48 KB
/
tf-plan.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: Terraform Plan Workflow
on:
workflow_call:
inputs:
environment:
description: The Github environment name where the AWS credentials are retrieved. AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY.
required: true
type: string
jobs:
terraform-plan:
name: Validating ${{ inputs.environment }}
runs-on: ubuntu-latest
environment: ${{ inputs.environment }}
permissions:
# Needed by AWS actions
id-token: write
contents: read
steps:
- name: Checkout Latest Code
id: checkout
uses: actions/checkout@v3
with:
token: ${{ secrets.PAT_TOKEN }}
- name: Set AWS Credentials
id: aws-credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-southeast-1
- name: Setup Terraform CLI
id: tf-install
uses: hashicorp/setup-terraform@v2
- name: Terraform Init
id: terraform-init
working-directory: ${{ inputs.environment }}
run: terraform init
- name: Terraform Generate Plan
id: tf-plan
working-directory: ${{ inputs.environment }}
# TODO: Modify the user.name and user.email here.
# I currently haven't figured out a way to automate this so the steps below are pretty manual.
run: |
git pull
terraform plan -out ../tfplan/${{ inputs.environment }}.tfplan
if [ "${{ github.event.pull_request.user.login }}" != "" ];
then
echo Using PR data...
git config --global user.name "${{ github.event.pull_request.user.login }}"
git config --global user.email "${{ github.event.pull_request.user.email }}"
git add ../tfplan/${{ inputs.environment }}.tfplan
git commit -m "Terraform plan for PR #${{ github.event.pull_request.number }}"
else
echo Using WF data...
git config --global user.name "youruser"
git config --global user.email "your@email"
git add ../tfplan/${{ inputs.environment }}.tfplan
git commit -m "Terraform plan from manual workflow $(date +'%Y-%m-%d')"
fi
git push
- name: Terraform Show Plan
id: terraform-show
working-directory: ${{ inputs.environment }}
run: terraform show ../tfplan/${{ inputs.environment }}.tfplan