From 4026c7b3d7648c7bd4ac0c54b6401d202356e010 Mon Sep 17 00:00:00 2001
From: Ludo <ludomagno@google.com>
Date: Tue, 15 Nov 2022 01:01:07 +0100
Subject: [PATCH 1/4] fix gh workflow

---
 fast/assets/templates/workflow-github.yaml | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/fast/assets/templates/workflow-github.yaml b/fast/assets/templates/workflow-github.yaml
index 2556816c17..2a0c2dea11 100644
--- a/fast/assets/templates/workflow-github.yaml
+++ b/fast/assets/templates/workflow-github.yaml
@@ -99,15 +99,17 @@ jobs:
         name: Terraform plan
         continue-on-error: true
         run: |
+          set -o pipefail
           echo -e "## Plan Output\n\n\`\`\`hcl" >> $$GITHUB_STEP_SUMMARY
           terraform plan -input=false -out ../plan.out -no-color |tee -a $$GITHUB_STEP_SUMMARY
           echo "\`\`\`" >> $$GITHUB_STEP_SUMMARY
 
       - id: tf-apply
-        if: github.event.pull_request.merged == true
+        if: github.event.pull_request.merged == true && success()
         name: Terraform apply
         continue-on-error: true
         run: |
+          set -o pipefail
           echo -e "## Apply Output\n\n\`\`\`hcl" >> $$GITHUB_STEP_SUMMARY
           terraform apply -input=false -auto-approve -no-color ../plan.out |tee -a $$GITHUB_STEP_SUMMARY
           echo "\`\`\`" >> $$GITHUB_STEP_SUMMARY
@@ -117,7 +119,7 @@ jobs:
         uses: actions/github-script@v6
         if: github.event_name == 'pull_request'
         env:
-          PLAN: terraform\n$${{ steps.tf-plan.outputs.stdout }}
+          PLAN: $${{ steps.tf-plan.outputs.stdout }}\n$${{ steps.tf-plan.outputs.stderr }}
         with:
           script: |
             const output = `### Terraform Initialization \`$${{ steps.tf-init.outcome }}\`
@@ -153,4 +155,12 @@ jobs:
               body: output
             })
 
-      # jq -j -r '.resource_changes[] | (.change.actions | join(",")), " ", .address, "\n" ' foo.json
+      - id: check-outcome
+        name: Check on failures
+        if: steps.tf-plan.outcome != 'success'
+        run: |
+          echo -e "## Plan Output\n\n\`\`\`hcl" > $$GITHUB_STEP_SUMMARY
+          echo "$${{ steps.tf-plan.outputs.stdout }}" >> $$GITHUB_STEP_SUMMARY
+          echo "$${{ steps.tf-plan.outputs.stderr }}" >> $$GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $$GITHUB_STEP_SUMMARY
+          exit 1

From 816b4ea2486b23302b450c46998b4d2051563318 Mon Sep 17 00:00:00 2001
From: Ludo <ludomagno@google.com>
Date: Tue, 15 Nov 2022 01:17:31 +0100
Subject: [PATCH 2/4] short PR message

---
 fast/assets/templates/workflow-github.yaml | 33 ++++++++++++++++++----
 1 file changed, 27 insertions(+), 6 deletions(-)

diff --git a/fast/assets/templates/workflow-github.yaml b/fast/assets/templates/workflow-github.yaml
index 2a0c2dea11..bab4013ac3 100644
--- a/fast/assets/templates/workflow-github.yaml
+++ b/fast/assets/templates/workflow-github.yaml
@@ -116,6 +116,7 @@ jobs:
 
       - id: pr-comment
         name: Post comment to Pull Request
+        continue-on-error: true
         uses: actions/github-script@v6
         if: github.event_name == 'pull_request'
         env:
@@ -155,12 +156,32 @@ jobs:
               body: output
             })
 
+      - id: pr-short-comment
+        name: Post comment to Pull Request
+        uses: actions/github-script@v6
+        if: github.event_name == 'pull_request' && steps.pr-comment.outcome != 'success'
+        with:
+          script: |
+            const output = `### Terraform Initialization \`$${{ steps.tf-init.outcome }}\`
+
+            ### Terraform Validation \`$${{ steps.tf-validate.outcome }}\`
+
+            ### Terraform Plan \`$${{ steps.tf-plan.outcome }}\`
+
+            Plan output is in the action log.
+
+            ### Terraform Apply \`$${{ steps.tf-apply.outcome }}\`
+
+            *Pusher: @$${{ github.actor }}, Action: \`$${{ github.event_name }}\`, Working Directory: \`$${{ env.tf_actions_working_dir }}\`, Workflow: \`$${{ github.workflow }}\`*`;
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: output
+            })
+
       - id: check-outcome
         name: Check on failures
         if: steps.tf-plan.outcome != 'success'
-        run: |
-          echo -e "## Plan Output\n\n\`\`\`hcl" > $$GITHUB_STEP_SUMMARY
-          echo "$${{ steps.tf-plan.outputs.stdout }}" >> $$GITHUB_STEP_SUMMARY
-          echo "$${{ steps.tf-plan.outputs.stderr }}" >> $$GITHUB_STEP_SUMMARY
-          echo "\`\`\`" >> $$GITHUB_STEP_SUMMARY
-          exit 1
+        run: exit 1

From 889127dbdf78f6bf1122ac9de8206d1573a73064 Mon Sep 17 00:00:00 2001
From: Ludo <ludomagno@google.com>
Date: Tue, 15 Nov 2022 01:28:15 +0100
Subject: [PATCH 3/4] streamline workflow

---
 fast/assets/templates/workflow-github.yaml | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/fast/assets/templates/workflow-github.yaml b/fast/assets/templates/workflow-github.yaml
index bab4013ac3..8a946d84c8 100644
--- a/fast/assets/templates/workflow-github.yaml
+++ b/fast/assets/templates/workflow-github.yaml
@@ -99,20 +99,14 @@ jobs:
         name: Terraform plan
         continue-on-error: true
         run: |
-          set -o pipefail
-          echo -e "## Plan Output\n\n\`\`\`hcl" >> $$GITHUB_STEP_SUMMARY
-          terraform plan -input=false -out ../plan.out -no-color |tee -a $$GITHUB_STEP_SUMMARY
-          echo "\`\`\`" >> $$GITHUB_STEP_SUMMARY
+          terraform plan -input=false -out ../plan.out -no-color
 
       - id: tf-apply
         if: github.event.pull_request.merged == true && success()
         name: Terraform apply
         continue-on-error: true
         run: |
-          set -o pipefail
-          echo -e "## Apply Output\n\n\`\`\`hcl" >> $$GITHUB_STEP_SUMMARY
-          terraform apply -input=false -auto-approve -no-color ../plan.out |tee -a $$GITHUB_STEP_SUMMARY
-          echo "\`\`\`" >> $$GITHUB_STEP_SUMMARY
+          terraform apply -input=false -auto-approve -no-color ../plan.out
 
       - id: pr-comment
         name: Post comment to Pull Request
@@ -181,7 +175,12 @@ jobs:
               body: output
             })
 
-      - id: check-outcome
-        name: Check on failures
+      - id: check-plan
+        name: Check plan failure
         if: steps.tf-plan.outcome != 'success'
         run: exit 1
+
+      - id: check-apply
+        name: Check apply failure
+        if: github.event.pull_request.merged == true && steps.tf-apply.outcome != 'success'
+        run: exit 1

From 0421103571e16339b461ad80e02bb767b914051c Mon Sep 17 00:00:00 2001
From: Ludo <ludomagno@google.com>
Date: Tue, 15 Nov 2022 01:28:23 +0100
Subject: [PATCH 4/4] fix net outputs

---
 fast/stages/02-networking-nva/outputs.tf           | 2 +-
 fast/stages/02-networking-peering/outputs.tf       | 2 +-
 fast/stages/02-networking-separate-envs/outputs.tf | 2 +-
 fast/stages/02-networking-vpn/outputs.tf           | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/fast/stages/02-networking-nva/outputs.tf b/fast/stages/02-networking-nva/outputs.tf
index b32807cce4..d4a4a1ce1a 100644
--- a/fast/stages/02-networking-nva/outputs.tf
+++ b/fast/stages/02-networking-nva/outputs.tf
@@ -43,7 +43,7 @@ locals {
 resource "local_file" "tfvars" {
   for_each        = var.outputs_location == null ? {} : { 1 = 1 }
   file_permission = "0644"
-  filename        = "${pathexpand(var.outputs_location)}/tfvars/02-networking.auto.tfvars.json"
+  filename        = "${try(pathexpand(var.outputs_location), "")}/tfvars/02-networking.auto.tfvars.json"
   content         = jsonencode(local.tfvars)
 }
 
diff --git a/fast/stages/02-networking-peering/outputs.tf b/fast/stages/02-networking-peering/outputs.tf
index ec3f7191ae..405b2dbe84 100644
--- a/fast/stages/02-networking-peering/outputs.tf
+++ b/fast/stages/02-networking-peering/outputs.tf
@@ -48,7 +48,7 @@ locals {
 resource "local_file" "tfvars" {
   for_each        = var.outputs_location == null ? {} : { 1 = 1 }
   file_permission = "0644"
-  filename        = "${pathexpand(var.outputs_location)}/tfvars/02-networking.auto.tfvars.json"
+  filename        = "${try(pathexpand(var.outputs_location), "")}/tfvars/02-networking.auto.tfvars.json"
   content         = jsonencode(local.tfvars)
 }
 
diff --git a/fast/stages/02-networking-separate-envs/outputs.tf b/fast/stages/02-networking-separate-envs/outputs.tf
index 2432cdcd9a..22016037d2 100644
--- a/fast/stages/02-networking-separate-envs/outputs.tf
+++ b/fast/stages/02-networking-separate-envs/outputs.tf
@@ -44,7 +44,7 @@ locals {
 resource "local_file" "tfvars" {
   for_each        = var.outputs_location == null ? {} : { 1 = 1 }
   file_permission = "0644"
-  filename        = "${pathexpand(var.outputs_location)}/tfvars/02-networking.auto.tfvars.json"
+  filename        = "${try(pathexpand(var.outputs_location), "")}/tfvars/02-networking.auto.tfvars.json"
   content         = jsonencode(local.tfvars)
 }
 
diff --git a/fast/stages/02-networking-vpn/outputs.tf b/fast/stages/02-networking-vpn/outputs.tf
index ec3f7191ae..405b2dbe84 100644
--- a/fast/stages/02-networking-vpn/outputs.tf
+++ b/fast/stages/02-networking-vpn/outputs.tf
@@ -48,7 +48,7 @@ locals {
 resource "local_file" "tfvars" {
   for_each        = var.outputs_location == null ? {} : { 1 = 1 }
   file_permission = "0644"
-  filename        = "${pathexpand(var.outputs_location)}/tfvars/02-networking.auto.tfvars.json"
+  filename        = "${try(pathexpand(var.outputs_location), "")}/tfvars/02-networking.auto.tfvars.json"
   content         = jsonencode(local.tfvars)
 }