diff --git a/.github/workflows/terraform-plan.yaml b/.github/workflows/terraform-plan.yaml index d2da8c1..a0e5a65 100644 --- a/.github/workflows/terraform-plan.yaml +++ b/.github/workflows/terraform-plan.yaml @@ -1,100 +1,37 @@ name: Deploy IAM Resources to AWS with Terraform on: - pull_request: + pull-request: branches: - - main + - main # or any other branch you want to trigger the deployment jobs: terraform: name: Terraform runs-on: ubuntu-latest - - defaults: - run: - working-directory: terraform - permissions: - pull-requests: write + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v3 - - - name: Terraform fmt - id: fmt - run: terraform fmt -check - continue-on-error: true - - - name: Terraform Init - id: init - run: terraform init - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - - name: Terraform Validate - id: validate - run: terraform validate -no-color - - - name: Terraform Plan - id: plan - run: terraform plan -no-color - continue-on-error: true - - - uses: actions/github-script@v6 - if: github.event_name == 'pull_request' - env: - PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - // 1. Retrieve existing bot comments for the PR - const { data: comments } = await github.rest.issues.listComments({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: context.issue.number, - }) - const botComment = comments.find(comment => { - return comment.user.type === 'Bot' && comment.body.includes('Terraform Format and Style') - }) - - // 2. Prepare format of the comment - const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` - #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` - #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` -
Validation Output - - \`\`\`\n - ${{ steps.validate.outputs.stdout }} - \`\`\` - -
- - #### Terraform Plan 📖\`${{ steps.plan.outcome }}\` - -
Show Plan - - \`\`\`\n - ${process.env.PLAN} - \`\`\` - -
- - *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`; - - // 3. If we have a comment, update it, otherwise create a new one - if (botComment) { - github.rest.issues.updateComment({ - owner: context.repo.owner, - repo: context.repo.repo, - comment_id: botComment.id, - body: output - }) - } else { - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: output - }) - } + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: 1.7.3 # Specify the Terraform version + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-west-2 # Change to your AWS region + + - name: Terraform Init + run: terraform init + + - name: Terraform Plan + uses: dflook/terraform-plan@v1 + with: + path: terraform \ No newline at end of file