Adding github actions file #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Terraform Plan" | |
| on: | |
| pull_request: | |
| env: | |
| TF_CLOUD_ORGANIZATION: "nitheeshp" | |
| TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}" | |
| TF_WORKSPACE: "master_aws" | |
| CONFIG_DIRECTORY: "./" | |
| jobs: | |
| Terraform-Test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check Environment Variables | |
| env: | |
| TF_CLOUD_ORGANIZATION: ${{ env.TF_CLOUD_ORGANIZATION }} | |
| TF_API_TOKEN: ${{ secrets.TF_API_TOKEN }} | |
| TF_WORKSPACE: ${{ env.TF_WORKSPACE }} | |
| CONFIG_DIRECTORY: ${{ env.CONFIG_DIRECTORY }} | |
| run: | | |
| if [ -z "${TF_CLOUD_ORGANIZATION}" ]; then | |
| echo "TF_CLOUD_ORGANIZATION is not set." | |
| exit 1 | |
| fi | |
| if [ -z "${TF_API_TOKEN}" ]; then | |
| echo "TF_API_TOKEN is not set." | |
| exit 1 | |
| fi | |
| if [ -z "${TF_WORKSPACE}" ]; then | |
| echo "TF_WORKSPACE is not set." | |
| exit 1 | |
| fi | |
| if [ -z "${CONFIG_DIRECTORY}" ]; then | |
| echo "CONFIG_DIRECTORY is not set." | |
| exit 1 | |
| fi | |
| echo "All required environment variables are set." | |
| - name: Checkout Code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Verify Checkout | |
| run: | | |
| if [ ! -d ".git" ]; then | |
| echo "Checkout failed." | |
| exit 1 | |
| fi | |
| echo "Checkout succeeded." | |
| terraform: | |
| if: github.repository != 'hashicorp-education/learn-terraform-github-actions' | |
| name: "Terraform Plan" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Upload Configuration | |
| uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0 | |
| id: plan-upload | |
| with: | |
| workspace: ${{ env.TF_WORKSPACE }} | |
| directory: ${{ env.CONFIG_DIRECTORY }} | |
| speculative: true | |
| - name: Create Plan Run | |
| uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0 | |
| id: plan-run | |
| with: | |
| workspace: ${{ env.TF_WORKSPACE }} | |
| configuration_version: ${{ steps.plan-upload.outputs.configuration_version_id }} | |
| plan_only: true | |
| - name: Get Plan Output | |
| uses: hashicorp/tfc-workflows-github/actions/plan-output@v1.0.0 | |
| id: plan-output | |
| with: | |
| plan: ${{ fromJSON(steps.plan-run.outputs.payload).data.relationships.plan.data.id }} | |
| - name: Update PR | |
| uses: actions/github-script@v6 | |
| id: plan-comment | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| // 1. Retrieve existing bot comments for the PR | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| }); | |
| const botComment = comments.find(comment => { | |
| return comment.user.type === 'Bot' && comment.body.includes('Terraform Cloud Plan Output') | |
| }); | |
| const output = `#### Terraform Cloud Plan Output | |
| \`\`\` | |
| Plan: ${{ steps.plan-output.outputs.add }} to add, ${{ steps.plan-output.outputs.change }} to change, ${{ steps.plan-output.outputs.destroy }} to destroy. | |
| \`\`\` | |
| [Terraform Cloud Plan](${{ steps.plan-run.outputs.run_link }}) | |
| `; | |
| // 3. Delete previous comment so PR timeline makes sense | |
| if (botComment) { | |
| github.rest.issues.deleteComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: botComment.id, | |
| }); | |
| } | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: output | |
| }); |