-
Notifications
You must be signed in to change notification settings - Fork 0
133 lines (114 loc) · 4.75 KB
/
terraform-plan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Terraform Plan
on:
workflow_call:
inputs:
working-directory:
type: string
required: false
default: tf
operation:
type: string
required: false
default: Common
secrets:
aws-id:
required: true
aws-secret:
required: true
git-read-key:
required: true
jobs:
plan:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.aws-id }}
aws-secret-access-key: ${{ secrets.aws-secret }}
aws-region: eu-central-1
- name: Install SSH key
uses: webfactory/ssh-agent@v0.5.4
with:
ssh-private-key: ${{ secrets.git-read-key }}
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
- name: Terraform Fmt
id: fmt
run: terraform fmt -check -recursive
continue-on-error: true
working-directory: tf
- name: Terraform Init
id: init
run: terraform init
continue-on-error: true
working-directory: ${{ inputs.working-directory }}
- name: Terraform Validate
id: validate
run: terraform validate -no-color
continue-on-error: true
working-directory: ${{ inputs.working-directory }}
- name: Terraform Plan
id: plan
run: |
terraform plan -out=plan.tmp
continue-on-error: true
working-directory: ${{ inputs.working-directory }}
- name: Terraform Show Plan
id: show-plan
run: |
terraform show plan.tmp -no-color >${GITHUB_WORKSPACE}/plan.out
continue-on-error: true
working-directory: ${{ inputs.working-directory }}
- name: Install fs module
run: npm install fs
- uses: actions/github-script@v6
if: github.event_name == 'pull_request'
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const { readFile } = require("fs/promises")
const data = await readFile('plan.out', 'utf8')
const MAX_PLAN_LENGTH = 60000
const { data: comments } = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
})
const botComment = comments.find(comment => {
return comment.user.type === 'Bot' && comment.body.includes('|${{ inputs.operation }}| Terraform Format and Style')
})
const workflowSummaryURL = '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
const plan = '```\n' + data + '\n```'
const output = `#### |${{ inputs.operation }}| Terraform Format and Style: \`${{ steps.fmt.outcome }}\` ${{ steps.fmt.outcome == 'Success' && '✅' || '❌'}}
#### Terraform Initialization: \`${{ steps.init.outcome }}\` ${{ steps.init.outcome == 'Success' && '✅' || '❌'}}
#### Terraform Validation: \`${{ steps.validate.outcome }}\` ${{ steps.validate.outcome == 'Success' && '✅' || '❌'}}
#### Terraform Plan: \`${{ steps.plan.outcome }}\` ${{ steps.plan.outcome == 'Success' && '✅' || '❌'}}
<details><summary>⏩⏩⏩ Show Plan ⏪⏪⏪</summary>
${plan.length <= MAX_PLAN_LENGTH ? plan : `_The plan is too large to include in a comment, open the [workflow summary](${workflowSummaryURL}) to view it._`}
</details>`;
if (botComment) {
github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: botComment.id,
body: output
})
} else {
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: output
})
}
- name: Check on failures
if: steps.fmt.outcome != 'success' || steps.init.outcome != 'success' || steps.validate.outcome != 'success' || steps.plan.outcome != 'success'
run: |
echo "#### Terraform Format and Style: ${{ steps.fmt.outcome == 'Success' && '✅' || '❌' }}"
echo "#### Terraform Initialization: ${{ steps.init.outcome == 'Success' && '✅' || '❌' }}"
echo "#### Terraform Validation: ${{ steps.validate.outcome == 'Success' && '✅' || '❌' }}"
echo "#### Terraform Plan: ${{ steps.plan.outcome == 'Success' && '✅' || '❌' }}"
exit 1