Update Terraform aws to v5.74.0 #84
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI - Terraform Module Deplyment | |
on: | |
push: | |
branches: main | |
pull_request: | |
env: | |
MODULE_DEPLOYMENT_DIR: "module-deployment" | |
jobs: | |
set-outputs: | |
name: Set Output Vars | |
runs-on: ubuntu-22.04 | |
outputs: | |
branch: ${{ steps.var.outputs.branch }} | |
steps: | |
- id: var | |
run: | | |
BRANCH="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" | |
BRANCH="$(echo "$BRANCH" | sed 's;/;%2F;g')" | |
echo "branch=$BRANCH" >> $GITHUB_OUTPUT | |
terraform-validate: | |
name: Terraform Validate | |
runs-on: ubuntu-latest | |
needs: set-outputs | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ secrets.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }} | |
- name: Get terraform version | |
id: get-terraform-version | |
run: | | |
DOTFILE_VERSION=$(cat ${{ env.MODULE_DEPLOYMENT_DIR }}/.terraform-version) | |
echo "version=$DOTFILE_VERSION" >> $GITHUB_OUTPUT | |
- name: Setup Terraform | |
uses: hashicorp/[email protected] | |
with: | |
terraform_version: ${{ steps.get-terraform-version.outputs.version }} | |
- name: Download tfvars and backend | |
run: | | |
aws s3 cp s3://${{ secrets.TFVARS_S3_BUCKET_NAME }}/${{ secrets.TFVARS_FILENAME }} ${{ env.MODULE_DEPLOYMENT_DIR }}/. | |
aws s3 cp s3://${{ secrets.TFVARS_S3_BUCKET_NAME }}/${{ secrets.TF_BACKEND_FILENAME }} ${{ env.MODULE_DEPLOYMENT_DIR }}/. | |
- name: Replace module version with branch name | |
if: ${{ github.event_name != 'release' }} | |
run: | | |
sed -i "s/ source = \"github.com\/chris-qa-org\/terraform-aws-tfl-notice-board.*/ source = \"github.com\/chris-qa-org\/terraform-aws-tfl-notice-board?ref=${{ needs.set-outputs.outputs.branch }}\"/g" ${{ env.MODULE_DEPLOYMENT_DIR }}/tfl-notice-board.tf | |
- name: Run a Terraform init | |
run: | | |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \ | |
init | |
- name: Run a Terraform validate | |
run: | | |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \ | |
validate | |
- name: Run a Terraform format check | |
run: | | |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \ | |
fmt -check=true -diff=true | |
- name: Run a Terraform plan | |
run: | | |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \ | |
plan | |
- name: Run a Terraform apply on Release | |
if: ${{ github.event_name == 'release' && github.event.action == 'published' }} | |
run: | | |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \ | |
apply | |
terraform-docs-validation: | |
name: Terraform Docs validation | |
needs: terraform-validate | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.ref }} | |
token: ${{ secrets.TERRAFORM_DOCS_RENOVATE_WORKFLOW_GITHUB_TOKEN }} | |
- name: Get PR base branch | |
id: pr-base-branch-name | |
if: github.event_name == 'pull_request' | |
run: | | |
echo "GITHUB_PR_BRANCH=${{ github.head_ref }}" >> $GITHUB_ENV | |
- name: Get commit message | |
run: | | |
echo "GIT_COMMIT_MESSAGE=$(git show -s --format=%s)" >> $GITHUB_ENV | |
- name: Generate Terraform docs | |
uses: terraform-docs/[email protected] | |
if: "!startsWith(env.GITHUB_PR_BRANCH, 'renovate/')" | |
with: | |
working-dir: ${{ env.MODULE_DEPLOYMENT_DIR }} | |
config-file: ${{ env.MODULE_DEPLOYMENT_DIR }}/.terraform-docs.yml | |
output-file: README.md | |
output-method: inject | |
fail-on-diff: true | |
- name: Generate Terraform docs for Renovate | |
uses: terraform-docs/[email protected] | |
if: "startsWith(env.GITHUB_PR_BRANCH, 'renovate/')" | |
with: | |
working-dir: ${{ env.MODULE_DEPLOYMENT_DIR }} | |
config-file: ${{ env.MODULE_DEPLOYMENT_DIR }}/.terraform-docs.yml | |
output-file: README.md | |
output-method: inject | |
git-push: true | |
ref: ${{ github.event.pull_request.head.ref }} | |
git-commit-message: "${{ env.GIT_COMMIT_MESSAGE }} - Terraform Docs Module Deployment" |