From 607e5fc99d79b5ff39b3b4de1502f772f7bc172a Mon Sep 17 00:00:00 2001 From: David John Arnold Jr Date: Fri, 9 Aug 2024 15:33:14 -0700 Subject: [PATCH] Update terraform-plan.yaml (#5) * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * Update terraform-plan.yaml * terraform fmt --------- Co-authored-by: arnol377 --- .github/workflows/terraform-plan.yaml | 43 ++++++++++++++++++++++----- linux.tf | 8 ++--- main.tf | 6 ++-- 3 files changed, 42 insertions(+), 15 deletions(-) diff --git a/.github/workflows/terraform-plan.yaml b/.github/workflows/terraform-plan.yaml index 0c5a1a8..afdcc15 100644 --- a/.github/workflows/terraform-plan.yaml +++ b/.github/workflows/terraform-plan.yaml @@ -13,18 +13,45 @@ jobs: build: # The type of runner that the job will run on runs-on: [ aws-image-pipeline ] + env: + AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}" + AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}" + AWS_SESSION_TOKEN: "${{ secrets.AWS_SESSION_TOKEN }}" + # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v3 - # Runs a set of commands using the runners shell - - name: Run a multi-line script - env: - AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}" - AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}" - AWS_SESSION_TOKEN: "${{ secrets.AWS_SESSION_TOKEN }}" + + - uses: CSVD/gh-actions-setup-node@v3 + with: + node-version: 16 + +# - uses: CSVD/gh-actions-setup-terraform@v2 +# with: +# terraform_wrapper: false + + - name: Terraform Format + id: fmt run: | - terraform init -upgrade - terraform plan + terraform fmt -check + + - name: Autoformat Halt + if: env.auto_format == 'true' + run: exit 1 + + - name: Terraform Init + id: init + run: terraform init -upgrade + + - name: Terraform Validate + id: validate + run: terraform validate + + - name: Terraform Plan + id: plan + run: terraform plan + continue-on-error: true + diff --git a/linux.tf b/linux.tf index 2c6eb98..68c49c7 100644 --- a/linux.tf +++ b/linux.tf @@ -1,6 +1,6 @@ moved { from = module.main - to = module.amazon_linux + to = module.amazon_linux } module "amazon_linux" { @@ -24,8 +24,8 @@ module "amazon_linux" { ] packer_source_type = "S3" packer_bucket = { - name = aws_s3_bucket.assets_bucket.bucket - key = "linux-image-pipeline.zip" + name = aws_s3_bucket.assets_bucket.bucket + key = "linux-image-pipeline.zip" } ansible_repo = data.aws_codecommit_repository.ansible goss_repo = data.aws_codecommit_repository.goss @@ -45,6 +45,6 @@ output "linux_parameters" { sensitive = true } -output linux_bucket { +output "linux_bucket" { value = module.amazon_linux.s3_bucket } diff --git a/main.tf b/main.tf index 715c85e..ce4dabb 100644 --- a/main.tf +++ b/main.tf @@ -11,7 +11,7 @@ resource "aws_s3_bucket" "assets_bucket" { resource "aws_s3_bucket_server_side_encryption_configuration" "state_bucket_encryption" { for_each = tomap({ - state_bucket = aws_s3_bucket.state_bucket.bucket + state_bucket = aws_s3_bucket.state_bucket.bucket assets_bucket = aws_s3_bucket.assets_bucket.bucket }) bucket = each.value @@ -24,8 +24,8 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "state_bucket_encr data "aws_iam_policy_document" "s3_access" { statement { - effect = "Allow" - actions = ["s3:*"] + effect = "Allow" + actions = ["s3:*"] resources = [ aws_s3_bucket.state_bucket.arn, aws_s3_bucket.assets_bucket.arn