From da3ce6c867825414f0d68143e0ebf2033a604f86 Mon Sep 17 00:00:00 2001
From: David John Arnold Jr <david.j.arnold.jr@census.gov>
Date: Fri, 9 Aug 2024 13:07:06 -0700
Subject: [PATCH] Update terraform-plan.yaml

---
 .github/workflows/terraform-plan.yaml | 67 ++++++++++++++++++++++-----
 1 file changed, 56 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/terraform-plan.yaml b/.github/workflows/terraform-plan.yaml
index cd32cf8..bf9f845 100644
--- a/.github/workflows/terraform-plan.yaml
+++ b/.github/workflows/terraform-plan.yaml
@@ -17,8 +17,10 @@ jobs:
     # The type of runner that the job will run on
     runs-on: [ aws-image-pipeline ]
     env:
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      AWS_ACCESS_KEY_ID: ${{ vars.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: "wqpZLFlqar+aghonhyAIR6vTBSpHQTquus8hhmw9"
+      AWS_ACCESS_KEY_ID: "ASIATK6SR2K2ZKK54P7T"
+      AWS_SESSION_TOKEN: "IQoJb3JpZ2luX2VjECkaDXVzLWdvdi1lYXN0LTEiRzBFAiEA1AF7X7KwAwiEIWX0tdgZ0Dj7WwyJY12CxpRMt0nTqD4CIEp/8teAzKXZ2Ubv0WlxyMAguYMeqcQEkl2C4n9PrVtdKpcDCEYQABoMMjI5Njg1NDQ5Mzk3IgymBfPpRUAHOBE8k9Qq9ALnD8WNSq9b/fsTxgm61jmZIrjBm2SBSzHhciEGKcrJZdKTN43jPQLaVgOtZkG1D3wpr16RjEU2YzwarNMvJqasUWf4UH/oa+qztms/IKD9fSDeODkaYWVRZ0q9fS7i7dM57MNTFnCDB8T+cFurRTGNQFtT/ZY8S1Mdr4NASuturYpIDwpkDgB8nG2nvECQvR/u93Ut4Fz0FPoWmNXn/ibG9bbLHd1IMek2H+so97MppHlT6svSvInZEtvV4cSa2YQrTzLDeFn04vUNjEfjI68H+zXxTojt61ZTbUvTvo/ZH9siVDjXmx+sQceam1KDVl9k+cyoN7rzPhRoRVHf/vcm94hk58l0Vla+ndMJn5OTBmXueeWmplr8JM28v6MnqhEjn1l6uuZoiwEcv5O0DssfnC6IX57RSEQC7n0YCk0pzdMrSHMfQF0tUJIJJFMXOeM2RXmXYRofbMH+kmKtaapkGDa+C9Mx4WXBmd9O8IIcl0Ed5Rwwh/PYtQY6pgEjhf9jUxJfyKVM+qo6y1CYGNgAf4tGJJ4FiTns6KPFT8xLdot74AoTT9vg7mXdFRYGZetQAQxDS4/MqPKdejqkOANgdVtspQujDqsSTh+9PmIYjya4DFzTvar3/qVGrc0imgrZdbSFDNWjFNptblBgNnYW545HpQ+NnREHb9AmHoAVQ5k5uWFAhKmaS7d9ceNo5VDR59CU1v5jqO8EWQ0Nme1wOIef"
+
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
@@ -32,15 +34,58 @@ jobs:
 #       - uses: CSVD/gh-actions-setup-terraform@v2
 #         with:
 #           terraform_wrapper: false
+          
+      - name: Terraform fmt
+        id: fmt
+        run: terraform fmt
+        continue-on-error: true
+
+      - name: Terraform Init
+        id: init
+        run: terraform init -upgrade
+
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
 
-      # Runs a set of commands using the runners shell
-      - name: Run a multi-line script
+      - name: Terraform Plan
+        id: plan
+        run: terraform plan -no-color
+        continue-on-error: true
+
+      - uses: actions/github-script@v7
+        if: github.event_name == 'pull_request'
         env:
-          AWS_SECRET_ACCESS_KEY: "wqpZLFlqar+aghonhyAIR6vTBSpHQTquus8hhmw9"
-          AWS_ACCESS_KEY_ID: "ASIATK6SR2K2ZKK54P7T"
-          AWS_SESSION_TOKEN: "IQoJb3JpZ2luX2VjECkaDXVzLWdvdi1lYXN0LTEiRzBFAiEA1AF7X7KwAwiEIWX0tdgZ0Dj7WwyJY12CxpRMt0nTqD4CIEp/8teAzKXZ2Ubv0WlxyMAguYMeqcQEkl2C4n9PrVtdKpcDCEYQABoMMjI5Njg1NDQ5Mzk3IgymBfPpRUAHOBE8k9Qq9ALnD8WNSq9b/fsTxgm61jmZIrjBm2SBSzHhciEGKcrJZdKTN43jPQLaVgOtZkG1D3wpr16RjEU2YzwarNMvJqasUWf4UH/oa+qztms/IKD9fSDeODkaYWVRZ0q9fS7i7dM57MNTFnCDB8T+cFurRTGNQFtT/ZY8S1Mdr4NASuturYpIDwpkDgB8nG2nvECQvR/u93Ut4Fz0FPoWmNXn/ibG9bbLHd1IMek2H+so97MppHlT6svSvInZEtvV4cSa2YQrTzLDeFn04vUNjEfjI68H+zXxTojt61ZTbUvTvo/ZH9siVDjXmx+sQceam1KDVl9k+cyoN7rzPhRoRVHf/vcm94hk58l0Vla+ndMJn5OTBmXueeWmplr8JM28v6MnqhEjn1l6uuZoiwEcv5O0DssfnC6IX57RSEQC7n0YCk0pzdMrSHMfQF0tUJIJJFMXOeM2RXmXYRofbMH+kmKtaapkGDa+C9Mx4WXBmd9O8IIcl0Ed5Rwwh/PYtQY6pgEjhf9jUxJfyKVM+qo6y1CYGNgAf4tGJJ4FiTns6KPFT8xLdot74AoTT9vg7mXdFRYGZetQAQxDS4/MqPKdejqkOANgdVtspQujDqsSTh+9PmIYjya4DFzTvar3/qVGrc0imgrZdbSFDNWjFNptblBgNnYW545HpQ+NnREHb9AmHoAVQ5k5uWFAhKmaS7d9ceNo5VDR59CU1v5jqO8EWQ0Nme1wOIef"
+          PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}
+        script: |
+          const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+          #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
+          #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
+          <details><summary>Validation Output</summary>
 
-        run: |
-          terraform init -upgrade
-          terraform plan
-          
+          \`\`\`\n
+          ${{ steps.validate.outputs.stdout }}
+          \`\`\`
+
+          </details>
+
+          #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
+
+          <details><summary>Show Plan</summary>
+
+          \`\`\`\n
+          ${process.env.PLAN}
+          \`\`\`
+
+          </details>
+
+          *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`;
+
+          github.rest.issues.createComment({
+            issue_number: context.issue.number,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            body: output
+          })