From e4a079edc8bc560a6dc04975519121bdcbbcb6f0 Mon Sep 17 00:00:00 2001 From: David John Arnold Jr Date: Thu, 15 Aug 2024 09:29:27 -0700 Subject: [PATCH] Add .github/workflows/terraform-plan.yaml --- .github/workflows/terraform-plan.yaml | 116 ++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 .github/workflows/terraform-plan.yaml diff --git a/.github/workflows/terraform-plan.yaml b/.github/workflows/terraform-plan.yaml new file mode 100644 index 0000000..fe73ab4 --- /dev/null +++ b/.github/workflows/terraform-plan.yaml @@ -0,0 +1,116 @@ + +# This is a basic workflow to help you get started with Actions + +name: Terraform Plan + + +# Controls when the workflow will run +on: + pull_request: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: [ aws-image-pipeline ] + env: + AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}" + AWS_ACCESS_KEY_ID: "${{ vars.AWS_ACCESS_KEY_ID }}" + AWS_SESSION_TOKEN: "${{ secrets.AWS_SESSION_TOKEN }}" + + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v3 + + + - uses: CSVD/gh-actions-setup-node@v3 + with: + node-version: 16 + + - uses: CSVD/gh-actions-setup-terraform@v2 + with: + terraform_version: ${{ vars.terraform_version }} + + - name: Terraform Format + id: fmt + continue-on-error: true + + run: | + terraform fmt -check + + - name: Terraform Init + id: init + + run: terraform init -upgrade + + - name: Terraform Validate + id: validate + + run: terraform validate + + - name: Terraform Plan + id: plan + + run: terraform plan + continue-on-error: true + + - uses: actions/github-script@v7 + if: github.event_name == 'pull_request' + env: + PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" + with: + github-token: ${{ secrets.GH_TOKEN }} + script: | + // 1. Retrieve existing bot comments for the PR + const { data: comments } = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + }) + const botComment = comments.find(comment => { + return comment.user.type === 'Bot' && comment.body.includes('Terraform Format and Style') + }) + + // 2. Prepare format of the comment + const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` + #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` + #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` +
Validation Output + + \`\`\`\n + ${{ steps.validate.outputs.stdout }} + \`\`\` + +
+ + #### Terraform Plan 📖\`${{ steps.plan.outcome }}\` + +
Show Plan + + \`\`\`\n + ${process.env.PLAN} + \`\`\` + +
+ + *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`; + + // 3. If we have a comment, update it, otherwise create a new one + if (botComment) { + github.rest.issues.updateComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: botComment.id, + body: output + }) + } else { + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }) + } \ No newline at end of file