From 7816440148f083de1d8a24cb8517120466ca7810 Mon Sep 17 00:00:00 2001
From: David John Arnold Jr <david.j.arnold.jr@census.gov>
Date: Thu, 23 Jan 2025 11:53:05 -0800
Subject: [PATCH 1/2] Add .github/workflows/terraform-apply.yaml

---
 .github/workflows/terraform-apply.yaml | 63 ++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 .github/workflows/terraform-apply.yaml

diff --git a/.github/workflows/terraform-apply.yaml b/.github/workflows/terraform-apply.yaml
new file mode 100644
index 0000000..4ce33c8
--- /dev/null
+++ b/.github/workflows/terraform-apply.yaml
@@ -0,0 +1,63 @@
+# This is a basic workflow to help you get started with Actions
+name: Terraform Apply
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the "main" branch
+  push:
+    branches: [ "main" ]
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    # The type of runner that the job will run on
+    runs-on: [ aws-image-pipeline ]
+    env:
+      AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}"
+      AWS_ACCESS_KEY_ID: "${{ vars.AWS_ACCESS_KEY_ID }}"
+      AWS_SESSION_TOKEN: "${{ secrets.AWS_SESSION_TOKEN }}"
+      
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v3
+
+
+      - uses: CSVD/gh-actions-setup-node@v3
+        with:
+           node-version: 16
+          
+      - uses: CSVD/gh-actions-setup-terraform@v2
+        with:
+          terraform_version: ${{ vars.terraform_version }}
+          
+      - name: Terraform Format
+        id: fmt
+        
+        run: |
+          terraform fmt -check
+
+      - name: Autoformat Halt
+        if: env.auto_format == 'true'
+        
+        run: exit 1
+
+      - name: Terraform Init
+        id: init
+        
+        run: terraform init -upgrade
+
+      - name: Terraform Validate
+        id: validate
+        
+        run: terraform validate
+
+      - name: Terraform Apply
+        id: apply
+        
+        run: terraform apply -auto-approve
+        continue-on-error: true

From 00cc5117b7ad0ae81e7ad0e99475a18a9bd5b226 Mon Sep 17 00:00:00 2001
From: David John Arnold Jr <david.j.arnold.jr@census.gov>
Date: Thu, 23 Jan 2025 11:53:06 -0800
Subject: [PATCH 2/2] Add .github/workflows/terraform-plan.yaml

---
 .github/workflows/terraform-plan.yaml | 89 +++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)
 create mode 100644 .github/workflows/terraform-plan.yaml

diff --git a/.github/workflows/terraform-plan.yaml b/.github/workflows/terraform-plan.yaml
new file mode 100644
index 0000000..1e87682
--- /dev/null
+++ b/.github/workflows/terraform-plan.yaml
@@ -0,0 +1,89 @@
+
+# This is a basic workflow to help you get started with Actions
+
+name: Terraform Plan
+
+
+# Controls when the workflow will run
+on:
+  pull_request:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    # The type of runner that the job will run on
+    runs-on: [ aws-image-pipeline ]
+    env:
+      AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}"
+      AWS_ACCESS_KEY_ID: "${{ vars.AWS_ACCESS_KEY_ID }}"
+      AWS_SESSION_TOKEN: "${{ secrets.AWS_SESSION_TOKEN }}"
+      
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.head_ref }}
+          token: ${{ secrets.GH_TOKEN }}
+
+      - uses: CSVD/gh-actions-setup-node@v3
+        with:
+           node-version: 16
+          
+      - uses: CSVD/gh-actions-setup-terraform@v2
+        with:
+          terraform_version: ${{ vars.terraform_version }}
+
+      - name: Terraform Format
+        id: fmt
+        run: |
+          terraform fmt
+          if ! git diff-index --quiet HEAD; then 
+            git config --global user.name 'arnol377'
+            git config --global user.email 'david.j.arnold.jr@census.gov'
+            git commit -am "Autoformatting TF Code"
+            git push
+            echo "auto_format=true" >> $GITHUB_ENV 
+          fi
+
+      - name: Autoformat Halt
+        if: env.auto_format == 'true'
+        run: exit 0
+
+      - name: Terraform Init
+        id: init
+        
+        run: terraform init -upgrade
+
+      - name: Terraform Validate
+        id: validate
+        
+        run: terraform validate
+
+      - name: Terraform Plan
+        id: plan
+        
+        run: terraform plan
+        continue-on-error: true
+
+      - name: Update Pull Request
+        uses: CSVD/gh-actions-github-script@v6
+        if: github.event_name == 'pull_request'
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}
+          script: |
+            const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+            #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
+            #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
+            #### Terraform Plan:
+            ${{ steps.plan.outcome }}
+            *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: output
+            })