CSVD · arnol377 · Aug 9, 2024 · Aug 9, 2024 · Aug 9, 2024 · Aug 9, 2024
@@ -13,18 +13,45 @@ jobs:
   build:
     # The type of runner that the job will run on
     runs-on: [ aws-image-pipeline ]
+    env:
+      AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}"
+      AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}"
+      AWS_SESSION_TOKEN: "${{ secrets.AWS_SESSION_TOKEN }}"
+
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@v3
 
-      # Runs a set of commands using the runners shell
-      - name: Run a multi-line script
-        env:
-          AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}"
-          AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}"
-          AWS_SESSION_TOKEN: "${{ secrets.AWS_SESSION_TOKEN }}"
+
+      - uses: CSVD/gh-actions-setup-node@v3
+        with:
+           node-version: 16
+
+#       - uses: CSVD/gh-actions-setup-terraform@v2
+#         with:
+#           terraform_wrapper: false
+
+      - name: Terraform Format
+        id: fmt
         run: |
-          terraform init -upgrade
-          terraform plan
+          terraform fmt -check
+
+      - name: Autoformat Halt
+        if: env.auto_format == 'true'
+        run: exit 1
+
+      - name: Terraform Init
+        id: init
+        run: terraform init -upgrade
+
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate
+
+      - name: Terraform Plan
+        id: plan
+        run: terraform plan
+        continue-on-error: true
+
@@ -1,6 +1,6 @@
 moved {
   from = module.main
-  to = module.amazon_linux
+  to   = module.amazon_linux
 }
 
 module "amazon_linux" {
@@ -24,8 +24,8 @@ module "amazon_linux" {
   ]
   packer_source_type = "S3"
   packer_bucket = {
-    name =  aws_s3_bucket.assets_bucket.bucket
-    key  =  "linux-image-pipeline.zip"
+    name = aws_s3_bucket.assets_bucket.bucket
+    key  = "linux-image-pipeline.zip"
   }
   ansible_repo  = data.aws_codecommit_repository.ansible
   goss_repo     = data.aws_codecommit_repository.goss
@@ -45,6 +45,6 @@ output "linux_parameters" {
   sensitive = true
 }
 
-output linux_bucket {
+output "linux_bucket" {
   value = module.amazon_linux.s3_bucket
 }
@@ -11,7 +11,7 @@ resource "aws_s3_bucket" "assets_bucket" {
 
 resource "aws_s3_bucket_server_side_encryption_configuration" "state_bucket_encryption" {
   for_each = tomap({
-    state_bucket = aws_s3_bucket.state_bucket.bucket
+    state_bucket  = aws_s3_bucket.state_bucket.bucket
     assets_bucket = aws_s3_bucket.assets_bucket.bucket
   })
   bucket = each.value
@@ -24,8 +24,8 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "state_bucket_encr
 
 data "aws_iam_policy_document" "s3_access" {
   statement {
-    effect    = "Allow"
-    actions   = ["s3:*"]
+    effect  = "Allow"
+    actions = ["s3:*"]
     resources = [
       aws_s3_bucket.state_bucket.arn,
       aws_s3_bucket.assets_bucket.arn