From 13ef109fdf7698bc88cd71ca2b16418eed32a119 Mon Sep 17 00:00:00 2001
From: David Arnold <10138997+djaboxx@users.noreply.github.com>
Date: Wed, 16 Oct 2024 23:13:18 -0700
Subject: [PATCH] Update .github/workflows/terraform.yaml

---
 .github/workflows/terraform.yaml | 77 ++++++++++++++++++++++++++------
 1 file changed, 64 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml
index 3c54a0d..0df3f90 100644
--- a/.github/workflows/terraform.yaml
+++ b/.github/workflows/terraform.yaml
@@ -1,28 +1,79 @@
-name: "Gtag"
+name: "Terraform Validate"
 
 on:
   workflow_dispatch:
-  pull_request:
   push:
     branches:
       - main
-    
+
+env:
+  GITHUB_OWNER: ${{ vars.GH_ORG }}
+  GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
+  GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
+  TF_WORKSPACE: happypathway
+  TFE_TOKEN: ${{ secrets.TFE_TOKEN }}
+  
 jobs:
-  terraform:
+  setup-terraform:
+    outputs:
+      commit_sha: ${{ steps.checkout.outputs.commit }}
+        
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        id: checkout
+          
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3.1.2
+        with:
+          terraform_version: ${{ vars.terraform_version }}
+          cli_config_credentials_token: ${{ secrets.TFE_TOKEN }}
+          cli_config_credentials_hostname: ${{ vars.terraform_api }}
+          
+      - name: terraform init
+        run: terraform init -upgrade
+
+      - uses: actions/upload-artifact@master
+        name: Archive Configuration
+        if: github.ref == 'refs/heads/main'
+        with:
+          name: terraform_dir
+          path: .terraform
+          retention-days: 1
+          include-hidden-files: true
+
+      - uses: actions/upload-artifact@master
+        name: Archive Lockfile
+        if: github.ref == 'refs/heads/main'
+        with:
+          name: terraform_lockfile
+          path: .terraform.lock.hcl
+          retention-days: 1
+          include-hidden-files: true
+          
+  terraform-validate:
+    needs: setup-terraform
     uses: HappyPathway/centralized-actions/.github/workflows/terraform-test.yml@main
     with:
-      terraform_version: ${{vars.TERRAFORM_VERSION}}
-      terraform_api: ${{vars.TERRAFORM_API}}
-      github_username: ${{vars.GH_USERNAME}}
-      github_email: ${{vars.GH_EMAIL}}
-      github_org: ${{ vars.GH_ORG }}
+      terraform_version: ${{ vars.terraform_version }}
+      terraform_api: ${{ vars.terraform_api }}
+      github_username: ${{ github.actor }}
+      github_email: ${{ github.actor }}@roknsound.com
+      github_org: ${{ github.repository_owner }}
+      setup_terraform: true
+      terraform_init: false
+      cache: ${{ github.workspace }}
+      download_cache: true
+      commit_sha: ${{ needs.setup-terraform.outputs.commit_sha }}
     secrets:
       TFE_TOKEN: ${{ secrets.TFE_TOKEN }}
       GH_TOKEN: ${{ secrets.GH_TOKEN }}
-
+      GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
+     
   gtag:
-    if: ${{ github.event_name }} != "pull_request"
-    needs: terraform
+    needs: terraform-validate
+    if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
     uses: HappyPathway/centralized-actions/.github/workflows/gtag.yml@main
     with:
       patch: true
@@ -30,4 +81,4 @@ jobs:
       github_username: ${{ vars.GH_USERNAME }}
       github_email: ${{ vars.GH_EMAIL }}
     secrets:
-      GH_TOKEN: ${{ secrets.GH_TOKEN }}
\ No newline at end of file
+      GH_TOKEN: ${{ secrets.GH_TOKEN }}