Read All Values from TFVars #37

Workflow file for this run

.github/workflows/terragrunt_plan_dev.yml at 69e799a

	name: "Terragrunt plan DEV"

	env:
	ENVIRONMENT: dev
	ACCOUNT_ID: "800095993820"
	OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}

	on:
	workflow_dispatch:
	pull_request:
	paths:
	- ".env"
	- "aws/**"
	- "env/$ENVIRONMENT/**"
	- "env/terragrunt.hcl"
	- ".github/workflows/terragrunt_plan_$ENVIRONMENT.yml"

	permissions:
	id-token: write # This is required for requesting the OIDC JWT
	contents: write # This is required for actions/checkout
	pull-requests: write

	jobs:
	terragrunt-filter:
	runs-on: ubuntu-latest

	outputs:
	common: ${{ steps.filter.outputs.common }}
	ecr: ${{ steps.filter.outputs.ecr }}
	ses_receiving_emails: ${{ steps.filter.outputs.ses_receiving_emails }}
	ses_to_sqs_email_callbacks: ${{ steps.filter.outputs.ses_to_sqs_email_callbacks }}
	sns_to_sqs_sms_callbacks: ${{ steps.filter.outputs.sns_to_sqs_sms_callbacks }}
	pinpoint_to_sqs_sms_callbacks: ${{ steps.filter.outputs.pinpoint_to_sqs_sms_callbacks }}
	dns: ${{ steps.filter.outputs.dns }}
	ses_validation_dns_entries: ${{ steps.filter.outputs.ses_validation_dns_entries }}
	eks: ${{ steps.filter.outputs.eks }}
	rds: ${{ steps.filter.outputs.rds }}
	lambda-api: ${{ steps.filter.outputs.lambda-api }}
	heartbeat: ${{ steps.filter.outputs.heartbeat }}
	database-tools: ${{ steps.filter.outputs.database-tools }}
	quicksight: ${{ steps.filter.outputs.quicksight }}
	lambda-google-cidr: ${{ steps.filter.outputs.lambda-google-cidr }}
	system_status: ${{ steps.filter.outputs.system_status }}
	system_status_static_site: ${{ steps.filter.outputs.system_status_static_site }}
	newrelic: ${{ steps.filter.outputs.newrelic }}

	steps:

	- uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
	id: filter
	with:
	filters: \|
	common:
	- '.github/workflows/terragrunt-plan-${{env.ENVIRONMENT}}.yml'
	- 'aws/common/**'
	- 'env/${{env.ENVIRONMENT}}/common/**'
	- 'env/terragrunt.hcl'
	dns:
	- 'aws/dns/**'
	- 'env/${{env.ENVIRONMENT}}/dns/**'
	ses_validation_dns_entries:
	- 'aws/ses_validation_dns_entries/**'
	- 'env/${{env.ENVIRONMENT}}/ses_validation_dns_entries/**'
	ecr:
	- 'aws/ecr/**'
	- 'env/${{env.ENVIRONMENT}}/ecr/**'
	eks:
	- 'aws/eks/**'
	- 'env/${{env.ENVIRONMENT}}/eks/**'
	elasticache:
	- 'aws/elasticache/**'
	- 'env/${{env.ENVIRONMENT}}/elasticache/**'
	rds:
	- 'aws/rds/**'
	- 'env/${{env.ENVIRONMENT}}/rds/**'
	cloudfront:
	- 'aws/cloudfront/**'
	- 'env/${{env.ENVIRONMENT}}/cloudfront/**'
	lambda-api:
	- 'aws/lambda-api/**'
	- 'env/${{env.ENVIRONMENT}}/lambda-api/**'
	lambda-admin-pr:
	- 'aws/lambda-admin-pr/**'
	- 'env/${{env.ENVIRONMENT}}/lambda-admin-pr/**'
	performance-test:
	- 'aws/performance-test/**'
	- 'env/${{env.ENVIRONMENT}}/performance-test/**'
	heartbeat:
	- 'aws/heartbeat/**'
	- 'env/${{env.ENVIRONMENT}}/heartbeat/**'
	database-tools:
	- 'aws/database-tools/**'
	- 'env/${{env.ENVIRONMENT}}/database-tools/**'
	system_status:
	- 'aws/system_status/**'
	- 'env/${{env.ENVIRONMENT}}/system_status/**'
	system_status_static_site:
	- 'aws/system_status_static_site/**'
	- 'env/${{env.ENVIRONMENT}}/system_status_static_site/**'
	quicksight:
	- 'aws/quicksight/**'
	- 'env/${{env.ENVIRONMENT}}/quicksight/**'
	lambda-google-cidr:
	- 'aws/lambda-google-cidr/**'
	- 'env/${{env.ENVIRONMENT}}/lambda-google-cidr/**'
	ses_receiving_emails:
	- 'aws/ses_receiving_emails/**'
	- 'env/${{env.ENVIRONMENT}}/ses_receiving_emails/**'
	ses_to_sqs_email_callbacks:
	- 'aws/ses_to_sqs_email_callbacks/**'
	- 'env/${{env.ENVIRONMENT}}/ses_to_sqs_email_callbacks/**'
	sns_to_sqs_sms_callbacks:
	- 'aws/sns_to_sqs_sms_callbacks/**'
	- 'env/${{env.ENVIRONMENT}}/sns_to_sqs_sms_callbacks/**'
	pinpoint_to_sqs_sms_callbacks:
	- 'aws/pinpoint_to_sqs_sms_callbacks/**'
	- 'env/${{env.ENVIRONMENT}}/pinpoint_to_sqs_sms_callbacks/**'
	newrelic:
	- 'aws/newrelic/**'
	- 'env/${{env.ENVIRONMENT}}/newrelic/**'

	get-tfvars-from-1pass:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	mkdir -p env/${{env.ENVIRONMENT}}/vars
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/vars/${{env.ENVIRONMENT}}.tfvars

	terragrunt-plan-common:
	if: \|
	needs.terragrunt-filter.outputs.common == 'true'
	runs-on: ubuntu-latest
	needs: terragrunt-filter

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Terragrunt plan common
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/common"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: common"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-ecr:
	if: \|
	always() &&
	needs.terragrunt-filter.outputs.ecr == 'true' &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: terragrunt-filter

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/ecr/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan ECR
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/ecr"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: ecr"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-ses_receiving_emails:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.ses_receiving_emails == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/ses_receiving_emails/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan ses_receiving_emails
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/ses_receiving_emails"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: ses_receiving_emails"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-dns:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.dns == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ses_receiving_emails]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0


	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/dns/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan dns
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/dns"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: dns"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-ses_validation_dns_entries:
	if: \|
	always() &&
	needs.terragrunt-filter.outputs.ses_validation_dns_entries == 'true' &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-dns]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/ses_validation_dns_entries/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan ses_validation_dns_entries
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/ses_validation_dns_entries"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: ses_validation_dns_entries"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"


	terragrunt-plan-cloudfront:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.cloudfront == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/cloudfront/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan cloudfront
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/cloudfront"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: cloudfront"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-eks:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.eks == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-dns,terragrunt-plan-cloudfront]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/eks/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan eks
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/eks"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: eks"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-elasticache:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.elasticache == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/elasticache/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan elasticache
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/elasticache"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: elasticache"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-rds:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.rds == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/rds/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan rds
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/rds"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: rds"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-lambda-api:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.lambda-api == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr,terragrunt-plan-rds]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/lambda-api/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan lambda-api
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/lambda-api"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: lambda-api"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-lambda-admin-pr:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.lambda-admin-pr == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-elasticache,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/lambda-admin-pr/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan lambda-admin-pr
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/lambda-admin-pr"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: lambda-admin-pr"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-performance-test:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.performance-test == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/performance-test/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan performance-test
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/performance-test"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: performance-test"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-heartbeat:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.heartbeat == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/heartbeat/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan heartbeat
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/heartbeat"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: heartbeat"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-database-tools:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.database-tools == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-rds]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/database-tools/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan database-tools
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/database-tools"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: database-tools"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-quicksight:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.quicksight == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-rds]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/quicksight/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan quicksight
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/quicksight"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: quicksight"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-lambda-google-cidr:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.lambda-google-cidr == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-eks,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/lambda-google-cidr/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan lambda-google-cidr
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/lambda-google-cidr"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: lambda-google-cidr"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-ses_to_sqs_email_callbacks:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.ses_to_sqs_email_callbacks == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/ses_to_sqs_email_callbacks/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan ses_to_sqs_email_callbacks
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/ses_to_sqs_email_callbacks"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: ses_to_sqs_email_callbacks"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-sns_to_sqs_sms_callbacks:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.sns_to_sqs_sms_callbacks == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/sns_to_sqs_sms_callbacks/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan sns_to_sqs_sms_callbacks
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/sns_to_sqs_sms_callbacks"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: sns_to_sqs_sms_callbacks"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-pinpoint_to_sqs_sms_callbacks:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.pinpoint_to_sqs_sms_callbacks == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/pinpoint_to_sqs_sms_callbacks/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan pinpoint_to_sqs_sms_callbacks
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/pinpoint_to_sqs_sms_callbacks"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: pinpoint_to_sqs_sms_callbacks"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-system_status:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.system_status == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: [terragrunt-filter,terragrunt-plan-common,terragrunt-plan-ecr,terragrunt-plan-rds,terragrunt-plan-eks]

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/system_status/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan system_status
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/system_status"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: system_status"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"

	terragrunt-plan-system_status_static_site:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.system_status_static_site == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: terragrunt-filter

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/system_status_static_site/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan aws/system_status_static_site
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/system_status_static_site"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: system_status_static_site"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"
	skip-conftest: "true"

	terragrunt-plan-newrelic:
	if: \|
	always() &&
	(needs.terragrunt-filter.outputs.newrelic == 'true' \|\| needs.terragrunt-filter.outputs.common == 'true') &&
	!contains(needs.*.result, 'failure') &&
	!contains(needs.*.result, 'cancelled')
	runs-on: ubuntu-latest
	needs: terragrunt-filter

	steps:
	- name: Checkout
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

	- name: setup-terraform
	uses: ./.github/actions/setup-terraform
	with:
	role_to_assume: arn:aws:iam::${{env.ACCOUNT_ID}}:role/notification-terraform-plan
	role_session_name: NotifyTerraformPlan

	- name: Install 1Pass CLI
	run: \|
	curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
	sudo dpkg -i 1pass.deb

	- name: Retrieve TFVars
	run: \|
	op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - ${{env.ENVIRONMENT}}"/notesPlain > env/${{env.ENVIRONMENT}}/newrelic/${{env.ENVIRONMENT}}.tfvars

	- name: Terragrunt plan aws/newrelic
	uses: cds-snc/terraform-plan@2aa797a64e4a37d05fcee5a62195f4c2bde5a0ba
	with:
	directory: "env/${{env.ENVIRONMENT}}/newrelic"
	comment-delete: "true"
	comment-title: "${{env.ENVIRONMENT}}: newrelic"
	github-token: "${{ secrets.GITHUB_TOKEN }}"
	terragrunt: "true"
	skip-conftest: "true"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Read All Values from TFVars #37

Workflow file

Read All Values from TFVars #37

Jobs

Run details

Workflow file for this run