Skip to content

Update Terraform aws to v5.84.0 #103

Update Terraform aws to v5.84.0

Update Terraform aws to v5.84.0 #103

name: CI - Terraform Module Deplyment
on:
push:
branches: main
pull_request:
env:
MODULE_DEPLOYMENT_DIR: "module-deployment"
jobs:
set-outputs:
name: Set Output Vars
runs-on: ubuntu-22.04
outputs:
branch: ${{ steps.var.outputs.branch }}
steps:
- id: var
run: |
BRANCH="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}"
BRANCH="$(echo "$BRANCH" | sed 's;/;%2F;g')"
echo "branch=$BRANCH" >> $GITHUB_OUTPUT
terraform-validate:
name: Terraform Validate
runs-on: ubuntu-latest
needs: set-outputs
permissions:
id-token: write
contents: read
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }}
- name: Get terraform version
id: get-terraform-version
run: |
DOTFILE_VERSION=$(cat ${{ env.MODULE_DEPLOYMENT_DIR }}/.terraform-version)
echo "version=$DOTFILE_VERSION" >> $GITHUB_OUTPUT
- name: Setup Terraform
uses: hashicorp/[email protected]
with:
terraform_version: ${{ steps.get-terraform-version.outputs.version }}
- name: Download tfvars and backend
run: |
aws s3 cp s3://${{ secrets.TFVARS_S3_BUCKET_NAME }}/${{ secrets.TFVARS_FILENAME }} ${{ env.MODULE_DEPLOYMENT_DIR }}/.
aws s3 cp s3://${{ secrets.TFVARS_S3_BUCKET_NAME }}/${{ secrets.TF_BACKEND_FILENAME }} ${{ env.MODULE_DEPLOYMENT_DIR }}/.
- name: Replace module version with branch name
if: ${{ github.event_name != 'release' }}
run: |
sed -i "s/ source = \"github.com\/chris-qa-org\/terraform-aws-tfl-notice-board.*/ source = \"github.com\/chris-qa-org\/terraform-aws-tfl-notice-board?ref=${{ needs.set-outputs.outputs.branch }}\"/g" ${{ env.MODULE_DEPLOYMENT_DIR }}/tfl-notice-board.tf
- name: Run a Terraform init
run: |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
init
- name: Run a Terraform validate
run: |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
validate
- name: Run a Terraform format check
run: |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
fmt -check=true -diff=true
- name: Run a Terraform plan
run: |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
plan
- name: Run a Terraform apply on Release
if: ${{ github.event_name == 'release' && github.event.action == 'published' }}
run: |
terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
apply
terraform-docs-validation:
name: Terraform Docs validation
needs: terraform-validate
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ secrets.TERRAFORM_DOCS_RENOVATE_WORKFLOW_GITHUB_TOKEN }}
- name: Get PR base branch
id: pr-base-branch-name
if: github.event_name == 'pull_request'
run: |
echo "GITHUB_PR_BRANCH=${{ github.head_ref }}" >> $GITHUB_ENV
- name: Get commit message
run: |
echo "GIT_COMMIT_MESSAGE=$(git show -s --format=%s)" >> $GITHUB_ENV
- name: Generate Terraform docs
uses: terraform-docs/[email protected]
if: "!startsWith(env.GITHUB_PR_BRANCH, 'renovate/')"
with:
working-dir: ${{ env.MODULE_DEPLOYMENT_DIR }}
config-file: ${{ env.MODULE_DEPLOYMENT_DIR }}/.terraform-docs.yml
output-file: README.md
output-method: inject
fail-on-diff: true
- name: Generate Terraform docs for Renovate
uses: terraform-docs/[email protected]
if: "startsWith(env.GITHUB_PR_BRANCH, 'renovate/')"
with:
working-dir: ${{ env.MODULE_DEPLOYMENT_DIR }}
config-file: ${{ env.MODULE_DEPLOYMENT_DIR }}/.terraform-docs.yml
output-file: README.md
output-method: inject
git-push: true
ref: ${{ github.event.pull_request.head.ref }}
git-commit-message: "${{ env.GIT_COMMIT_MESSAGE }} - Terraform Docs Module Deployment"