diff --git a/.github/workflows/apply.yml b/.github/workflows/apply.yml new file mode 100644 index 0000000..f369d41 --- /dev/null +++ b/.github/workflows/apply.yml @@ -0,0 +1,55 @@ +name: Run Terraform Apply + +on: + push: + branches: + - main + +jobs: + preview: + name: Apply + runs-on: ubuntu-latest + + permissions: + id-token: write + contents: write + pull-requests: write + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ github.head_ref }} + fetch-depth: 0 + + - name: Install tools using asdf + uses: asdf-vm/actions/install@v2.2.0 + + - name: List changed stacks + id: list + run: | + echo "stdout<>$GITHUB_OUTPUT + terramate list --changed >>$GITHUB_OUTPUT + EXIT_CODE=$? + echo "STDOUT" >>$GITHUB_OUTPUT + exit ${EXIT_CODE} + + - name: Configure AWS Credentials + if: steps.list.outputs.stdout + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: eu-central-1 + + - name: Run Terraform init on changed stacks + if: steps.list.outputs.stdout + id: init + run: | + terramate run --changed -- terraform init + + - name: Create Terraform apply on changed stacks + if: steps.list.outputs.stdout + id: apply + run: | + terramate run --changed -- terraform apply -input=false -auto-approve diff --git a/.github/workflows/plan.yml b/.github/workflows/plan.yml new file mode 100644 index 0000000..83cab7f --- /dev/null +++ b/.github/workflows/plan.yml @@ -0,0 +1,78 @@ +name: Preview Terraform Plan + +on: + pull_request: + +jobs: + preview: + name: Plan + runs-on: ubuntu-latest + + permissions: + id-token: write + contents: write + pull-requests: write + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ github.head_ref }} + fetch-depth: 0 + + - name: Install tools using asdf + uses: asdf-vm/actions/install@v2.2.0 + + - name: List changed stacks + id: list + run: | + echo "stdout<>$GITHUB_OUTPUT + terramate list --changed >>$GITHUB_OUTPUT + EXIT_CODE=$? + echo "STDOUT" >>$GITHUB_OUTPUT + exit ${EXIT_CODE} + + - name: Configure AWS Credentials + if: steps.list.outputs.stdout + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: eu-central-1 + + - name: Create Terraform plan on changed stacks + if: steps.list.outputs.stdout + run: | + terramate run --changed -- terraform init + terramate run --changed -- terraform validate + terramate run --changed -- terraform plan -out out.tfplan + + - name: Generate Preview Comment + if: steps.list.outputs.stdout + id: comment + run: | + echo >>pr-comment.txt "### List of Changed Stacks" + echo >>pr-comment.txt + echo >>pr-comment.txt '```bash' + echo >>pr-comment.txt "${{ steps.list.outputs.stdout }}" + echo >>pr-comment.txt '```' + echo >>pr-comment.txt + echo >>pr-comment.txt "#### Terraform Plan" + echo >>pr-comment.txt + echo >>pr-comment.txt '```terraform' + terramate run --changed -- terraform show -no-color out.tfplan 2>&1 | dd bs=1024 count=248 >>pr-comment.txt + echo >>pr-comment.txt '```' + cat pr-comment.txt >>$GITHUB_STEP_SUMMARY + + - name: Inform about no Changed Stacks + if: (!steps.list.outputs.stdout) + run: | + echo >>pr-comment.txt '### No changed stacks.' + cat pr-comment.txt >>$GITHUB_STEP_SUMMARY + + - name: Publish Plans for Changed Stacks + uses: marocchino/sticky-pull-request-comment@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + header: terraform-plan + path: pr-comment.txt diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e7e1725 --- /dev/null +++ b/.gitignore @@ -0,0 +1,17 @@ +# Intellij +.idea + +# MacOS +.DS_STORE + +# VSCode configuration +.vscode + +# Ignore Terraform init files +terraform.tfstate* +.terraform +.terraform.lock.hcl + +# Ignore all files generated during CI/CD workflows +*.tfplan +pr-comment.txt diff --git a/.tool-versions b/.tool-versions new file mode 100644 index 0000000..a090922 --- /dev/null +++ b/.tool-versions @@ -0,0 +1,2 @@ +terraform 1.5.3 +terramate 0.4.0 diff --git a/README.md b/README.md index f498228..9e667e0 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,22 @@ -# terramate-github-actions-example -terramate-github-actions-example +

+ + + Terramate + +

Terramate

+

+ ✨ https://terramate.io ✨ +
+ Terramate helps implement and maintain highly scalable Terraform projects by adding powerful capabilities + such as code generation, stacks, orchestration, change detection, data sharing and more. +

+

+
+ +

+ 📖 Terramate Documentation | 💻 Playground | 💬 Discord Community | 🚀 We are hiring! +

+ +## Examples + +This repository demonstrates a simple example of how Terramate helps run simple and efficient workflows using GitHub Actions.