Skip to content
Demo | Workflow 1 - Plan Targetted at Staging

test #71

Sign in to view logs

test

test #71

Workflow file for this run

.github/workflows/demo_1_plan_staging.yml at 7acf384
name: Demo | Workflow 1 - Plan Targetted at Staging
on:
workflow_dispatch:
inputs:
environment:
description: "Target RTL Environment"
required: true
type: choice
options:
- sandbox
- staging
- production
pull_request:
types: [opened, reopened, synchronize]
# Target
branches:
- main
# Only if .tf files in this directory are part of the diff.
paths:
- 'workload/terraform/jamfpro/*.tf'
jobs:
# Check changes are coming from a feat-* or bugfix-* named branch
check-branch-name:
if: github.event_name != 'workflow_dispatch'
uses: ./.github/workflows/branch_name_check.yml
with:
branch-name: ${{ github.event.pull_request.head.ref }} # // TODO make this dynamic incase it's manually triggered?
# Terraform Plan
terraform-upload-config-and-plan:
needs: check-branch-name
environment: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.environment || 'staging' }}
runs-on: ubuntu-latest
env:
TF_API_KEY: ${{ secrets.TF_API_KEY }}
TF_CLOUD_ORGANIZATION: ${{ vars.TF_CLOUD_ORG }}
steps:
# Bring repo to runner
- name: Checkout
uses: actions/checkout@v4
# Upload the config to TF cloud
- name: Upload configuration to tf cloud
uses: hashicorp/tfc-workflows-github/actions/[email protected]
id: upload-config
with:
token: ${{ secrets.TF_API_KEY }}
workspace: ${{ vars.TF_WORKSPACE }}
directory: "workload/terraform/jamfpro"
speculative: true
# Run speculative plan using hashi create-run
- name: Terraform plan
id: terraform-plan
uses: hashicorp/tfc-workflows-github/actions/[email protected]
with:
token: ${{ secrets.TF_API_KEY }}
workspace: ${{ vars.TF_WORKSPACE }}
configuration_version: ${{ steps.upload-config.outputs.configuration_version_id }}
plan_only: true
- name: Get plan output
id: get-plan-output
uses: hashicorp/tfc-workflows-github/actions/[email protected]
with:
token: ${{ secrets.TF_API_KEY }}
plan: ${{ steps.terraform-plan.outputs.plan_id }}
# Deposit run info to the runner in temporary .json file
- name: Save run info to json file
run: |
cat << EOF > ${{ vars.OUTPUTS_FILE_FN }}
{
"pr_ref": "${{ github.event.pull_request.number }}",
"status": "${{ steps.terraform-plan.outputs.status }}",
"run_id": "${{ steps.terraform-plan.outputs.run_id }}",
"run_status": "${{ steps.terraform-plan.outputs.run_status }}",
"run_message": "${{ steps.terraform-plan.outputs.run_message }}",
"run_link": "${{ steps.terraform-plan.outputs.run_link }}",
"plan_id": "${{ steps.terraform-plan.outputs.plan_id }}",
"plan_status": "${{ steps.terraform-plan.outputs.plan_status }}",
"configuration_version_id": "${{ steps.terraform-plan.outputs.configuration_version_id }}",
"plan_output": {
"status": "${{ steps.get-plan-output.outputs.status }}",
"add": "${{ steps.get-plan-output.outputs.add }}",
"change": "${{ steps.get-plan-output.outputs.change }}",
"destory": "${{ steps.get-plan-output.outputs.destory }}",
"plan_id": "${{ steps.get-plan-output.outputs.status }}",
"plan_status": "${{ steps.get-plan-output.outputs.status }}"
}
}
EOF
# Upload output as artifact
- name: Upload plan output json artifact
uses: actions/upload-artifact@v4
with:
name: ${{ vars.PLAN_OUTPUT_ARTIFACT_NAME }}
path: ${{ vars.OUTPUTS_FILE_FN }}
retention-days: 0
# Update the PR with the artifact info
update-pr:
name: Deposit plan output on trigger pr
needs: terraform-upload-config-and-plan
uses: ./.github/workflows/update_pr.yml
with:
outputs-payload: ${{ vars.PLAN_OUTPUT_ARTIFACT_NAME }}