-
-
Notifications
You must be signed in to change notification settings - Fork 0
111 lines (87 loc) · 3.02 KB
/
test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
name: Test Called Workflow
on:
workflow_call:
inputs:
service_account:
required: true
type: string
terraform_test_args:
required: false
type: string
terraform_test_verbose:
required: false
type: boolean
default: false
terraform_version:
required: true
type: string
working_directory:
required: false
type: string
default: .
workload_identity_provider:
required: true
type: string
# Uncomment if you have private modules
# ssh_key:
# required: true
secrets:
terraform_test_secret_args:
required: false
# If you use private modules, you'll need this env variable to use
# the same ssh-agent socket value across all jobs & steps.
# env:
# SSH_AUTH_SOCK: /tmp/ssh_agent.sock
jobs:
test:
name: Terraform test
runs-on: ubuntu-latest
defaults:
run:
working-directory: ${{ inputs.working_directory }}
steps:
# Uncomment to enable GitHub Security Lab Action Permissions Monitor
# - name: Actions permissions monitor
# uses: GitHubSecurityLab/actions-permissions/[email protected]
# GitHub - Checkout
# https://github.com/marketplace/actions/checkout
- name: Checkout
uses: actions/[email protected]
# Google Cloud Platform - Authenticate to Google Cloud
# https://github.com/marketplace/actions/authenticate-to-google-cloud
- name: Authenticate
uses: google-github-actions/[email protected]
with:
create_credentials_file: true
service_account: ${{ inputs.service_account }}
workload_identity_provider: ${{ inputs.workload_identity_provider }}
# GitHub - Setup SSH for private module access
# Uncomment if you have private modules
# - name: Private module access
# run: |
# ssh-agent -a $SSH_AUTH_SOCK
# mkdir -p ~/.ssh
# echo "${{ secrets.ssh_key }}" | tr -d '\r' | ssh-add -
# ssh-keyscan github.com >> ~/.ssh/known_hosts
# HashiCorp - Setup Terraform
# https://github.com/marketplace/actions/hashicorp-setup-terraform
- name: Terraform setup
uses: hashicorp/[email protected]
with:
terraform_version: ${{ inputs.terraform_version }}
- name: Terraform format
run: terraform fmt -check -diff
- name: Terraform initialize
run: terraform init
- name: Terraform validate
run: terraform validate
- name: Terraform test
id: test
run: |
terraform test --verbose=${{ inputs.terraform_test_verbose }} -no-color ${{ inputs.terraform_test_args}} ${{ secrets.terraform_test_secret_args }}
- name: Terraform summary
run: |
echo -e '🎯 Terraform test:' >> $GITHUB_STEP_SUMMARY
echo -e '```hcl' >> $GITHUB_STEP_SUMMARY
echo -e '${{ steps.test.outputs.stdout }}' >> $GITHUB_STEP_SUMMARY
echo -e '```' >> $GITHUB_STEP_SUMMARY