-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgithub.yaml
82 lines (82 loc) · 3.19 KB
/
github.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
name: Deploy aws-stag Terraform Workspace
"on":
push:
branches:
- main
paths:
- aws-stag/**
pull_request:
branches:
- main
paths:
- aws-stag/**
workflow_dispatch:
inputs:
apply:
description: Should apply Terraform changes?
type: boolean
default: false
jobs:
deploy:
name: Deploy Terraform Workspace
runs-on: ubuntu-latest
defaults:
run:
working-directory: aws-stag
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
FIREFLY_ACCESS_KEY: ${{ secrets.FIREFLY_ACCESS_KEY }}
FIREFLY_SECRET_KEY: ${{ secrets.FIREFLY_SECRET_KEY }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set deployment parameters
id: set-params
run: |-
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "apply=${{ github.event.inputs.apply }}" >> $GITHUB_OUTPUT
elif [ "${{ github.event_name }}" = "push" ] && [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "apply=true" >> $GITHUB_OUTPUT
else
echo "apply=false" >> $GITHUB_OUTPUT
fi
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.8.1
terraform_wrapper: false
- name: Terraform Init
id: terraform-init
run: terraform init >& init.log
continue-on-error: true
- name: Terraform Plan
id: terraform-plan
if: steps.terraform-init.outcome == 'success'
run: terraform plan -json -out=tf.plan > plan_log.jsonl && terraform show -json tf.plan > plan_output.json && terraform show tf.plan > plan_output_raw.log
continue-on-error: true
- name: Firefly Post Plan
uses: gofireflyio/fireflyci@v0.4.1
with:
command: post-plan
context: aws-stag
init-log-file: init.log
plan-json-log-file: plan_log.jsonl
plan-output-file: plan_output.json
plan-raw-log-file: plan_output_raw.log
workspace: aws-stag
- name: Terraform Apply
if: steps.set-params.outputs.apply == 'true' && steps.terraform-plan.outcome == 'success'
run: terraform apply -auto-approve -json > apply_log.jsonl
continue-on-error: true
- name: Firefly Post Apply
if: steps.set-params.outputs.apply == 'true' && steps.terraform-plan.outcome == 'success'
uses: gofireflyio/fireflyci@v0.4.1
with:
apply-log-file: apply_log.jsonl
command: post-apply
context: aws-stag
workspace: aws-stag
continue-on-error: true