Refactor into single GitHub Action (#88)

CHANGELOG.md

@@ -0,0 +1,31 @@
+# Changelog
+
+## v0.5.0
+
+### Added
+
+* Added new YAML syntax for GitHub Actions. 
+
+### Changed
+
+* Completely refactored the codebase into one GitHub Action. Please refer to the README for current usage.
+
+### Deprecated
+
+N/A
+
+### Removed
+
+* Removed all `TF_ACTION` environment variables. Please refer to the README for current usage.
+* Removed HashiCorp Configuration Language (HCL) syntax.
+
+### Fixed
+
+* The actions now use the new YAML syntax. ([#67](https://github.com/hashicorp/terraform-github-actions/issues/67))
+* Added support for Terraform 0.11.14. ([#42](https://github.com/hashicorp/terraform-github-actions/issues/67))
+* Comments will not be posted to pull requests when `terraform plan` contains no changes. ([#29](https://github.com/hashicorp/terraform-github-actions/issues/67))
+* Added ability to specify a Terraform version to use. ([#23](https://github.com/hashicorp/terraform-github-actions/issues/67))
+
+### Security
+
+N/A

Dockerfile

@@ -0,0 +1,9 @@
+FROM alpine:3 
+
+RUN ["/bin/sh", "-c", "apk add --update --no-cache bash ca-certificates curl git jq openssh"]
+
+RUN ["bin/sh", "-c", "mkdir -p /src"]
+
+COPY ["src", "/src/"]
+
+ENTRYPOINT ["/src/main.sh"]

README.md

@@ -1,23 +1,50 @@
 # Terraform GitHub Actions
-These official Terraform GitHub Actions allow you to run `terraform fmt`, `validate`, `plan` and `apply` on your pull requests to help you review, validate and apply Terraform changes.
 
-## Getting Started
-To get started, check out our documentation: [https://www.terraform.io/docs/github-actions/getting-started/](https://www.terraform.io/docs/github-actions/getting-started/).
+Terraform GitHub Actions allow you to run Terraform commands within GitHub Actions.
 
-## Actions
+The output of the actions can be viewed from the Actions tab in the main repository view. If the actions are executed on a `pull_request` event, a comment may be posted on the pull request.
 
-### Fmt Action
-Runs `terraform fmt` and comments back if any files are not formatted correctly.
-<img src="./assets/fmt.png" alt="Terraform Fmt Action" width="80%" />
+## Success Criteria
 
-### Validate Action
-Runs `terraform validate` and comments back on error.
-<img src="./assets/validate.png" alt="Terraform Validate Action" width="80%" />
+An exit code of `0` is considered a successful execution.
 
-### Plan Action
-Runs `terraform plan` and comments back with the output.
-<img src="./assets/plan.png" alt="Terraform Plan Action" width="80%" />
+## Usage
 
-### Apply Action
-Runs `terraform apply` and comments back with the output.
-<img src="./assets/apply.png" alt="Terraform Apply Action" width="80%" />
+Please refer to the examples within the `examples` directory for usage.
+
+## Inputs
+
+| Name                     | Required | Default | Description                                 |
+|--------------------------|----------|---------|---------------------------------------------|
+| `tf_actions_version`     | `true`   |         | Terraform version to install.               |
+| `tf_actions_subcommand`  | `true`   |         | Terraform subcommand to execute.            |
+| `tf_actions_working_dir` | `false`  | `.`     | Terraform working directory.                |
+| `tf_actions_comment`     | `false`  | `true`  | Whether or not to comment on pull requests. |
+
+## Outputs
+
+| Name                          | Description                                          |
+|-------------------------------|------------------------------------------------------|
+| `tf_actions_plan_has_changes` | Whether or not the Terraform plan contained changes. |
+
+## Secrets
+
+| Name                     | Description                                                                                                          |
+|--------------------------|----------------------------------------------------------------------------------------------------------------------|
+| `GITHUB_TOKEN`           | The GitHub API token used to post comments to pull requests. Not required if `tf_actions_comment` is set to `false`. |
+
+Other secrets may be needed to authenticate with Terraform backends and providers. 
+
+**WARNING:** These secrets could be exposed if the action is executed on a malicious Terraform file. To avoid this, it is recommended to not use this action on public repos or repos where untrusted users can submit pull requests.
+
+## Environment Variables
+
+The usual [Terraform environment variables](https://www.terraform.io/docs/commands/environment-variables.html) are supported. Here are the environments variables that might be the most beneficial.
+
+* [`TF_LOG`](https://www.terraform.io/docs/commands/environment-variables.html#tf_log)
+* [`TF_VAR_name`](https://www.terraform.io/docs/commands/environment-variables.html#tf_var_name)
+* [`TF_CLI_ARGS`](https://www.terraform.io/docs/commands/environment-variables.html#tf_cli_args-and-tf_cli_args_name)
+* [`TF_CLI_ARGS_name`](https://www.terraform.io/docs/commands/environment-variables.html#tf_cli_args-and-tf_cli_args_name)
+* `TF_WORKSPACE`
+
+Other environment variables may be configured to pass data into Terraform backends and providers. If the data is sensitive, consider using [secrets](#secrets) instead.

action.yml

@@ -0,0 +1,25 @@
+name: 'Terraform GitHub Actions'
+description: 'Runs Terraform commands via GitHub Actions.'
+author: 'HashiCorp, Inc. Terraform Team <terraform@hashicorp.com>'
+branding:
+  icon: 'terminal'
+  color: 'purple'
+inputs:
+  tf_actions_version:
+    description: 'Terraform version to install.'
+    required: true
+  tf_actions_subcommand:
+    description: 'Terraform subcommand to execute.'
+    required: true
+  tf_actions_working_dir:
+    description: 'Terraform working directory.'
+    default: '.'
+  tf_actions_comment:
+    description: 'Whether or not to comment on pull requests.'
+    default: true
+outputs:
+  tf_actions_plan_has_changes:
+    description: 'Whether or not the Terraform plan contained changes.'
+runs:
+  using: 'docker'
+  image: './Dockerfile'

examples/pull_request_no_working_dir/.github/workflows/example.yml

@@ -0,0 +1,43 @@
+# An example workflow using local Terraform state with no working directory set.
+name: 'Terraform Workflow'
+on:
+  - pull_request
+jobs:
+  root:
+    name: 'Terraform Actions'
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@master
+      - name: 'Terraform Format'
+        uses: hashicorp/terraform-github-actions@master
+        with:
+          tf_actions_version: 0.12.13
+          tf_actions_subcommand: 'fmt'
+          tf_actions_comment: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: 'Terraform Init'
+        uses: hashicorp/terraform-github-actions@master
+        with:
+          tf_actions_version: 0.12.13
+          tf_actions_subcommand: 'init'
+          tf_actions_comment: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: 'Terraform Validate'
+        uses: hashicorp/terraform-github-actions@master
+        with:
+          tf_actions_version: 0.12.13
+          tf_actions_subcommand: 'validate'
+          tf_actions_comment: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: 'Terraform Plan'
+        uses: hashicorp/terraform-github-actions@master
+        with:
+          tf_actions_version: 0.12.13
+          tf_actions_subcommand: 'plan'
+          tf_actions_comment: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

examples/pull_request_no_working_dir/main.tf

@@ -0,0 +1,5 @@
+resource "null_resource" "root" {
+  triggers = {
+    value = "${timestamp()}"
+  }
+}