tf plan microservices test #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: terraform | |
| run-name: tf ${{ inputs.apply && 'apply' || 'plan' }} ${{ inputs.service }} ${{ inputs.environment }} | |
| on: | |
| workflow_call: | |
| inputs: | |
| apply: | |
| required: false | |
| type: boolean | |
| environment: | |
| required: true | |
| type: string # Choice not allowed in workflow_call, so using string | |
| ops_branch: | |
| required: false | |
| type: string | |
| default: 'main' | |
| service: | |
| required: true | |
| type: string # Same as above | |
| workflow_dispatch: # Manual trigger with dropdowns | |
| inputs: | |
| apply: | |
| required: false | |
| type: boolean | |
| default: false | |
| environment: | |
| required: true | |
| type: choice | |
| options: | |
| - dev | |
| - test | |
| - sbx | |
| - prod-test | |
| - prod | |
| ops_branch: | |
| required: false | |
| type: string | |
| default: 'main' | |
| service: | |
| required: true | |
| type: choice | |
| options: | |
| - api | |
| - core | |
| - controller | |
| - microservices | |
| - web | |
| - worker | |
| - eventbridge | |
| jobs: | |
| terraform: | |
| runs-on: self-hosted | |
| env: | |
| AWS_REGION: ${{ vars.AWS_REGION }} | |
| DEPLOYMENT_ENV: ${{ vars[format('{0}_DEPLOYMENT_ENV', github.event.inputs.environment) ] }} | |
| steps: | |
| - name: Set BACKEND_ENV based on environment | |
| run: | | |
| case "${{ inputs.environment }}" in | |
| dev) BACKEND_ENV="ab2d-dev" ;; | |
| test) BACKEND_ENV="ab2d-east-impl" ;; | |
| sbx) BACKEND_ENV="ab2d-sbx-sandbox" ;; | |
| prod-test) BACKEND_ENV="ab2d-east-prod-test" ;; | |
| prod) BACKEND_ENV="ab2d-east-prod" ;; | |
| *) echo "Invalid environment input"; exit 1 ;; | |
| esac | |
| echo "BACKEND_ENV=${BACKEND_ENV}" >> $GITHUB_ENV | |
| - name: Get AWS params | |
| uses: cmsgov/ab2d-bcda-dpc-platform/actions/aws-params-env-action@main | |
| env: | |
| AWS_REGION: ${{ vars.AWS_REGION }} | |
| with: | |
| params: | | |
| OPS_GITHUB_TOKEN=/ci/github/token | |
| - name: Checkout AB2D-Ops Repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| repository: 'cmsgov/ab2d-ops' | |
| token: ${{ env.OPS_GITHUB_TOKEN }} | |
| ref: ${{ inputs.ops_branch }} | |
| - name: Install Node.js | |
| uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 | |
| with: | |
| node-version: '20' | |
| - name: Install terraform | |
| uses: cmsgov/ab2d-bcda-dpc-platform/actions/setup-tfenv-terraform@main | |
| - name: Assume role in AB2D account for this environment | |
| uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 | |
| env: | |
| ACCOUNT: ${{ inputs.environment == 'prod-test' && 'prod' || inputs.environment == '' && 'test' || inputs.environment }} | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: arn:aws:iam::${{ secrets[format('{0}_ACCOUNT_ID', env.ACCOUNT)] }}:role/delegatedadmin/developer/ab2d-${{ env.ACCOUNT }}-github-actions | |
| - name: Terraform Init & Plan | |
| working-directory: terraform/environments/ab2d/${{ inputs.service }}/ | |
| run: | | |
| terraform init -reconfigure -backend-config=backend/${{ env.BACKEND_ENV }}.conf | |
| terraform plan -var env=${{ env.BACKEND_ENV }} -out=${{ inputs.service }}.tfplan | tee plan_output.txt | |
| - name: Terraform Apply | |
| if: ${{ inputs.apply == true }} | |
| working-directory: terraform/environments/ab2d/${{ inputs.service }}/ | |
| run: | | |
| terraform apply -input=false ${{ inputs.service }}.tfplan | |
| - name: Cleanup Terraform Plan | |
| if: always() | |
| working-directory: terraform/environments/ab2d/${{ inputs.service }}/ | |
| run: | | |
| rm -f ${{ inputs.service }}.tfplan plan_output.txt |