OP5dev · rdhar · Mar 28, 2024 · Mar 28, 2024 · Mar 28, 2024 · Mar 28, 2024
@@ -0,0 +1,68 @@
+name: TF Tests
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize, closed]
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    if: github.event.action != 'closed' || github.event.pull_request.merged
+
+    permissions:
+      actions: read # Required for workflow query and artifact download.
+      contents: read # Required for repository checkout.
+      issues: read # Required for getting PR branch from issue comment.
+      pull-requests: write # Required for commenting on PR.
+      statuses: write # Required for setting commit status from issue comment.
+
+    strategy:
+      fail-fast: false
+      matrix:
+        cli_uses: [tofu, terraform]
+        test:
+          - 10_fail_invalid_resource_type
+          - 11_fail_data_source_error
+          - 50_pass_one
+          - 51_pass_character_limit
+          - 52_pass_format_diff
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Setup TF
+        uses: opentofu/setup-opentofu@ae80d4ecaab946d8f5ff18397fbf6d0686c6d46a # v1.0.3
+      - uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
+
+      - name: Provision TF
+        id: tf
+        continue-on-error: true
+        uses: ./
+        with:
+          chdir_prefix: tests/
+          cli_uses: ${{ matrix.cli_uses }}
+          command_input: ${{ format('-tf={0} -chdir={1}', github.event.action != 'closed' && 'plan' || 'apply', matrix.test) }}
+          cache_plugins: false
+          recreate_comment: true
+
+      - name: Echo TF
+        run: |
+          echo "command: ${{ steps.tf.outputs.command }}"
+          echo "plan_id: ${{ steps.tf.outputs.plan_id }}"
+          echo "tf_fmt: ${{ steps.tf.outputs.tf_fmt }}"
+          echo "tf_output: ${{ steps.tf.outputs.tf_output }}"
+
+      - name: Echo github-script context
+        if: always()
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+        with:
+          script: console.log(JSON.stringify(context, null, 2))
+      - name: Echo github context
+        if: always()
+        env:
+          MATRIX_CONTEXT: ${{ toJSON(matrix) }}
+          GITHUB_CONTEXT: ${{ toJSON(github) }}
+        run: |
+          echo "$MATRIX_CONTEXT"
+          echo "$GITHUB_CONTEXT"
@@ -0,0 +1,40 @@
+name: TF via PR Comments
+
+on:
+  issue_comment:
+    types: [created, edited]
+  pull_request:
+    types: [synchronize]
+    paths: ["**/*.tf*"]
+
+jobs:
+  tf:
+    runs-on: ubuntu-latest
+    if: startsWith(github.event.comment.body, '-tf=') || contains(join(github.event.pull_request.labels.*.name), 'tf:')
+
+    permissions:
+      actions: read # Required for workflow query and artifact download.
+      contents: read # Required for repository checkout.
+      issues: read # Required for getting PR branch from issue comment.
+      pull-requests: write # Required for commenting on PR.
+      statuses: write # Required for setting commit status from issue comment.
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          ref: ${{ github.event.issue && format('refs/pull/{0}/merge', github.event.issue.number) }}
+
+      - name: Setup TF
+        uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
+
+      - name: Provision TF
+        uses: devsectop/tf-via-pr-comments@dc6ce4481c36f83bd8a5110040499da17df6cb1a # v9.1.0
+        env:
+          TF_VAR_PLACEHOLDER: value
+        with:
+          recreate_comment: true
+          var_file_from_workspace: true
+          var_file_prefix: env/
+          var_file_suffix: .tfvars
+          chdir_prefix: sample/
@@ -0,0 +1,40 @@
+name: TF via PR Comments or Input
+
+on:
+  issue_comment:
+    types: [created, edited]
+  pull_request:
+    types: [opened, reopened, synchronize, closed]
+    paths: ["**/*.tf*"]
+
+jobs:
+  tf:
+    runs-on: ubuntu-latest
+    if: startsWith(github.event.comment.body, '-tf=') || github.event.action != 'closed' || github.event.pull_request.merged
+
+    permissions:
+      actions: read # Required for workflow query and artifact download.
+      contents: read # Required for repository checkout.
+      issues: read # Required for getting PR branch from issue comment.
+      pull-requests: write # Required for commenting on PR.
+      statuses: write # Required for setting commit status from issue comment.
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          ref: ${{ github.event.issue && format('refs/pull/{0}/merge', github.event.issue.number) }}
+
+      - name: Setup TF
+        uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
+
+      - name: Provision TF
+        uses: devsectop/tf-via-pr-comments@dc6ce4481c36f83bd8a5110040499da17df6cb1a # v9.1.0
+        env:
+          TF_VAR_PLACEHOLDER: value
+        with:
+          recreate_comment: true
+          var_file_from_workspace: true
+          command_input: ${{ github.event.comment && '' || format('-tf={0} -chdir=sample/sample_instance -workspace=dev', github.event.action != 'closed' && 'plan' || 'apply') }}
+          var_file_prefix: env/
+          var_file_suffix: .tfvars
@@ -0,0 +1,40 @@
+name: TF via PR Input with AWS Authentication
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize, closed]
+    paths: ["**/*.tf*"]
+
+jobs:
+  tf:
+    runs-on: ubuntu-latest
+    if: github.event.action != 'closed' || github.event.pull_request.merged
+
+    permissions:
+      actions: read # Required for workflow query and artifact download.
+      contents: read # Required for repository checkout.
+      id-token: write # Required for assuming AWS role via OIDC provider.
+      pull-requests: write # Required for commenting on PR.
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
+        with:
+          aws-region: us-east-1
+          role-to-assume: ${{ secrets.AWS_ROLE }}
+
+      - name: Setup TF
+        uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
+
+      - name: Provision TF
+        uses: devsectop/tf-via-pr-comments@dc6ce4481c36f83bd8a5110040499da17df6cb1a # v9.1.0
+        env:
+          TF_VAR_PLACEHOLDER: value
+        with:
+          backend_config_prefix: backend/
+          backend_config_suffix: .tfvars
+          chdir_prefix: sample/
+          command_input: ${{ format('-tf={0} -chdir=sample_bucket -backend-config=dev', github.event.action != 'closed' && 'plan' || 'apply') }}
@@ -0,0 +1,43 @@
+name: TF via PR Input Matrix Strategy
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize, closed]
+    paths: ["**/*.tf*"]
+
+jobs:
+  tf:
+    runs-on: ubuntu-latest
+    if: github.event.action != 'closed' || github.event.pull_request.merged
+
+    permissions:
+      actions: read # Required for workflow query and artifact download.
+      contents: read # Required for repository checkout.
+      pull-requests: write # Required for commenting on PR.
+
+    strategy:
+      fail-fast: false
+      matrix:
+        deployment: [dev, stg, prd]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Setup TF
+        uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
+
+      - name: Provision TF
+        id: tf
+        uses: devsectop/tf-via-pr-comments@dc6ce4481c36f83bd8a5110040499da17df6cb1a # v9.1.0
+        env:
+          TF_VAR_PLACEHOLDER: value
+        with:
+          command_input: ${{ format('-tf={0} -chdir=sample/sample_bucket -backend-config=backend/{1}.tfvars', github.event.action != 'closed' && 'plan' || 'apply', matrix.deployment) }}
+
+      - name: Echo TF
+        run: |
+          echo "command: ${{ steps.tf.outputs.command }}"
+          echo "plan_id: ${{ steps.tf.outputs.plan_id }}"
+          echo "tf_fmt: ${{ steps.tf.outputs.tf_fmt }}"
+          echo "tf_output: ${{ steps.tf.outputs.tf_output }}"
@@ -7,7 +7,10 @@ All forms of contribution are very welcome and deeply appreciated for fostering
 - Please [open a discussion][discussion] to share ideas about where you'd like to see this project go.
 - Please [consider becoming a stargazer][stargazer] if you find this project useful.
 
+Includes a [GitHub Codespaces][github_codespaces] dev container, which offers a tailored TF development environment, complete with tools and runtimes to lower the barrier to entry for contributors.
+
 [discussion]: https://github.com/devsectop/tf-via-pr-comments/discussions "Open a discussion."
+[github_codespaces]: https://docs.github.com/en/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers "Introduction to GitHub Codespaces."
 [issue]: https://github.com/devsectop/tf-via-pr-comments/issues "Raise an issue."
 [pull_request]: https://github.com/devsectop/tf-via-pr-comments/pulls "Create a pull request."
 [stargazer]: https://github.com/devsectop/tf-via-pr-comments/stargazers "Become a stargazer."