Skip to content

chore(deps): update dependency rhysd/actionlint to v1.7.5 #4240

chore(deps): update dependency rhysd/actionlint to v1.7.5

chore(deps): update dependency rhysd/actionlint to v1.7.5 #4240

Workflow file for this run

name: "Terraform plan and apply"
on: # yamllint disable-line rule:truthy
pull_request:
branches:
- main
types:
- opened
- synchronize
- reopened
- labeled
- closed
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
permissions: {}
jobs:
terraform:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
timeout-minutes: 10
if: contains(github.event.pull_request.labels.*.name, 'terraform-deps')
env:
TF_CLOUD_WORKSPACE: ${{ vars.TF_CLOUD_WORKSPACE }}
TERRAGRUNT_PATH: ${{ github.workspace }}/.github/scripts/tfwrapper.sh
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
# just use to login to terraform cloud
- uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
- uses: aquaproj/aqua-installer@f13c5d2f0357708d85477aabe50fd3f725528745 # v3.1.0
with:
aqua_version: v2.40.0
aqua_opts: ""
- name: init
run: |
terragrunt run-all init --terragrunt-non-interactive
env:
TF_CLOUD_ORGANIZATION: ${{ secrets.TF_CLOUD_ORGANIZATION }}
- name: validate
run: |
terragrunt run-all validate --terragrunt-non-interactive
env:
TF_CLOUD_ORGANIZATION: ${{ secrets.TF_CLOUD_ORGANIZATION }}
GITHUB_APP_ID: ${{ secrets.GH_APP_ID }}
GITHUB_APP_INSTALLATION_ID: ${{ secrets.GH_APP_INSTALLATION_ID }}
GITHUB_APP_PEM_FILE: ${{ secrets.GH_APP_PEM_FILE }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: plan
run: |
terragrunt run-all plan --terragrunt-non-interactive
env:
TF_CLOUD_ORGANIZATION: ${{ secrets.TF_CLOUD_ORGANIZATION }}
GITHUB_APP_ID: ${{ secrets.GH_APP_ID }}
GITHUB_APP_INSTALLATION_ID: ${{ secrets.GH_APP_INSTALLATION_ID }}
GITHUB_APP_PEM_FILE: ${{ secrets.GH_APP_PEM_FILE }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: apply
if: github.event.pull_request.merged == true
run: |
terragrunt run-all apply --terragrunt-non-interactive
env:
TF_CLOUD_ORGANIZATION: ${{ secrets.TF_CLOUD_ORGANIZATION }}
GITHUB_APP_ID: ${{ secrets.GH_APP_ID }}
GITHUB_APP_INSTALLATION_ID: ${{ secrets.GH_APP_INSTALLATION_ID }}
GITHUB_APP_PEM_FILE: ${{ secrets.GH_APP_PEM_FILE }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
check-tf-result:
needs: terraform
runs-on: ubuntu-latest
timeout-minutes: 5
if: always()
steps:
- name: check results
run: |
FAILURE_JOBS=$(echo "${NEEDS_JSON}" | jq -r 'to_entries | map(select(.value.result == "failure")) | map(.key + " " + .value.result) | join("\n")')
if [ -n "${FAILURE_JOBS}" ]; then
echo "The following jobs failed: ${FAILURE_JOBS}"
exit 1
fi
env:
NEEDS_JSON: ${{ toJSON(needs) }}