diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 7555ed0..f767861 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -1,4 +1,3 @@ -# Workflow name name: S3 Deploy on: workflow_dispatch: diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 5eddb5c..17abdd3 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -1,44 +1,38 @@ name: Terraform Deploy - on: push: branches: - - master + - master paths: - - 'infra/**' - - .github/workflows/terraform.yaml - - + - 'infra/**' + - .github/workflows/terraform.yaml permissions: - id-token: write # This is required for requesting the JWT - contents: read # This is required for actions/checkout - + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout jobs: plan-and-approve: runs-on: ubuntu-latest env: AWS_REGION: sa-east-1 steps: - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v3.0.1 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN }} - role-session-name: GitHub_to_AWS_via_FederatedOIDC - aws-region: ${{ env.AWS_REGION }} - - name: install terraform - uses: hashicorp/setup-terraform@v2 - - name: checkout repository - uses: actions/checkout@v3 - with: - submodules: 'true' - - name: terraform init - run: terraform init - working-directory: infra - - name: terraform plan - run: terraform plan - working-directory: infra - - + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v3.0.1 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + role-session-name: GitHub_to_AWS_via_FederatedOIDC + aws-region: ${{ env.AWS_REGION }} + - name: install terraform + uses: hashicorp/setup-terraform@v2 + - name: checkout repository + uses: actions/checkout@v3 + with: + submodules: 'true' + - name: terraform init + run: terraform init + working-directory: infra + - name: terraform plan + run: terraform plan + working-directory: infra execute-plan: runs-on: ubuntu-latest needs: plan-and-approve @@ -46,21 +40,22 @@ jobs: env: AWS_REGION: sa-east-1 steps: - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v3.0.1 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN }} - role-session-name: GitHub_to_AWS_via_FederatedOIDC - aws-region: ${{ env.AWS_REGION }} - - name: install terraform - uses: hashicorp/setup-terraform@v2 - - name: checkout repository - uses: actions/checkout@v3 - with: - submodules: 'true' - - name: terraform init - run: terraform init - working-directory: infra - - name: terraform apply - run: terraform apply -auto-approve - working-directory: infra \ No newline at end of file + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v3.0.1 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + role-session-name: GitHub_to_AWS_via_FederatedOIDC + aws-region: ${{ env.AWS_REGION }} + - name: install terraform + uses: hashicorp/setup-terraform@v2 + - name: checkout repository + uses: actions/checkout@v3 + with: + submodules: 'true' + - name: terraform init + run: terraform init + working-directory: infra + - name: terraform apply + run: terraform apply -auto-approve + working-directory: infra +