init

.gitea/workflows/terraform.yaml

@@ -0,0 +1,51 @@
+name: Run terraform
+on:
+  workflow_call:
+    inputs:
+      terraform_image:
+        required: true
+        type: string
+        description: image to use inside the workflow jobs
+        default: git.romalex.cc/public/terraform-image:v1
+      action:
+        required: true
+        type: string
+        description: action to run. must be PLAN or APPLY, or else would do nothing
+      workspace:
+        required: true
+        type: string
+        description: terraform workspace name
+    secrets:
+      pg_conn_str:
+        required: true
+        description: value of PG_CONN_STR env
+      role_id:
+        required: true
+        description: value of TF_VAR_login_approle_role_id env
+      secret_id:
+        required: true
+        description: value of TF_VAR_login_approle_secret_id
+
+jobs:
+  terraform:
+    name: Run terraform ${{ inputs.action }}
+    runs-on: romalex-public
+    container:
+      image: ${{ inputs.terraform_image }}
+    env:
+      PG_CONN_STR: ${{ secrets.pg_conn_str }}
+      TF_VAR_login_approle_role_id: ${{ secrets.role_id }}
+      TF_VAR_login_approle_secret_id: ${{ secrets.secret_id }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Init terraform
+        run: terraform init
+      - name: Select workspace
+        run: terraform workspace select -or-create ${{ inputs.workspace }}
+      - name: Terraform Plan
+        if: ${{ inputs.action == 'PLAN' }}
+        run: terraform plan
+      - name: Terraform Apply
+        if: ${{ inputs.action == 'APPLY' }}
+        run: terraform apply -auto-approve