You've already forked ci-templates
generated from public/repo-template
52 lines
1.5 KiB
YAML
52 lines
1.5 KiB
YAML
name: Run terraform
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
terraform_image:
|
|
required: true
|
|
type: string
|
|
description: image to use inside the workflow jobs
|
|
default: git.romalex.cc/public/terraform-image:v1
|
|
action:
|
|
required: true
|
|
type: string
|
|
description: action to run. must be PLAN or APPLY, or else would do nothing
|
|
workspace:
|
|
required: true
|
|
type: string
|
|
description: terraform workspace name
|
|
secrets:
|
|
pg_conn_str:
|
|
required: true
|
|
description: value of PG_CONN_STR env
|
|
role_id:
|
|
required: true
|
|
description: value of TF_VAR_login_approle_role_id env
|
|
secret_id:
|
|
required: true
|
|
description: value of TF_VAR_login_approle_secret_id
|
|
|
|
jobs:
|
|
terraform:
|
|
name: Run terraform ${{ inputs.action }}
|
|
runs-on: romalex-public
|
|
container:
|
|
image: ${{ inputs.terraform_image }}
|
|
env:
|
|
PG_CONN_STR: ${{ secrets.pg_conn_str }}
|
|
TF_VAR_login_approle_role_id: ${{ secrets.role_id }}
|
|
TF_VAR_login_approle_secret_id: ${{ secrets.secret_id }}
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
- name: Init terraform
|
|
run: terraform init
|
|
- name: Select workspace
|
|
run: terraform workspace select -or-create ${{ inputs.workspace }}
|
|
- name: Terraform Plan
|
|
if: ${{ inputs.action == 'PLAN' }}
|
|
run: terraform plan
|
|
- name: Terraform Apply
|
|
if: ${{ inputs.action == 'APPLY' }}
|
|
run: terraform apply -auto-approve
|