-
Notifications
You must be signed in to change notification settings - Fork 0
123 lines (110 loc) · 4.38 KB
/
test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
---
name: test
on:
workflow_call:
inputs:
ref:
required: false
type: string
secrets:
gh_token:
required: false
gh_app_id:
required: false
gh_app_private_key:
required: false
tfe_token:
required: false
terraform_private_module_ssh_key: # This isn't needed if you don't use SSH key to checkout private Terraform Modules
required: false
secrets:
required: false
env:
TFACTION_IS_APPLY: 'false'
GH_COMMENT_SHA1: ${{inputs.ref}}
TFCMT_SHA: ${{inputs.ref}}
jobs:
setup:
runs-on: ubuntu-latest
outputs:
targets: ${{ steps.list-targets.outputs.targets }}
modules: ${{ steps.list-targets.outputs.modules }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{inputs.ref}}
- uses: suzuki-shunsuke/github-token-action@04d633c696e9d09e958c8b815c75db9606d6d927 # v0.2.0
id: token
with:
github_token: ${{secrets.gh_token}}
github_app_id: ${{secrets.gh_app_id}}
github_app_private_key: ${{secrets.gh_app_private_key}}
default_github_token: ${{github.token}}
- uses: aquaproj/aqua-installer@928a2ee4243a9ee8312d80dc8cbaca88fb602a91 # v2.2.0
with:
aqua_version: v2.17.1
env:
AQUA_GITHUB_TOKEN: ${{steps.token.outputs.token}}
- uses: suzuki-shunsuke/tfaction/list-targets@5731fade20e41c1905c04095f0e3d68fac14a636 # v0.7.3
id: list-targets
plan:
name: "plan (${{matrix.target.target}})"
runs-on: ${{matrix.target.runs_on}}
needs: setup
# if services is empty, the build job is skipped
if: "join(fromJSON(needs.setup.outputs.targets), '') != ''"
strategy:
fail-fast: true
matrix:
target: ${{fromJSON(needs.setup.outputs.targets)}}
env:
TFACTION_TARGET: ${{matrix.target.target}}
TFACTION_JOB_TYPE: ${{matrix.target.job_type}}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{inputs.ref}}
- uses: suzuki-shunsuke/github-token-action@04d633c696e9d09e958c8b815c75db9606d6d927 # v0.2.0
id: token
with:
github_token: ${{secrets.gh_token}}
github_app_id: ${{secrets.gh_app_id}}
github_app_private_key: ${{secrets.gh_app_private_key}}
default_github_token: ${{github.token}}
- uses: aquaproj/aqua-installer@928a2ee4243a9ee8312d80dc8cbaca88fb602a91 # v2.2.0
with:
aqua_version: v2.17.1
env:
AQUA_GITHUB_TOKEN: ${{steps.token.outputs.token}}
- uses: suzuki-shunsuke/tfaction/export-secrets@5731fade20e41c1905c04095f0e3d68fac14a636 # v0.7.3
with:
secrets: ${{secrets.secrets}}
# This is required to download private modules in `terraform init`
- run: gh auth setup-git
env:
GITHUB_TOKEN: ${{steps.token.outputs.token}}
- uses: suzuki-shunsuke/tfaction/setup@5731fade20e41c1905c04095f0e3d68fac14a636 # v0.7.3
with:
github_app_token: ${{steps.token.outputs.token}}
ssh_key: ${{secrets.terraform_private_module_ssh_key}} # This isn't needed if you don't use SSH key to checkout private Terraform Modules
env:
TFE_TOKEN: ${{secrets.tfe_token}}
TF_TOKEN_app_terraform_io: ${{secrets.tfe_token}}
- uses: suzuki-shunsuke/tfaction/get-target-config@5731fade20e41c1905c04095f0e3d68fac14a636 # v0.7.3
id: target-config
- run: |
set -euo pipefail
github-comment exec -var "tfaction_target:$TFACTION_TARGET" -- tfprovidercheck -v
github-comment exec -var "tfaction_target:$TFACTION_TARGET" -- terraform version -json | github-comment exec -- tfprovidercheck
working-directory: ${{ steps.target-config.outputs.working_directory }}
env:
GITHUB_TOKEN: ${{steps.token.outputs.token}} # For github-comment
- uses: suzuki-shunsuke/tfaction/test@5731fade20e41c1905c04095f0e3d68fac14a636 # v0.7.3
with:
github_app_token: ${{steps.token.outputs.token}}
- uses: suzuki-shunsuke/tfaction/plan@5731fade20e41c1905c04095f0e3d68fac14a636 # v0.7.3
with:
github_app_token: ${{steps.token.outputs.token}}
env:
TFE_TOKEN: ${{secrets.tfe_token}}
TF_TOKEN_app_terraform_io: ${{secrets.tfe_token}}