create workspace directly via api to ensure it's in the right project #84
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | ||
| name: Deploy/Destroy Branch Dev Environment | ||
| on: | ||
| pull_request: | ||
| types: [labeled, closed] | ||
| env: | ||
| TERRAFORM_CLOUD_TOKENS: app.terraform.io=${{ secrets.HUSHLINE_DEV_TF_TOKEN }} | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| WORKSPACE_NAME: hushline-dev-${{ github.head_ref }} | ||
| TF_PROJECT_HUSH_LINE_DEV: prj-iEruEQFmaNTCRAtA | ||
| DEV_TF_PATH: terraform/dev | ||
| DO_APP_NAME: hushline-dev-${{ github.head_ref }} | ||
| HUSHLINE_INFRA_REPO: scidsg/hushline-infra | ||
| HUSHLINE_INFRA_REF: dev-team | ||
| jobs: | ||
| deploy: | ||
| if: ${{ github.event.action == 'labeled' && github.event.label.name == 'deploy' }} | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: checkout terraform | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| repository: ${{ env.HUSHLINE_INFRA_REPO }} | ||
| ref: ${{ env.HUSHLINE_INFRA_REF }} | ||
| token: ${{ secrets.HUSHLINE_INFRA_TOKEN }} | ||
| // - name: Use branch workspace | ||
| // uses: dflook/terraform-new-workspace@v1.43.0 | ||
| // with: | ||
| // path: ${{ env.DEV_TF_PATH }} | ||
| // workspace: ${{ env.WORKSPACE_NAME }} | ||
| - name: Create workspace | ||
| run: | | ||
| resp = $(curl -s -o /dev/null -w "%{http_code}" \ | ||
| -X GET https://app.terraform.io/api/v2/organizations/science-and-design/workspaces/${{ env.WORKSPACE_NAME }} \ | ||
| -H 'Content-Type: application/vnd.api+json' \ | ||
| -H 'Authorization: Bearer ${{ secrets.HUSHLINE_DEV_TF_TOKEN }}') | ||
| if [[ $resp == '404' ]]; then | ||
| curl -X POST https://app.terraform.io/api/v2/organizations/science-and-design/workspaces/${{ env.WORKSPACE_NAME }} \ | ||
| -H 'Content-Type: application/vnd.api+json' \ | ||
| -H 'Authorization: Bearer ${{ secrets.HUSHLINE_DEV_TF_TOKEN }}' \ | ||
| -d '{ | ||
| "data": { | ||
| "type": "workspaces", | ||
| "attributes": { | ||
| "working-directory": "${{ env.DEV_TF_PATH }}", | ||
| "name": "${{ env.WORKSPACE_NAME }}", | ||
| "auto-destroy-activity-duration": "14d", | ||
| "execution-mode": "remote", | ||
| "source-name": "scidsg/hushline dev deploy" | ||
| }, | ||
| "relationships": { | ||
| "project": { | ||
| "data": { | ||
| "id": "${{ env.TF_PROJECT_HUSH_LINE_DEV }}" | ||
| } | ||
| } | ||
| } | ||
| } | ||
| }' | ||
| curl -X POST https://app.terraform.io/api/v2/workspaces/${{ env.WORKSPACE_NAME }}/relationships/tags \ | ||
| -H 'Content-Type: application/vnd.api+json' \ | ||
| -H 'Authorization: Bearer ${{ secrets.HUSHLINE_DEV_TF_TOKEN }}' \ | ||
| -d '{ | ||
| "data": [ | ||
| { | ||
| "type": "tags", | ||
| "attributes": { | ||
| "name": "dev" | ||
| } | ||
| ] | ||
| }' | ||
| fi | ||
| - name: Plan test infrastrucutre | ||
| uses: dflook/terraform-plan@v1.43.0 | ||
| with: | ||
| path: ${{ env.DEV_TF_PATH }} | ||
| workspace: ${{ env.WORKSPACE_NAME }} | ||
| add_github_comment: true | ||
| variables: | | ||
| branch = "${{ github.head_ref }}" | ||
| name = "${{ env.DO_APP_NAME }}" | ||
| - name: Apply test infrastrucutre | ||
| uses: dflook/terraform-apply@v1.43.0 | ||
| with: | ||
| path: ${{ env.DEV_TF_PATH }} | ||
| workspace: ${{ env.WORKSPACE_NAME }} | ||
| variables: | | ||
| branch = "${{ github.head_ref }}" | ||
| name = "${{ env.DO_APP_NAME }}" | ||
| - name: terraform output | ||
| uses: dflook/terraform-output@v1.43.0 | ||
| id: tf-outputs | ||
| with: | ||
| path: ${{ env.DEV_TF_PATH }} | ||
| workspace: ${{ env.WORKSPACE_NAME }} | ||
| - name: comment app url | ||
| uses: actions/github-script@v7.0.1 | ||
| with: | ||
| script: | | ||
| github.rest.issues.createComment({ | ||
| issue_number: context.issue.number, | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| body: ':rocket: App successfully deployed to ${{ steps.tf-outputs.outputs.app_live_url }}!' | ||
| }) | ||
| destroy: | ||
| if: ${{ (github.event.action == 'labeled' && github.event.label.name == 'destroy') || github.event.action == 'closed' }} | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: checkout terraform | ||
| uses: actions/checkout@v4 | ||
| if: contains(github.event.pull_request.labels.*.name, 'deploy') | ||
| with: | ||
| repository: ${{ env.HUSHLINE_INFRA_REPO }} | ||
| ref: ${{ env.HUSHLINE_INFRA_REF }} | ||
| token: ${{ secrets.HUSHLINE_INFRA_TOKEN }} | ||
| - name: destroy worspace | ||
| uses: dflook/terraform-destroy-workspace@v1.43.0 | ||
| if: contains(github.event.pull_request.labels.*.name, 'deploy') | ||
| with: | ||
| path: ${{ env.DEV_TF_PATH }} | ||
| workspace: ${{ env.WORKSPACE_NAME }} | ||
| variables: | | ||
| branch = "${{ github.head_ref }}" | ||
| name = "${{ env.DO_APP_NAME }}" | ||
| - name: remove deploy label | ||
| uses: actions-ecosystem/action-remove-labels@v1.3.0 | ||
| if: contains(github.event.pull_request.labels.*.name, 'deploy') | ||
| with: | ||
| github_token: ${{ github.token }} | ||
| labels: | | ||
| deploy | ||
| - name: remove destroy label | ||
| uses: actions-ecosystem/action-remove-labels@v1.3.0 | ||
| if: contains(github.event.pull_request.labels.*.name, 'destroy') | ||
| with: | ||
| github_token: ${{ github.token }} | ||
| labels: | | ||
| destroy | ||
