128 lines
4 KiB
YAML
128 lines
4 KiB
YAML
name: "Terraform Apply"
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
env:
|
|
TF_CLOUD_ORGANIZATION: "MealCraft"
|
|
TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}"
|
|
TF_WORKSPACE: "production"
|
|
CONFIG_DIRECTORY: aws_environment
|
|
TF_VAR_public_ip: "${{ secrets.PUBLIC_IP }}"
|
|
|
|
jobs:
|
|
terraform:
|
|
if: github.repository != 'hashicorp-education/learn-terraform-github-actions'
|
|
name: "Terraform Apply"
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Debug Paths
|
|
run: |
|
|
echo "Workspace: $GITHUB_WORKSPACE"
|
|
ls -R .
|
|
echo "CONFIG_DIRECTORY: $CONFIG_DIRECTORY"
|
|
ls -R "$CONFIG_DIRECTORY"
|
|
|
|
- name: Upload Configuration
|
|
uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0
|
|
id: apply-upload
|
|
with:
|
|
workspace: ${{ env.TF_WORKSPACE }}
|
|
directory: ${{ env.CONFIG_DIRECTORY }}
|
|
|
|
- name: Create Apply Run
|
|
uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0
|
|
id: apply-run
|
|
with:
|
|
workspace: ${{ env.TF_WORKSPACE }}
|
|
configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}
|
|
|
|
# Terraform marks the run as "confirmable" using lowercase attribute
|
|
- name: Apply
|
|
if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.is_confirmable
|
|
uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.0.0
|
|
id: apply
|
|
with:
|
|
comment: "Apply from GitHub Actions CI ${{ github.sha }}"
|
|
run: ${{ steps.apply-run.outputs.run_id }}
|
|
|
|
- name: Print TF_VAR_public_ip
|
|
run: 'echo "📡 Public IP used by Terraform: $TF_VAR_public_ip"'
|
|
|
|
terraform-ses:
|
|
if: github.repository != 'hashicorp-education/learn-terraform-github-actions'
|
|
name: "Terraform Apply - SES"
|
|
runs-on: mealcraft-runners
|
|
needs: terraform
|
|
permissions:
|
|
contents: read
|
|
|
|
steps:
|
|
- name: Checkout repo
|
|
uses: actions/checkout@v4
|
|
|
|
# - name: Install modern Node.js
|
|
# run: |
|
|
# curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
|
|
# sudo apt-get install -y nodejs
|
|
# node --version
|
|
|
|
# - name: Setup Terraform
|
|
# uses: hashicorp/setup-terraform@v3
|
|
# with:
|
|
# terraform_version: "1.6.6"
|
|
|
|
# - name: Install AWS CLI v2
|
|
# run: |
|
|
# sudo apt-get update
|
|
# sudo apt-get install -y unzip curl
|
|
|
|
# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
|
|
# unzip awscliv2.zip
|
|
# sudo ./aws/install
|
|
|
|
# aws --version
|
|
|
|
# - name: Verify AWS identity
|
|
# run: aws sts get-caller-identity
|
|
|
|
# - name: Terraform Init
|
|
# working-directory: aws_environment/ses-juntekim
|
|
# run: terraform init
|
|
|
|
# - name: Terraform Validate
|
|
# working-directory: aws_environment/ses-juntekim
|
|
# run: terraform validate
|
|
|
|
# - name: Terraform Plan
|
|
# id: plan
|
|
# working-directory: aws_environment/ses-juntekim
|
|
# run: terraform plan -input=false
|
|
|
|
# - name: Terraform Apply
|
|
# working-directory: aws_environment/ses-juntekim
|
|
# run: terraform apply -auto-approve -input=false
|
|
|
|
- name: Future Improvement Reminder
|
|
run: |
|
|
echo ""
|
|
echo "⚠️ REMINDER: Future maintenance required for SES Terraform"
|
|
echo ""
|
|
echo "This SES configuration currently uses a separate S3 backend for state management."
|
|
echo "Plan to consolidate and migrate away from Hashicorp Terraform Cloud:"
|
|
echo ""
|
|
echo "TODO:"
|
|
echo " - [ ] Consolidate SES terraform into main Terraform Cloud workspace"
|
|
echo " - [ ] Move away from Hashicorp Terraform Cloud entirely"
|
|
echo " - [ ] Use alternative state management solution for all infrastructure"
|
|
echo ""
|
|
echo "See: aws_environment/ses-juntekim/README.md for details"
|
|
echo ""
|