-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Terraform plan as comment to deployment PR (#212)
* Add release-process.md and update deploy workflow to run on all versioned tags. Also, remove value-created-log.md. * Run deploy workflow on push to main or staging branches. * Add workflow to open a PR on commit to main. (Includes organize-workflows branch for debugging w/o excessive merging) * Update release-process.md with PR workflow * Move PR creation workflow to shared workflow * Check out repo as first step in pr creation * Add missing trailing backslash * remove automerge label * Quote debugging * Remove debug feature branch trigger * Add workflow to add Terraform plan as comment to PR * For testing, run terraform plan workflow on merge to main * Add DEPLOY_ENV env var * Store output of terraform plan so we can use it in a comment * Lookup prior comment
- Loading branch information
1 parent
74dffac
commit a5baea5
Showing
2 changed files
with
121 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,103 @@ | ||
| name: Add Terraform CDK plan as comment on pull request | ||
|
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| deploy-env: | ||
| required: true | ||
| type: string | ||
|
|
||
| env: | ||
| DEPLOY_ENV: ${{ inputs.deploy-env }} | ||
|
|
||
| jobs: | ||
| terraform: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v3 | ||
|
|
||
| - name: Read node version from `.nvmrc` file | ||
| id: nvmrc | ||
| shell: bash | ||
| run: echo ::set-output name=NODE_VERSION::$(cat .nvmrc) | ||
|
|
||
| - name: Install required node.js version | ||
| uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: ${{ steps.nvmrc.outputs.NODE_VERSION }} | ||
|
|
||
| - name: Install pnpm | ||
| uses: pnpm/action-setup@v2 | ||
| id: pnpm-install | ||
| with: | ||
| version: 8 | ||
| run_install: false | ||
|
|
||
| - name: Get pnpm store directory | ||
| id: pnpm-cache | ||
| shell: bash | ||
| run: | | ||
| echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | ||
| - uses: actions/cache@v3 | ||
| name: Setup pnpm cache | ||
| with: | ||
| path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | ||
| key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-pnpm-store- | ||
| - name: Install dependencies | ||
| run: pnpm install | ||
|
|
||
| - name: Initialize Terraform CDK configuration | ||
| shell: bash | ||
| run: | | ||
| cd infra | ||
| pnpm cdktf get | ||
| pnpm build:tsc | ||
| - name: Install CloudFoundry CLI | ||
| run: | | ||
| curl -L "https://packages.cloudfoundry.org/stable?release=linux64-binary&version=v8&source=github" | sudo tar -zx --directory=/usr/local/bin | ||
| cf --version | ||
| - name: Configure CloudFoundry API endpoint | ||
| run: | | ||
| cf api https://api.fr.cloud.gov | ||
| - name: Show Terraform plan | ||
| id: show_plan | ||
| env: | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
| shell: bash | ||
| run: | | ||
| output=$(DEPLOY_ENV=${DEPLOY_ENV} pnpm cdktf diff --no-color --app "npx ts-node src/index.ts") | ||
| echo "${output}" | ||
| echo "::set-output name=stdout::$output" | ||
| working-directory: infra | ||
|
|
||
| - name: Find Comment | ||
| uses: peter-evans/find-comment@v3 | ||
| id: find_comment | ||
| with: | ||
| issue-number: ${{ github.event.pull_request.number }} | ||
| comment-author: 'github-actions[bot]' | ||
| body-includes: '<!-- terraform-plan-comment -->' | ||
|
|
||
| - name: Create or update PR comment with Terraform plan | ||
| uses: peter-evans/create-or-update-comment@v4 | ||
| with: | ||
| comment-id: ${{ steps.find_comment.outputs.comment-id }} | ||
| issue-number: ${{ github.event.pull_request.number }} | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
| repository: ${{ github.repository }} | ||
| body: | | ||
| <!-- terraform-plan-comment --> | ||
| **Terraform Plan** | ||
| ```terraform | ||
| ${{ steps.show_plan.outputs.stdout }} | ||
| ``` | ||
| edit-mode: replace |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| name: Add Terraform CDK plan as comment on pull request | ||
|
|
||
| on: | ||
| pull_request: | ||
| branches: | ||
| - staging | ||
| - main | ||
| types: | ||
| - opened | ||
| - synchronize | ||
| - reopened | ||
|
|
||
| jobs: | ||
| add-terraform-plan-to-staging-pr: | ||
| uses: ./.github/workflows/_terraform-plan-pr-comment.yml | ||
| secrets: inherit | ||
| with: | ||
| deploy-env: staging |