Skip to content

feat(deps): update terraform terraform-google-modules/service-accounts/google ( 4.2.1 → 4.4.2 ) #370

feat(deps): update terraform terraform-google-modules/service-accounts/google ( 4.2.1 → 4.4.2 )

feat(deps): update terraform terraform-google-modules/service-accounts/google ( 4.2.1 → 4.4.2 ) #370

---
name: Terraform | Plan
on:
workflow_dispatch:
pull_request:
paths:
- "armature/prod/gcp/**"
- "armature/prod/tf-states/**"
- "armature/prod/b2/**"
- ".github/workflows/**"
concurrency:
group: tf-${{ github.head_ref }}
cancel-in-progress: true
env:
# renovate: datasource=github-releases depName=hashicorp/terraform
TERRAFORM_VERSION: 1.5.6
TF_VAR_org_id: ${{ secrets.TF_VARS_GCP_ORG_ID }}
TF_VAR_billing_account: ${{ secrets.TF_VARS_GCP_BILLING_ACCOUNT }}
TF_VAR_group_org_admins: ${{ secrets.TF_VARS_GCP_ORG_ADMINS }}
TF_VAR_group_billing_admins: ${{ secrets.TF_VARS_GCP_BILLING_ADMINS }}
permissions:
id-token: write
contents: read
pull-requests: write
actions: write
checks: write
statuses: write
jobs:
terraform-plan:
strategy:
fail-fast: false
matrix:
include:
- env: 'armature/prod/gcp/bootstrap'
- env: 'armature/prod/gcp/kutara'
- env: 'armature/prod/gcp/top22'
- env: 'armature/prod/tf-states'
- env: 'armature/prod/b2'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: google-github-actions/[email protected]
with:
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }}
- name: Setup Terraform
uses: hashicorp/[email protected]
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
- name: Terraform Init
run: terraform -chdir=${{ matrix.env }} init
- name: Terraform Format
run: terraform -chdir=${{ matrix.env }} fmt -check
- name: Terraform Plan
run: terraform -chdir=${{ matrix.env }} plan -lock=false