Switch to OpenTofu as far as currently supported

Signed-off-by: Patrick Robinson <[email protected]>

.github/workflows/githubaction-comment-apply.yml

@@ -1,4 +1,4 @@
-name: 'TerraformApply'
+name: 'TofuApply'
 
 on:
   issue_comment:
@@ -75,10 +75,10 @@ jobs:
         echo "stack_changed set to: ${{ steps.filter.outputs.stack_changed }}"
       if: always()
 
-  terraform:
+  tofu:
     needs: check-changes
     if: needs.check-changes.outputs.stack_changed == 'true'
-    name: 'Apply Terraform'
+    name: 'Apply Tofu'
     runs-on: arvato
     outputs:
       output1: ${{ steps.job.outputs.job_id }}
@@ -129,17 +129,15 @@ jobs:
     - run: echo "REPOSITORY_NAME=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
       shell: bash
 
-    # Install the latest version of Terraform CLI
-    - name: Setup Terraform
-      uses: hashicorp/setup-terraform@v2
-      with:
-        terraform_version: latest
+    # Install the latest version of tofu CLI
+    - name: Setup Tofu
+      uses: opentofu/setup-opentofu@v1
 
-    # Initialize Terraform
-    - name: Terraform Init
+    # Initialize Tofu
+    - name: Tofu Init
       run: |
         cd ${{ inputs.stack }}
-        terraform init -upgrade
+        tofu init -upgrade
 
     # Terraform Validation Steps
     - name: terraform validate ${{ inputs.stack }}
@@ -171,13 +169,13 @@ jobs:
         cd ${{ inputs.stack }}
         aws s3 cp s3://${{ inputs.s3bucketName }}/plans/${{ github.repository }}/${{ inputs.stack }}/${{ inputs.github_event_number }}/tfplan ./tfplan
 
-    # Build or change infrastructure according to Terraform configuration files
-    - name: Terraform Apply
+    # Build or change infrastructure according to Tofu configuration files
+    - name: Tofu Apply
       id: apply
       continue-on-error: true
       run: |
         cd ${{ inputs.stack }}
-        terraform apply -input=false -no-color tfplan
+        tofu apply -input=false -no-color tfplan
     # Upload the plan to S3
     - name: Upload Plan to S3
       run: |
@@ -193,7 +191,7 @@ jobs:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       run: |
         cd ${{ inputs.stack }}
-        (printf "**Terraform Apply ${{ inputs.stack }} environment**\n\n\`\`\`" && echo -n '${{ steps.apply.outputs.stdout }}' && printf "\`\`\`\n\n") > comment.txt
+        (printf "**Tofu Apply ${{ inputs.stack }} environment**\n\n\`\`\`" && echo -n '${{ steps.apply.outputs.stdout }}' && printf "\`\`\`\n\n") > comment.txt
         jq -R -s '.' < comment.txt > comment2.txt
         truncate -s -1 comment2.txt
         (echo -n '{ "body": ' && cat comment2.txt && echo -n ' }') > comment3.txt
@@ -224,7 +222,7 @@ jobs:
     #     $URL \
     #     -H "Content-Type: application/json" \
     #     -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-    #     -d '{"commit_title":"terraform update applied"}'
+    #     -d '{"commit_title":"Tofu update applied"}'
 
     # remove the organization plan from S3 whether successful or not
     - name: Delete Plan from S3
@@ -257,7 +255,7 @@ jobs:
 
   logging:
     name: 'Save logs'
-    needs: terraform
+    needs: tofu
     runs-on: arvato
     if: always() # This job will always run
     permissions:
@@ -279,9 +277,9 @@ jobs:
     - name: Retrieve log file and upload to s3
       run: |
         TIMESTAMP=$(date +'%Y-%m-%d-%H:%M:%S')
-        LOG_FILENAME="TerraformApply_${{ inputs.github_event_number }}_PR_$TIMESTAMP.txt"
+        LOG_FILENAME="TofuApply_${{ inputs.github_event_number }}_PR_$TIMESTAMP.txt"
         # Get log file
-        gh api repos/{owner}/{repo}/actions/jobs/${{ needs.terraform.outputs.output1 }}/logs > $LOG_FILENAME
+        gh api repos/{owner}/{repo}/actions/jobs/${{ needs.tofu.outputs.output1 }}/logs > $LOG_FILENAME
         # Upload it to s3
         aws s3 cp $LOG_FILENAME s3://${{ inputs.s3bucketName }}/logs/Apply/
       env:

.github/workflows/githubaction-comment-plan.yml

@@ -1,4 +1,4 @@
-name: 'TerraformPlan'
+name: 'TofuPlan'
 
 on:
   issue_comment:
@@ -26,8 +26,8 @@ on:
         default: "."
 
 jobs:
-  terraform:
-    name: 'Plan Terraform'
+  tofu:
+    name: 'Plan Tofu'
     runs-on: arvato
     outputs:
       output1: ${{ steps.job.outputs.job_id }}
@@ -81,17 +81,15 @@ jobs:
     - run: echo "REPOSITORY_NAME=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
       shell: bash
 
-    # Install the latest version of Terraform CLI
-    - name: Setup Terraform
-      uses: hashicorp/setup-terraform@v2
-      with:
-        terraform_version: latest
+    # Install the latest version of tofu CLI
+    - name: Setup Tofu
+      uses: opentofu/setup-opentofu@v1
 
-    # Initialize Terraform
-    - name: Terraform Init ${{ inputs.stack }}
+    # Initialize Tofu
+    - name: Tofu Init ${{ inputs.stack }}
       run: |
         cd ${{ inputs.stack }}
-        terraform init -upgrade
+        tofu init -upgrade
 
     # Terraform Validation Steps
     - name: terraform validate ${{ inputs.stack }}
@@ -117,27 +115,27 @@ jobs:
         GITHUB_APP_ID: ${{ secrets.TERRAFORM_GITHUB_ACTION_APP_ID }}
         GITHUB_APP_PEM_FILE: ${{ secrets.TERRAFORM_GITHUB_ACTION_PRIVATE_KEY }}
 
-    # Generate terraform plan
-    - name: Terraform Plan ${{ inputs.stack }}
+    # Generate tofu plan
+    - name: Tofu Plan ${{ inputs.stack }}
       id: tfplan
       continue-on-error: true
       run: |
         cd ${{ inputs.stack }}
-        # Bash script to build terraform plan command dynamically
-        COMMAND="terraform plan -input=false -no-color -out=tfplan"
+        # Bash script to build tofu plan command dynamically
+        COMMAND="tofu plan -input=false -no-color -out=tfplan"
         SECRETS_JSON='${{ toJson(secrets) }}'
         SECRETS=$(echo "$SECRETS_JSON" | jq -r 'keys[]')
         # Loop over each secret in the GitHub Actions environment
         for key in $SECRETS; do
           value=$(echo "$SECRETS_JSON" | jq -r ".[\"$key\"]")
           # Check if the secret name has the prefix "TF_VAR_"
           if [[ $key == TF_VAR_* ]]; then
-            # Add the secret as an input variable to the terraform command
+            # Add the secret as an input variable to the tofu command
             COMMAND="$COMMAND -var '${key#TF_VAR_}=$value'"
           fi
         done
-        # Execute the dynamically generated terraform command
-        eval $COMMAND && terraform show -no-color tfplan | sed 's/\x27/ /g' | sed -E 's/^([[:space:]]+)([-+])/\2\1/g' > plan.txt
+        # Execute the dynamically generated tofu command
+        eval $COMMAND && tofu show -no-color tfplan | sed 's/\x27/ /g' | sed -E 's/^([[:space:]]+)([-+])/\2\1/g' > plan.txt
 
     # Upload the plan to S3
     - name: Upload ${{ inputs.stack }} Plan to S3
@@ -154,7 +152,7 @@ jobs:
       run: |
         set -x
         cd ${{ inputs.stack }}
-        (printf "**Terraform Plan ${{ inputs.stack }} Environment**\n\n\`\`\`diff" && sed '/^::/d' plan.txt) > comment.txt
+        (printf "**Tofu Plan ${{ inputs.stack }} Environment**\n\n\`\`\`diff" && sed '/^::/d' plan.txt) > comment.txt
         jq -R -s '.' < comment.txt > comment2.txt
         truncate -s -1 comment2.txt
         (echo -n '{ "body": ' && cat comment2.txt && echo -n ' }') > comment3.txt
@@ -173,7 +171,7 @@ jobs:
 
   logging:
     name: 'Save logs'
-    needs: terraform
+    needs: tofu
     runs-on: arvato
     if: always() # This job will always run
     permissions:
@@ -195,9 +193,9 @@ jobs:
     - name: Retrieve log file and upload to s3
       run: |
         TIMESTAMP=$(date +'%Y-%m-%d-%H:%M:%S')
-        LOG_FILENAME="TerraformPlan_${{ inputs.github_event_number }}_PR_$TIMESTAMP.txt"
+        LOG_FILENAME="TofuPlan_${{ inputs.github_event_number }}_PR_$TIMESTAMP.txt"
         # Get log file
-        gh api repos/{owner}/{repo}/actions/jobs/${{ needs.terraform.outputs.output1 }}/logs > $LOG_FILENAME
+        gh api repos/{owner}/{repo}/actions/jobs/${{ needs.tofu.outputs.output1 }}/logs > $LOG_FILENAME
         # Upload it to s3
         aws s3 cp $LOG_FILENAME s3://${{ inputs.s3bucketName }}/logs/Plan/
       env:

.github/workflows/githubaction-mergeblock.yml

@@ -5,7 +5,7 @@ on:
   workflow_call:
 
 jobs:
-  terraform:
+  tofu:
     name: 'Block Merge'
     runs-on: arvato
     permissions:

.github/workflows/githubaction-scheduled-plan.yml

@@ -1,4 +1,4 @@
-name: 'TerraformPlanScheduled'
+name: 'TofuPlanScheduled'
 
 on:
   workflow_dispatch:
@@ -16,8 +16,8 @@ on:
         default: "."
 
 jobs:
-  terraform:
-    name: 'Plan Terraform'
+  tofu:
+    name: 'Plan Tofu'
     runs-on: arvato
     permissions:
       id-token: write
@@ -48,11 +48,9 @@ jobs:
     # Checkout the repository to the GitHub Actions runner
     - name: Checkout
       uses: actions/checkout@v4
-    # Install the latest version of Terraform CLI
-    - name: Setup Terraform
-      uses: hashicorp/setup-terraform@v2
-      with:
-        terraform_version: latest
+    # Install the latest version of Tofu CLI
+    - name: Setup Tofu
+      uses: opentofu/setup-opentofu@v1
     # Initialize Terraform
     - name: Terraform Init
       run: |
@@ -81,25 +79,25 @@ jobs:
         GITHUB_APP_ID: ${{ secrets.TERRAFORM_GITHUB_ACTION_APP_ID }}
         GITHUB_APP_PEM_FILE: ${{ secrets.TERRAFORM_GITHUB_ACTION_PRIVATE_KEY }}
     # Generate plan
-    - name: Terraform Plan Landingzone
+    - name: Tofu Plan Landingzone
       id: tfplan
       continue-on-error: true
       run: |
         cd ${{ inputs.stack }}
-        # Bash script to build terraform plan command dynamically
-        COMMAND="terraform plan -input=false -no-color -out=tfplanlz --detailed-exitcode"
+        # Bash script to build tofu plan command dynamically
+        COMMAND="tofu plan -input=false -no-color -out=tfplanlz --detailed-exitcode"
         SECRETS_JSON='${{ toJson(secrets) }}'
         SECRETS=$(echo "$SECRETS_JSON" | jq -r 'keys[]')
         # Loop over each secret in the GitHub Actions environment
         for key in $SECRETS; do
           value=$(echo "$SECRETS_JSON" | jq -r ".[\"$key\"]")
           # Check if the secret name has the prefix "TF_VAR_"
           if [[ $key == TF_VAR_* ]]; then
-            # Add the secret as an input variable to the terraform command
+            # Add the secret as an input variable to the tofu command
             COMMAND="$COMMAND -var '${key#TF_VAR_}=$value'"
           fi
         done
-        # Execute the dynamically generated terraform command
+        # Execute the dynamically generated tofu command
         eval $COMMAND
 
     # CONCLUDE

README.md

@@ -1,2 +1,2 @@
 # github-actions-aws-terraform
-Repository for Reusable Terraform GitHub Actions used to deploy resources in AWS.
+Repository for Reusable OpenTofu GitHub Actions used to deploy resources in AWS.