diff --git a/.github/workflows/check_terraform.yaml b/.github/workflows/check_terraform.yaml index 5940ad6dc..5ab6bc1ee 100644 --- a/.github/workflows/check_terraform.yaml +++ b/.github/workflows/check_terraform.yaml @@ -33,24 +33,30 @@ on: jobs: - terrform-dev: - name: Check infrastructure consistency in s941 + Terraform: + name: Check infrastructure consistency runs-on: ubuntu-latest environment: s941 env: - subscription: s941 + enviroment: dev terraform_version: ~1.3.0 - # strategy: - # matrix: - # enviroment: [dev, playground] + ARM_USE_OIDC: true + ARM_USE_AZUREAD: true + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + resource_group_name: s941-tfstate + storage_account_name: ${{ inputs.subscription }}radixinfra + permissions: id-token: write contents: read steps: - - name: Checkout and clone repo - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v3 #Clone Repo + - - name: 'Az CLI login' + - name: 'Az login' uses: azure/login@v1 with: client-id: ${{ secrets.AZURE_CLIENT_ID }} @@ -60,12 +66,12 @@ jobs: - name: Get GitHub Public IP id: github_public_ip uses: haythem/public-ip@v1.3 - + - name: Add GitHub IP to StorageAccount run: | az storage account network-rule add \ - --resource-group "${{ env.subscription }}-tfstate" \ - --account-name "${{ env.subscription }}radixinfra" \ + --resource-group "s941-tfstate" \ + --account-name "s941radixinfra" \ --ip-address ${{ steps.github_public_ip.outputs.ipv4 }} >/dev/null - name: Lets sleep for 30 seconds for FW rule to complete @@ -76,7 +82,7 @@ jobs: with: terraform_version: ${{ env.terraform_version }} - - name: Check terrorm in ${{ env.subscription }} + - name: Check terrorm in {{ env.enviroment }} working-directory: terraform/subscriptions/s941 run: ./summary-dev.sh