-
Notifications
You must be signed in to change notification settings - Fork 0
65 lines (54 loc) · 2.11 KB
/
terraform.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
name: 'Terraform Azure Deployment'
on:
workflow_dispatch:
inputs:
directory:
type: choice
description: Terraform directory to apply
required: true
options:
- terraform-init
- terraform
workspace:
type: choice
description: Terraform workspace used for staging
required: true
options:
- dev
- qa
- prod
jobs:
terraform:
name: 'Terraform Apply'
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
- name: 'Setup Terraform'
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.9.5
- name: 'Configure Azure Credentials - az login'
env:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
run: |
az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID
az account set --subscription $AZURE_SUBSCRIPTION_ID
- name: 'Terraform Init'
run: |
cd ${{github.event.inputs.directory}}
source scripts/helpers.sh
export RESOURCE_GROUP_NAME=$(extract_value "resource_group_name" config.azurerm.tfbackend)
export STORAGE_ACCOUNT_NAME=$(extract_value "storage_account_name" config.azurerm.tfbackend)
export ARM_ACCESS_KEY=$(az storage account keys list --resource-group $RESOURCE_GROUP_NAME --account-name $STORAGE_ACCOUNT_NAME --query '[0].value' -o tsv)
terraform workspace list
terraform workspace new ${{github.event.inputs.directory}}
terraform workspace select ${{github.event.inputs.directory}}
terrafor workspace show
terraform init --backend-config=config.azurerm.tfbackend
- name: 'Terraform Plan'
run: |
terraform plan -out main.tfplan