fix: separate jobs

furiousme · Sep 30, 2024 · 8eb7948 · 8eb7948
1 parent 6e8c509
commit 8eb7948
Show file tree

Hide file tree

Showing 4 changed files with 68 additions and 14 deletions.
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
@@ -11,36 +11,89 @@ on:
   pull_request:
     branches:
       - main
+
 jobs:
   terraform-check:
     runs-on: ubuntu-latest
     env:
-        TF_VAR_account_id: ${{ secrets.AWS_ACCOUNT_ID }}
-        TF_VAR_gh_username: ${{ secrets.TF_VAR_gh_username }}
-        TF_VAR_user_profile_name: ${{ secrets.TF_VAR_user_profile_name }}
+      TF_VAR_account_id: ${{ secrets.AWS_ACCOUNT_ID }}
+      TF_VAR_gh_username: ${{ secrets.TF_VAR_GH_USERNAME }}
+      TF_VAR_user_profile_name: ${{ secrets.TF_VAR_USER_PROFILE_NAME }}
+      TF_VAR_pipeline: ${{ secrets.TF_VAR_PIPELINE }}
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
       - name: Setup Terraform
-        uses: hashicorp/setup-terraform@v2
+        uses: hashicorp/setup-terraform@v3
         with:
           terraform_version: 1.9.6
-
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/GithubActionsRole
           aws-region: us-east-1
           role-duration-seconds: 1200
+      - name: Terraform Init
+        run: terraform init
+
+      - name: Terraform Format Check
+        run: terraform fmt -check
+  terraform-plan:
+    runs-on: ubuntu-latest
+    needs: terraform-check
+    env:
+      TF_VAR_account_id: ${{ secrets.AWS_ACCOUNT_ID }}
+      TF_VAR_gh_username: ${{ secrets.TF_VAR_GH_USERNAME }}
+      TF_VAR_user_profile_name: ${{ secrets.TF_VAR_USER_PROFILE_NAME }}
+      TF_VAR_pipeline: ${{ secrets.TF_VAR_PIPELINE }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
 
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.9.6
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/GithubActionsRole
+          aws-region: us-east-1
+          role-duration-seconds: 1200
       - name: Terraform Init
         run: terraform init
 
       - name: Terraform Plan
         run: terraform plan
+  terraform-apply:
+    runs-on: ubuntu-latest
+    needs: terraform-plan
+    env:
+      TF_VAR_account_id: ${{ secrets.AWS_ACCOUNT_ID }}
+      TF_VAR_gh_username: ${{ secrets.TF_VAR_GH_USERNAME }}
+      TF_VAR_user_profile_name: ${{ secrets.TF_VAR_USER_PROFILE_NAME }}
+      TF_VAR_pipeline: ${{ secrets.TF_VAR_PIPELINE }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.9.6
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/GithubActionsRole
+          role-duration-seconds: 1200
+          aws-region: us-east-1
+
+      - name: Terraform Init
+        run: terraform init
 
       - name: Terraform Apply
         run: terraform apply -auto-approve
 
-
diff --git a/buckets.tf b/buckets.tf
@@ -1,9 +1,9 @@
-resource "aws_s3_bucket" "rsschool_course_app_main_bucket" {
-  bucket = "rsschool_course_app_main_bucket"
+resource "aws_s3_bucket" "rsschool_course_app_bucket" {
+  bucket = "rsschool-course-app-bucket"
 }
 
 resource "aws_s3_bucket_versioning" "rsschool_course_app_main_bucket_versioning" {
-  bucket = aws_s3_bucket.rsschool_course_app_main_bucket.id
+  bucket = aws_s3_bucket.rsschool_course_app_bucket.id
   versioning_configuration {
     status = "Enabled"
   }

diff --git a/providers.tf b/providers.tf
@@ -14,10 +14,7 @@ terraform {
   }
 }
 
-
-
 provider "aws" {
-  region                   = "us-east-1"
-  shared_credentials_files = ["~/.aws/credentials"]
-  profile                  = var.user_profile_name
+  region  = "us-east-1"
+  profile = var.pipeline ? "" : var.user_profile_name
 }
diff --git a/variables.tf b/variables.tf
@@ -10,4 +10,8 @@ variable "gh_username" {
 variable "user_profile_name" {
   type      = string
   sensitive = true
+}
+
+variable "pipeline" {
+  type = bool
 }