diff --git a/.github/workflows/terraform-apply.yml b/.github/workflows/terraform-apply.yml new file mode 100644 index 000000000..334868d08 --- /dev/null +++ b/.github/workflows/terraform-apply.yml @@ -0,0 +1,58 @@ +name: 'Terraform Apply' +## ... + +## ... +on: + push: + branches: + - main + +env: + TF_CLOUD_ORGANIZATION: "jermaine_test_org" #"YOUR-ORGANIZATION-HERE" + TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}" + TF_WORKSPACE: "jermaine_test_workspace" #"learn-terraform-github-actions" + CONFIG_DIRECTORY: "./" +## ... + +## ... +jobs: + terraform: + if: github.repository != 'hashicorp-education/learn-terraform-github-actions' + name: "Terraform Apply" + runs-on: ubuntu-latest + permissions: + contents: read + steps: +## ... + +## ... +- name: Checkout + uses: actions/checkout@v3 +## ... + +## ... +- name: Upload Configuration + uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0 + id: apply-upload + with: + workspace: ${{ env.TF_WORKSPACE }} + directory: ${{ env.CONFIG_DIRECTORY }} +## ... + +## ... +- name: Create Apply Run + uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0 + id: apply-run + with: + workspace: ${{ env.TF_WORKSPACE }} + configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }} +## ... + +## ... +- name: Apply + uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.0.0 + if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable + id: apply + with: + run: ${{ steps.apply-run.outputs.run_id }} + comment: "Apply Run from GitHub Actions CI ${{ github.sha }}" \ No newline at end of file diff --git a/.github/workflows/terraform-plan.yaml b/.github/workflows/terraform-plan.yaml new file mode 100644 index 000000000..35bf2c104 --- /dev/null +++ b/.github/workflows/terraform-plan.yaml @@ -0,0 +1,95 @@ +name: 'Terraform Plan' +## ... + +## ... +on: + pull_request: + +env: + TF_CLOUD_ORGANIZATION: "jermaine_test_org" + TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}" + TF_WORKSPACE: "jermaine_test_workspace" #"learn-terraform-github-actions" + CONFIG_DIRECTORY: "./" +## ... + +## ... +jobs: + terraform: + if: github.repository != 'hashicorp-education/learn-terraform-github-actions' + name: "Terraform Plan" + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: +## ... + +## ... +- name: Checkout + uses: actions/checkout@v3 +## ... + +## ... +- name: Upload Configuration + uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0 + id: plan-upload + with: + workspace: ${{ env.TF_WORKSPACE }} + directory: ${{ env.CONFIG_DIRECTORY }} + speculative: true +## ... + +## ... +- name: Create Plan Run + uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0 + id: plan-run + with: + workspace: ${{ env.TF_WORKSPACE }} + configuration_version: ${{ steps.plan-upload.outputs.configuration_version_id }} + plan_only: true +## ... + +## ... +- name: Get Plan Output + uses: hashicorp/tfc-workflows-github/actions/plan-output@v1.0.0 + id: plan-output + with: + plan: ${{ fromJSON(steps.plan-run.outputs.payload).data.relationships.plan.data.id }} +## ... + +## ... +- name: Update PR + uses: actions/github-script@v6 + id: plan-comment + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + // 1. Retrieve existing bot comments for the PR + const { data: comments } = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + }); + const botComment = comments.find(comment => { + return comment.user.type === 'Bot' && comment.body.includes('HCP Terraform Plan Output') + }); + const output = `#### HCP Terraform Plan Output + \`\`\` + Plan: ${{ steps.plan-output.outputs.add }} to add, ${{ steps.plan-output.outputs.change }} to change, ${{ steps.plan-output.outputs.destroy }} to destroy. + \`\`\` + [HCP Terraform Plan](${{ steps.plan-run.outputs.run_link }}) + `; + // 3. Delete previous comment so PR timeline makes sense + if (botComment) { + github.rest.issues.deleteComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: botComment.id, + }); + } + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }); \ No newline at end of file diff --git a/main.tf b/main.tf index cacd40f1d..63504448a 100644 --- a/main.tf +++ b/main.tf @@ -1,3 +1,4 @@ +# # Copyright (c) HashiCorp, Inc. # SPDX-License-Identifier: MPL-2.0 @@ -24,7 +25,7 @@ terraform { } provider "aws" { - region = "us-west-2" + region = "us-east-1" } resource "random_pet" "sg" {} @@ -46,7 +47,7 @@ data "aws_ami" "ubuntu" { } resource "aws_instance" "web" { - ami = data.aws_ami.ubuntu.id + ami = ami-0e2c8caa4b6378d8c #data.aws_ami.ubuntu.id instance_type = "t2.micro" vpc_security_group_ids = [aws_security_group.web-sg.id]