Skip to content

Commit ccc077f

Browse files
ConnorOKane-KainosConnorOKane-Kainos
committed
adding config + pipeline
1 parent ff140e9 commit ccc077f

File tree

1 file changed

+75
-0
lines changed

1 file changed

+75
-0
lines changed

.github/workflows/pr.yaml

Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
name: Pull Request
2+
3+
on:
4+
pull_request:
5+
branches:
6+
- rule-sets-DTSPO-17918
7+
8+
env:
9+
TF_LOG: INFO
10+
11+
permissions:
12+
id-token: write
13+
issues: write
14+
pull-requests: write
15+
contents: read
16+
jobs:
17+
pr-infra-check:
18+
runs-on: ubuntu-latest
19+
steps:
20+
# Checkout the repository to the GitHub Actions runner
21+
- name: Checkout
22+
uses: actions/checkout@v3
23+
24+
# Install the latest version of Terraform CLI
25+
- name: Setup Terraform
26+
uses: hashicorp/setup-terraform@v2
27+
28+
# Log into Azure with OIDC integration
29+
- name: 'Az CLI login'
30+
uses: azure/login@v1
31+
with:
32+
client-id: ${{ secrets.AZURE_CLIENT_ID }}
33+
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
34+
subscription-id: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }}
35+
36+
# Run az commands to confirm sub access
37+
- name: 'Run az commands'
38+
run: |
39+
az account show
40+
41+
# Run Terraform init
42+
- name: Terraform Init
43+
id: init
44+
env:
45+
STORAGE_ACCOUNT: ${{ secrets.STORAGE_ACCOUNT }}
46+
CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
47+
RESOURCE_GROUP_NAME: ${{ secrets.RESOURCE_GROUP_NAME }}
48+
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
49+
ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }}
50+
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
51+
run: terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME"
52+
53+
# Run a Terraform fmt
54+
- name: Terraform format
55+
id: fmt
56+
run: terraform fmt -check
57+
58+
# Run a Terraform validate
59+
- name: Terraform validate
60+
id: validate
61+
if: success() || failure()
62+
env:
63+
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
64+
ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }}
65+
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
66+
run: terraform validate -no-color
67+
68+
# Run a Terraform plan
69+
- name: Terraform plan
70+
id: plan
71+
env:
72+
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
73+
ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }}
74+
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
75+
run: terraform plan -no-color

0 commit comments

Comments
 (0)