-
Notifications
You must be signed in to change notification settings - Fork 4
61 lines (59 loc) · 1.95 KB
/
terraform_apply.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
name: "Terraform Apply"
on:
workflow_dispatch:
push:
branches:
- main
paths:
- hosting/terraform/grafana/*.tf
- hosting/terraform/grafana/dashboards/*.json
jobs:
apply:
if: ${{github.repository == 'ymgyt/syndicationd'}}
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
contents: read
# For posting terraform output to PR
pull-requests: write
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v30
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- uses: cachix/cachix-action@v15
with:
name: syndicationd
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: terraform init
run: nix develop .#ci --accept-flake-config --command just tf grafana init
env:
TF_TOKEN_app_terraform_io: "${{secrets.TF_TOKEN_APP_TERRAFORM_IO}}"
- name: terraform apply
id: apply
continue-on-error: true
run: nix develop .#ci --accept-flake-config --command just tf grafana apply -no-color -auto-approve
env:
TF_TOKEN_app_terraform_io: "${{secrets.TF_TOKEN_APP_TERRAFORM_IO}}"
TF_VAR_grafana_sa_token: "${{secrets.GRAFANA_SA_TOKEN}}"
- name: Post apply output to github PR
uses: actions/github-script@v7
env:
APPLY_RESULT: ${{steps.apply.outcome}}
APPLY_STDOUT: ${{steps.apply.outputs.stdout}}
with:
script: |
const { APPLY_RESULT, APPLY_STDOUT } = process.env
const body = `terraform apply: ${APPLY_RESULT}
<details>
<summary>apply output</summary>
\`\`\`\n
${APPLY_STDOUT}
\`\`\`
</details>`
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body,
})