add env

Author: Florencia Comuzzi

.github/workflows/terraform-plan.yml

@@ -6,7 +6,7 @@ env:
   TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}"
   TF_WORKSPACE: "production" # template field
   CONFIG_DIRECTORY: "./"
-  TF_ENVIRONMENT: ${{ github.base_ref }}
+  TARGET_BRANCH: ${{ github.base_ref }}
 jobs:
   tflint:
     name: "TFLint"
@@ -20,8 +20,8 @@ jobs:
     - uses: actions/checkout@v4
       name: Checkout source code
 
-    - name: Show ENVIRONMENT
-      run: echo $TF_ENVIRONMENT
+    - name: Show TARGET_BRANCH
+      run: echo $TARGET_BRANCH
 
     - uses: actions/cache@v4
       name: Cache plugin dir
@@ -46,7 +46,6 @@ jobs:
     - name: Run TFLint
       run: tflint -f compact
   terraform:
-    if: github.repository != 'hashicorp-education/learn-terraform-github-actions'
     name: "Terraform Plan"
     runs-on: ubuntu-latest
     permissions:

.github/workflows/terraform.yml

@@ -0,0 +1,106 @@
+name: "Terraform Infrastructure Change Management Pipeline with GitHub Actions"
+
+on:
+ push:
+   branches:
+   - main
+   - develop
+   paths:
+   - terraform/**
+ pull_request:
+   branches:
+   - main
+   - develop
+   paths:
+   - terraform/**
+
+env:
+ # verbosity setting for Terraform logs
+ TF_LOG: INFO
+# # Credentials for deployment to AWS
+# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+# # S3 bucket for the Terraform state
+# BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE}}
+
+jobs:
+ terraform:
+   name: "Terraform Infrastructure Change Management"
+   runs-on: ubuntu-latest
+   defaults:
+     run:
+       shell: bash
+       # We keep Terraform files in the terraform directory.
+       working-directory: ./terraform
+
+   steps:
+     - name: Checkout the repository to the runner
+       uses: actions/checkout@v2
+
+     - name: Setup Terraform with specified version on the runner
+       uses: hashicorp/setup-terraform@v2
+       with:
+         terraform_version: 1.3.0
+
+     - name: Terraform init [pull_request]
+       id: init-dev
+       if: github.event_name == 'pull_request'
+       with:
+         script: |
+           if [ ${{ github.event.pull_request.base.ref }} == "develop" ]; then
+            ENV = "dev";
+           elif [ ${{ github.event.pull_request.base.ref }} == "main" ]; then
+            ENV = "prod";
+           else
+            echo "unsupported environment";
+           fi
+           terraform init -upgrade -backend-config=backend/${ENV}.tfvars --reconfigure || exit 1
+
+     - name: Terraform format
+       id: fmt
+       run: terraform fmt -check
+
+     - name: Terraform validate
+       id: validate
+       run: terraform validate
+
+     - name: Terraform plan
+       id: plan
+       if: github.event_name == 'pull_request'
+       run: terraform plan -no-color -input=false
+       continue-on-error: true
+
+     - uses: actions/github-script@v6
+       if: github.event_name == 'pull_request'
+       env:
+         PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
+       with:
+         script: |
+           const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+           #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
+           #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
+           #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
+ 
+           <details><summary>Show Plan</summary>
+ 
+           \`\`\`\n
+           ${process.env.PLAN}
+           \`\`\`
+ 
+           </details>
+           *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
+ 
+           github.rest.issues.createComment({
+             issue_number: context.issue.number,
+             owner: context.repo.owner,
+             repo: context.repo.repo,
+             body: output
+           })
+
+     - name: Terraform Plan Status
+       if: steps.plan.outcome == 'failure'
+       run: exit 1
+
+     - name: Terraform Apply
+       if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+       run: terraform apply -auto-approve -input=false