Terraform Apply #42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Terraform Apply' | |
| on: | |
| workflow_run: | |
| workflows: ["Build Docker Images"] | |
| types: | |
| - completed | |
| jobs: | |
| terraform: | |
| name: 'Terraform' | |
| runs-on: ubuntu-latest | |
| environment: ${GITHUB_REF##*/} | |
| defaults: | |
| run: | |
| shell: bash | |
| working-directory: ./terraform | |
| steps: | |
| - name: "Terminate if building images failed" | |
| if: ${{ github.event.workflow_run.conclusion != 'success' }} | |
| run: exit 1 | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| - name: 'Authenticate to Google Cloud' | |
| uses: 'google-github-actions/auth@v1' | |
| with: | |
| credentials_json: '${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}' | |
| - name: Get Image Digests | |
| id: get_image_digests | |
| run: | | |
| echo "extract_image_digest=$(gcloud artifacts docker images describe asia-southeast1-docker.pkg.dev/university-subreddits/etl-images/extract:latest --format='value(image_summary.digest)')" >> $GITHUB_OUTPUT | |
| echo "transform_image_digest=$(gcloud artifacts docker images describe asia-southeast1-docker.pkg.dev/university-subreddits/etl-images/transform:latest --format='value(image_summary.digest)')" >> $GITHUB_OUTPUT | |
| echo "load_image_digest=$(gcloud artifacts docker images describe asia-southeast1-docker.pkg.dev/university-subreddits/etl-images/load:latest --format='value(image_summary.digest)')" >> $GITHUB_OUTPUT | |
| - name: Terraform Init | |
| run: terraform init | |
| - name: Terraform Select Workspace | |
| run: terraform workspace select ${GITHUB_REF##*/} | |
| - name: Terraform Check Formatting | |
| run: terraform fmt -check | |
| - name: Terraform Plan | |
| run: | | |
| terraform plan \ | |
| -input=false \ | |
| -var extract_image_digest=${{steps.get_image_digests.outputs.extract_image_digest}} \ | |
| -var transform_image_digest=${{steps.get_image_digests.outputs.transform_image_digest}} \ | |
| -var load_image_digest=${{steps.get_image_digests.outputs.load_image_digest}} \ | |
| -var credentials=$GOOGLE_APPLICATION_CREDENTIALS \ | |
| -var reddit_client_id=${{secrets.REDDIT_CLIENT_ID}} \ | |
| -var reddit_client_secret=${{secrets.REDDIT_CLIENT_SECRET}} \ | |
| -var huggingface_token=${{secrets.HUGGINGFACE_TOKEN}} | |
| - uses: actions/github-script@v6 | |
| if: github.event_name == 'pull_request' | |
| env: | |
| PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" | |
| with: | |
| script: | | |
| const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` | |
| #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` | |
| #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` | |
| #### Terraform Plan 📖\`${{ steps.plan.outcome }}\` | |
| <details><summary>Show Plan</summary> | |
| \`\`\`\n | |
| ${process.env.PLAN} | |
| \`\`\` | |
| </details> | |
| *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: output | |
| }) | |
| - name: Terraform Plan Status | |
| if: steps.plan.outcome == 'failure' | |
| run: exit 1 | |
| - name: Terraform Apply | |
| run: | | |
| terraform apply \ | |
| -auto-approve \ | |
| -input=false \ | |
| -var extract_image_digest=${{steps.get_image_digests.outputs.extract_image_digest}} \ | |
| -var transform_image_digest=${{steps.get_image_digests.outputs.transform_image_digest}} \ | |
| -var load_image_digest=${{steps.get_image_digests.outputs.load_image_digest}} \ | |
| -var credentials=$GOOGLE_APPLICATION_CREDENTIALS \ | |
| -var reddit_client_id=${{secrets.REDDIT_CLIENT_ID}} \ | |
| -var reddit_client_secret=${{secrets.REDDIT_CLIENT_SECRET}} \ | |
| -var huggingface_token=${{secrets.HUGGINGFACE_TOKEN}} |