Improved terraform output, move to GitHub Actions

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,56 @@
+---
+name: Bug report
+about: Create a report to help us improve
+---
+
+<!-- Please first verify that your issue is not already reported on GitHub -->
+<!-- Complete *all* sections as described. -->
+
+### Summary
+
+<!-- Explain the problem briefly below -->
+
+### Issue Type
+
+- Bug Report
+
+### Controller Environment and Configuration
+
+<!--
+    Please also include information about the versions of:
+        - Ansible (ansible --version)
+        - Python (python --version)
+        - This role
+-->
+
+```text
+
+```
+
+### Steps to Reproduce
+
+<!-- Describe exactly how to reproduce the problem, using a minimal test-case -->
+
+<!-- Paste example playbooks or commands between quotes below -->
+
+```yaml
+
+```
+
+### Expected Result
+
+<!-- Describe what you expected to happen when running the steps above -->
+
+```text
+
+```
+
+### Actual Result
+
+<!-- Describe what actually happened. If possible run with extra verbosity (-vvvv) -->
+
+<!-- Paste verbatim command output between quotes -->
+
+```text
+
+```

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,3 @@
+---
+
+blank_issues_enabled: true

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,33 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+---
+
+<!-- Please first verify that your feature was not already discussed on GitHub -->
+<!-- Complete *all* sections as described, this form is processed automatically -->
+
+### Summary
+
+<!-- Describe the new feature/improvement briefly below -->
+
+### Issue Type
+
+- Feature Request
+
+### User Story
+
+<!-- If you can, please provide a user story, if you don't know what this is don't worry, it will be refined by PyratLabs. -->
+<!-- Describe who would use it, why it is needed and the benefit -->
+
+_As a_ <!-- (Insert Persona) --> \
+_I want to_ <!-- (Insert Action) --> \
+_So that_ <!-- (Insert Benefit) -->
+
+### Additional Information
+
+<!-- Please include any relevant documentation, URLs, etc. -->
+<!-- Paste example playbooks or commands between quotes below -->
+
+```yaml
+
+```

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,37 @@
+## TITLE
+
+### Summary
+
+<!-- Describe the change below, including rationale and design decisions -->
+
+<!-- HINT: Include "Fixes #nnn" if you are fixing an existing issue -->
+
+### Issue type
+
+<!-- Pick one below and delete the rest -->
+- Bugfix
+- Documentation
+- Feature
+
+### Test instructions
+
+<!-- Please provide instructions for testing this PR -->
+
+### Acceptance Criteria
+
+<!-- Please list criteria required to ensure this change has been sufficiently reviewed.  -->
+
+<!-- Example ticklist:
+  - [ ] GitHub Actions Build passes.
+  - [ ] Documentation updated.
+-->
+
+### Additional Information
+
+<!-- Include additional information to help people understand the change here -->
+
+<!-- Paste verbatim command output below, e.g. before and after your change -->
+
+```text
+
+```

.github/stale.yml

@@ -0,0 +1,18 @@
+---
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+# Label to use when marking an issue as stale
+staleLabel: wontfix
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

.github/workflows/ci.yml

@@ -0,0 +1,63 @@
+---
+
+name: CI
+'on':
+  pull_request:
+  push:
+    branches:
+      - main
+      - master
+  schedule:
+    - cron: "0 1 1 * *"
+
+defaults:
+  run:
+    working-directory: "xanmanning.terraform_project"
+
+jobs:
+  molecule:
+    name: Molecule
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - distro: debian10
+            scenario: default
+          - distro: ubuntu2004
+            scenario: default
+          - distro: centos7
+            scenario: destroy
+          - distro: ubuntu1804
+            scenario: destroy
+          - distro: debian9
+            scenario: target
+          - distro: centos8
+            scenario: target
+
+    steps:
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+        with:
+          path: "xanmanning.terraform_project"
+
+      - name: Set up Python 3
+        uses: actions/setup-python@v2
+        with:
+          python-version: "3.x"
+
+      - name: Install test dependencies
+        run: pip3 install -r molecule/requirements.txt
+
+      - name: Run Molecule check
+        run: molecule check --scenario-name "${{ matrix.scenario }}"
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_DISTRO: ${{ matrix.distro }}
+
+      - name: Run Molecule test
+        run: molecule test --scenario-name "${{ matrix.scenario }}"
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_DISTRO: ${{ matrix.distro }}

.github/workflows/release.yml

@@ -0,0 +1,32 @@
+---
+
+name: Release
+'on':
+  push:
+    tags:
+      - '*'
+
+defaults:
+  run:
+    working-directory: "xanmanning.terraform_project"
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+        with:
+          path: "xanmanning.terraform_project"
+
+      - name: Set up Python 3
+        uses: actions/setup-python@v2
+        with:
+          python-version: "3.x"
+
+      - name: Install Ansible
+        run: pip3 install -r requirements.txt
+
+      - name: Trigger a new import on Galaxy
+        run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2)

.gitignore

@@ -8,3 +8,4 @@ vagramt/fetch
 vagrant/ubuntu-*.log
 __pycache__
 *.pyc
+.cache

README.md

@@ -1,8 +1,8 @@
 # Ansible Role: Terraform Project
 
-Ansible Role that wraps around and builds a workflow around [Hashicorp Terraform](https://www.terraform.io/) projects.
+Ansible Role that wraps around and builds a workflow for [Hashicorp Terraform](https://www.terraform.io/) projects.
 
-[![Build Status](https://www.travis-ci.org/PyratLabs/ansible-role-terraform-project.svg?branch=master)](https://www.travis-ci.org/PyratLabs/ansible-role-terraform-project)
+[![CI](https://github.com/PyratLabs/ansible-role-terraform-project/actions/workflows/ci.yml/badge.svg)](https://github.com/PyratLabs/ansible-role-terraform-project/actions/workflows/ci.yml)
 
 ## Requirements
 
@@ -12,10 +12,8 @@ This role has been tested on Ansible 2.7.0+ against the following Linux Distribu
   - CentOS 8
   - CentOS 7
   - Debian 10
-  - Fedora 29
-  - Fedora 30
-  - Fedora 31
   - Ubuntu 18.04 LTS
+  - Ubuntu 20.04 LTS
 
 ## Disclaimer
 

meta/main.yml

@@ -1,6 +1,7 @@
 ---
 galaxy_info:
   role_name: terraform_project
+  namespace: xanmanning
   author: Xan Manning
   description: Ansible Role that wraps around and builds a workflow around Terraform projects.
   company: Pyrat Ltd.

molecule/default/molecule.yml

@@ -1,45 +1,9 @@
 ---
 
-# dependency:
-#   name: galaxy
-# driver:
-#   name: docker
-# lint:
-#   name: yamllint
-# platforms:
-#   - name: terraform_project
-#     image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
-#     command: ${MOLECULE_DOCKER_COMMAND:-""}
-#     pre_build_image: true
-# scenario:
-#   check_sequence:
-#     - lint
-#     - cleanup
-#     - dependency
-#     - syntax
-#     - create
-#     - prepare
-#     - check
-#   test_sequence:
-#     - converge
-#     - destroy
-# provisioner:
-#   name: ansible
-#   options:
-#     verbose: true
-#   lint:
-#     name: ansible-lint
-#   playbooks:
-#     prepare: ${MOLECULE_PREPARE_PLAYBOOK:-prepare.yml}
-#     check: ${MOLECULE_PLAYBOOK:-playbook.yml}
-#     converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
-# verifier:
-#   name: testinfra
-#   lint:
-#     name: flake8
-
 dependency:
   name: galaxy
+  options:
+    role-file: molecule/requirements.yml
 driver:
   name: docker
 lint: |
@@ -53,14 +17,15 @@ platforms:
     pre_build_image: ${MOLECULE_PREBUILT:-true}
 scenario:
   check_sequence:
+    - dependency
     - lint
     - cleanup
-    - dependency
     - syntax
     - create
     - prepare
     - check
   test_sequence:
+    - dependency
     - converge
     - destroy
 provisioner:

molecule/default/prepare.yml

@@ -35,5 +35,7 @@
         group: user
         mode: 0755
 
-  roles:
-    - xanmanning.terraform
+  tasks:
+    - name: Include Terraform role
+      include_role:
+        name: xanmanning.terraform

molecule/destroy/molecule.yml

@@ -1,45 +1,9 @@
 ---
 
-# dependency:
-#   name: galaxy
-# driver:
-#   name: docker
-# lint:
-#   name: yamllint
-# platforms:
-#   - name: terraform_project
-#     image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
-#     command: ${MOLECULE_DOCKER_COMMAND:-""}
-#     pre_build_image: true
-# scenario:
-#   check_sequence:
-#     - lint
-#     - cleanup
-#     - dependency
-#     - syntax
-#     - create
-#     - prepare
-#     - check
-#   test_sequence:
-#     - converge
-#     - destroy
-# provisioner:
-#   name: ansible
-#   options:
-#     verbose: true
-#   lint:
-#     name: ansible-lint
-#   playbooks:
-#     prepare: ${MOLECULE_PREPARE_PLAYBOOK:-prepare.yml}
-#     check: ${MOLECULE_PLAYBOOK:-playbook.yml}
-#     converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
-# verifier:
-#   name: testinfra
-#   lint:
-#     name: flake8
-
 dependency:
   name: galaxy
+  options:
+    role-file: molecule/requirements.yml
 driver:
   name: docker
 lint: |
@@ -53,14 +17,15 @@ platforms:
     pre_build_image: ${MOLECULE_PREBUILT:-true}
 scenario:
   check_sequence:
+    - dependency
     - lint
     - cleanup
-    - dependency
     - syntax
     - create
     - prepare
     - check
   test_sequence:
+    - dependency
     - converge
     - destroy
 provisioner:

molecule/destroy/prepare.yml

@@ -40,10 +40,11 @@
         group: user
         mode: 0755
 
-  roles:
-    - role: xanmanning.terraform
-
   tasks:
+    - name: Include Terraform role
+      include_role:
+        name: xanmanning.terraform
+
     - name: Ensure Terraform project is planned
       terraform:
         project_path: "{{ proj.project_path }}"

molecule/requirements.yml

@@ -0,0 +1,4 @@
+---
+
+roles:
+  - name: xanmanning.terraform

molecule/target/molecule.yml

@@ -2,6 +2,8 @@
 
 dependency:
   name: galaxy
+  options:
+    role-file: molecule/requirements.yml
 driver:
   name: docker
 lint: |
@@ -15,14 +17,15 @@ platforms:
     pre_build_image: ${MOLECULE_PREBUILT:-true}
 scenario:
   check_sequence:
+    - dependency
     - lint
     - cleanup
-    - dependency
     - syntax
     - create
     - prepare
     - check
   test_sequence:
+    - dependency
     - converge
     - destroy
 provisioner:

molecule/target/prepare.yml

@@ -36,5 +36,7 @@
         group: user
         mode: 0755
 
-  roles:
-    - xanmanning.terraform
+  tasks:
+    - name: Include Terraform role
+      include_role:
+        name: xanmanning.terraform

tasks/plan-checks.yml

@@ -14,15 +14,10 @@
     - not terraform_destroy_all
     - (proj.state is not defined or proj.state != "absent")
 
-- name: Extract the Terraform Plan Summary (Legacy)
-  shell: |
-    set -o pipefail
-    {{ terraform_binary_path }} plan -no-color {{ proj.plan_file | default('project.tfplan') }} | \
-    grep -E "[0-9]+ to add, [0-9]+ to change, [0-9]+ to destroy" | \
-    sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"
+- name: Extract the Terraform Plan (Legacy)
+  command: "{{ terraform_binary_path }} plan -no-color {{ proj.plan_file | default('project.tfplan') }}"
   args:
     chdir: "{{ proj.project_path }}"
-    executable: "{{ terraform_check_bash_path.stdout_lines[0] }}"
   when:
     - terraform_version is version('0.12.0', '<')
     - not terraform_destroy_all
@@ -31,30 +26,42 @@
   changed_when: false
   register: terraform_plan_legacy
 
+- name: Extract the Terraform Plan
+  command: "{{ terraform_binary_path }} show -no-color {{ proj.plan_file | default('project.tfplan') }}"
+  args:
+    chdir: "{{ proj.project_path }}"
+  when:
+    - terraform_version is version('0.12.0', '>=')
+    - not terraform_destroy_all
+    - (proj.state is not defined or proj.state != "absent")
+  check_mode: false
+  changed_when: false
+  register: terraform_plan_show
+
 - name: Extract the Terraform Plan Summary
   shell: |
     set -o pipefail
-    {{ terraform_binary_path }} show -no-color {{ proj.plan_file | default('project.tfplan') }} | \
+    echo "{{ terraform_plan_legacy.stdout | default(terraform_plan_show.stdout) }}" | \
     grep -E "[0-9]+ to add, [0-9]+ to change, [0-9]+ to destroy" | \
     sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"
   args:
-    chdir: "{{ proj.project_path }}"
     executable: "{{ terraform_check_bash_path.stdout_lines[0] }}"
   when:
-    - terraform_version is version('0.12.0', '>=')
     - not terraform_destroy_all
     - (proj.state is not defined or proj.state != "absent")
   check_mode: false
   changed_when: false
-  register: terraform_plan_show
+  register: terraform_plan_summary
 
-- name: Ensure terraform_plan is defined
+- name: Ensure terraform_plan and terraform_plan_summary is defined
   set_fact:
     terraform_plan: "{{ terraform_plan_legacy.stdout | default(terraform_plan_show.stdout) }}"
+    terraform_plan_summary: "{{ terraform_plan_summary.stdout }}"
   when: not terraform_destroy_all
 
 - name: Ensure terraform_plan is defined when destroying resources
   set_fact:
     terraform_plan: "Destroy has been specified"
+    terraform_plan_summary: "Destroy has been specified"
   when: terraform_destroy_all
         or (proj.state is defined and proj.state == "absent")

tasks/terraform-apply.yml

@@ -1,6 +1,6 @@
 ---
 
-- name: Ensure Terraform project is in the requested state
+- name: "Ensure Terraform project is {{ (proj.state | default('present')) if not terraform_destroy_all else 'absent' }}"
   terraform:
     project_path: "{{ proj.project_path }}"
     binary_path: "{{ terraform_binary_path | default(omit) }}"

tasks/terraform-output-execute.yml

@@ -0,0 +1,17 @@
+---
+
+- name: Display the Terraform Execution Summary
+  debug:
+    msg:
+      - "+---------------------------------------------------------------+"
+      - "| {{ 'TERRAFORM EXECUTION SUMMARY'.center(61) }} |"
+      - "+---------------------------------------------------------------+"
+      - "{{ terraform_exec_result.stdout_lines }}"
+
+- name: Display the Terraform Output Summary
+  debug:
+    msg:
+      - "+---------------------------------------------------------------+"
+      - "| {{ 'TERRAFORM OUTPUT SUMMARY'.center(61) }} |"
+      - "+---------------------------------------------------------------+"
+      - "{{ terraform_exec_result.outputs }}"

tasks/terraform-output-plan.yml

@@ -0,0 +1,18 @@
+---
+
+- name: Display the Terraform plan
+  debug:
+    msg:
+      - "+---------------------------------------------------------------+"
+      - "| {{ 'TERRAFORM PLAN'.center(61) }} |"
+      - "+---------------------------------------------------------------+"
+      - "{{ terraform_plan.split('\n') }}"
+
+- name: Display the Terraform Plan Summary
+  debug:
+    msg:
+      - "+---------------------------------------------------------------+"
+      - "| {{ 'TERRAFORM PLAN SUMMARY'.center(61) }} |"
+      - "+---------------------------------------------------------------+"
+      - "| {{ terraform_plan_summary.center(61) }} |"
+      - "+---------------------------------------------------------------+"

tasks/terraform-run.yml

@@ -11,4 +11,4 @@
 - include_tasks: terraform-apply.yml
   when: not ansible_check_mode
 
-- include_tasks: terraform-output.yml
+- include_tasks: "terraform-output-{{ 'plan' if ansible_check_mode else 'execute' }}.yml"