Skip to content

Org Policy Update Detected on 2024-03-28 #433

Org Policy Update Detected on 2024-03-28

Org Policy Update Detected on 2024-03-28 #433

Workflow file for this run

name: Terraform lint and apply
###
# terrafrom action repo/docs
# tf actions doc: https://github.com/marketplace/actions/hashicorp-setup-terraform
# gcp actions doc:
# - https://github.com/GoogleCloudPlatform/github-actions/tree/master/setup-gcloud
# - https://github.com/actions-hub/gcloud
#
# defaults:
# run:
# working-directory: ${{ env.tf_actions_working_dir }}
on:
push:
branches:
- main
pull_request:
jobs:
build:
runs-on: ubuntu-latest
name: Terraform Validation
steps:
- uses: actions/checkout@v4
# pull prod file if we are on main otherwise dev
# GH Action error: Terraform lint and apply
# changed 'google-github-actions/setup-gcloud@master' ---> 'google-github-actions/setup-gcloud@v0'
- uses: google-github-actions/auth@v2
if: github.ref == 'refs/heads/main'
with:
service_account_key: ${{ secrets.SA_VARS_PROD }}
export_default_credentials: false
- uses: google-github-actions/auth@v2
if: github.ref != 'refs/heads/main'
with:
service_account_key: ${{ secrets.SA_VARS_DEV }}
export_default_credentials: false
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
- name: Get tfvars file
if: github.ref == 'refs/heads/main'
run: gsutil cp gs://${{ secrets.GCP_TFVAR_BUCKET_PROD }}/terraform.tfvars ./terraform.tfvars
- name: Get tfvars file
if: github.ref != 'refs/heads/main'
run: gsutil cp gs://${{ secrets.GCP_TFVAR_BUCKET_DEV }}/terraform.tfvars ./terraform.tfvars
- uses: google-github-actions/setup-gcloud@v2
with:
project_id: ${{ secrets.GCP_PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
export_default_credentials: true
- uses: hashicorp/setup-terraform@v3
- run: gcloud info
- name: Terraform fmt
id: fmt
run: terraform fmt
continue-on-error: true
- name: Terraform Init
id: init
run: terraform init --backend-config=${{ secrets.TF_STATE_BUCKET }} --backend-config="prefix=org_policy/"
- name: Terraform Validate
id: validate
run: terraform validate -no-color
- name: Terraform Plan
id: plan
run: terraform plan -no-color
continue-on-error: false
- name: Terraform Apply
id: apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: terraform apply -auto-approve
continue-on-error: false