setup tf workflow

.github/workflows/infra.yml

@@ -0,0 +1,162 @@
+name: 'Infra'
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+env:
+  PLATFORM_REPO: "cldcvr/terrarium"
+  PLATFORM_BRANCH: "shwetanshu/TER-89"
+  PLATFORM_DIR: "examples/platform-demo/platform"
+  TERRARIUM_VERSION: "v0.2"
+  TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}"
+  TF_CLOUD_ORGANIZATION: "kanak"
+  TF_WORKSPACE: "demo-go-pgsql-workflow"
+  TF_CONFIG_DIRECTORY: "./.terrarium-output"
+
+jobs:
+  t8-generate:
+    name: "Terrarium generate"
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Checkout Platform Repo
+        uses: actions/checkout@v3
+        with:
+          repository: ${{ env.PLATFORM_REPO }}
+          ref: ${{ env.PLATFORM_BRANCH }}
+          token: ${{ secrets.GH_TOKEN }}
+          path: "./.platform-repo"
+
+      - name: Terrarium Install
+        uses: supplypike/setup-bin@v3
+        with:
+          uri: 'https://github.com/cldcvr/terrarium/releases/download/${{ env.TERRARIUM_VERSION }}/terrarium-${{ env.TERRARIUM_VERSION }}-linux-amd64.tar.gz'
+          name: 'terrarium'
+          version: ${{ env.TERRARIUM_VERSION }}
+
+      - name: Terrarium Generate
+        run: |
+          terrarium generate -p .platform-repo/$PLATFORM_DIR -a . -o $TF_CONFIG_DIRECTORY/src
+          cp -r .platform-repo/examples/platform-demo/modules ./$TF_CONFIG_DIRECTORY/modules
+
+      - name: Archive Terrarium generated code
+        uses: actions/upload-artifact@v3
+        with:
+          name: terrarium-generate-code
+          path: ${{ env.TF_CONFIG_DIRECTORY }}
+
+  tf-plan:
+    if: github.ref != 'refs/heads/main'
+    needs: t8-generate
+    name: "Terraform plan"
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - name: Download Terrarium generated code
+        uses: actions/download-artifact@v3
+        with:
+          name: terrarium-generate-code
+          path: ${{ env.TF_CONFIG_DIRECTORY }}
+
+      - name: Upload Configuration
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        id: plan-upload
+        with:
+          workspace: ${{ env.TF_WORKSPACE }}
+          directory: ${{ env.TF_CONFIG_DIRECTORY }}
+          speculative: true
+
+      - name: Create Plan Run
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        id: plan-run
+        with:
+          workspace: ${{ env.TF_WORKSPACE }}
+          configuration_version: ${{ steps.plan-upload.outputs.configuration_version_id }}
+          plan_only: true
+
+      - name: Get Plan Output
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        id: plan-output
+        with:
+          plan: ${{ fromJSON(steps.plan-run.outputs.payload).data.relationships.plan.data.id }}
+
+      - name: Update PR
+        uses: actions/github-script@v6
+        id: plan-comment
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            // Retrieve existing bot comments for the PR
+            const { data: comments } = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            });
+            const botComment = comments.find(comment => {
+              return comment.user.type === 'Bot' && comment.body.includes('Terraform Plan Output')
+            });
+            const output = `#### Terraform Plan Output
+                Plan: ${{ steps.plan-output.outputs.add }} to add, ${{ steps.plan-output.outputs.change }} to change, ${{ steps.plan-output.outputs.destroy }} to destroy.
+                
+            [Terraform Plan](${{ steps.plan-run.outputs.run_link }})`;
+            // Delete previous comment so PR timeline makes sense
+            if (botComment) {
+              github.rest.issues.deleteComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: botComment.id,
+              });
+            }
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: output
+            });
+
+  tf-apply:
+    if: github.ref == 'refs/heads/main'
+    needs: t8-generate
+    name: "Terraform apply"
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - name: Download Terrarium generated code
+        uses: actions/download-artifact@v3
+        with:
+          name: terrarium-generate-code
+          path: .terrarium-output
+
+      - name: Upload Configuration
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        id: apply-upload
+        with:
+          workspace: ${{ env.TF_WORKSPACE }}
+          directory: ${{ env.TF_CONFIG_DIRECTORY }}
+
+      - name: Create Apply Run
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        id: apply-run
+        with:
+          workspace: ${{ env.TF_WORKSPACE }}
+          configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}
+
+      - name: Apply
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
+        id: apply
+        with:
+          run: ${{ steps.apply-run.outputs.run_id }}
+          comment: "Apply Run from GitHub Actions CI ${{ github.sha }}"