Skip to content
Terraform - AWS - Management

Update pre-commit hook antonbabenko/pre-commit-terraform to v1.97.3 #2479

Sign in to view logs

Update pre-commit hook antonbabenko/pre-commit-terraform to v1.97.3

Update pre-commit hook antonbabenko/pre-commit-terraform to v1.97.3 #2479

Workflow file for this run

.github/workflows/_terraform-aws-management.yml at 88015a5
---
name: Terraform - AWS - Management
on:
pull_request:
push:
branches:
- main
workflow_call:
inputs:
CHECK_DIFF:
description: "差分チェックフラグ"
required: true
type: string
workflow_dispatch:
inputs:
CHECK_DIFF:
description: "差分チェックフラグ"
required: true
type: choice
default: "_true"
options:
- "_true"
- "_false"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
AWS_ACCOUNT_ID: 577523824419
AWS_ENV_NAME: management
OIDC_IAM_ROLE: management-terraform-aws-deploy
CHECK_DIFF: ${{ inputs.CHECK_DIFF || github.event.inputs.CHECK_DIFF || '_false' }}
jobs:
set-matrix:
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/set-matrix
id: set-matrix
with:
AWS_ENV_NAME: ${{ env.AWS_ENV_NAME }}
terraform-aws-management:
needs: [set-matrix]
if: ${{ needs.set-matrix.outputs.matrix != '["_empty"]' }}
runs-on: ubuntu-latest
permissions:
id-token: write # For aws-actions/configure-aws-credentials
contents: read # For aws-actions/configure-aws-credentials
deployments: write # For bobheadxi/deployments
pull-requests: write # For bobheadxi/deployments
timeout-minutes: 15
strategy:
fail-fast: false
matrix:
directory: ${{ fromJson(needs.set-matrix.outputs.matrix )}}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/aws-credential
with:
oidc-iam-role: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/${{ env.OIDC_IAM_ROLE }}
- name: Terraform Plan
uses: ./.github/actions/terraform-plan
with:
AWS_ACCOUNT_ID: ${{ env.AWS_ACCOUNT_ID }}
AWS_ENV_NAME: ${{ env.AWS_ENV_NAME }}
CHECK_DIFF: ${{ env.CHECK_DIFF }}
github-token: ${{ secrets.GITHUB_TOKEN }}
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
working-directory: ./terraform/environments/${{ env.AWS_ENV_NAME }}/${{ matrix.directory }}
- name: Start Deployment
if: env.TF_PLAN_STATUS == 'has-diff' && github.ref == 'refs/heads/main'
uses: bobheadxi/deployments@v1
id: deployment
with:
step: start
token: ${{ secrets.GITHUB_TOKEN }}
env: ${{ env.AWS_ENV_NAME }}
- name: Terraform Apply
if: env.TF_PLAN_STATUS == 'has-diff' && contains(fromJSON('["push", "workflow_dispatch"]'), github.event_name)
uses: ./.github/actions/terraform-apply
with:
working-directory: ./terraform/environments/${{ env.AWS_ENV_NAME }}/${{ matrix.directory }}
- name: Finish Deployment
if: env.TF_PLAN_STATUS == 'has-diff' && always() && github.ref == 'refs/heads/main'
uses: bobheadxi/deployments@v1
with:
step: finish
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
env: ${{ steps.deployment.outputs.env }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
delete-pr-comments:
needs: [terraform-aws-management]
if: contains(fromJSON('["pull_request"]'), github.event_name)
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v4
- name: Check and delete comments
run: |
chmod +x ./.github/scripts/delete_pr_comments.sh
./.github/scripts/delete_pr_comments.sh \
"tqer39" \
"terraform-aws" \
"${{ env.AWS_ENV_NAME }}" \
"${{ github.event.pull_request.number }}" \
"${{ secrets.GITHUB_TOKEN }}"
workflow-result-terraform-aws-management:
runs-on: ubuntu-latest
timeout-minutes: 5
needs: [terraform-aws-management]
if: always()
steps:
- name: Failure
if: >-
contains(needs.*.result, 'failure')
|| contains(needs.*.result, 'cancelled')
run: |
echo "workflow failure"
exit 1
- name: Success
run: |
echo "workflow success"