37 lines
No EOL
1.6 KiB
Markdown
37 lines
No EOL
1.6 KiB
Markdown
# terraform-apply
|
|
|
|
Apply Terraform configuration files using the official Terraform CLI.
|
|
|
|
## Inputs
|
|
|
|
| Input | Required | Default | Description |
|
|
|-------|----------|---------|-------------|
|
|
| `terraform-dir` | No | `terraform` | Directory containing `.tf` files |
|
|
| `terraform-version` | No | `~1.15` | Terraform version to use |
|
|
| `var-file` | No | `""` | Path to `.tfvars` file, relative to `terraform-dir` |
|
|
| `workspace` | No | `""` | Terraform workspace to select |
|
|
| `jfrog-token` | No | `""` | JFrog Artifactory token for the Terraform provider registry (`TF_TOKEN_schmalz_jfrog_io`) |
|
|
|
|
## Outputs
|
|
|
|
Non-sensitive Terraform outputs are automatically exported after apply. They are accessible on the calling step via `steps.<id>.outputs.<terraform-output-name>`. Complex types (lists, maps) are JSON-encoded. Outputs marked as `sensitive = true` in Terraform are excluded.
|
|
|
|
## Usage
|
|
|
|
```yaml
|
|
- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/terraform-apply@terraform-apply-v1
|
|
id: tf-apply
|
|
with:
|
|
workspace: stage
|
|
var-file: stage.tfvars
|
|
jfrog-token: ${{ secrets.JFROG_TOKEN }}
|
|
|
|
- run: echo ${{ steps.tf-apply.outputs.s3_bucket_name }}
|
|
```
|
|
|
|
## Notes
|
|
|
|
- Runs `terraform init`, selects the workspace (if provided), and applies with `-auto-approve`.
|
|
- Sets `TF_TOKEN_schmalz_jfrog_io` on both `init` and `apply` steps if `jfrog-token` is provided.
|
|
- If `var-file` is provided, it is passed as `-var-file` to the apply command.
|
|
- Non-sensitive Terraform outputs are written to `$GITHUB_OUTPUT` after apply — no separate `terraform output` step needed. Sensitive outputs are excluded to prevent secret leakage. |