schmalz/shared-actions
15
0
Fork 0
Code Issues Pull requests 1 Releases Packages Activity Actions
shared-actions/terraform-apply/action.yml
Krishna-Kumar-Kamlendra 312d297a55
All checks were successful
Aikido Security PR Check / Aikido Security Scan (pull_request) Successful in 1m5s
Details
validate-shared-actions / validate-shared-actions (pull_request) Successful in 41s
Details
fix: create terraform workspaces automatically in shared actions
2026-06-15 12:09:09 +05:30

90 lines
No EOL
3 KiB
YAML
Raw Permalink Blame History

name: Terraform Apply
description: >
Init and apply Terraform configuration files using the official Terraform CLI.
inputs:
terraform-dir:
description: Directory containing .tf files
required: false
default: terraform
terraform-version:
description: Terraform version to use
required: false
default: "~1.15"
var-file:
description: Path to .tfvars file, relative to terraform-dir
required: false
default: ""
workspace:
description: Terraform workspace to use
required: false
default: ""
jfrog-token:
description: JFrog Artifactory token used for Terraform provider registry (sets TF_TOKEN_schmalz_jfrog_io)
required: false
default: ""
runs:
using: composite
steps:
# Pinned to commit SHA instead of a tag to prevent supply chain attacks.
# hashicorp/setup-terraform v4.0.0 — https://github.com/hashicorp/setup-terraform/commits/v4.0.0/
- name: Setup Terraform
uses: hashicorp/setup-terraform@5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85
with:
terraform_version: ${{ inputs.terraform-version }}
- name: Set Terraform plugin cache directory
shell: bash
run: |
mkdir -p ~/.terraform.d/plugin-cache
echo "TF_PLUGIN_CACHE_DIR=$HOME/.terraform.d/plugin-cache" >> "$GITHUB_ENV"
- name: Cache Terraform providers
uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/cache@cache-v1
with:
path: ~/.terraform.d/plugin-cache
key: ${{ runner.os }}-terraform-providers-${{ inputs.terraform-version }}-${{ hashFiles(format('{0}/.terraform.lock.hcl', inputs.terraform-dir)) }}
restore-keys: ${{ runner.os }}-terraform-providers-${{ inputs.terraform-version }}-
- name: Terraform Init
shell: bash
env:
TF_TOKEN_schmalz_jfrog_io: ${{ inputs.jfrog-token }}
TF_DIR: ${{ inputs.terraform-dir }}
run: terraform -chdir="$TF_DIR" init -no-color
- name: Terraform Select Workspace
if: ${{ inputs.workspace != '' }}
shell: bash
env:
TF_DIR: ${{ inputs.terraform-dir }}
TF_WORKSPACE_NAME: ${{ inputs.workspace }}
run: |
terraform -chdir="$TF_DIR" workspace select -or-create "$TF_WORKSPACE_NAME"
- name: Terraform Apply
shell: bash
env:
TF_TOKEN_schmalz_jfrog_io: ${{ inputs.jfrog-token }}
TF_DIR: ${{ inputs.terraform-dir }}
VAR_FILE: ${{ inputs.var-file }}
run: |
ARGS="-auto-approve -no-color"
if [ -n "$VAR_FILE" ]; then
ARGS="$ARGS -var-file=$VAR_FILE"
fi
terraform -chdir="$TF_DIR" apply $ARGS
- name: Export Terraform Outputs
shell: bash
env:
TF_DIR: ${{ inputs.terraform-dir }}
run: |
terraform -chdir="$TF_DIR" output -json | jq -r '
to_entries[]
| select(.value.sensitive != true)
| .key as $k
| (.value.value | if type == "string" then . else tojson end) as $v
| "\($k)<<__TF_OUT__\n\($v)\n__TF_OUT__"
' >> "$GITHUB_OUTPUT"
View git blame Copy permalink