Skip to content
This repository has been archived by the owner on Aug 22, 2024. It is now read-only.

✨ GitHub Actionsでterraform fmtを実行してコミットする #62

✨ GitHub Actionsでterraform fmtを実行してコミットする

✨ GitHub Actionsでterraform fmtを実行してコミットする #62

Workflow file for this run

name: "Terraform plan"
on:
pull_request:
branches:
- main
workflow_dispatch:
workflow_call:
secrets:
GOOGLE_BACKEND_CREDENTIALS:
required: true
permissions:
pull-requests: write
contents: read
concurrency:
group: terraform
env:
TERRAFORM_VERSION: "1.8.4"
jobs:
validate:
needs: fmt
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
- name: Terraform init
run: terraform init
env:
GOOGLE_BACKEND_CREDENTIALS: ${{ secrets.GOOGLE_BACKEND_CREDENTIALS }}
- name: Terraform validate
run: terraform validate -no-color
fmt:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.head_ref }}
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
- name: Terraform fmt
id: fmt
run: terraform fmt -diff -no-color -recursive .
- if: steps.fmt.outputs.stdout == ''
run: exit 0
- name: Exit if trigger is workflow_dispatch and fmt failed # workflow_dispatchからの実行ではコミットしない
if: github.event_name == 'workflow_dispatch'
run: exit 1
- name: Commit changes
run: |
git config user.name github-actions[bot]
git config user.email 41898282+github-actions[bot]@users.noreply.github.com
git add .
git commit -m '[CI] terraform fmt'
git push origin HEAD:${{ github.event.pull_request.head.ref }}
- name: Call plan workflow
uses: ./.github/workflows/plan.yml
- run: exit 1
plan:
needs: fmt
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
- name: Terraform init
run: terraform init
env:
GOOGLE_BACKEND_CREDENTIALS: ${{ secrets.GOOGLE_BACKEND_CREDENTIALS }}
- name: Terraform plan
id: plan
run: terraform plan -no-color -input=false
continue-on-error: true
env:
GOOGLE_BACKEND_CREDENTIALS: ${{ secrets.GOOGLE_BACKEND_CREDENTIALS }}
GITHUB_TOKEN: ${{ secrets.PERSONAL_TOKEN }}
- name: Comment PR
uses: actions/github-script@v7
with:
script: |
const message = `${{ steps.plan.outputs.stdout }}`;
let filteredMessage = "`terraform plan`\n<details>\n\n```\n" + message.split('\n').filter(line => !line.includes('Refreshing state...')).filter(line => !line.includes('Note:')).join('\n') + "\n```\n\n</details>";
if (filteredMessage.Length > 65535) {
console.log("Plan output is too long, truncating...");
filteredMessage = filteredMessage.substring(0, 65400) + "\n</details>";
filteredMessage += "\n```\n\nPlan output was too long and was truncated. Please check the actions log";
}
github.rest.issues.createComment({
issue_number: context.payload.pull_request.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: filteredMessage
})
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Check if plan was successful
if: steps.plan.outcome == 'failure'
run: exit 1