mdmsua/deploy.yaml

## deploy.yaml
name: Deploy

permissions:
  id-token: write
  contents: read

on:
  workflow_dispatch:

env:
  TF_INPUT: 0
  TF_IN_AUTOMATION: 1
  ARM_TENANT_ID: ${{ vars.TENANT_ID }}
  ARM_SUBSCRIPTION_ID: ${{ vars.SUBSCRIPTION_ID }}
  ARM_CLIENT_ID: ${{ vars.CLIENT_ID }}

jobs:
  plan:
    name: Plan
    environment: plan
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: hashicorp/setup-terraform@v3
        with:
          cli_config_credentials_token: ${{ secrets.TFC_API_TOKEN }}
      - uses: azure/use-kubelogin@v1
        with:
          kubelogin-version: v0.1.1
      - uses: azure/login@v1
        with:
          client-id: ${{ env.ARM_CLIENT_ID }}
          tenant-id: ${{ env.ARM_TENANT_ID }}
          subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
      - run: terraform init
        working-directory: terraform
      - run: terraform fmt -check
        working-directory: terraform
      - run: terraform validate -no-color
        working-directory: terraform
      - run: terraform plan -no-color
        working-directory: terraform
        env:
          TF_VAR_tfc_api_token: ${{ secrets.TFC_API_TOKEN }}
  apply:
    name: Apply
    environment: apply
    runs-on: ubuntu-latest
    needs: plan
    steps:
      - uses: actions/checkout@v4
      - uses: hashicorp/setup-terraform@v3
        with:
          cli_config_credentials_token: ${{ secrets.TFC_API_TOKEN }}
      - uses: azure/use-kubelogin@v1
        with:
          kubelogin-version: v0.1.1
      - uses: azure/login@v1
        with:
          client-id: ${{ env.ARM_CLIENT_ID }}
          tenant-id: ${{ env.ARM_TENANT_ID }}
          subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
      - run: terraform init
        working-directory: terraform
      - run: terraform destroy -no-color -auto-approve
        working-directory: terraform
        env:
          TF_VAR_tfc_api_token: ${{ secrets.TFC_API_TOKEN }}
	name: Deploy

	permissions:
	id-token: write
	contents: read

	on:
	workflow_dispatch:

	env:
	TF_INPUT: 0
	TF_IN_AUTOMATION: 1
	ARM_TENANT_ID: ${{ vars.TENANT_ID }}
	ARM_SUBSCRIPTION_ID: ${{ vars.SUBSCRIPTION_ID }}
	ARM_CLIENT_ID: ${{ vars.CLIENT_ID }}

	jobs:
	plan:
	name: Plan
	environment: plan
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: hashicorp/setup-terraform@v3
	with:
	cli_config_credentials_token: ${{ secrets.TFC_API_TOKEN }}
	- uses: azure/use-kubelogin@v1
	with:
	kubelogin-version: v0.1.1
	- uses: azure/login@v1
	with:
	client-id: ${{ env.ARM_CLIENT_ID }}
	tenant-id: ${{ env.ARM_TENANT_ID }}
	subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
	- run: terraform init
	working-directory: terraform
	- run: terraform fmt -check
	working-directory: terraform
	- run: terraform validate -no-color
	working-directory: terraform
	- run: terraform plan -no-color
	working-directory: terraform
	env:
	TF_VAR_tfc_api_token: ${{ secrets.TFC_API_TOKEN }}
	apply:
	name: Apply
	environment: apply
	runs-on: ubuntu-latest
	needs: plan
	steps:
	- uses: actions/checkout@v4
	- uses: hashicorp/setup-terraform@v3
	with:
	cli_config_credentials_token: ${{ secrets.TFC_API_TOKEN }}
	- uses: azure/use-kubelogin@v1
	with:
	kubelogin-version: v0.1.1
	- uses: azure/login@v1
	with:
	client-id: ${{ env.ARM_CLIENT_ID }}
	tenant-id: ${{ env.ARM_TENANT_ID }}
	subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
	- run: terraform init
	working-directory: terraform
	- run: terraform destroy -no-color -auto-approve
	working-directory: terraform
	env:
	TF_VAR_tfc_api_token: ${{ secrets.TFC_API_TOKEN }}