zmingxie/terraform.yaml

## terraform.yaml
name: 'Terraform'

on:
  push:
    branches:
      - master
    paths:
      - ".github/workflows/terraform.yaml"
      - "terraform/**"
  pull_request:
    branches:
      - master
    paths:
      - ".github/workflows/terraform.yaml"
      - "terraform/**"


jobs:
  terraform:
    name: 'Terraform Validate/Plan'
    runs-on: ubuntu-latest
    env:
      AWS_DEFAULT_REGION: "us-east-1"
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY_SECRET }}
    timeout-minutes: 15

    steps:
    - name: Checkout
      uses: actions/checkout@v2

    - name: Setup Terraform
      uses: hashicorp/setup-terraform@v1
      with:
        terraform_version: 0.14.5

    - name: Terraform Init
      id: init
      run: terraform init
      working-directory: ./terraform

    - name: Terraform Format and Validate
      id: fmt
      run: terraform fmt -check && terraform validate
      working-directory: ./terraform

    - name: Run tflint
      id: lint
      uses: reviewdog/action-tflint@v1.9.0
      if: github.event_name == 'pull_request'
      with:
        github_token: ${{ secrets.GITHUB_TOKEN }}
        working_directory: ./terraform
        reporter: github-pr-review
        fail_on_error: "true"
        filter_mode: "nofilter"

    - name: Terraform Plan
      id: plan
      run: terraform plan -no-color
      working-directory: ./terraform

    - name: Create PR Comment
      uses: actions/github-script@v3.1.0
      if: github.event_name == 'pull_request'
      env:
        PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
      with:
        github-token: ${{ secrets.GITHUB_TOKEN }}
        script: |
          const output = `
            #### Terraform Format and Style 🖌 \`${{ steps.fmt.outcome }}\`
            #### Terraform Lint 🖌 \`${{ steps.lint.outcome }}\`
            #### Terraform Plan 📖 \`${{ steps.plan.outcome }}\`
            \`\`\`${process.env.PLAN}\`\`\`
            `;
          // Get the existing comments.
          const {data: comments} = await github.issues.listComments({
            owner: context.repo.owner,
            repo: context.repo.repo,
            issue_number: context.payload.number,
          })
          // Find any comment already made by the bot.
          const botComment = comments.find(comment => comment.user.id === 41898282)
          if (botComment) {
            await github.issues.updateComment({
              owner: context.repo.owner,
              repo: context.repo.repo,
              comment_id: botComment.id,
              body: output
            })
          } else {
            await github.issues.createComment({
              owner: context.repo.owner,
              repo: context.repo.repo,
              issue_number: context.payload.number,
              body: output
            })
          }
    - name: Terraform Apply
      if: github.ref == 'refs/heads/master' && github.event_name == 'push'
      run: terraform apply -auto-approve
      working-directory: ./terraform
	name: 'Terraform'

	on:
	push:
	branches:
	- master
	paths:
	- ".github/workflows/terraform.yaml"
	- "terraform/**"
	pull_request:
	branches:
	- master
	paths:
	- ".github/workflows/terraform.yaml"
	- "terraform/**"


	jobs:
	terraform:
	name: 'Terraform Validate/Plan'
	runs-on: ubuntu-latest
	env:
	AWS_DEFAULT_REGION: "us-east-1"
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY_SECRET }}
	timeout-minutes: 15

	steps:
	- name: Checkout
	uses: actions/checkout@v2

	- name: Setup Terraform
	uses: hashicorp/setup-terraform@v1
	with:
	terraform_version: 0.14.5

	- name: Terraform Init
	id: init
	run: terraform init
	working-directory: ./terraform

	- name: Terraform Format and Validate
	id: fmt
	run: terraform fmt -check && terraform validate
	working-directory: ./terraform

	- name: Run tflint
	id: lint
	uses: reviewdog/action-tflint@v1.9.0
	if: github.event_name == 'pull_request'
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	working_directory: ./terraform
	reporter: github-pr-review
	fail_on_error: "true"
	filter_mode: "nofilter"

	- name: Terraform Plan
	id: plan
	run: terraform plan -no-color
	working-directory: ./terraform

	- name: Create PR Comment
	uses: actions/github-script@v3.1.0
	if: github.event_name == 'pull_request'
	env:
	PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	script: \|
	const output = `
	#### Terraform Format and Style 🖌 \`${{ steps.fmt.outcome }}\`
	#### Terraform Lint 🖌 \`${{ steps.lint.outcome }}\`
	#### Terraform Plan 📖 \`${{ steps.plan.outcome }}\`
	\`\`\`${process.env.PLAN}\`\`\`
	`;
	// Get the existing comments.
	const {data: comments} = await github.issues.listComments({
	owner: context.repo.owner,
	repo: context.repo.repo,
	issue_number: context.payload.number,
	})
	// Find any comment already made by the bot.
	const botComment = comments.find(comment => comment.user.id === 41898282)
	if (botComment) {
	await github.issues.updateComment({
	owner: context.repo.owner,
	repo: context.repo.repo,
	comment_id: botComment.id,
	body: output
	})
	} else {
	await github.issues.createComment({
	owner: context.repo.owner,
	repo: context.repo.repo,
	issue_number: context.payload.number,
	body: output
	})
	}
	- name: Terraform Apply
	if: github.ref == 'refs/heads/master' && github.event_name == 'push'
	run: terraform apply -auto-approve
	working-directory: ./terraform