Skip to content
This repository has been archived by the owner on Sep 23, 2024. It is now read-only.

Merge pull request #323 from FIRST-Tech-Challenge/2024.05.07-flask-oidc #378

Merge pull request #323 from FIRST-Tech-Challenge/2024.05.07-flask-oidc

Merge pull request #323 from FIRST-Tech-Challenge/2024.05.07-flask-oidc #378

Workflow file for this run

name: 'Terraform Development'
on:
pull_request:
push:
branches:
- main
jobs:
terraform:
name: 'Terraform'
runs-on: ubuntu-latest
environment: development
# Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
defaults:
run:
shell: bash
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v2
- name: Install Key
run: |
echo "${{secrets.SERVICE_KEY}}" | base64 --decode > key.json
echo "${{secrets.OIDC_SECRETS}}" | base64 --decode > client_secrets.json
- name: Write Properties
run: |
echo "{ \"version\" : \"$(git rev-parse --short $GITHUB_SHA) \" }" > server/app_engine/app.properties
- name: Closure Build
run: ./gradlew compileJavascript
# Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
terraform_version: 0.14.4
# Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terraform Init
working-directory: terraform/dev
run: terraform init -var project_id=${{secrets.PROJECT_ID}} -var project_url="${{secrets.PROJECT_URL}}" -var environment="development"
env:
GOOGLE_APPLICATION_CREDENTIALS: "../../key.json"
# Generates an execution plan for Terraform
- name: Terraform Plan
id: plan
working-directory: terraform/dev
run: terraform plan -var project_id=${{secrets.PROJECT_ID}} -var project_url=${{secrets.PROJECT_URL}} -var environment="development"
env:
GOOGLE_APPLICATION_CREDENTIALS: "../../key.json"
# Attach the plan to the GitHub PR.
- name: Post Plan
if: always() && github.ref != 'refs/heads/main' && (steps.plan.outcome == 'success' || steps.plan.outcome == 'failure')
uses: cmacfarl/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
EXPAND_SUMMARY_DETAILS: 'true' # Override global environment variable; expand details just for this step
with:
commenter_type: plan
commenter_input: ${{ format('{0}{1}', steps.plan.outputs.stdout, steps.plan.outputs.stderr) }}
commenter_exitcode: ${{ steps.plan.outputs.exitcode }}
# On push to main, build or change infrastructure according to Terraform configuration files
# Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks
- name: Terraform Apply
working-directory: terraform/dev
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: terraform apply -var project_id=${{secrets.PROJECT_ID}} -var project_url=${{secrets.PROJECT_URL}} -var environment="development" -auto-approve
env:
GOOGLE_APPLICATION_CREDENTIALS: "../../key.json"