blob: 4a812615ac119cc42509c19e93c90412d479fcd9 [file] [log] [blame] [edit]
name: test-ci-bootstrap
on:
workflow_dispatch:
pull_request:
branches:
- main
paths:
- enos/ci/**
- .github/workflows/test-ci-bootstrap.yml
push:
branches:
- main
paths:
- enos/ci/**
- .github/workflows/test-ci-bootstrap.yml
jobs:
bootstrap-ci:
runs-on: ubuntu-latest
env:
TF_WORKSPACE: "${{ github.event.repository.name }}-ci-enos-bootstrap"
TF_VAR_repository: ${{ github.event.repository.name }}
TF_VAR_aws_ssh_public_key: ${{ secrets.SSH_KEY_PUBLIC_CI }}
TF_TOKEN_app_terraform_io: ${{ secrets.TF_API_TOKEN }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set up Terraform
uses: hashicorp/setup-terraform@v2
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }}
aws-region: us-east-1
role-to-assume: ${{ secrets.AWS_ROLE_ARN_CI }}
role-skip-session-tagging: true
role-duration-seconds: 3600
- name: Init Terraform
id: tf_init
run: |
terraform -chdir=enos/ci/bootstrap init
- name: Plan Terraform
id: tf_plan
run: |
terraform -chdir=enos/ci/bootstrap plan
- name: Apply Terraform
if: ${{ github.ref == 'refs/heads/main' }}
id: tf_apply
run: |
terraform -chdir=enos/ci/bootstrap apply -auto-approve