Skip to content

add tofu auto-deployment workflows #8

add tofu auto-deployment workflows

add tofu auto-deployment workflows #8

Workflow file for this run

name: Apply OpenTofu plan
on:
workflow_dispatch: # manual trigger
pull_request: # delete!
push:
branches:
- main
permissions:
contents: read
pull-requests: write
jobs:
apply:
runs-on: ubuntu-latest
name: Apply pre-prepared plan
env:
GITHUB_TOKEN: ${{ secrets.TF_GITHUB_TOKEN }}
# FIXME: only needed for daveadams/sshkey
TERRAFORM_PRE_RUN: |
export PROVIDER_DIR=/tmp/tf-mirror/registry.opentofu.org/daveadams/sshkey
mkdir -p "$PROVIDER_DIR"
wget https://github.com/daveadams/terraform-provider-sshkey/releases/download/v0.2.1/terraform-provider-sshkey_0.2.1_linux_amd64.zip -O "$PROVIDER_DIR/provider.zip"
unzip "$PROVIDER_DIR/provider.zip" -d "$PROVIDER_DIR"
cat > "$PROVIDER_DIR/index.json" <<EOF
{
"versions": {
"0.2.1": {}
}
}
EOF
cat > "$PROVIDER_DIR/0.2.1.json" <<EOF
{
"archives": {
"linux_amd64": {
"hashes": [
"h1:ALlh6Teth+wUs0dA/t55ix2mxbmsUXnO/OXH9MZnEHI="
],
"url": "terraform-provider-sshkey_0.2.1_linux_amd64.zip"
}
}
}
EOF
cat > ~/.terraformrc <<EOF
provider_installation {
filesystem_mirror {
path = "/tmp/tf-mirror"
include = ["daveadams/sshkey"]
}
direct {
exclude = ["daveadams/sshkey"]
}
}
EOF
ls -la $PROVIDER_DIR
tree $PROVIDER_DIR
# to access state db
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
- name: checkout
uses: actions/checkout@v4
- name: add ssh key
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.TF_SSH_PRIVATE_KEY }}
- name: tofu apply
uses: dflook/[email protected]
with:
label: dsekt-infra