.github/workflows/terraform-providers-upgrade.yml

name: "Terraform Providers Upgrade"

on:
  workflow_dispatch:

jobs:
  terraform-providers-upgrade:
    name: "Terraform Providers Upgrade"
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v3

      - name: Configure Terraform Provider Plugin Cache
        run: |
          plugin_cache_dir="$HOME/.terraform.d/plugin-cache"
          printf 'plugin_cache_dir="%s"' "${plugin_cache_dir}" > ~/.terraformrc
          mkdir --parents "${plugin_cache_dir}"

      - name: Cache Terraform
        uses: actions/cache@v4
        with:
          path: |
            ~/.terraform.d/plugin-cache
          key: ${{ runner.os }}-terraform-${{ hashFiles('**/.terraform.lock.hcl') }}
          restore-keys: |
            ${{ runner.os }}-terraform-

      - name: Terraform Upgrade
        id: upgrade
        run: |
          terraform init -no-color -upgrade -backend=false
          terraform providers lock -platform=windows_amd64 -platform=linux_amd64 -platform=darwin_amd64

      - name: Update Terraform docs
        uses: terraform-docs/gh-actions@v1
        with:
          working-dir: .
          config-file: .terraform-docs.yml

      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v5
        with:
          token: ${{ secrets.GH_TOKEN_REPO_SCOPED }}
          title: "deps: Upgrade terraform providers"
          body: |
            Automated changes create by [Workflow Run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}).
          commit-message: "deps: Upgrade terraform providers"
          author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
          committer: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
          labels: |
            dependencies
            terraform
          add-paths: .terraform.lock.hcl
          base: main
          branch: terraform-providers-upgrade
          delete-branch: true