Ajout des workflows Tofu Plan et Apply

guytcheuffa · guytcheuffa · commit 7e3fafb49f62 · 2025-02-09T23:00:35.000+01:00
diff --git a/.github/workflows/tofu-apply.yml b/.github/workflows/tofu-apply.yml
@@ -0,0 +1,53 @@
+name: Tofu Apply 
+
+on: 
+    push: 
+        branches: ["main"] 
+        paths: ["td5/scripts/tofu/live/lambda-sample/**"] 
+
+jobs: 
+    apply: 
+        name: "Tofu Apply" 
+        runs-on: ubuntu-latest 
+        permissions: 
+            pull-requests: write 
+            id-token: write 
+            contents: read 
+
+        steps: 
+            - name: Checkout repository
+              uses: actions/checkout@v2 
+
+            - name: Configure AWS credentials 
+              uses: aws-actions/configure-aws-credentials@v3 
+              with:
+                  role-to-assume: ${{ secrets.APPLY_ROLE_ARN }}
+                  role-session-name: apply-${{ github.run_number }}-${{ github.actor }} 
+                  aws-region: us-east-2 
+
+            - name: Setup OpenTofu
+              uses: opentofu/setup-opentofu@v1 
+
+            - name: Run tofu apply 
+              id: apply 
+              working-directory: td5/scripts/tofu/live/lambda-sample 
+              run: | 
+                  tofu init -no-color -input=false 
+                  tofu apply -no-color -input=false -lock-timeout=60m -auto-approve 
+
+            - name: Find current PR 
+              uses: jwalton/gh-find-current-pr@master 
+              id: find_pr 
+              with:
+                  state: all 
+
+            - name: Post apply output in PR comment
+              uses: peter-evans/create-or-update-comment@v4 
+              if: steps.find_pr.outputs.number 
+              env: 
+                  RESULT_EMOJI: ${{ steps.apply.outcome == 'success' && '✅' || '⚠ ' }} 
+              with:
+                  issue-number: ${{ steps.find_pr.outputs.number }} 
+                  body: | 
+                      ## ${{ env.RESULT_EMOJI }} `tofu apply` output 
+                      ```${{ steps.apply.outputs.stdout }}```
diff --git a/.github/workflows/tofu-plan.yml b/.github/workflows/tofu-plan.yml
@@ -0,0 +1,47 @@
+name: Tofu Plan 
+
+on: 
+    pull_request: 
+        branches: ["main"] 
+        paths: ["td5/scripts/tofu/live/lambda-sample/**"] 
+
+jobs: 
+    plan: 
+        name: "Tofu Plan" 
+        runs-on: ubuntu-latest 
+        permissions: 
+            pull-requests: write 
+            id-token: write 
+            contents: read 
+
+        steps: 
+            - name: Checkout repository
+              uses: actions/checkout@v2 
+
+            - name: Configure AWS credentials 
+              uses: aws-actions/configure-aws-credentials@v3 
+              with:
+                  role-to-assume: ${{ secrets.PLAN_ROLE_ARN }}
+                  role-session-name: plan-${{ github.run_number }}-${{ github.actor }} 
+                  aws-region: us-east-2 
+
+            - name: Setup OpenTofu
+              uses: opentofu/setup-opentofu@v1 
+
+            - name: Run tofu plan 
+              id: plan 
+              working-directory: td5/scripts/tofu/live/lambda-sample 
+              run: | 
+                  tofu init -no-color -input=false 
+                  tofu plan -no-color -input=false -lock=false 
+
+            - name: Post plan output in PR comment
+              uses: peter-evans/create-or-update-comment@v4 
+              if: always() 
+              env: 
+                  RESULT_EMOJI: ${{ steps.plan.outcome == 'success' && '✅' || '⚠ ' }} 
+              with:
+                  issue-number: ${{ github.event.pull_request.number }} 
+                  body: | 
+                      ## ${{ env.RESULT_EMOJI }} `tofu plan` output 
+                      ```${{ steps.plan.outputs.stdout }}```
