diff --git a/.gitea/workflows/terraform-dev.yml b/.gitea/workflows/terraform-dev.yml index 098a6d4..61d88df 100644 --- a/.gitea/workflows/terraform-dev.yml +++ b/.gitea/workflows/terraform-dev.yml @@ -1,16 +1,19 @@ +# Все корни Terraform в environments/dev/<имя>/ (файл main.tf). +# Новая организация = новая папка — workflow подхватит её без правки этого файла. + name: terraform-dev on: pull_request: paths: - - "environments/dev/Seahorse/**" + - "environments/dev/**" - "environments/modules/**" - ".gitea/workflows/terraform-dev.yml" push: branches: - main paths: - - "environments/dev/Seahorse/**" + - "environments/dev/**" - "environments/modules/**" - ".gitea/workflows/terraform-dev.yml" workflow_dispatch: @@ -23,8 +26,7 @@ on: env: TF_IN_AUTOMATION: "true" TF_INPUT: "false" - TF_CLI_ARGS_init: "-backend=false" - WORKDIR: "environments/dev/Seahorse" + TF_CLI_ARGS_init: "-backend=false -plugin-dir=/root/.terraform.d/plugins" jobs: validate: @@ -39,19 +41,23 @@ jobs: - name: Terraform fmt check run: terraform fmt -check -recursive - - name: Terraform init (no backend) - working-directory: ${{ env.WORKDIR }} + - name: Terraform init + validate (all dev environments) env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} - run: terraform init - - - name: Terraform validate - working-directory: ${{ env.WORKDIR }} - env: - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} - VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} - run: terraform validate + run: | + set -euo pipefail + found=0 + for d in environments/dev/*/; do + [ -f "${d}main.tf" ] || continue + found=1 + echo "========== ${d} ==========" + (cd "$d" && terraform init && terraform validate) + done + if [ "$found" -eq 0 ]; then + echo "No environments found under environments/dev/*/ with main.tf" + exit 1 + fi plan: needs: validate @@ -60,19 +66,23 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - name: Terraform init (no backend) - working-directory: ${{ env.WORKDIR }} + - name: Terraform plan (all dev environments) env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} - run: terraform init - - - name: Terraform plan - working-directory: ${{ env.WORKDIR }} - env: - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} - VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} - run: terraform plan -refresh=false -lock=false -out=tfplan + run: | + set -euo pipefail + found=0 + for d in environments/dev/*/; do + [ -f "${d}main.tf" ] || continue + found=1 + echo "========== ${d} ==========" + (cd "$d" && terraform init && terraform plan -refresh=false -lock=false -out=tfplan) + done + if [ "$found" -eq 0 ]; then + echo "No environments found under environments/dev/*/ with main.tf" + exit 1 + fi apply: if: github.event_name == 'workflow_dispatch' && github.event.inputs.run_apply == 'true' @@ -82,16 +92,20 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - name: Terraform init (no backend) - working-directory: ${{ env.WORKDIR }} + - name: Terraform apply (all dev environments) env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} - run: terraform init - - - name: Terraform apply (manual trigger) - working-directory: ${{ env.WORKDIR }} - env: - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} - VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} - run: terraform apply -refresh=false -lock=false -auto-approve \ No newline at end of file + run: | + set -euo pipefail + found=0 + for d in environments/dev/*/; do + [ -f "${d}main.tf" ] || continue + found=1 + echo "========== ${d} ==========" + (cd "$d" && terraform init && terraform apply -refresh=false -lock=false -auto-approve) + done + if [ "$found" -eq 0 ]; then + echo "No environments found under environments/dev/*/ with main.tf" + exit 1 + fi