Discover all dev environments dynamically under environments/dev/*
This commit is contained in:
Alexandr
@ -1,16 +1,19 @@
|
|||||||
|
# Все корни Terraform в environments/dev/<имя>/ (файл main.tf).
|
||||||
|
# Новая организация = новая папка — workflow подхватит её без правки этого файла.
|
||||||
|
|
||||||
name: terraform-dev
|
name: terraform-dev
|
||||||
|
|
||||||
on:
|
on:
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- "environments/dev/Seahorse/**"
|
- "environments/dev/**"
|
||||||
- "environments/modules/**"
|
- "environments/modules/**"
|
||||||
- ".gitea/workflows/terraform-dev.yml"
|
- ".gitea/workflows/terraform-dev.yml"
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- main
|
- main
|
||||||
paths:
|
paths:
|
||||||
- "environments/dev/Seahorse/**"
|
- "environments/dev/**"
|
||||||
- "environments/modules/**"
|
- "environments/modules/**"
|
||||||
- ".gitea/workflows/terraform-dev.yml"
|
- ".gitea/workflows/terraform-dev.yml"
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
@ -23,8 +26,7 @@ on:
|
|||||||
env:
|
env:
|
||||||
TF_IN_AUTOMATION: "true"
|
TF_IN_AUTOMATION: "true"
|
||||||
TF_INPUT: "false"
|
TF_INPUT: "false"
|
||||||
TF_CLI_ARGS_init: "-backend=false"
|
TF_CLI_ARGS_init: "-backend=false -plugin-dir=/root/.terraform.d/plugins"
|
||||||
WORKDIR: "environments/dev/Seahorse"
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
validate:
|
validate:
|
||||||
@ -39,19 +41,23 @@ jobs:
|
|||||||
- name: Terraform fmt check
|
- name: Terraform fmt check
|
||||||
run: terraform fmt -check -recursive
|
run: terraform fmt -check -recursive
|
||||||
|
|
||||||
- name: Terraform init (no backend)
|
- name: Terraform init + validate (all dev environments)
|
||||||
working-directory: ${{ env.WORKDIR }}
|
|
||||||
env:
|
env:
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
||||||
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
||||||
run: terraform init
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
- name: Terraform validate
|
found=0
|
||||||
working-directory: ${{ env.WORKDIR }}
|
for d in environments/dev/*/; do
|
||||||
env:
|
[ -f "${d}main.tf" ] || continue
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
found=1
|
||||||
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
echo "========== ${d} =========="
|
||||||
run: terraform validate
|
(cd "$d" && terraform init && terraform validate)
|
||||||
|
done
|
||||||
|
if [ "$found" -eq 0 ]; then
|
||||||
|
echo "No environments found under environments/dev/*/ with main.tf"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
plan:
|
plan:
|
||||||
needs: validate
|
needs: validate
|
||||||
@ -60,19 +66,23 @@ jobs:
|
|||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Terraform init (no backend)
|
- name: Terraform plan (all dev environments)
|
||||||
working-directory: ${{ env.WORKDIR }}
|
|
||||||
env:
|
env:
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
||||||
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
||||||
run: terraform init
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
- name: Terraform plan
|
found=0
|
||||||
working-directory: ${{ env.WORKDIR }}
|
for d in environments/dev/*/; do
|
||||||
env:
|
[ -f "${d}main.tf" ] || continue
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
found=1
|
||||||
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
echo "========== ${d} =========="
|
||||||
run: terraform plan -refresh=false -lock=false -out=tfplan
|
(cd "$d" && terraform init && terraform plan -refresh=false -lock=false -out=tfplan)
|
||||||
|
done
|
||||||
|
if [ "$found" -eq 0 ]; then
|
||||||
|
echo "No environments found under environments/dev/*/ with main.tf"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
apply:
|
apply:
|
||||||
if: github.event_name == 'workflow_dispatch' && github.event.inputs.run_apply == 'true'
|
if: github.event_name == 'workflow_dispatch' && github.event.inputs.run_apply == 'true'
|
||||||
@ -82,16 +92,20 @@ jobs:
|
|||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Terraform init (no backend)
|
- name: Terraform apply (all dev environments)
|
||||||
working-directory: ${{ env.WORKDIR }}
|
|
||||||
env:
|
env:
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
||||||
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
||||||
run: terraform init
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
- name: Terraform apply (manual trigger)
|
found=0
|
||||||
working-directory: ${{ env.WORKDIR }}
|
for d in environments/dev/*/; do
|
||||||
env:
|
[ -f "${d}main.tf" ] || continue
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
found=1
|
||||||
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}
|
echo "========== ${d} =========="
|
||||||
run: terraform apply -refresh=false -lock=false -auto-approve
|
(cd "$d" && terraform init && terraform apply -refresh=false -lock=false -auto-approve)
|
||||||
|
done
|
||||||
|
if [ "$found" -eq 0 ]; then
|
||||||
|
echo "No environments found under environments/dev/*/ with main.tf"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user