various changes #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: OpenTofu | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| defaults: | |
| run: | |
| shell: bash | |
| permissions: | |
| pull-requests: write | |
| concurrency: | |
| group: ci-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| TF_VAR_fastly_api_key: ${{ secrets.fastly_api_key }} | |
| TF_VAR_porkbun_api_key: ${{ secrets.porkbun_api_key }} | |
| TF_VAR_porkbun_secret_key: ${{ secrets.porkbun_secret_key }} | |
| TF_VAR_aws_access_key_id: ${{ secrets.aws_access_key_id }} | |
| TF_VAR_aws_secret_access_key: ${{ secrets.aws_secret_access_key }} | |
| jobs: | |
| validate: | |
| name: "Validate" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: opentofu/setup-opentofu@v1 | |
| with: | |
| tofu_version_file: .opentofu-version | |
| - name: Tofu Init (Staging) | |
| run: tofu init -var-file="env-staging.tfvars" -input=false | |
| - name: Tofu Validate | |
| run: tofu validate -no-color | |
| - name: Tofu Format Check | |
| run: tofu fmt -check -recursive | |
| plan: | |
| name: "Plan" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: opentofu/setup-opentofu@v1 | |
| with: | |
| tofu_version_file: .opentofu-version | |
| - name: Tofu Init (Staging) | |
| run: tofu init -var-file="env-staging.tfvars" -input=false | |
| - name: Tofu Plan (Staging) | |
| run: | | |
| { PLAN=$(tofu plan -var-file="env-staging.tfvars" -no-color | tee /dev/fd/5 || true); } 5>&1 | |
| echo "<details><summary>OpenTofu Plan (Staging)</summary><code>$PLAN</code></details>" >> $GITHUB_STEP_SUMMARY | |
| - name: Tofu Init (Prod) | |
| run: tofu init -var-file="env-prod.tfvars" -input=false | |
| - name: Tofu Plan (Prod) | |
| run: | | |
| { PLAN=$(tofu plan -var-file="env-prod.tfvars" -no-color | tee /dev/fd/5 || true); } 5>&1 | |
| echo "<details><summary>OpenTofu Plan (Prod)</summary><code>$PLAN</code></details>" >> $GITHUB_STEP_SUMMARY | |
| deploy-staging: | |
| name: "Deploy (Staging)" | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| environment: staging | |
| needs: [validate, plan] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: opentofu/setup-opentofu@v1 | |
| with: | |
| tofu_version_file: .opentofu-version | |
| - name: Tofu Init | |
| run: tofu init -var-file="env-staging.tfvars" | |
| - name: Tofu Apply | |
| run: tofu apply -var-file="env-staging.tfvars" -auto-approve | |
| deploy-prod: | |
| name: "Deploy (Prod)" | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| environment: prod | |
| needs: [deploy-staging] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: opentofu/setup-opentofu@v1 | |
| with: | |
| tofu_version_file: .opentofu-version | |
| - name: Tofu Init | |
| run: tofu init -var-file="env-prod.tfvars" | |
| - name: Tofu Apply | |
| run: tofu apply -var-file="env-prod.tfvars" -auto-approve |