Adds plan step in build job

Author: onlinejudge95

.github/workflows/pipeline.yml

@@ -78,38 +78,38 @@ jobs:
           source scripts/utils.sh
           init_terraform aws github heroku
 
-      # - name: "Generate terraform plan"
-      #   env:
-      #     AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      #     AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      #     TF_VAR_GH_PERSONAL_ACCESS_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
-      #     TF_VAR_DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-      #     TF_VAR_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
-      #     TF_VAR_HEROKU_EMAIL: ${{ secrets.HEROKU_EMAIL }}
-      #     TF_VAR_HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}
-      #     TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN: ${{ secrets.EMAIL_SERVICE_CODECOV_TOKEN }}
-      #     TF_VAR_API_GATEWAY_CODECOV_TOKEN: ${{ secrets.API_GATEWAY_CODECOV_TOKEN }}
-      #     TF_VAR_EMAIL_SERVICE_DATABASE_URL: ${{ secrets.EMAIL_SERVICE_DATABASE_URL }}
-      #     TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD: ${{ secrets.EMAIL_SERVICE_MAIL_PASSWORD }}
-      #     TF_VAR_EMAIL_SERVICE_MAIL_USERNAME: ${{ secrets.EMAIL_SERVICE_MAIL_USERNAME }}
-      #     TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_TLS_URL }}
-      #     TF_VAR_EMAIL_SERVICE_REDIS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_URL }}
-      #     TF_VAR_PROFILE_SERVICE_DATABASE_URL: ${{ secrets.PROFILE_SERVICE_DATABASE_URL }}
-      #     TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_TLS_URL }}
-      #     TF_VAR_PROFILE_SERVICE_REDIS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_URL }}
-      #     TF_VAR_WIKI_DATABASE_HOST: ${{ secrets.WIKI_DATABASE_HOST }}
-      #     TF_VAR_WIKI_DATABASE_PORT: ${{ secrets.WIKI_DATABASE_PORT }}
-      #     TF_VAR_WIKI_DATABASE_USER: ${{ secrets.WIKI_DATABASE_USER }}
-      #     TF_VAR_WIKI_DATABASE_PASSWORD: ${{ secrets.WIKI_DATABASE_PASSWORD }}
-      #     TF_VAR_WIKI_DATABASE_NAME: ${{ secrets.WIKI_DATABASE_NAME }}
-      #     TF_VAR_DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }}
-      #     TF_VAR_TRUSTED_HOSTS: ${{ secrets.TRUSTED_HOSTS }}
-      #     TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_ACCESS_KEY }}
-      #     TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_SECRET_KEY }}
-      #     TF_VAR_SNYK_SECRET_KEY: ${{ secrets.SNYK_SECRET_KEY }}
-      #   run: |
-      #     source scripts/pipeline_utils.sh
-      #     plan_terraform github heroku aws
+      - name: "Generate terraform plan"
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          TF_VAR_GH_PERSONAL_ACCESS_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
+          TF_VAR_DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          TF_VAR_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
+          TF_VAR_HEROKU_EMAIL: ${{ secrets.HEROKU_EMAIL }}
+          TF_VAR_HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}
+          TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN: ${{ secrets.EMAIL_SERVICE_CODECOV_TOKEN }}
+          TF_VAR_API_GATEWAY_CODECOV_TOKEN: ${{ secrets.API_GATEWAY_CODECOV_TOKEN }}
+          TF_VAR_EMAIL_SERVICE_DATABASE_URL: ${{ secrets.EMAIL_SERVICE_DATABASE_URL }}
+          TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD: ${{ secrets.EMAIL_SERVICE_MAIL_PASSWORD }}
+          TF_VAR_EMAIL_SERVICE_MAIL_USERNAME: ${{ secrets.EMAIL_SERVICE_MAIL_USERNAME }}
+          TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_TLS_URL }}
+          TF_VAR_EMAIL_SERVICE_REDIS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_URL }}
+          TF_VAR_PROFILE_SERVICE_DATABASE_URL: ${{ secrets.PROFILE_SERVICE_DATABASE_URL }}
+          TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_TLS_URL }}
+          TF_VAR_PROFILE_SERVICE_REDIS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_URL }}
+          TF_VAR_WIKI_DATABASE_HOST: ${{ secrets.WIKI_DATABASE_HOST }}
+          TF_VAR_WIKI_DATABASE_PORT: ${{ secrets.WIKI_DATABASE_PORT }}
+          TF_VAR_WIKI_DATABASE_USER: ${{ secrets.WIKI_DATABASE_USER }}
+          TF_VAR_WIKI_DATABASE_PASSWORD: ${{ secrets.WIKI_DATABASE_PASSWORD }}
+          TF_VAR_WIKI_DATABASE_NAME: ${{ secrets.WIKI_DATABASE_NAME }}
+          TF_VAR_DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }}
+          TF_VAR_TRUSTED_HOSTS: ${{ secrets.TRUSTED_HOSTS }}
+          TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_ACCESS_KEY }}
+          TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_SECRET_KEY }}
+          TF_VAR_SNYK_SECRET_KEY: ${{ secrets.SNYK_SECRET_KEY }}
+        run: |
+          source scripts/utils.sh
+          plan_terraform aws github heroku
 
   # deploy:
   #   if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}

scripts/utils.sh

@@ -39,3 +39,42 @@ validate_terraform() {
             infrastructure:"$GITHUB_COMMIT_SHA" -chdir=src/"$dir" validate -json 2>&1
     done
 }
+
+plan_terraform() {
+    for dir in "$@"
+    do
+        echo "Generating terraform plan for" "$dir"
+        docker container run \
+            --env AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
+            --env AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
+            --env TF_VAR_GH_PERSONAL_ACCESS_TOKEN="$GH_PERSONAL_ACCESS_TOKEN" \
+            --env TF_VAR_DOCKERHUB_USERNAME="$DOCKERHUB_USERNAME" \
+            --env TF_VAR_DOCKERHUB_TOKEN="$DOCKERHUB_TOKEN" \
+            --env TF_VAR_HEROKU_EMAIL="$HEROKU_EMAIL" \
+            --env TF_VAR_HEROKU_API_KEY="$HEROKU_API_KEY" \
+            --env TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN="$EMAIL_SERVICE_CODECOV_TOKEN" \
+            --env TF_VAR_API_GATEWAY_CODECOV_TOKEN="$API_GATEWAY_CODECOV_TOKEN" \
+            --env TF_VAR_EMAIL_SERVICE_DATABASE_URL="$EMAIL_SERVICE_DATABASE_URL" \
+            --env TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD="$EMAIL_SERVICE_MAIL_PASSWORD" \
+            --env TF_VAR_EMAIL_SERVICE_MAIL_USERNAME="$EMAIL_SERVICE_MAIL_USERNAME" \
+            --env TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL="$EMAIL_SERVICE_REDIS_TLS_URL" \
+            --env TF_VAR_EMAIL_SERVICE_REDIS_URL="$EMAIL_SERVICE_REDIS_URL" \
+            --env TF_VAR_PROFILE_SERVICE_DATABASE_URL="$PROFILE_SERVICE_DATABASE_URL" \
+            --env TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL="$PROFILE_SERVICE_REDIS_TLS_URL" \
+            --env TF_VAR_PROFILE_SERVICE_REDIS_URL="$PROFILE_SERVICE_REDIS_URL" \
+            --env TF_VAR_WIKI_DATABASE_HOST="$WIKI_DATABASE_HOST" \
+            --env TF_VAR_WIKI_DATABASE_PORT="$WIKI_DATABASE_PORT" \
+            --env TF_VAR_WIKI_DATABASE_USER="$WIKI_DATABASE_USER" \
+            --env TF_VAR_WIKI_DATABASE_PASSWORD="$WIKI_DATABASE_PASSWORD" \
+            --env TF_VAR_WIKI_DATABASE_NAME="$WIKI_DATABASE_NAME" \
+            --env TF_VAR_DISCORD_WEBHOOK_URL="$DISCORD_WEBHOOK_URL" \
+            --env TF_VAR_TRUSTED_HOSTS="$TRUSTED_HOSTS" \
+            --env TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY="$GAMBLEY_CD_USER_AWS_ACCESS_KEY" \
+            --env TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY="$GAMBLEY_CD_USER_AWS_SECRET_KEY" \
+            --env TF_VAR_SNYK_SECRET_KEY="$SNYK_SECRET_KEY" \
+            --volume aws-provider:/app/src/aws/.terraform \
+            --volume github-provider:/app/src/github/.terraform \
+            --volume heroku-provider:/app/src/heroku/.terraform \
+            infrastructure:"$GITHUB_COMMIT_SHA" -chdir=src/"$dir" plan -input=false 2>&1
+    done
+}