MichaelFisher1997
e714a56980
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 17s
- Point clone_template to nixos-template and trim cloud-init to Nix-safe hostname/DNS only - Remove SSH/Tailscale cloud-init variables and workflow secret dependencies - Add reusable NixOS template-base config with bootloader, Tailscale, fish, and utility packages
56 lines
1.4 KiB
YAML
56 lines
1.4 KiB
YAML
name: Terraform Plan
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- stage
|
|
- test
|
|
|
|
jobs:
|
|
terraform:
|
|
name: "Terraform Plan"
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Create secrets.tfvars
|
|
working-directory: terraform
|
|
run: |
|
|
echo "PM_API_TOKEN_SECRET length: $(echo -n '${{ secrets.PM_API_TOKEN_SECRET }}' | wc -c)"
|
|
cat > secrets.auto.tfvars << EOF
|
|
pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}"
|
|
EOF
|
|
echo "Created secrets.auto.tfvars:"
|
|
cat secrets.auto.tfvars | sed 's/=.*/=***/'
|
|
echo "Using token ID from terraform.tfvars:"
|
|
grep '^pm_api_token_id' terraform.tfvars
|
|
|
|
- name: Set up Terraform
|
|
uses: hashicorp/setup-terraform@v2
|
|
with:
|
|
terraform_version: 1.6.6
|
|
|
|
- name: Terraform Init
|
|
working-directory: terraform
|
|
run: terraform init
|
|
|
|
- name: Terraform Format Check
|
|
working-directory: terraform
|
|
run: terraform fmt -check -recursive
|
|
|
|
- name: Terraform Validate
|
|
working-directory: terraform
|
|
run: terraform validate
|
|
|
|
- name: Terraform Plan
|
|
working-directory: terraform
|
|
run: terraform plan -out=tfplan
|
|
|
|
- name: Upload Terraform Plan
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: terraform-plan
|
|
path: terraform/tfplan
|