hashicorp/hashicat-azure/infrastructure-tests #17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) HashiCorp, Inc. | |
# SPDX-License-Identifier: MPL-2.0 | |
name: hashicorp/hashicat-azure/infrastructure-tests | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- 'master' | |
env: | |
# See IL-574 for the source of these | |
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} | |
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
TF_VAR_prefix: gha-infrastructure-tests-${{ github.run_id }}-${{ github.run_number }} | |
permissions: {} | |
jobs: | |
terraform-init: | |
runs-on: ubuntu-latest | |
container: | |
image: docker.mirror.hashicorp.services/hashicorp/terraform:light | |
permissions: | |
contents: read | |
steps: | |
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
- name: Terraform Init | |
run: terraform init | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: "tf-code" | |
path: ${{ github.workspace }} | |
terraform-validate: | |
runs-on: ubuntu-latest | |
container: | |
image: docker.mirror.hashicorp.services/hashicorp/terraform:light | |
needs: | |
- terraform-init | |
steps: | |
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: "tf-code" | |
path: ${{ github.workspace }} | |
# Either upload or download-artifact does not preserve the exec bit on | |
# binaries, so fix that here | |
- name: fix-perms | |
run: |- | |
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5 | |
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-* | |
- name: Terraform Validate | |
run: terraform validate | |
terraform-plan: | |
runs-on: ubuntu-latest | |
container: | |
image: docker.mirror.hashicorp.services/hashicorp/terraform:light | |
needs: | |
- terraform-validate | |
steps: | |
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: "tf-code" | |
path: ${{ github.workspace }} | |
# Either upload or download-artifact does not preserve the exec bit on | |
# binaries, so fix that here | |
- name: fix-perms | |
run: |- | |
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5 | |
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-* | |
- name: Terraform Plan | |
run: terraform plan -out=gha-infrastructure-tests-${{ github.run_id }}-${{ github.run_number }}.plan | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: "tf-code" | |
path: ${{ github.workspace }} | |
terraform-apply: | |
runs-on: ubuntu-latest | |
container: | |
image: docker.mirror.hashicorp.services/hashicorp/terraform:light | |
needs: | |
- terraform-plan | |
steps: | |
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: "tf-code" | |
path: ${{ github.workspace }} | |
# Either upload or download-artifact does not preserve the exec bit on | |
# binaries, so fix that here | |
- name: fix-perms | |
run: |- | |
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5 | |
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-* | |
- name: Terraform Apply | |
run: terraform apply -auto-approve gha-infrastructure-tests-${{ github.run_id }}-${{ github.run_number }}.plan | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: "tf-code" | |
path: ${{ github.workspace }} | |
terraform-destroy: | |
runs-on: ubuntu-latest | |
container: | |
image: docker.mirror.hashicorp.services/hashicorp/terraform:light | |
needs: | |
- terraform-apply | |
steps: | |
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: "tf-code" | |
path: ${{ github.workspace }} | |
# Either upload or download-artifact does not preserve the exec bit on | |
# binaries, so fix that here | |
- name: fix-perms | |
run: |- | |
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5 | |
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-* | |
- name: Terraform Destroy | |
run: terraform destroy -auto-approve |