Skip to content

hashicorp/hashicat-azure/infrastructure-tests #17

hashicorp/hashicat-azure/infrastructure-tests

hashicorp/hashicat-azure/infrastructure-tests #17

# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
name: hashicorp/hashicat-azure/infrastructure-tests
on:
workflow_dispatch:
push:
branches:
- 'master'
env:
# See IL-574 for the source of these
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }}
TF_VAR_prefix: gha-infrastructure-tests-${{ github.run_id }}-${{ github.run_number }}
permissions: {}
jobs:
terraform-init:
runs-on: ubuntu-latest
container:
image: docker.mirror.hashicorp.services/hashicorp/terraform:light
permissions:
contents: read
steps:
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Terraform Init
run: terraform init
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: "tf-code"
path: ${{ github.workspace }}
terraform-validate:
runs-on: ubuntu-latest
container:
image: docker.mirror.hashicorp.services/hashicorp/terraform:light
needs:
- terraform-init
steps:
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: "tf-code"
path: ${{ github.workspace }}
# Either upload or download-artifact does not preserve the exec bit on
# binaries, so fix that here
- name: fix-perms
run: |-
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-*
- name: Terraform Validate
run: terraform validate
terraform-plan:
runs-on: ubuntu-latest
container:
image: docker.mirror.hashicorp.services/hashicorp/terraform:light
needs:
- terraform-validate
steps:
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: "tf-code"
path: ${{ github.workspace }}
# Either upload or download-artifact does not preserve the exec bit on
# binaries, so fix that here
- name: fix-perms
run: |-
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-*
- name: Terraform Plan
run: terraform plan -out=gha-infrastructure-tests-${{ github.run_id }}-${{ github.run_number }}.plan
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: "tf-code"
path: ${{ github.workspace }}
terraform-apply:
runs-on: ubuntu-latest
container:
image: docker.mirror.hashicorp.services/hashicorp/terraform:light
needs:
- terraform-plan
steps:
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: "tf-code"
path: ${{ github.workspace }}
# Either upload or download-artifact does not preserve the exec bit on
# binaries, so fix that here
- name: fix-perms
run: |-
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-*
- name: Terraform Apply
run: terraform apply -auto-approve gha-infrastructure-tests-${{ github.run_id }}-${{ github.run_number }}.plan
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: "tf-code"
path: ${{ github.workspace }}
terraform-destroy:
runs-on: ubuntu-latest
container:
image: docker.mirror.hashicorp.services/hashicorp/terraform:light
needs:
- terraform-apply
steps:
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: "tf-code"
path: ${{ github.workspace }}
# Either upload or download-artifact does not preserve the exec bit on
# binaries, so fix that here
- name: fix-perms
run: |-
# e.g. .terraform/providers/registry.terraform.io/hashicorp/null/3.2.1/linux_amd64/terraform-provider-null_v3.2.1_x5
chmod +x .terraform/providers/*/*/*/*/*/terraform-provider-*
- name: Terraform Destroy
run: terraform destroy -auto-approve