GitHub IaC #12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GitHub IaC | |
| # yamllint disable-line rule:truthy | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| apply: | |
| description: Should the plan also be applied? | |
| type: boolean | |
| required: true | |
| default: false | |
| repository_dispatch: | |
| types: | |
| - addons-update | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - github-iac | |
| jobs: | |
| plan: | |
| name: π Plan IaC changes | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: β©οΈ Checkout | |
| uses: actions/checkout@v4 | |
| - name: ποΈ Setup terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: "1.9.6" | |
| cli_config_credentials_token: ${{ secrets.TERRAFORM_CLOUD_TOKEN }} | |
| - name: β€΅οΈ Download latest addons.yml file from stable repository | |
| uses: enflo/curl-action@v1 | |
| with: | |
| curl: -o addons.yml https://raw.githubusercontent.com/Poeschl-HomeAssistant-Addons/repository/refs/heads/main/.addons.yml | |
| - name: π View addons config | |
| run: cat addons.yml | |
| - name: ποΈ Terraform init | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.IAC_TOKEN }} | |
| run: cd github-iac && terraform init | |
| - name: π Terraform plan | |
| id: plan | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.IAC_TOKEN }} | |
| run: cd github-iac && terraform plan -out plan.out | |
| - name: β€΄οΈ Upload plan | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: github-iac-artifact | |
| path: github-iac/plan.out | |
| apply: | |
| name: π Apply IaC changes | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'workflow_dispatch' && github.event.inputs.apply == 'true' | |
| needs: | |
| - plan | |
| steps: | |
| - name: β©οΈ Checkout | |
| uses: actions/checkout@v4 | |
| - name: ποΈ Setup terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: "1.9.6" | |
| cli_config_credentials_token: ${{ secrets.TERRAFORM_CLOUD_TOKEN }} | |
| - name: β€΅οΈ Get plan artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: github-iac-artifact | |
| path: github-iac | |
| - name: β€΅οΈ Download latest addons.yml file from stable repository | |
| uses: enflo/curl-action@v1 | |
| with: | |
| curl: -o addons.yml https://raw.githubusercontent.com/Poeschl-HomeAssistant-Addons/repository/refs/heads/main/.addons.yml | |
| - name: ποΈ Terraform init | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.IAC_TOKEN }} | |
| run: cd github-iac && terraform init | |
| - name: π Apply plan | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.IAC_TOKEN }} | |
| run: cd github-iac && terraform apply -auto-approve plan.out |