Terraform Composite GitHub Actions
Contains composite GitHub actions used within Terraform AWS Module projects.
Actions
Commit
The clowdhaus/terraform-composite-actions/commit
action will commit any changes back to your git-branch
. When used in conjunction with clowdhaus/terraform-composite-actions/pre-commit
, this action will ensure that pull-requests are well formatted and the automatically generated documentation is updated.
GitHub Token Permissions
A GitHub personal access token is required in order for the action to be able to successfully commit and push any changes back to the specified branch.
:warning: Access Tokens & Pull-Requests from Forked Reposiories :warning:
When using this action from a forked copy, it will only succeed if either of two conditions are met:
- The user who has forked the project must create a GitHub personal access token with the defined permissions and store it in their forked repository under the same name as the upstream secret (defined in the workflow file)
- The entity that presides over the source repository extends access to the secret (you should be mindful of what this means - extending secret access to forked repositories means those forks could potentially retrieve those secret values) via https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/
jobs:
commit:
name: Commit changes
runs-on: ubuntu-latest
steps:
- name: Commit changes
uses: clowdhaus/terraform-composite-actions/commit@main
with:
git-branch: ${{ github.event.pull_request.head.ref }}
github-repository: ${{github.event.pull_request.head.repo.full_name}}
github-token: ${{ secrets.YOUR_GITHUB_PAT }}
Directories
The clowdhaus/terraform-composite-actions/directories
action will return a list of directories that contain a versions.tf
, where the presence of a versions.tf
file is loosely representative of a Terraform project root directory. This is useful for running a set of commands in each Terraform root directory under a given project.
jobs:
directories:
name: Get Terraform directories
runs-on: ubuntu-latest
steps:
- name: Sign AWS Lambda artifact
uses: clowdhaus/terraform-composite-actions/directories@main
id: search
- name: Outputs
run: echo "${{ steps.search.outputs.directories }}"
Pre-Commit
The clowdhaus/terraform-composite-actions/pre-commit
action will install the following tools which are intended to support the pre-commit hooks used within Terraform modules:
- terraform using provided
terraform-version
input - pre-commit
- tflint
- terraform-docs using provided
terraform-docs-version
input
jobs:
pre-commit:
name: Pre-commit hooks execute
runs-on: ubuntu-latest
steps:
- name: Sign AWS Lambda artifact
uses: clowdhaus/terraform-composite-actions/pre-commit@main
with:
terraform-version: 1.2.0
terraform-docs-version: v16.0.0
install-hcledit: true
hcledit-version: 0.2.3
args: "--all-files --color always --show-diff-on-failure"
License
Apache-2.0 Licensed. See LICENSE.