This is the Terraform CDK GitHub Action, it allows you to run Terraform CDK as part of your CI/CD workflow.
These are the configuration options for the action:
Name | Type | Description | Default |
---|---|---|---|
cdktfVersion | string | The version of cdktf CLI to use | 0.12.2 |
terraformVersion | string | The version of terraform to use | 1.3.0 |
workingDirectory | string | The directory to use for the project | ./ |
stackName | string | The stack to run / plan, only required when the mode is plan 'plan-only' or 'plan-and-apply' | |
mode | "synth-only" | "plan-only" | "auto-approve-apply" | "auto-approve-destroy" | What action to take: 'synth-only' runs only the synthesis, 'plan-only' only runs a plan, 'auto-approve-apply' runs a plan and then performs an apply, 'auto-approve-destroy' runs a plan and then performs a destroy" | |
terraformCloudToken | string | The terraform cloud / terraform enterprise token to use | |
githubToken | string | The github token to use | |
commentOnPr | boolean | Whether to comment the plan / the status on the PR | true |
The examples assume you have your provider credentials in Terraform Cloud and you are using remote execution to access the provider credentials or you are passing the provider credentials as environment variables through the env
key on the action. Please don't use this action with the default local
backend as the state might get lost and locking might not work.
name: "Comment a Plan on a PR"
on: [pull_request]
permissions:
contents: read
pull-requests: write
jobs:
terraform:
name: "Terraform CDK Diff"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: "16"
- name: Install dependencies
run: yarn install
- name: Generate module and provider bindings
run: npx cdktf-cli get
# Remove this step if you don't have any
- name: Run unit tests
run: yarn test
- name: Run Terraform CDK
uses: hashicorp/terraform-cdk-action@v0.1.0
with:
terraformVersion: 1.3.0
cdktfVersion: 0.12.2
stackName: my-stack
mode: plan-only
terraformCloudToken: ${{ secrets.TF_API_TOKEN }}
githubToken: ${{ secrets.GITHUB_TOKEN }}
name: "Apply Stack after PR is Merged"
on:
push:
branches:
- main
permissions:
contents: read
pull-requests: write
issues: read
jobs:
terraform:
name: "Terraform CDK Deploy"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: "16"
- name: Install dependencies
run: yarn install
- name: Generate module and provider bindings
run: npx cdktf-cli get
# Remove this step if you don't have any
- name: Run unit tests
run: yarn test
- name: Run Terraform CDK
uses: hashicorp/terraform-cdk-action@v0.1.0
with:
terraformVersion: 1.3.0
cdktfVersion: 0.11.2
stackName: my-stack
mode: auto-approve-apply
terraformCloudToken: ${{ secrets.TF_API_TOKEN }}
githubToken: ${{ secrets.GITHUB_TOKEN }}
name: "Synth the CDKTF Application on PRs"
on: [pull_request]
permissions:
contents: read
pull-requests: write
jobs:
terraform:
name: "Terraform CDK Synth"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: "16"
- name: Install dependencies
run: yarn install
- name: Generate module and provider bindings
run: npx cdktf-cli get
# Remove this step if you don't have any
- name: Run unit tests
run: yarn test
- name: Test the synth
uses: hashicorp/terraform-cdk-action@v0.1.0
with:
terraformVersion: 1.3.0
cdktfVersion: 0.12.2
stackName: my-stack
mode: synth-only