From cba0f1cfd45b6a370c681862fb8b2adae0953059 Mon Sep 17 00:00:00 2001
From: Ben Russell Martin <ben@brmartin.co.uk>
Date: Tue, 4 Jun 2024 00:00:20 +0100
Subject: [PATCH] Integrate with actions (#1)

Co-authored-by: Ben Martin <ben.martin@sky.uk>
Reviewed-on: https://git.brmartin.co.uk/ben/cluster-state/pulls/1
---
 .gitea/workflows/deploy.yaml                  | 30 ++++---
 .gitea/workflows/plan.yaml                    | 89 +++++++++++++++++++
 ....terraform.lock.hcl => .terraform.lock.hcl |  0
 main.tf                                       |  3 +
 prod/main.tf                                  |  3 -
 prod/provider.tf => provider.tf               |  2 +-
 6 files changed, 109 insertions(+), 18 deletions(-)
 create mode 100644 .gitea/workflows/plan.yaml
 rename prod/.terraform.lock.hcl => .terraform.lock.hcl (100%)
 create mode 100644 main.tf
 delete mode 100644 prod/main.tf
 rename prod/provider.tf => provider.tf (80%)

diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
index 6ce677d..f2dae5e 100644
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -1,21 +1,23 @@
-name: Deploy
+name: Terraform Deploy
+
 on:
-  push:
+  workflow_run:
+    workflows: ["Terraform Plan"]
+    types:
+      - completed
     branches:
       - main
 
+env:
+  TF_IN_AUTOMATION: true
+  TF_CLI_ARGS: "-no-color"
+
 jobs:
-  deploy:
+  plan:
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: Terraform Init
-        run: |
-          terraform init -input=false
-      - name: Terraform Plan
-        run: |
-          terraform plan -out=tfplan -input=false
-      - name: Terraform Apply
-        run: |
-          terraform apply -input=false tfplan
+      - uses: actions/checkout@v4
+      - uses: hashicorp/setup-terraform@v3
+      - name: Terraform apply
+        id: apply
+        run: terraform apply -auto-approve tfplan
diff --git a/.gitea/workflows/plan.yaml b/.gitea/workflows/plan.yaml
new file mode 100644
index 0000000..03c7058
--- /dev/null
+++ b/.gitea/workflows/plan.yaml
@@ -0,0 +1,89 @@
+name: Terraform Plan
+
+on:
+  pull_request:
+    branches:
+      - main
+  push:
+    branches:
+      - main
+
+permissions:
+  pull-requests: write
+
+env:
+  TF_IN_AUTOMATION: true
+  TF_CLI_ARGS: "-no-color"
+
+jobs:
+  plan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: hashicorp/setup-terraform@v3
+      - name: Terraform fmt
+        id: fmt
+        run: terraform fmt -check
+        continue-on-error: true
+      - name: Terraform Init
+        id: init
+        run: terraform init -input=false
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate
+      - name: Terraform Plan
+        id: plan
+        run: terraform plan -out=tfplan
+        continue-on-error: true
+      - uses: actions/github-script@v7
+        if: github.event_name == 'pull_request'
+        env:
+          PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const { data: comments } = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            })
+            const botComment = comments.find(comment => {
+              return comment.user.type === 'Bot' && comment.body.includes('Terraform Format and Style')
+            })
+            const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+            #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
+            #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
+            <details><summary>Validation Output</summary>
+
+            \`\`\`\n
+            ${{ steps.validate.outputs.stdout }}
+            \`\`\`
+
+            </details>
+
+            #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
+
+            <details><summary>Show Plan</summary>
+
+            \`\`\`\n
+            ${process.env.PLAN}
+            \`\`\`
+
+            </details>
+
+            *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`;
+            if (botComment) {
+              github.rest.issues.updateComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: botComment.id,
+                body: output
+              })
+            } else {
+              github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: output
+              })
+            }
diff --git a/prod/.terraform.lock.hcl b/.terraform.lock.hcl
similarity index 100%
rename from prod/.terraform.lock.hcl
rename to .terraform.lock.hcl
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..0293b48
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,3 @@
+module "dummy" {
+  source = "./modules/dummy"
+}
diff --git a/prod/main.tf b/prod/main.tf
deleted file mode 100644
index 73f8f9b..0000000
--- a/prod/main.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-module "dummy" {
-  source = "../modules/dummy"
-}
diff --git a/prod/provider.tf b/provider.tf
similarity index 80%
rename from prod/provider.tf
rename to provider.tf
index e21e5ba..80f6028 100644
--- a/prod/provider.tf
+++ b/provider.tf
@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     nomad = {
-      source = "hashicorp/nomad"
+      source  = "hashicorp/nomad"
       version = "2.2.0"
     }
   }