Skip to content
This repository has been archived by the owner on May 6, 2020. It is now read-only.

Commit

Permalink
Merge pull request #22 from hashicorp/apply
Browse files Browse the repository at this point in the history 
Implement apply action
  • Loading branch information
@lkysow
lkysow committed May 27, 2019
2 parents b0bfe34 + 92dc8b7 commit 9abe306
Show file tree
Hide file tree
Showing 10 changed files with 161 additions and 3 deletions.
7 changes: 5 additions & 2 deletions README.md
View file
@@ -1,6 +1,5 @@
# Terraform GitHub Actions
These official Terraform GitHub Actions allow you to run `terraform fmt`, `validate`
and `plan` on your pull requests to help you review and validate Terraform changes.
These official Terraform GitHub Actions allow you to run `terraform fmt`, `validate`, `plan` and `apply` on your pull requests to help you review, validate and apply Terraform changes.

## Getting Started
To get started, check out our documentation: [https://www.terraform.io/docs/github-actions/getting-started/](https://www.terraform.io/docs/github-actions/getting-started/).
Expand All @@ -18,3 +17,7 @@ Runs `terraform validate` and comments back on error.
### Plan Action
Runs `terraform plan` and comments back with the output.
<img src="./assets/plan.png" alt="Terraform Plan Action" width="80%" />

### Apply Action
Runs `terraform apply` and comments back with the output.
<img src="./assets/apply.png" alt="Terraform Apply Action" width="80%" />
15 changes: 15 additions & 0 deletions apply/Dockerfile
View file
@@ -0,0 +1,15 @@
FROM hashicorp/terraform:0.12.0

LABEL "com.github.actions.name"="terraform apply"
LABEL "com.github.actions.description"="Run Terraform Apply"
LABEL "com.github.actions.icon"="play-circle"
LABEL "com.github.actions.color"="purple"

LABEL "repository"="https://github.com/hashicorp/terraform-github-actions"
LABEL "homepage"="http://github.com/hashicorp/terraform-github-actions"
LABEL "maintainer"="HashiCorp Terraform Team <terraform@hashicorp.com>"

RUN apk --no-cache add jq curl

COPY entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
4 changes: 4 additions & 0 deletions apply/README.md
View file
@@ -0,0 +1,4 @@
# Terraform Apply Action
Runs `terraform apply` and comments back on the pull request with the apply output.

See [https://www.terraform.io/docs/github-actions/actions/apply.html](https://www.terraform.io/docs/github-actions/actions/apply.html).
76 changes: 76 additions & 0 deletions apply/entrypoint.sh
View file
@@ -0,0 +1,76 @@
#!/bin/sh

# wrap takes some output and wraps it in a collapsible markdown section if
# it's over $TF_ACTION_WRAP_LINES long.
wrap() {
if [[ $(echo "$1" | wc -l) -gt ${TF_ACTION_WRAP_LINES:-20} ]]; then
echo "
<details><summary>Show Output</summary>
\`\`\`
$1
\`\`\`
</details>
"
else
echo "
\`\`\`
$1
\`\`\`
"
fi
}

set -e

cd "${TF_ACTION_WORKING_DIR:-.}"

if [[ ! -z "$TF_ACTION_TFE_TOKEN" ]]; then
cat > ~/.terraformrc << EOF
credentials "${TF_ACTION_TFE_HOSTNAME:-app.terraform.io}" {
token = "$TF_ACTION_TFE_TOKEN"
}
EOF
fi

if [[ ! -z "$TF_ACTION_WORKSPACE" ]] && [[ "$TF_ACTION_WORKSPACE" != "default" ]]; then
terraform workspace select "$TF_ACTION_WORKSPACE"
fi

set +e
OUTPUT=$(sh -c "TF_IN_AUTOMATION=true terraform apply -no-color -auto-approve -input=false $*" 2>&1)
SUCCESS=$?
echo "$OUTPUT"
set -e

# If PR_DATA is null, then this is not a pull request event and so there's
# no where to comment.
PR_DATA=$(cat /github/workflow/event.json | jq -r .pull_request)
if [ "$TF_ACTION_COMMENT" = "1" ] || [ "$TF_ACTION_COMMENT" = "false" ] || [ "$PR_DATA" = "null" ]; then
exit $SUCCESS
fi

# Build the comment we'll post to the PR.
COMMENT=""
if [ $SUCCESS -ne 0 ]; then
OUTPUT=$(wrap "$OUTPUT")
COMMENT="#### \`terraform apply\` Failed
$OUTPUT
*Workflow: \`$GITHUB_WORKFLOW\`, Action: \`$GITHUB_ACTION\`*"
else
# Call wrap to optionally wrap our output in a collapsible markdown section.
OUTPUT=$(wrap "$OUTPUT")
COMMENT="#### \`terraform apply\` Success
$OUTPUT
*Workflow: \`$GITHUB_WORKFLOW\`, Action: \`$GITHUB_ACTION\`*"
fi

# Post the comment.
PAYLOAD=$(echo '{}' | jq --arg body "$COMMENT" '.body = $body')
COMMENTS_URL=$(cat /github/workflow/event.json | jq -r .pull_request.comments_url)
curl -s -S -H "Authorization: token $GITHUB_TOKEN" --header "Content-Type: application/json" --data "$PAYLOAD" "$COMMENTS_URL" > /dev/null

exit $SUCCESS
Binary file added assets/apply.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
15 changes: 15 additions & 0 deletions base-branch-filter/Dockerfile
View file
@@ -0,0 +1,15 @@
FROM alpine:latest

LABEL "com.github.actions.name"="base branch filter"
LABEL "com.github.actions.description"="Filters pull request events based on their base branch."
LABEL "com.github.actions.icon"="filter"
LABEL "com.github.actions.color"="purple"

LABEL "repository"="https://github.com/hashicorp/terraform-github-actions"
LABEL "homepage"="http://github.com/hashicorp/terraform-github-actions"
LABEL "maintainer"="HashiCorp Terraform Team <terraform@hashicorp.com>"

RUN apk --no-cache add jq

COPY entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
32 changes: 32 additions & 0 deletions base-branch-filter/README.md
View file
@@ -0,0 +1,32 @@
# Base Branch Filter
Filters pull request events depending on the base branch
The base branch is the branch that the pull request will be merged into.

To use, set `args` to a regular expression that
will be matched against the destination branch.

Note: This action only works on pull request events.

## Example
Filter on pull requests that have been merged into `master`:
```hcl
workflow "example" {
resolves = "base-branch-filter"
# Must be used on pull_request events.
on = "pull_request"
}
# First we use another filter to filter to only merged events.
action "merged-prs-filter" {
uses = "actions/bin/filter@master"
args = "merged true"
}
# Then we use this filter to ensure the branch matches "master".
action "base-branch-filter" {
uses = "hashicorp/terraform-github-actions/base-branc-filter@master"
# We set args to our regex.
args = "^master$"
needs = "merged-prs-filter"
}
```
11 changes: 11 additions & 0 deletions base-branch-filter/entrypoint.sh
View file
@@ -0,0 +1,11 @@
#!/bin/sh

set -e

regex="$*"
base_branch=$(jq -r .pull_request.base.ref "$GITHUB_EVENT_PATH")

if "$actual" | grep -q "$regex"; then
echo "base branch \"$base_branch\" does not match \"$regex\""
exit 78
fi
2 changes: 1 addition & 1 deletion init/Dockerfile
View file
Expand Up @@ -2,7 +2,7 @@ FROM hashicorp/terraform:0.12.0

LABEL "com.github.actions.name"="terraform init"
LABEL "com.github.actions.description"="Run terraform init"
LABEL "com.github.actions.icon"="play-circle"
LABEL "com.github.actions.icon"="download"
LABEL "com.github.actions.color"="purple"

LABEL "repository"="https://github.com/hashicorp/terraform-github-actions"
Expand Down
2 changes: 2 additions & 0 deletions plan/entrypoint.sh
View file
Expand Up @@ -54,6 +54,7 @@ if [ $SUCCESS -ne 0 ]; then
OUTPUT=$(wrap "$OUTPUT")
COMMENT="#### \`terraform plan\` Failed
$OUTPUT
*Workflow: \`$GITHUB_WORKFLOW\`, Action: \`$GITHUB_ACTION\`*"
else
# Remove "Refreshing state..." lines by only keeping output after the
Expand All @@ -72,6 +73,7 @@ else

COMMENT="#### \`terraform plan\` Success
$OUTPUT
*Workflow: \`$GITHUB_WORKFLOW\`, Action: \`$GITHUB_ACTION\`*"
fi

Expand Down

0 comments on commit 9abe306

Please sign in to comment.