1
1
name : ' Terraform-GCS'
2
2
3
3
on :
4
- workflow_call :
5
- secrets :
6
- GCP_SA_KEY :
4
+ workflow_dispatch :
5
+ inputs :
6
+ terraform_directory :
7
+ description : ' Path to Terraform directory (e.g., gcp/terraform)'
7
8
required : true
9
+ type : string
10
+ default : ' gcp/terraform'
11
+ state_prefix :
12
+ description : ' Prefix for Terraform state (e.g., iam)'
13
+ required : true
14
+ type : string
15
+ default : ' iam'
16
+
17
+ env :
18
+ TF_VAR_TFC_GCP_PROVIDER_AUTH : ${{ secrets.TFC_GCP_PROVIDER_AUTH }}
19
+ TF_VAR_TFC_GCP_RUN_SERVICE_ACCOUNT_EMAIL : ${{ secrets.TFC_GCP_RUN_SERVICE_ACCOUNT_EMAIL }}
20
+ TF_VAR_TFC_GCP_WORKLOAD_PROVIDER_NAME : ${{ secrets.TFC_GCP_WORKLOAD_PROVIDER_NAME }}
21
+
8
22
permissions :
9
23
contents : read
10
24
id-token : write
20
34
shell : bash
21
35
22
36
steps :
37
+ - name : Checkout repository
38
+ uses : actions/checkout@v4
39
+
23
40
- name : Authenticate to Google Cloud
24
41
id : auth
25
42
uses : google-github-actions/auth@v1
@@ -43,33 +60,25 @@ jobs:
43
60
44
61
- name : Clear Terraform cache
45
62
run : |
46
- # Remove all cached Terraform files
47
63
rm -rf ~/.terraform.d/
48
64
rm -rf ~/.terraformrc
49
65
rm -rf .terraform/
50
66
rm -f .terraform.lock.hcl
51
- working-directory : gcp/terraform
67
+ working-directory : ${{ inputs.terraform_directory }}
52
68
53
69
- name : Terraform Init
54
- working-directory : gcp/terraform
70
+ working-directory : ${{ inputs.terraform_directory }}
55
71
run : |
56
72
terraform init \
57
73
-backend-config="bucket=common-tools-terraform-state" \
58
- -backend-config="prefix=iam " \
74
+ -backend-config="prefix=${{ inputs.state_prefix }} " \
59
75
-reconfigure \
60
76
-input=false
61
- env :
62
- OP_CONNECT_TOKEN : ${{ secrets.OP_CONNECT_TOKEN }}
63
- OP_CONNECT_HOST : ${{ secrets.OP_CONNECT_HOST }}
77
+
64
78
- name : Terraform Plan
65
- working-directory : gcp/terraform
79
+ working-directory : ${{ inputs.terraform_directory }}
66
80
run : terraform plan -input=false
67
- env :
68
- OP_CONNECT_TOKEN : ${{ secrets.OP_CONNECT_TOKEN }}
69
- OP_CONNECT_HOST : ${{ secrets.OP_CONNECT_HOST }}
81
+
70
82
- name : Terraform Apply
71
- working-directory : gcp/terraform
83
+ working-directory : ${{ inputs.terraform_directory }}
72
84
run : terraform apply -auto-approve -input=false
73
- env :
74
- OP_CONNECT_TOKEN : ${{ secrets.OP_CONNECT_TOKEN }}
75
- OP_CONNECT_HOST : ${{ secrets.OP_CONNECT_HOST }}
0 commit comments