54 lines
1.3 KiB
YAML
54 lines
1.3 KiB
YAML
name: Build Infra (Opentofu)
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
|
|
jobs:
|
|
opentofu:
|
|
name: Opentofu Build
|
|
runs-on: self-hosted
|
|
container:
|
|
image: node:20-bullseye
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v5
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Generate Dynamic Vars (Secrets)
|
|
run: |
|
|
cat <<EOF > terraform.auto.tfvars
|
|
ci_user = "${{ secrets.CI_USER }}"
|
|
ci_password = "${{ secrets.CI_PASSWORD }}"
|
|
proxmox_api_url = "${{ secrets.PVE_API_URL }}"
|
|
proxmox_api_token_id = "${{ secrets.PVE_API_TOKEN_ID }}"
|
|
proxmox_api_token_secret = "${{ secrets.PVE_API_TOKEN_SECRET }}"
|
|
ssh_key = "${{ secrets.SSH_PRIVATE_KEY }}"
|
|
passphrase = "${{ secrets.SSH_PASSPHRASE }}"
|
|
PG_CONN_STR = ${{ secrets.PG_CONN_STR }}
|
|
EOF
|
|
|
|
- name: Setup Opentofu
|
|
uses: opentofu/setup-opentofu@v1
|
|
|
|
- name: Opentofu Init
|
|
run: tofu init
|
|
|
|
- name: Opentofu Format Check
|
|
run: tofu fmt -check -recursive
|
|
|
|
- name: Opentofu Validate
|
|
run: tofu validate
|
|
|
|
- name: Opentofu Plan
|
|
id: plan
|
|
run: |
|
|
tofu plan -out=tfplan -detailed-exitcode
|
|
|
|
- name: Opentofu Apply
|
|
if: success()
|
|
run: tofu apply -auto-approve tfplan
|