📑 Terraform Plan Apply - dvsa/des-workflow-actions GitHub Wiki

Description

This reusable workflow is called from the 🚀 Terraform Deploy workflow to enable reuse of identical actions. The workflow uses inputs and conditionals to perform different actions depending on the environment and required action. It sets the GitHub environment only when the action is 'apply' or 'destroy' to force protection rules. It also generates tfvars only when the environment is UAT or DEV - the first UAT deployment will collate the release tag service manifests, create the tfvars file, and upload to S3, while a DEV run will collate the latest function versions. The job runs on an EC2 instance, which will have been set up using this action.

Workflow Triggers

On Workflow Call

This workflow is called from the 🚀 Terraform Deploy, which is called from the des-terraform repository.

Environment Variables

Name	Description
TF_VERSION	The version of Terraform to configure
FILE_NAME	The name of the file containing the output of a Terraform plan for a component

Inputs

Name	Description	Options
runner	The EC2 GHA runner that has been spun up for deployment	N/A
branch	The Terraform branch to deploy	N/A
aws-account	The AWS account to deploy into	N/A
tf-environment	The Terraform environment to deploy	N/A
tf-component	The Terraform component to deploy	N/A
release-tag	The version of the microservices to be deployed	N/A
tf-args	Additional Terraform arguments	N/A
tf-action	The Terraform action to take	plan \| apply \| destroy
artefact-name-prefix	The prefix to add to the Terraform plan artefact to avoid duplications when a DRS early run takes place	N/A

Artefacts

A plan is uploaded for each component to the summary.

Notes

artefact-name-prefix is required to avoid GitHub Actions errors relating to uploading identical artefacts to GitHub summary when drs-early-run is set to true.
release-tag input is required for UAT, PREP, and LIVE - dev environments collate the latest function versions.
Assumes a nonprod or prod role based on the aws-account input