RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
pez-infra/.github/workflows/validate-terraform.yml

47 lines
1.3 KiB
YAML
Raw Blame History

name: Validate Terraform
on:
pull_request:
jobs:
tofu-validate:
name: tofu validate
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Install OpenTofu
uses: opentofu/setup-opentofu@v2
with:
tofu_version: latest
- name: Install SOPS
run: |
wget -qO /tmp/sops.deb https://github.com/getsops/sops/releases/download/v3.9.4/sops_3.9.4_amd64.deb
sudo dpkg -i /tmp/sops.deb
- name: Decrypt secrets
env:
SOPS_AGE_KEY: ${{ secrets.AGE_SECRET_KEY }}
run: |
find . -name '*.enc.yml' -o -name '*.enc.yaml' | while read f; do
out="${f/.enc/}"
sops -d "$f" > "$out"
echo "Decrypted: $f -> $out"
done
- name: Find and validate Terraform roots
run: |
found=0
for dir in $(find terraform/ -name '*.tf' -printf '%h\n' | sort -u); do
echo "::group::Validating $dir"
cd "$dir"
tofu init -backend=false
tofu validate
cd "$GITHUB_WORKSPACE"
echo "::endgroup::"
found=1
done
if [ "$found" -eq 0 ]; then
echo "No .tf files found — skipping validation."
fi
Reference in a new issue View git blame Copy permalink