action.yml

name: 'MskConnectorAction'
description: 'Create msk connector'
inputs:
  aws-role:
    description: 'Aws role to apply changes'
    required: true
  aws-region:
    description: 'Aws region (eu-central-1, ap-northeast-1)'
    required: true
  terraform-version:
    description: 'Terraform version to install.'
    default: '1.9.7'
  terragrunt-version:
    description: 'Terragrunt version to install.'
    default: '0.68.1'
  terraform-data-one-repo:
    description: 'terraform data one repository'
    default: 'FinalCAD/terraform-data-one'
  terraform-data-one-ref:
    descrition: 'Ref to use for pulling repo terraform-data-one'
    default: 'master'
  github-token:
    description: 'Github token to pull package to avoid limit rate'
    default: ''
  github-ssh:
    description: 'Github ssh key to pull terragrunt from github api'
    required: true
  environment:
    description: 'Finalcad envrionment: production, staging, sandbox'
    required: true
  region-friendly:
    description: 'Finalcad region: frankfurt or tokyo'
    required: true
  config-file-prefix:
    description: 'Sub path for config file'
    default: 'configuration'
  pr-number:
    description: 'Pull rerquest number, empty for push'
    default: ''
runs:
  using: 'composite'
  steps:
    - uses: actions/checkout@v3
      with:
        path: 'data'
    - uses: actions/checkout@v3
      with:
        ssh-key: ${{ inputs.github-ssh }}
        repository: ${{ inputs.terraform-data-one-repo }}
        ref: ${{ inputs.terraform-data-one-ref }}
        path: 'terragrunt'
    # Setup ssh key
    - name: Add ssh key
      shell: bash
      run: |
          mkdir -p ~/.ssh
          echo "${{ inputs.github-ssh }}" > ~/.ssh/id_rsa
          ssh-keyscan github.com >> ~/.ssh/known_hosts
          chmod 600 ~/.ssh/id_rsa ~/.ssh/known_hosts
          eval $(ssh-agent)
          ssh-add ~/.ssh/id_rsa
    # Setup terraform
    - name: Setup Terraform
      uses: hashicorp/setup-terraform@v3
      with:
        terraform_version: ${{ inputs.terraform-version }}
        terraform_wrapper: false
    # Setup terragrunt
    - name: Terragrunt Binary Installer Action
      uses: autero1/action-terragrunt@v3
      if: inputs.terragrunt-version != 'disabled'
      with:
        terragrunt-version: ${{ inputs.terragrunt-version }}
        token: ${{ inputs.github-token }}
    # Copy glue configuration file
    - name: Glues files copy
      shell: bash
      run: |
        set -e
        cp ./data/${{ inputs.config-file-prefix }}/${{ inputs.environment }}/msk-connetors.yaml ./terragrunt/msk-connetors.yaml
    # Configure aws credentials
    - name: Configure AWS credentials for security
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-region: ${{ inputs.aws-region }}
        role-to-assume: ${{ inputs.aws-role }}
        role-session-name: OIDCSession
    # Setup go
    - name: Setup go
      uses: actions/setup-go@v4
      with:
        token: ${{ inputs.github-token }}
        go-version: 1.18
    # Setup yq & cue
    - name: Setup cue
      shell: bash
      run: |
        go install cuelang.org/go/cmd/cue@v0.4.3
    # Cue vetting
    - name: Cue vetting
      shell: bash
      run: |
        set -e
        cue vet ./terragrunt/msk-connetors.cue ./terragrunt/msk-connetors.yaml
    #Plan terragrunt
    - name: Terragrunt plan
      if: inputs.pr-number != ''
      id: plan
      shell: bash
      run: |
        cd ./terragrunt/${{ inputs.environment }}/${{ inputs.region-friendly }}/msk_connector
        terraform init
        terragrunt plan -out plan
        terragrunt show plan -no-color > ${{ github.workspace }}/plan.txt
      continue-on-error: true
    # Comment on pr
    - uses: actions/github-script@v6
      if: inputs.pr-number != ''
      env:
        PLAN: ${{ steps.plan.outputs.show }}
      with:
        script: |
          const fs = require('fs')
          const data = fs.readFileSync('${{ github.workspace }}/plan.txt')
          const output = `#### Terraform Plan : \`${{ steps.plan.outcome }}\`
          <details><summary>Show Plan</summary>\n
          \`\`\`terraform\n
          ${data}
          \`\`\`\n
          </details>
          *Pushed by: @${{ github.actor }}`;
          github.rest.issues.createComment({
            issue_number: ${{ inputs.pr-number }},
            owner: context.repo.owner,
            repo: context.repo.repo,
            body: output
          })
    #Apply terragrunt
    - name: Terragrunt apply
      if: inputs.pr-number == ''
      shell: bash
      run: |
        cd ./terragrunt/${{ inputs.environment }}/${{ inputs.region-friendly }}/msk_connector
        terragrunt apply -auto-approve