Remove host override for grafana #20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Apply Terraform | |
| on: | |
| push: | |
| branches: | |
| - master | |
| env: | |
| opentofu_version: "1.6.0-alpha3" | |
| jobs: | |
| plan: | |
| name: Plan | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - uses: azure/[email protected] | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| allow-no-subscriptions: true | |
| - name: Download OpenTofu | |
| run: | | |
| curl -LO https://github.com/opentofu/opentofu/releases/download/v${{ env.opentofu_version }}/tofu_${{ env.opentofu_version }}_linux_amd64.zip | |
| unzip tofu_${{ env.opentofu_version }}_linux_amd64.zip -d tofu | |
| sudo mv tofu/tofu /usr/local/bin/tofu | |
| - name: Unlock encrypted files | |
| run: | | |
| export SECRET_PASS="${{ secrets.SECRET_PASS }}" | |
| make unlock | |
| - name: Terraform init | |
| run: | | |
| tofu init --backend-config secrets/backend.hcl | |
| - name: Terraform Plan | |
| run: | | |
| tofu plan -out plan-${{ github.sha }} | |
| - name: Upload plan | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: plan | |
| path: "plan-${{ github.sha }}" | |
| apply: | |
| name: Apply | |
| runs-on: ubuntu-latest | |
| needs: plan | |
| environment: prod | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Download OpenTofu | |
| run: | | |
| curl -LO https://github.com/opentofu/opentofu/releases/download/v${{ env.opentofu_version }}/tofu_${{ env.opentofu_version }}_linux_amd64.zip | |
| unzip tofu_${{ env.opentofu_version }}_linux_amd64.zip -d tofu | |
| sudo mv tofu/tofu /usr/local/bin/tofu | |
| - name: Download plan | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: plan | |
| - uses: azure/[email protected] | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| allow-no-subscriptions: true | |
| - name: Unlock encrypted files | |
| run: | | |
| export SECRET_PASS="${{ secrets.SECRET_PASS }}" | |
| make unlock | |
| - name: Terraform init | |
| run: | | |
| tofu init --backend-config secrets/backend.hcl | |
| - name: Apply | |
| run: | | |
| tofu apply plan-${{ github.sha }} |