Improve parsing of tf files #455
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test actions using target and replace | |
| on: | |
| - pull_request | |
| permissions: | |
| contents: read | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| jobs: | |
| plan_targeting: | |
| runs-on: ubuntu-24.04 | |
| name: Plan targeting | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Plan with no changes in targets | |
| uses: ./terraform-plan | |
| id: plan | |
| with: | |
| label: test-target-replace plan_targeting | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.notpresent | |
| variables: | | |
| length = 5 | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "false" ]]; then | |
| echo "::error:: Should not be any changes with this targeted plan" | |
| exit 1 | |
| fi | |
| - name: Plan targeted change | |
| uses: ./terraform-plan | |
| id: plan-first-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.count[0] | |
| variables: | | |
| length = 5 | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-first-change.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Targeted plan should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply targeted change | |
| uses: ./terraform-apply | |
| id: apply-first-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.count[0] | |
| variables: | | |
| length = 5 | |
| - name: Verify outputs | |
| env: | |
| COUNT: ${{ steps.apply-first-change.outputs.count }} | |
| run: | | |
| if [[ "$COUNT" == "" ]]; then | |
| echo "::error:: output count not set correctly" | |
| exit 1 | |
| fi | |
| - name: Plan targeted change | |
| uses: ./terraform-plan | |
| id: plan-second-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| variables: | | |
| length = 6 | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-second-change.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Targeted plan should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply targeted change | |
| uses: ./terraform-apply | |
| id: apply-second-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| variables: | | |
| length = 6 | |
| - name: Verify outputs | |
| env: | |
| FIRST_COUNT: ${{ steps.apply-first-change.outputs.count }} | |
| SECOND_COUNT: ${{ steps.apply-second-change.outputs.count }} | |
| FOREACH: ${{ steps.apply-second-change.outputs.foreach }} | |
| run: | | |
| if [[ "$FOREACH" == "" ]]; then | |
| echo "::error:: output foreach not set correctly" | |
| exit 1 | |
| fi | |
| if [[ "$SECOND_COUNT" != "$FIRST_COUNT" ]]; then | |
| echo "::error:: Targeted change has affected untargeted resources" | |
| exit 1 | |
| fi | |
| - name: Auto Apply targeted change | |
| uses: ./terraform-apply | |
| id: apply-third-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.count[0] | |
| random_string.foreach["hello"] | |
| variables: | | |
| length = 10 | |
| auto_approve: true | |
| - name: Verify outputs | |
| env: | |
| THIRD_COUNT: ${{ steps.apply-third-change.outputs.count }} | |
| SECOND_COUNT: ${{ steps.apply-second-change.outputs.count }} | |
| THIRD_FOREACH: ${{ steps.apply-third-change.outputs.foreach }} | |
| SECOND_FOREACH: ${{ steps.apply-second-change.outputs.foreach }} | |
| run: | | |
| if [[ "$THIRD_COUNT" == "$SECOND_COUNT" ]]; then | |
| echo "::error:: Targeted change has not affected targeted resources" | |
| exit 1 | |
| fi | |
| if [[ "$THIRD_FOREACH" == "$SECOND_FOREACH" ]]; then | |
| echo "::error:: Targeted change has not affected targeted resources" | |
| exit 1 | |
| fi | |
| - name: Plan targeted replacement | |
| uses: ./terraform-plan | |
| id: plan-targeted-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-targeted-replacement.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Targeted replacement should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply targeted replacement | |
| uses: ./terraform-apply | |
| id: apply-targeted-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| - name: Verify outputs | |
| env: | |
| THIRD_COUNT: ${{ steps.apply-third-change.outputs.count }} | |
| TARGETED_COUNT: ${{ steps.apply-targeted-replacement.outputs.count }} | |
| THIRD_FOREACH: ${{ steps.apply-third-change.outputs.foreach }} | |
| TARGETED_FOREACH: ${{ steps.apply-targeted-replacement.outputs.foreach }} | |
| run: | | |
| if [[ "$TARGETED_COUNT" != "$THIRD_COUNT" ]]; then | |
| echo "::error:: Targeted replacement has affected non targeted resources" | |
| exit 1 | |
| fi | |
| if [[ "$TARGETED_FOREACH" == "$THIRD_FOREACH" ]]; then | |
| echo "::error:: Targeted replacement has not affected targeted resources" | |
| exit 1 | |
| fi | |
| - name: Plan replacement | |
| uses: ./terraform-plan | |
| id: plan-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-replacement.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Replacement should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply replacement | |
| uses: ./terraform-apply | |
| id: apply-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| - name: Verify outputs | |
| env: | |
| TARGETED_COUNT: ${{ steps.apply-targeted-replacement.outputs.count }} | |
| REPLACEMENT_COUNT: ${{ steps.apply-replacement.outputs.count }} | |
| TARGETED_FOREACH: ${{ steps.apply-targeted-replacement.outputs.foreach }} | |
| REPLACEMENT_FOREACH: ${{ steps.apply-replacement.outputs.foreach }} | |
| run: | | |
| if [[ "$REPLACEMENT_COUNT" == "$TARGETED_COUNT" ]]; then | |
| echo "::error:: Replacement has not affected targeted resources" | |
| exit 1 | |
| fi | |
| if [[ "$REPLACEMENT_FOREACH" == "$TARGETED_FOREACH" ]]; then | |
| echo "::error:: Replacement has not affected targeted resources" | |
| exit 1 | |
| fi | |
| remote_plan_targeting: | |
| runs-on: ubuntu-24.04 | |
| name: Remote Plan targeting | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Setup remote backend | |
| run: | | |
| cat >tests/workflows/test-target-replace/backend.tf <<EOF | |
| terraform { | |
| backend "remote" { | |
| organization = "flooktech" | |
| workspaces { | |
| prefix = "github-actions-replace-" | |
| } | |
| } | |
| required_version = "~> 1.0.4" | |
| } | |
| EOF | |
| - name: Create test workspace | |
| uses: ./terraform-new-workspace | |
| with: | |
| path: tests/workflows/test-target-replace | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Plan with no changes in targets | |
| uses: ./terraform-plan | |
| id: plan | |
| with: | |
| label: test-target-replace remote_plan_targeting | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.notpresent | |
| variables: | | |
| length = 5 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "false" ]]; then | |
| echo "::error:: Should not be any changes with this targeted plan" | |
| exit 1 | |
| fi | |
| - name: Plan targeted change | |
| uses: ./terraform-plan | |
| id: plan-first-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.count[0] | |
| variables: | | |
| length = 5 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-first-change.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Targeted plan should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply targeted change | |
| uses: ./terraform-apply | |
| id: apply-first-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.count[0] | |
| variables: | | |
| length = 5 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| COUNT: ${{ steps.apply-first-change.outputs.count }} | |
| run: | | |
| if [[ "$COUNT" == "" ]]; then | |
| echo "::error:: output count not set correctly" | |
| exit 1 | |
| fi | |
| - name: Plan targeted change | |
| uses: ./terraform-plan | |
| id: plan-second-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| variables: | | |
| length = 6 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-second-change.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Targeted plan should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply targeted change | |
| uses: ./terraform-apply | |
| id: apply-second-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| variables: | | |
| length = 6 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| FIRST_COUNT: ${{ steps.apply-first-change.outputs.count }} | |
| SECOND_COUNT: ${{ steps.apply-second-change.outputs.count }} | |
| FOREACH: ${{ steps.apply-second-change.outputs.foreach }} | |
| run: | | |
| if [[ "$FOREACH" == "" ]]; then | |
| echo "::error:: output foreach not set correctly" | |
| exit 1 | |
| fi | |
| if [[ "$SECOND_COUNT" != "$FIRST_COUNT" ]]; then | |
| echo "::error:: Targeted change has affected untargeted resources" | |
| exit 1 | |
| fi | |
| - name: Auto Apply targeted change | |
| uses: ./terraform-apply | |
| id: apply-third-change | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.count[0] | |
| random_string.foreach["hello"] | |
| variables: | | |
| length = 10 | |
| auto_approve: true | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| THIRD_COUNT: ${{ steps.apply-third-change.outputs.count }} | |
| SECOND_COUNT: ${{ steps.apply-second-change.outputs.count }} | |
| THIRD_FOREACH: ${{ steps.apply-third-change.outputs.foreach }} | |
| SECOND_FOREACH: ${{ steps.apply-second-change.outputs.foreach }} | |
| run: | | |
| if [[ "$THIRD_COUNT" == "$SECOND_COUNT" ]]; then | |
| echo "::error:: Targeted change has not affected targeted resources" | |
| exit 1 | |
| fi | |
| if [[ "$THIRD_FOREACH" == "$SECOND_FOREACH" ]]; then | |
| echo "::error:: Targeted change has not affected targeted resources" | |
| exit 1 | |
| fi | |
| - name: Plan targeted replacement | |
| uses: ./terraform-plan | |
| id: plan-targeted-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-targeted-replacement.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Targeted replacement should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply targeted replacement | |
| uses: ./terraform-apply | |
| id: apply-targeted-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| target: | | |
| random_string.foreach["hello"] | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| THIRD_COUNT: ${{ steps.apply-third-change.outputs.count }} | |
| TARGETED_COUNT: ${{ steps.apply-targeted-replacement.outputs.count }} | |
| THIRD_FOREACH: ${{ steps.apply-third-change.outputs.foreach }} | |
| TARGETED_FOREACH: ${{ steps.apply-targeted-replacement.outputs.foreach }} | |
| run: | | |
| if [[ "$TARGETED_COUNT" != "$THIRD_COUNT" ]]; then | |
| echo "::error:: Targeted replacement has affected non targeted resources" | |
| exit 1 | |
| fi | |
| if [[ "$TARGETED_FOREACH" == "$THIRD_FOREACH" ]]; then | |
| echo "::error:: Targeted replacement has not affected targeted resources" | |
| exit 1 | |
| fi | |
| - name: Plan replacement | |
| uses: ./terraform-plan | |
| id: plan-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| CHANGES: ${{ steps.plan-replacement.outputs.changes }} | |
| run: | | |
| if [[ "$CHANGES" != "true" ]]; then | |
| echo "::error:: Replacement should have changes" | |
| exit 1 | |
| fi | |
| - name: Apply replacement | |
| uses: ./terraform-apply | |
| id: apply-replacement | |
| with: | |
| path: tests/workflows/test-target-replace | |
| replace: | | |
| random_string.foreach["hello"] | |
| random_string.count[0] | |
| variables: | | |
| length = 10 | |
| workspace: ${{ github.head_ref }} | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} | |
| - name: Verify outputs | |
| env: | |
| TARGETED_COUNT: ${{ steps.apply-targeted-replacement.outputs.count }} | |
| REPLACEMENT_COUNT: ${{ steps.apply-replacement.outputs.count }} | |
| TARGETED_FOREACH: ${{ steps.apply-targeted-replacement.outputs.foreach }} | |
| REPLACEMENT_FOREACH: ${{ steps.apply-replacement.outputs.foreach }} | |
| run: | | |
| if [[ "$REPLACEMENT_COUNT" == "$TARGETED_COUNT" ]]; then | |
| echo "::error:: Replacement has not affected targeted resources" | |
| exit 1 | |
| fi | |
| if [[ "$REPLACEMENT_FOREACH" == "$TARGETED_FOREACH" ]]; then | |
| echo "::error:: Replacement has not affected targeted resources" | |
| exit 1 | |
| fi | |
| - name: Destroy the workspace | |
| uses: ./terraform-destroy-workspace | |
| with: | |
| path: tests/workflows/test-target-replace | |
| workspace: ${{ github.head_ref }} | |
| variables: | | |
| length = 10 | |
| backend_config: token=${{ secrets.TF_API_TOKEN }} |