PLT-193 Workflow for github-actions calling reusable workflow (#16)

## 🎫 Ticket https://jira.cms.gov/browse/PLT-193 ## 🛠 Changes Added a workflow for github-actions terraform that calls the reusable terraform-fmt workflow. ## ℹ️ Context for reviewers This is a minimal proof for testing out reusable workflows, and allows for exploring some ideas to expand in #13. ## ✅ Acceptance Validation Testing workflows before the PR is merged is tricky. We'll likely need to test after merge, then create a follow-up PR if there are issues. ## 🔒 Security Implications - [ ] This PR adds a new software dependency or dependencies. - [ ] This PR modifies or invalidates one or more of our security controls. - [ ] This PR stores or transmits data that was not stored or transmitted before. - [ ] This PR requires additional review of its security implications for other reasons. If any security implications apply, add Jason Ashbaugh (GitHub username: StewGoin) as a reviewer and do not merge this PR without his approval.
CMSgov · Nov 1, 2023 · 1a65bd7 · 1a65bd7
1 parent c7328ef
commit 1a65bd7
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 0 deletions.
diff --git a/.github/workflows/github-actions-terraform-plan.yml b/.github/workflows/github-actions-terraform-plan.yml
@@ -0,0 +1,21 @@
+name: Terraform plan for github-actions terraform
+
+on:
+  pull_request:
+    paths:
+      - 'terraform/services/github-actions/**' # Specify the path to trigger the workflow
+  workflow_dispatch: # Allow manual trigger
+
+permissions:
+  id-token: write # This is required for requesting the JWT
+  contents: read  # This is required for actions/checkout
+
+jobs:
+  check-terraform-fmt:
+    uses: ./.github/workflows/terraform-fmt.yml
+    with:
+      working-directory: ./terraform/services/github-actions
+
+  terraform-plan:
+    steps:
+      - run: echo "TODO Create a reusable terraform-plan workflow to call'
diff --git a/.github/workflows/terraform-fmt.yml b/.github/workflows/terraform-fmt.yml
@@ -0,0 +1,27 @@
+name: Check terraform formatting
+
+on:
+  workflow_call:
+    inputs:
+      working-directory:
+        required: true
+        type: string
+
+defaults:
+  run:
+    working-directory: ${{ inputs.working-directory }}
+
+jobs:
+  terraform-fmt:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install tfenv
+        run: |
+          git clone https://github.com/tfutils/tfenv.git ~/.tfenv
+          echo "PATH=$HOME/.tfenv/bin:$PATH" >> "$GITHUB_ENV"
+
+      - name: Check terraform format
+        run: terraform fmt -check -diff -recursive .