name: "Plan" on: pull_request: env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} jobs: terraform: name: "Terraform" runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Terraform uses: hashicorp/setup-terraform@v1 with: terraform_version: 0.15.5 - name: Terraform Init id: init run: terraform init - name: Terraform Validate id: validate run: terraform validate -no-color # Aqui vamos gerar o terraform plan em arquivo para passar para o infracost - name: Terraform Plan id: plan run: terraform plan -out tfplan.binary - name: Terraform show id: show run: terraform show -json tfplan.binary > plan.json - uses: actions/github-script@v6 if: github.event_name == 'pull_request' env: PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`

Show Plan

\`\`\`\n ${process.env.PLAN} \`\`\`

*Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, body: output }) - name: Terraform Plan Status if: steps.plan.outcome == 'failure' run: exit 1 # Chamar a action do infracost passando a nossa secret - name: Setup Infracost uses: infracost/actions/setup@v1 with: api-key: ${{ secrets.INFRACOST_API_KEY }} # Passar o arquivo plan.json para o infracost gerar os custos - name: Generate Infracost JSON run: infracost breakdown --path plan.json --format json --out-file /tmp/infracost.json - name: Infracost Actions uses: infracost/actions/comment@v1 with: path: /tmp/infracost.json behavior: update