tools/.github/actions/terraform-setup/action.yml

name: 'terraform-setup'
description: 'Sets up Terraform including custom providers'
inputs:
  working-directory:
    description: 'Terraform working directory in the repository'
    required: true
  github-token:
    description: 'GitHub token for pulling custom providers from Flipside repos'
    required: true
  ssh-private-key:
    description: 'Devops bot SSH key to use for pulling Flipside repos'
    required: true
  ssh-known-hosts:
    description: 'Devops bot known hosts to use for pulling Flipside repos'
    required: true
  aws-access-key-id:
    description: >-
      AWS Access Key ID. This input is required if running in the GitHub hosted environment.
      It is optional if running in a self-hosted environment that already has AWS credentials,
      for example on an EC2 instance.      
    required: false
  aws-secret-access-key:
    description: >-
      AWS Secret Access Key. This input is required if running in the GitHub hosted environment.
      It is optional if running in a self-hosted environment that already has AWS credentials,
      for example on an EC2 instance.      
    required: false
  aws-session-token:
    description: 'AWS Session Token'
    required: false
  aws-region:
    description: 'AWS Region, e.g. us-east-2'
    required: true

runs:
  using: "composite"
  steps:
    - name: Install SSH key
      uses: shimataro/ssh-key-action@v2
      with:
        key: ${{ inputs.ssh-private-key }}
        known_hosts: ${{ inputs.ssh-known-hosts }}
        if_key_exists: replace
    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ inputs.aws-access-key-id }}
        aws-secret-access-key: ${{ inputs.aws-secret-access-key }}
        aws-session-token: ${{ inputs.aws-session-token }}
        aws-region: ${{ inputs.aws-region }}
    - uses: ./.github/actions/write-file
      with:
        path: ${{ inputs.working-directory }}/requirements.txt
        contents: |
          #
          # These requirements were autogenerated by pipenv
          # To regenerate from the project's Pipfile, run:
          #
          #    pipenv lock --requirements
          #
          # In this module directory where the Pipfile for Terraform requirements is maintained.
          
          -i https://pypi.org/simple
          boto3==1.24.7
          botocore==1.27.7; python_version >= '3.7'
          cachetools==5.2.0; python_version ~= '3.7'
          certifi==2022.5.18.1; python_version >= '3.6'
          charset-normalizer==2.0.12; python_full_version >= '3.5.0'
          deepmerge==1.0.1
          fastcore==1.4.4; python_version >= '3.7'
          ghapi==0.1.20
          gitdb==4.0.9; python_version >= '3.6'
          gitpython==3.1.27
          google-auth==2.7.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'
          idna==3.3; python_full_version >= '3.5.0'
          jmespath==1.0.0; python_version >= '3.7'
          kubernetes==23.6.0
          lark-parser==0.10.1
          oauthlib==3.2.0; python_version >= '3.6'
          packaging==21.3; python_version >= '3.6'
          pem==21.2.0
          pip==22.1.2; python_version >= '3.7'
          psycopg2-binary==2.9.3
          pyasn1-modules==0.2.8
          pyasn1==0.4.8
          pyparsing==3.0.9; python_full_version >= '3.6.8'
          python-dateutil==2.8.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
          python-hcl2==3.0.5
          pyyaml==6.0; python_version >= '3.6'
          requests-oauthlib==1.3.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
          requests==2.28.0; python_version >= '3.7' and python_version < '4'
          retrying==1.3.3
          rsa==4.8; python_version >= '3.6'
          ruamel.yaml.clib==0.2.6; python_version < '3.11' and platform_python_implementation == 'CPython'
          ruamel.yaml==0.17.21
          s3transfer==0.6.0; python_version >= '3.7'
          setuptools==62.4.0; python_version >= '3.7'
          six==1.16.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
          slack-sdk==3.17.0
          smmap==5.0.0; python_version >= '3.6'
          urllib3==1.26.9; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'
          websocket-client==1.3.2; python_version >= '3.7'          
    - name: Setup Python
      uses: actions/setup-python@v2
      with:
        python-version: 3.9
        cache: 'pip'
        cache-dependency-path: ${{ inputs.working-directory }}/requirements.txt
    - name: Install Terraform Python requirements
      shell: bash
      run: |
        pip install -r ${{ inputs.working-directory }}/requirements.txt        
    - name: Use Node.js 14.x
      uses: actions/setup-node@v2
      with:
        node-version: "14.x"
    - uses: hashicorp/setup-terraform@v1
      with:
        terraform_version: 1.2.4
        terraform_wrapper: false
    - name: Terraform Init
      shell: bash
      id: init
      run: terraform init --upgrade
      working-directory: ${{ inputs.working-directory }}
    - name: Terraform Validate
      shell: bash
      id: validate
      run: terraform validate
      working-directory: ${{ inputs.working-directory }}