--- name: tofu plan k8s-wheatley on: workflow_dispatch: workflow_call: pull_request: branches: - main paths: - pve01.wheatley.in/k8s-wheatley/** - .forgejo/workflows/tofu-plan-k8s-wheatley.yaml jobs: tofu-plan-k8s-wheatley: runs-on: docker defaults: run: working-directory: pve01.wheatley.in/k8s-wheatley permissions: pull-requests: write env: AWS_S3_ENDPOINT: ${{ secrets.AWS_S3_ENDPOINT }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} TF_VAR_proxmox_endpoint: ${{ secrets.PROXMOX_ENDPOINT }} TF_VAR_proxmox_api_token: ${{ secrets.PROXMOX_API_TOKEN }} PR_NUMBER: ${{ forge.event.pull_request.number }} steps: - uses: https://github.com/actions/checkout@v4 - uses: https://github.com/opentofu/setup-opentofu@v1 with: tofu_version: 1.11.5 - name: Install deps run: | apt update apt install -y jq - name: OpenTofu Init id: init run: tofu init --upgrade - name: OpenTofu Format id: fmt run: tofu fmt -check - name: OpenTofu Validate id: validate run: tofu validate -no-color - name: OpenTofu Plan id: plan run: tofu plan -no-color continue-on-error: true - name: Fetch existing comments id: fetch run: | set -euxo pipefail echo "PR_NUMBER: $PR_NUMBER" echo "Forgejo URL: ${{ forge.server_url }}" echo "Repo: ${{ forge.repository }}" url="${{ forge.server_url }}/api/v1/repos/${{ forge.repository }}/issues/$PR_NUMBER/comments" echo "Requesting: $url" response=$(curl -sS -w "\nHTTP_STATUS:%{http_code}\n" \ -H "Authorization: token ${{ secrets.FORGEJO_TOKEN }}" \ "$url") http_status=$(echo "$response" | sed -n 's/HTTP_STATUS://p') body=$(echo "$response" | sed '/HTTP_STATUS:/d') echo "HTTP status: $http_status" if [ "$http_status" != "200" ]; then echo "Forgejo API call failed" exit 1 fi echo "Parsing JSON…" echo "$body" | jq . comment_id=$(echo "$body" | jq -r \ '.[] | select(.body | test("OpenTofu Format and Style")) | .id' | head -n 1) echo "Matched comment_id: '$comment_id'" if [ -z "$comment_id" ] || [ "$comment_id" = "null" ]; then echo "No existing comment found matching marker" exit 1 fi echo "Found comment id: $comment_id" echo "comment_id=$comment_id" >> "$GITHUB_OUTPUT" - name: Upsert comment id: comment env: COMMENT_BODY: | `#### OpenTofu Format and Style πŸ–Œ\`${{ steps.fmt.outcome }}\` #### OpenTofu Initialization βš™οΈ\`${{ steps.init.outcome }}\` #### OpenTofu Validation πŸ€–\`${{ steps.validate.outcome }}\`
Validation Output \`\`\`\n ${{ steps.validate.outputs.stdout }} \`\`\`
#### OpenTofu Plan πŸ“–\`${{ steps.plan.outcome }}\`
Show Plan \`\`\`\n ${process.env.PLAN} \`\`\`
run: | if [ -n "${{ steps.fetch.outputs.comment_id }}" ] && [ "${{ steps.fetch.outputs.comment_id }}" != "null" ]; then curl -s -X PATCH \ -H "Authorization: token ${{ secrets.FORGEJO_TOKEN }}" \ -H "Content-Type: application/json" \ "${{ forge.server_url }}/api/v1/repos/${{ forge.repository }}/issues/comments/${{ steps.fetch.outputs.comment_id }}" \ -d "{\"body\":\"$COMMENT_BODY\"}" else curl -s -X POST \ -H "Authorization: token ${{ secrets.FORGEJO_TOKEN }}" \ -H "Content-Type: application/json" \ "${{ forge.server_url }}/api/v1/repos/${{ forge.repository }}/issues/$PR_NUMBER/comments" \ -d "{\"body\":\"$COMMENT_BODY\"}" fi