Code Update

Riteshatri · Riteshatri · commit 955d82838384 · 2025-11-11T16:47:58.000+05:30
diff --git a/.github/workflows/terraform-multi(self-hosted).yaml b/.github/workflows/terraform-multi(self-hosted).yaml
@@ -0,0 +1,235 @@
+name: terraform-multi
+
+on:
+  workflow_call:
+    inputs:
+      environment:
+        required: true
+        type: string
+      tfvars_file:
+        required: true
+        type: string
+      rgname:
+        required: true
+        type: string
+      saname:
+        required: true
+        type: string
+      scname:
+        required: true
+        type: string
+      key:
+        required: true
+        type: string
+      runInit:
+        type: boolean
+        default: false
+      runFmt:
+        type: boolean
+        default: false
+      runValidate:
+        type: boolean
+        default: false
+      runPlan:
+        type: boolean
+        default: false
+      runApply:
+        type: boolean
+        default: false
+      runDestroy:
+        type: boolean
+        default: false
+    secrets:
+      AZURE_CLIENT_ID:
+        required: true
+      AZURE_TENANT_ID:
+        required: true
+      AZURE_SUBSCRIPTION_ID:
+        required: true
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  init:
+    if: ${{ inputs.runInit }}
+    runs-on: self-hosted
+    # environment: ${{ inputs.environment }}
+    defaults:
+      run:
+        working-directory: infra
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5.0.0
+
+      - name: Azure Login
+        uses: Azure/login@v2.3.0
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      
+          
+      # - name: Setup Terraform
+      #   uses: hashicorp/setup-terraform@v3
+        # with:
+          # terraform_version: 1.6.6      
+
+
+      - name: Terraform Init (remote backend)
+        run: terraform init -input=false -backend-config="resource_group_name=${{ inputs.rgname }}" -backend-config="storage_account_name=${{ inputs.saname }}" -backend-config="container_name=${{ inputs.scname }}" -backend-config="key=${{ inputs.key }}"
+      
+
+      # - name: Upload providers dir
+      #   uses: actions/upload-artifact@v4
+      #   with:
+      #     name: tf-providers
+      #     path: infra/.terraform/*
+
+      # - name: Upload lockfile
+      #   uses: actions/upload-artifact@v4
+      #   with:
+      #     name: tf-lockfile
+      #     path: infra/.terraform.lock.hcl
+
+  fmt:
+    needs: [init]
+    if: ${{ always() && inputs.runFmt && needs.init.result == 'success' }}
+    runs-on: self-hosted
+    defaults:
+      run:
+        working-directory: infra
+    steps:
+      - name: Terraform fmt
+        run: terraform fmt 
+
+  validate:
+    needs: [fmt, init]
+    if: ${{ always()
+            && inputs.runValidate
+            && (
+                 ( inputs.runFmt  && needs.fmt.result  == 'success' ) ||
+                 ( !inputs.runFmt && needs.init.result == 'success' )
+               )
+         }}
+    runs-on: self-hosted
+    defaults:
+      run:
+        working-directory: infra
+    steps:
+      - name: Terraform validate
+        run: terraform validate
+
+  plan:
+    needs: [validate, fmt, init]
+    if: ${{ always()
+            && inputs.runPlan
+            && (
+                 ( inputs.runValidate                  && needs.validate.result == 'success' ) ||
+                 ( !inputs.runValidate && inputs.runFmt && needs.fmt.result      == 'success' ) ||
+                 ( !inputs.runValidate && !inputs.runFmt && needs.init.result    == 'success' )
+               )
+         }}
+    runs-on: self-hosted
+    # environment: ${{ inputs.environment }}
+    defaults:
+      run:
+        working-directory: infra
+    steps:
+      - name: Azure Login (OIDC)
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: Terraform plan
+        run: terraform plan -var-file="../${{ inputs.tfvars_file }}" -out="plan-${{ inputs.environment }}.tfplan"
+
+      - name: Upload plan
+        uses: actions/upload-artifact@v4
+        with:
+          name: tf-plan-${{ inputs.environment }}
+          path: infra/plan-${{ inputs.environment }}.tfplan
+          if-no-files-found: error
+
+            
+  apply:
+    needs: [plan, validate, fmt, init]
+    if: ${{ always()
+            && inputs.runApply
+            && (
+                 ( inputs.runPlan                                 && needs.plan.result     == 'success' ) ||
+                 ( !inputs.runPlan && inputs.runValidate          && needs.validate.result == 'success' ) ||
+                 ( !inputs.runPlan && !inputs.runValidate && inputs.runFmt && needs.fmt.result  == 'success' ) ||
+                 ( !inputs.runPlan && !inputs.runValidate && !inputs.runFmt && needs.init.result == 'success' )
+               )
+         }}
+    runs-on: self-hosted
+    environment: ${{ inputs.environment }}
+    defaults:
+      run:
+        working-directory: infra
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+
+      - name: Azure Login (OIDC)
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+
+      - name: Terraform Init (remote backend)
+        run: terraform init -input=false -backend-config="resource_group_name=${{ inputs.rgname }}" -backend-config="storage_account_name=${{ inputs.saname }}" -backend-config="container_name=${{ inputs.scname }}" -backend-config="key=${{ inputs.key }}"
+
+      
+      - name: Download plan
+        uses: actions/download-artifact@v4
+        with:
+          name: tf-plan-${{ inputs.environment }}
+          path: infra
+          
+
+      - name: Terraform apply
+        run: terraform apply -auto-approve "plan-${{ inputs.environment }}.tfplan"
+
+        
+  destroy:
+    needs: [apply, plan, validate, fmt, init]
+    if: ${{ always()
+            && inputs.runDestroy
+            && (
+                 ( inputs.runApply                                              && needs.apply.result    == 'success' ) ||
+                 ( !inputs.runApply && inputs.runPlan                           && needs.plan.result     == 'success' ) ||
+                 ( !inputs.runApply && !inputs.runPlan && inputs.runValidate    && needs.validate.result == 'success' ) ||
+                 ( !inputs.runApply && !inputs.runPlan && !inputs.runValidate && inputs.runFmt && needs.fmt.result == 'success' ) ||
+                 ( !inputs.runApply && !inputs.runPlan && !inputs.runValidate && !inputs.runFmt && needs.init.result == 'success' )
+               )
+         }}
+    runs-on: self-hosted
+    environment: ${{ inputs.environment }}
+    defaults:
+      run:
+        working-directory: infra
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Azure Login (OIDC)
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          
+      - name: Terraform Init (remote backend)
+        run: terraform init -input=false -backend-config="resource_group_name=${{ inputs.rgname }}" -backend-config="storage_account_name=${{ inputs.saname }}" -backend-config="container_name=${{ inputs.scname }}" -backend-config="key=${{ inputs.key }}"
+
+
+
+      - name: Terraform destroy
+        run: terraform destroy -auto-approve -var-file="../${{ inputs.tfvars_file }}"
