Skip to content
/ terraform_state_artifact Public

The terraform_state_artifact action is a composite action that stores your Terraform state file as an encrypted Github workflow artifact.

github.com/marketplace/actions/terraform_state_artifact

License

GPL-3.0 license
20 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sturlabragason/terraform_state_artifact

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.github/workflows
.github/workflows
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
main.tf
main.tf
 
 

Repository files navigation

terraform_state_artifact

Terraform State Artifact #actionshackathon21

The sturlabragason/terraform_state_artifact action is a composite action that stores your Terraform state file as an encrypted Github workflow artifact and downloads and decrypts the state on subsequent runs. Built-in are the actions: actions/checkout@v2, hashicorp/setup-terraform@v1 and actions/upload-artifact@v2.

Be aware that Github delets artifacts older then 90 days by default. You can run your pipeline on a schedule to create a new artifact at least once every 90 days.

🚀 What this action does: 🚀

  • 🛠️ First off, it downloads your repository with actions/checkout@v2 and then installs terraform using hashicorp/setup-terraform@v1.
  • 📥 Using environment variables it downloads the most recent workflow artifact called terraformstatefile and decrypts using the user input variable encryptionkey.
    • If no artifact with that name is found (maybe it's your first run) then it proceeds with the following.
  • 🏗️ It then proceeds to run terraform plan with any flags from the optional variable custom_plan_flags
  • 🏢 Next it runs terraform apply with any flags from the optional variablecustom_apply_flags.
    • This can be skipped by setting the optional variable apply to false.
  • 🗃️ If all is well then Terraform has now produced a statefile ./terraform.tfstate. This file is encrypted using the provided encryptionkey.
  • 💾 Finally the new statefile is uploaded as an artifact!

- 🎉 Lather, rinse, repeat! 🎉

Usage

steps:
- uses: sturlabragason/terraform_state_artifact@v1
    with:
        encryptionkey: ${{ secrets.encryptionkey }}

You can choose to skip terraform apply:

steps:
- uses: sturlabragason/terraform_state_artifact@v1
    with:
        encryptionkey: ${{ secrets.encryptionkey }}
        apply: false

You can choose to add custom flags to terraform plan:

steps:
- uses: sturlabragason/terraform_state_artifact@v1
    with:
        encryptionkey: ${{ secrets.encryptionkey }}
        apply: false
        custom_plan_flags: '-refresh-only'

You can choose to add custom flags to terraform apply:

steps:
- uses: sturlabragason/terraform_state_artifact@v1
    with:
        encryptionkey: ${{ secrets.encryptionkey }}
        custom_apply_flags: '-no-color'

Inputs

The action supports the following inputs:

Variable Description Default
encryptionkey An encryption key to use when encrypting the statefile. Recommended to use a secret value. N/A
apply (optional) Whether to run the terraform apply command. true
custom_plan_flags (optional) Add a custom flag to the terraform plan command. ''
custom_apply_flags (optional) Add a custom flag to the terraform apply command. ''

License

GNU General Public License v3.0

About

The terraform_state_artifact action is a composite action that stores your Terraform state file as an encrypted Github workflow artifact.

github.com/marketplace/actions/terraform_state_artifact

Topics

terraform

Resources

Readme

License

GPL-3.0 license
Activity

Stars

20 stars

Watchers

0 watching

Forks

6 forks
Report repository

Releases 1

v1 Latest
Nov 23, 2021

Packages

No packages published

Languages