Skip to content
Terraform GH Runner Deployment

Terraform GH Runner Deployment #4

Sign in to view logs

Terraform GH Runner Deployment

Terraform GH Runner Deployment #4

Workflow file for this run

.github/workflows/terraform_gh_runner.yml at 2d35eef
name: Terraform GH Runner Deployment
on:
workflow_dispatch:
pull_request:
branches:
- main
paths:
- "github-runners/terraform/base/**"
jobs:
terraform_gh_runner:
runs-on: ubuntu-latest
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up Terraform
uses: hashicorp/setup-terraform@v1
with:
terraform_version: "1.5.7"
cli_config_credentials_token: ${{ secrets.TF_CLOUD_TOKEN }}
- name: Install dependencies
run: |
# Install any dependencies required by your Terraform code
- name: Run Bash Script
# env:
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# GitHub repository and access token for github api calls, since GITHUB_TOKEN can't
# be used for this purpose.
repo="subspace/infra"
token=${{ secrets.PAT_TOKEN }}
# API endpoint
url="https://api.github.com/repos/$repo/actions/runners/registration-token"
# Send POST request to get the registration token
response=$(curl -X POST -H "Authorization: token $token" -s "$url")
# Extract the token value from the response
runner_token=$(echo "$response" | jq -r '.token')
# Store the token as a secret in GitHub Actions for use
# in subsequent steps with terraform for runner registration
gh secret set RUNNER_TOKEN -r "$repo" -b "$runner_token"
- name: Fetch and write terraform.tfvars
run: |
echo ${{ secrets.TF_VARS_FILE }} > /tmp/terraform.tfvars
chmod 600 /tmp/terraform.tfvars
- name: Run Terraform
working-directory: ./github-runners/terraform/base
run: |
terraform init
terraform plan -var-file=/tmp/terraform.tfvars
terraform apply -auto-approve -var "gh_token=${{ secrets.RUNNER_TOKEN }}" -var-file=/tmp/terraform.tfvars