From 321263daf6d9fb2a906144b2e88495cb73be7e90 Mon Sep 17 00:00:00 2001
From: Noah <noahtueremis@gmail.com>
Date: Tue, 23 Dec 2025 12:04:45 +0100
Subject: [PATCH] Refactor Terraform CI/CD workflow to support all branches and
 improve structure

---
 .github/workflows/terraform.yaml | 60 ++++++++++++++++++++++++--------
 1 file changed, 46 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml
index a3fd6de..6a7bb3a 100644
--- a/.github/workflows/terraform.yaml
+++ b/.github/workflows/terraform.yaml
@@ -1,18 +1,50 @@
-name: "Terraform CI/CD"
+name: Terraform CI/CD
 
 on:
- push:
-   branches:
-   - main
-   paths:
-   - terraform/**
+  push:
+    branches:
+      - "**"
+  pull_request:
 
 jobs:
- terraform:
-   name: "Terraform Infrastructure Change Management"
-   runs-on: ssot-runner
-   defaults:
-     run:
-       shell: bash
-       # We keep Terraform files in the terraform directory.
-       working-directory: ./terraform
+  terraform:
+    runs-on: ssot-runner
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.6.6
+
+      - name: Terraform Init
+        run: terraform init -input=false
+
+      - name: Terraform Format
+        run: terraform fmt -check -recursive
+
+      - name: Terraform Validate
+        run: terraform validate
+
+      - name: Terraform Plan
+        run: |
+          terraform plan \
+            -input=false \
+            -out=tfplan
+
+      - name: Show Terraform Plan
+        run: terraform show -no-color tfplan > plan.txt
+
+      - name: Upload plan artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: terraform-plan
+          path: |
+            tfplan
+            plan.txt
+
+      - name: Terraform Apply
+        if: github.ref == 'refs/heads/main'
+        run: terraform apply -input=false -auto-approve tfplan