name: Terraform CI/CD

on:
  push:
  pull_request:

jobs:
  terraform:
    runs-on: ubuntu-latest

    container:
      image: hashicorp/terraform:1.6.6

    env:
      TF_VAR_HETZNER_API_TOKEN: ${{ secrets.TF_VAR_HETZNER_API_TOKEN }}
      TF_VAR_NETBOX_API_TOKEN: ${{ secrets.TF_VAR_NETBOX_API_TOKEN }}
      TF_VAR_NETBOX_SERVER_URL: ${{ secrets.TF_VAR_NETBOX_SERVER_URL }}

    steps:
      - name: Install dependencies
        run: apk add --no-cache nodejs npm git

      - name: Checkout repository
        uses: actions/checkout@v4

      # Download previous Terraform state if it exists
      - name: Download previous Terraform state
        uses: actions/download-artifact@v3
        with:
          name: terraform-state
          path: terraform/
        continue-on-error: true  # skip if no previous state exists

      - name: Terraform Init
        run: terraform -chdir=terraform init -input=false

      - name: Terraform Validate
        run: terraform -chdir=terraform validate

      - name: Terraform Plan
        run: terraform -chdir=terraform plan -input=false -out=tfplan

      - name: Show plan
        run: terraform -chdir=terraform show -no-color tfplan > terraform/plan.txt

      - name: Upload plan artifact
        uses: actions/upload-artifact@v3
        with:
          name: terraform-plan
          path: |
            terraform/tfplan
            terraform/plan.txt

      - name: Terraform Apply
        if: github.ref == 'refs/heads/main'
        run: terraform -chdir=terraform apply -input=false -auto-approve tfplan

      # Upload updated Terraform state
      - name: Upload Terraform state
        uses: actions/upload-artifact@v3
        with:
          name: terraform-state
          path: terraform/terraform.tfstate