name: Terraform CI/CD

on:
  push:
  pull_request:

jobs:
  terraform:
    runs-on: ssot-runner

    container:
      image: hashicorp/terraform:1.6.6

    steps:
      - name: Install dependencies
        run: |
          apk add --no-cache nodejs npm git

      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Terraform Init
        run: terraform init -input=false

      - name: Terraform Validate
        run: terraform validate

      - name: Terraform Plan
        run: terraform plan -input=false -out=tfplan

      - name: Show plan
        run: terraform show -no-color tfplan > plan.txt

      - name: Upload plan artifact
        uses: actions/upload-artifact@v3
        with:
          name: terraform-plan
          path: |
            tfplan
            plan.txt

      - name: Terraform Apply
        if: github.ref == 'refs/heads/main'
        run: terraform apply -input=false -auto-approve tfplan