iac/.forgejo/workflows/tofu.yml

name: OpenTofu Automation

on:
  push:
    paths:
      - 'terraform/**'

jobs:
  deploy:
    runs-on: docker
    container:
      image: node:22
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Create AWS Credentials Directory
        run: mkdir -p ~/.aws

      - name: Set AWS Credentials
        run: |
          echo "[default]" > ~/.aws/credentials
          echo "aws_access_key_id=${{ secrets.AWS_ACCESS_KEY_ID }}" >> ~/.aws/credentials
          echo "aws_secret_access_key=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> ~/.aws/credentials          

      - name: Setup OpenTofu
        uses: https://github.com/opentofu/setup-opentofu@v1

      - name: Run OpenTofu Init
        working-directory: ./terraform
        run: tofu init

      - name: Run OpenTofu Plan
        id: plan
        working-directory: ./terraform
        run: tofu plan -no-color

      - name: Display Plan Output
        run: |
          echo "Plan output:"
          echo "${{ steps.plan.outputs.stdout }}"          

      - name: Apply the Plan
        if: success()
        working-directory: ./terraform
        run: tofu apply -auto-approve