Feature | add new devops user #468
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Infracost | |
# The GitHub Actions docs (https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#on) | |
# describe other options for 'on', 'pull_request' is a good default. | |
on: [pull_request] | |
env: | |
# If you use private modules you'll need this env variable to use | |
# the same ssh-agent socket value across all jobs & steps. | |
SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
jobs: | |
Infracost: | |
name: Infracost | |
runs-on: ubuntu-latest | |
env: | |
TF_ROOT: . #/home/runner/work/le-tf-infra-aws/le-tf-infra-aws | |
steps: | |
# If you use private modules, add an environment variable or secret | |
# called GIT_SSH_KEY with your private key, so Infracost can access | |
# private repositories (similar to how Terraform/Terragrunt does). | |
# - name: add GIT_SSH_KEY | |
# run: | | |
# ssh-agent -a $SSH_AUTH_SOCK | |
# mkdir -p ~/.ssh | |
# echo "${{ secrets.GIT_SSH_KEY }}" | tr -d '\r' | ssh-add - | |
# ssh-keyscan github.com >> ~/.ssh/known_hosts | |
- name: Setup Infracost | |
uses: infracost/actions/setup@v2 | |
# See https://github.com/infracost/actions/tree/master/setup for other inputs | |
# If you can't use this action, see Docker images in https://infracost.io/cicd | |
with: | |
api-key: ${{ secrets.INFRACOST_API_KEY }} | |
# Checkout the base branch of the pull request (e.g. main/master). | |
- name: Checkout base branch | |
uses: actions/checkout@v2 | |
with: | |
ref: '${{ github.event.pull_request.base.ref }}' | |
# Generate Infracost JSON file as the baseline. | |
- name: Generate Infracost cost estimate baseline | |
run: | | |
pwd | |
mv ${TF_ROOT}/config/common.tfvars.example ${TF_ROOT}/config/common.tfvars | |
infracost breakdown --config-file=${TF_ROOT}/infracost.yml \ | |
--format=json \ | |
--out-file=/tmp/infracost-base.json | |
# Checkout the current PR branch so we can create a diff. | |
- name: Checkout PR branch | |
uses: actions/checkout@v2 | |
# Generate an Infracost diff and save it to a JSON file. | |
- name: Generate Infracost diff | |
run: | | |
mv ${TF_ROOT}/config/common.tfvars.example ${TF_ROOT}/config/common.tfvars | |
infracost diff --config-file=${TF_ROOT}/infracost.yml \ | |
--format=json \ | |
--compare-to=/tmp/infracost-base.json \ | |
--out-file=/tmp/infracost.json | |
# Posts a comment to the PR using the 'update' behavior. | |
# This creates a single comment and updates it. The "quietest" option. | |
# The other valid behaviors are: | |
# delete-and-new - Delete previous comments and create a new one. | |
# hide-and-new - Minimize previous comments and create a new one. | |
# new - Create a new cost estimate comment on every push. | |
# See https://www.infracost.io/docs/features/cli_commands/#comment-on-pull-requests for other options. | |
- name: Post Infracost comment | |
run: | | |
infracost comment github --path=/tmp/infracost.json \ | |
--repo=$GITHUB_REPOSITORY \ | |
--github-token=${{github.token}} \ | |
--pull-request=${{github.event.pull_request.number}} \ | |
--behavior=update | |
- name: Generate Slack message | |
id: infracost-slack | |
run: | | |
echo "::set-output name=slack-message::$(infracost output --path=/tmp/infracost.json --format=slack-message --show-skipped)" | |
echo "::set-output name=diffTotalMonthlyCost::$(jq '(.diffTotalMonthlyCost // 0) | tonumber' /tmp/infracost.json)" | |
- name: Send cost estimate to Slack | |
uses: slackapi/slack-github-action@v1 | |
if: ${{ steps.infracost-slack.outputs.diffTotalMonthlyCost > 0 }} # Only post to Slack if there is a cost diff | |
with: | |
payload: ${{ steps.infracost-slack.outputs.slack-message }} | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_COST }} | |
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK | |
SLACK_CI_CHANNEL: ${{ secrets.SLACK_CI_CHANNEL_COST }} |