...

2025-11-04 15:52:00 -05:00
parent c1a390d524
commit bc4bd06ac8
1 changed files with 66 additions and 54 deletions
@@ -128,66 +128,78 @@ jobs:
        with:
          working-directory: .
          chdir: cloudflare
+          no-color: true
          out: cloudflare.tfplan

-      - name: Build Markdown PR comment from plan file
+      - name: Convert Plan to JSON
        run: |
-          mkdir -p tmp
-          {
-            echo "## 🧩 OpenTofu Plan — Cloudflare"
-            echo "**Branch:** \`${{ github.ref_name }}\`"
-            echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`"
-            echo "**Working Directory:** \`cloudflare\`"
-            echo ""
-            echo "<details><summary>🪶 Click to expand full plan output</summary>"
-            echo ""
-            echo '```hcl'
-            tofu show cloudflare/cloudflare.tfplan         # <-- read file directly, ACT-safe
-            echo '```'
-            echo ""
-            echo "</details>"
-            echo ""
-            echo "*(This plan was automatically generated by the workflow.)*"
-          } > tmp/tofu-plan.md
-          echo "Markdown PR comment built: tmp/tofu-plan.md"
+          pwd
+          tofu show -json ${GITHUB_WORKSPACE}/cloudflare/cloudflare.tfplan > cloudflare_tf.json

-      - name: Load markdown plan into env var (safe for large output)
-        id: load-plan-md
-        run: |
-          # Ensure file exists and isn't absurdly large
-          if [ ! -f tmp/tofu-plan.md ]; then
-            echo "❌ Missing tmp/tofu-plan.md"
-            exit 1
-          fi
-
-          # Collapse newlines for environment storage
-          plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md)
-          echo "COMMENT_TEMPLATE<<EOF" >> $GITHUB_ENV
-          echo -e "$plan_md" >> $GITHUB_ENV
-          echo "EOF" >> $GITHUB_ENV
-
-      - name: Comment full Tofu Plan on PR (Gitea safe)
-        uses: https://git.trez.wtf/Trez.One/git-auto-comment@main
+      - name: Tofu Plan Comment
+        uses: liatrio/terraform-change-pr-commenter@v1.14.0
        with:
-          platform: gitea
-          api_url: https://git.trez.wtf/api/v1
-          token: ${{ secrets.BOT_GITEA_TOKEN }}
-          pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }}
-          repo_owner: ${{ github.repository_owner }}
-          repo_name: ${{ steps.env-vault-vars.outputs.repo_name }}
-          comment_template: ${{ env.COMMENT_TEMPLATE }}
+          json-file: cloudflare/cloudflare_tf.json
+          github-token: ${{ secrets.BOT_GITEA_TOKEN }}

-      - name: Wait for manual approval
-        uses: trstringer/manual-approval@v1
-        with:
-          secret: ${{ secrets.BOT_GITEA_TOKEN }}
-          approvers: WTF
-          minimum-approvals: 1
-          issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}"
-          issue-body: "Please approve or deny the deployment of the below Tofu plan"
-          issue-body-file-path: cloudflare/cloudflare.tfplan
-          exclude-workflow-initiator-as-approver: false
-          fail-on-denial: true
+      # - name: Build Markdown PR comment from plan file
+      #   run: |
+      #     mkdir -p tmp
+      #     {
+      #       echo "## 🧩 OpenTofu Plan — Cloudflare"
+      #       echo "**Branch:** \`${{ github.ref_name }}\`"
+      #       echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`"
+      #       echo "**Working Directory:** \`cloudflare\`"
+      #       echo ""
+      #       echo "<details><summary>🪶 Click to expand full plan output</summary>"
+      #       echo ""
+      #       echo '```hcl'
+      #       tofu show cloudflare/cloudflare.tfplan         # <-- read file directly, ACT-safe
+      #       echo '```'
+      #       echo ""
+      #       echo "</details>"
+      #       echo ""
+      #       echo "*(This plan was automatically generated by the workflow.)*"
+      #     } > tmp/tofu-plan.md
+      #     echo "Markdown PR comment built: tmp/tofu-plan.md"
+
+      # - name: Load markdown plan into env var (safe for large output)
+      #   id: load-plan-md
+      #   run: |
+      #     # Ensure file exists and isn't absurdly large
+      #     if [ ! -f tmp/tofu-plan.md ]; then
+      #       echo "❌ Missing tmp/tofu-plan.md"
+      #       exit 1
+      #     fi
+
+      #     # Collapse newlines for environment storage
+      #     plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md)
+      #     echo "COMMENT_TEMPLATE<<EOF" >> $GITHUB_ENV
+      #     echo -e "$plan_md" >> $GITHUB_ENV
+      #     echo "EOF" >> $GITHUB_ENV
+
+      # - name: Comment full Tofu Plan on PR (Gitea safe)
+      #   uses: https://git.trez.wtf/Trez.One/git-auto-comment@main
+      #   with:
+      #     platform: gitea
+      #     api_url: https://git.trez.wtf/api/v1
+      #     token: ${{ secrets.BOT_GITEA_TOKEN }}
+      #     pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }}
+      #     repo_owner: ${{ github.repository_owner }}
+      #     repo_name: ${{ steps.env-vault-vars.outputs.repo_name }}
+      #     comment_template: ${{ env.COMMENT_TEMPLATE }}
+
+      # - name: Wait for manual approval
+      #   uses: trstringer/manual-approval@v1
+      #   with:
+      #     secret: ${{ secrets.BOT_GITEA_TOKEN }}
+      #     approvers: WTF
+      #     minimum-approvals: 1
+      #     issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}"
+      #     issue-body: "Please approve or deny the deployment of the below Tofu plan"
+      #     issue-body-file-path: cloudflare/cloudflare.tfplan
+      #     exclude-workflow-initiator-as-approver: false
+      #     fail-on-denial: true

  # apply:
  #   name: Apply Tofu Plan