modify workflow

.github/workflows/terraform-plan.yml

@@ -7,8 +7,10 @@ on:
     types: [opened, synchronize, reopened]
     branches:
       - 'infra_main'
-    paths:
-      - './terraform/**'
+    # paths:
+    #   - './terraform/**'
+permissions:
+  pull-requests: write
 
 env:
   AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
@@ -55,17 +57,34 @@ jobs:
 
       - name: Save Plan JSON
         id: save-plan
-        run: terraform show -json tfplan.out > tfplan.json
+        run: terraform show -no-color tfplan.out > /tmp/tfplan.txt
         working-directory: ./terraform
 
       - name: Setup Infracost
         uses: infracost/actions/setup@v3
         with:
           api-key: ${{ secrets.INFRACOST_API_KEY }}
 
+      # Checkout the branch you want Infracost to compare costs against, most commonly the target branch.
+      - name: Checkout base branch
+        uses: actions/checkout@v4
+        with:
+          ref: '${{ github.event.pull_request.base.ref }}'
+
       - name: Run Infracost
         run: |
-          infracost breakdown --path=./terraform --format=json --out-file=/tmp/infracost.json
+          infracost breakdown --path=./terraform --format=json --out-file=/tmp/infracost-base.json
+
+      # Checkout the current PR branch so we can create a diff.
+      - name: Checkout PR branch
+        uses: actions/checkout@v4
+      - name: Generate Infracost diff
+        run: |
+          infracost breakdown --path=./terraform --format=table --out-file=/tmp/infracost-new.txt
+          infracost diff --path=./terraform \
+                          --format=json \
+                          --compare-to=/tmp/infracost-base.json \
+                          --out-file=/tmp/infracost.json
 
       - name: Post Infracost Comment
         run: |
@@ -74,3 +93,43 @@ jobs:
                                    --github-token=${{ github.token }} \
                                    --pull-request=${{ github.event.pull_request.number }} \
                                    --behavior=update
+      - name: Update PR Comment
+        uses: actions/github-script@v6
+        if: github.event_name == 'pull_request'
+        env:
+          PLAN: ${{ steps.plan.outcome }}
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const fs = require('fs');
+            const plan = fs.readFileSync('/tmp/tfplan.txt', 'utf8');
+            const infracost = fs.readFileSync('/tmp/infracost-new.txt', 'utf8');
+
+            const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+            #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
+
+            <details><summary>Show Plan</summary>
+
+            \`\`\`hcl
+            ${plan}
+            \`\`\`
+
+            </details>
+
+            #### New Infracost Breakdown 💰
+            <details><summary>Show Breakdown</summary>
+
+            \`\`\`sh
+            ${infracost}
+            \`\`\`
+
+            </details>
+
+            *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: output
+            })

terraform/bkp.terraform.tfvars.k

@@ -10,6 +10,4 @@ db_domain       = "db.cv1.drintech.online"
 traefik_domain  = "traefik.cv1.drintech.online"
 cert_email      = "admin@example.com" # replace with a valid email
 
-Still testing....
-
-
+Let's move on

terraform/ec2.tf

@@ -13,4 +13,17 @@ resource "aws_instance" "ec2" {
   }
 }
 
+resource "aws_instance" "ec2-1" {
+  ami           = var.ami_id
+  instance_type = var.instance_type
+  key_name      = var.key_pair_name
+  subnet_id     = aws_subnet.public_subnet.id
+  vpc_security_group_ids = [aws_security_group.sg.id]
+  tags = {
+    Name = var.ec2_name
+  }
 
+  provisioner "local-exec" {
+    command = "echo 'Instance provisioned: ${self.public_ip}'"
+  }
+}