proxy/.github/workflows/deploy.yml

name: Build and Deploy Architecture

on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main

jobs:
  terraform:
    name: Deploy Infrastructure
    runs-on: ubuntu-latest

    steps:
      - name: Checkout to Repository
        uses: actions/checkout@v2

      - name: Set-up Terraform
        uses: hashicorp/setup-terraform@v2

      - name: Format Terraform
        run: terraform fmt -check
        working-directory: ./terraform

      - name: Initialize Terraform Back-end
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: terraform init
        working-directory: ./terraform

      - name: Terraform Plan
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: terraform plan -out=tfplan -no-color
        working-directory: ./terraform

      - name: Check if there are changes
        id: check_changes
        run: |
          if [ -n "$(terraform show -no-color tfplan | grep -E 'No changes.')" ]; then
            echo "No changes detected."
            echo "::set-output name=changes::false"
          else
            echo "Changes detected."
            echo "::set-output name=changes::true"
          fi
        working-directory: ./terraform

      - name: Terraform Apply
        if: ${{ (steps.check_changes.outputs.changes == 'true') && (github.ref == 'refs/heads/main') }}
        run: terraform apply -auto-approve tfplan
        working-directory: ./terraform