.github/workflows/terraform-github.yml

name: 'Create Terraform resources'

on:
  push:
    branches:
    - main

jobs:
  terraform:
    name: 'Terraform'
    runs-on: ubuntu-latest
    env:
        ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
        ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
        ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
        ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}

# Use the Bash shell by default
    defaults:
      run:
        shell: bash

    steps:
# Checkout the repository to the GitHub Actions runner
    - name: Checkout
      uses: actions/checkout@v2

# Create the resources required to store the TF state
    - name: Creating the right resources
      run: sh ./state-resources.sh
      env:
        STATE_RG_NAME: ${{ secrets.STATE_RG_NAME }}
        STATE_STOR_NAME: ${{ secrets.STATE_STOR_NAME }}
        CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
        LOCATION: ${{ secrets.LOCATION }}

# Setup Terraform
    - name: Setup Terraform
      uses: hashicorp/setup-terraform@v1

# Check that all Terraform configuration files adhere to a canonical format
    - name: Terraform Format
      run: terraform fmt -check

# Initializes the Terraform working directory
    - name: Terraform Init
      run: terraform init -backend-config="resource_group_name=${{ secrets.STATE_RG_NAME }}" -backend-config="storage_account_name=${{ secrets.STATE_STOR_NAME }}" -backend-config="container_name=${{ secrets.CONTAINER_NAME }}" -backend-config="key=${{ secrets.STATE_KEY }}"

# Generates an execution plan for Terraform
    - name: Terraform Plan
      run: terraform plan

# On push to main, build or change infrastructure according to the Terraform configuration files and the Terraform plan
    - name: Terraform Apply
      if: github.ref == 'refs/heads/main' && github.event_name == 'push'
      run: terraform apply -auto-approve