From ab032b44184ef19f0bd138bf3f9cfdbf222448ee Mon Sep 17 00:00:00 2001
From: David Paul Graham <dpgraham4401@gmail.com>
Date: Thu, 26 Oct 2023 20:46:25 -0400
Subject: [PATCH 1/6] poc following tf install instructions

---
 .github/workflows/terraform_lint.yaml | 36 +++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 .github/workflows/terraform_lint.yaml

diff --git a/.github/workflows/terraform_lint.yaml b/.github/workflows/terraform_lint.yaml
new file mode 100644
index 000000000..b7b0752b1
--- /dev/null
+++ b/.github/workflows/terraform_lint.yaml
@@ -0,0 +1,36 @@
+name: 'Terraform lint'
+# This workflow is responsible for running the Haztrak react client tests.
+
+on:
+  push:
+
+jobs:
+  check_terraform_fmt:
+    name: 'Terraform Format'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./infra/gcp
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v3
+
+      - name: 'install terraform'
+        run: |
+          sudo apt-get update && sudo apt-get install -y gnupg software-properties-common
+
+      - name: 'install hashicorp GPG key'
+        run: |
+          wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
+
+      - name: 'add hashicorp repo'
+        run: |
+          echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
+          https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
+          tee /etc/apt/sources.list.d/hashicorp.list
+
+      - name: 'update'
+        run: apt update
+
+      - name: 'install terraform'
+        run: apt-get install terraform

From 7d59365f55c1482bc06e741de8cb03d068419f86 Mon Sep 17 00:00:00 2001
From: David Paul Graham <dpgraham4401@gmail.com>
Date: Thu, 26 Oct 2023 20:48:58 -0400
Subject: [PATCH 2/6] add sudo

---
 .github/workflows/terraform_lint.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/terraform_lint.yaml b/.github/workflows/terraform_lint.yaml
index b7b0752b1..6cb142263 100644
--- a/.github/workflows/terraform_lint.yaml
+++ b/.github/workflows/terraform_lint.yaml
@@ -21,13 +21,15 @@ jobs:
 
       - name: 'install hashicorp GPG key'
         run: |
-          wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
+          wget -O- https://apt.releases.hashicorp.com/gpg | \
+          gpg --dearmor | \
+          sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
 
       - name: 'add hashicorp repo'
         run: |
           echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
           https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
-          tee /etc/apt/sources.list.d/hashicorp.list
+          sudo tee /etc/apt/sources.list.d/hashicorp.list
 
       - name: 'update'
         run: apt update

From c2c79c1126480fc8046f82eb100a6ec70d5051c5 Mon Sep 17 00:00:00 2001
From: David Paul Graham <dpgraham4401@gmail.com>
Date: Thu, 26 Oct 2023 20:49:55 -0400
Subject: [PATCH 3/6] add sudo again

---
 .github/workflows/terraform_lint.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/terraform_lint.yaml b/.github/workflows/terraform_lint.yaml
index 6cb142263..45d6a95ec 100644
--- a/.github/workflows/terraform_lint.yaml
+++ b/.github/workflows/terraform_lint.yaml
@@ -32,7 +32,7 @@ jobs:
           sudo tee /etc/apt/sources.list.d/hashicorp.list
 
       - name: 'update'
-        run: apt update
+        run: sudo apt update
 
       - name: 'install terraform'
-        run: apt-get install terraform
+        run: sudo apt-get install terraform

From 25cb5d793e4eb6728b440fbc14acd63d8ba593f8 Mon Sep 17 00:00:00 2001
From: David Paul Graham <dpgraham4401@gmail.com>
Date: Thu, 26 Oct 2023 20:52:33 -0400
Subject: [PATCH 4/6] add tf fmt check step

---
 .github/workflows/terraform_lint.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/terraform_lint.yaml b/.github/workflows/terraform_lint.yaml
index 45d6a95ec..e12f99ea7 100644
--- a/.github/workflows/terraform_lint.yaml
+++ b/.github/workflows/terraform_lint.yaml
@@ -36,3 +36,6 @@ jobs:
 
       - name: 'install terraform'
         run: sudo apt-get install terraform
+
+      - name: 'terraform fmt'
+        run: terraform fmt -check -recursive

From 4d7a48fa19d502962646b3b2656771ced98780ad Mon Sep 17 00:00:00 2001
From: David Paul Graham <dpgraham4401@gmail.com>
Date: Thu, 26 Oct 2023 20:58:44 -0400
Subject: [PATCH 5/6] add tf init, validate, and comment on PR steps

---
 .github/workflows/terraform_lint.yaml | 36 +++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/terraform_lint.yaml b/.github/workflows/terraform_lint.yaml
index e12f99ea7..9d715de16 100644
--- a/.github/workflows/terraform_lint.yaml
+++ b/.github/workflows/terraform_lint.yaml
@@ -15,7 +15,7 @@ jobs:
       - name: 'Checkout'
         uses: actions/checkout@v3
 
-      - name: 'install terraform'
+      - name: 'install terraform dependencies'
         run: |
           sudo apt-get update && sudo apt-get install -y gnupg software-properties-common
 
@@ -31,11 +31,43 @@ jobs:
           https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
           sudo tee /etc/apt/sources.list.d/hashicorp.list
 
-      - name: 'update'
+      - name: 'update apt'
         run: sudo apt update
 
       - name: 'install terraform'
         run: sudo apt-get install terraform
 
+      - name: 'Terraform Init'
+        run: terraform init -input=false -no-color
+
       - name: 'terraform fmt'
         run: terraform fmt -check -recursive
+
+      - name: 'Terraform Validate'
+        run: terraform validate
+
+      - name: 'Comment on PR'
+        uses: actions/github-script@v6
+        if: github.event_name == 'pull_request'
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+            #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
+            #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
+            <details><summary>Validation Output</summary>
+
+            \`\`\`\n
+            ${{ steps.validate.outputs.stdout }}
+            \`\`\`
+
+            </details>
+
+            *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`;
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: output
+            })

From 7415d87bc09ae28da0ca3968cc08ab562888d804 Mon Sep 17 00:00:00 2001
From: David Paul Graham <dpgraham4401@gmail.com>
Date: Thu, 26 Oct 2023 21:26:11 -0400
Subject: [PATCH 6/6] add step ids, paths to terraform commands, job run
 triggers

---
 .github/workflows/terraform_lint.yaml | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/terraform_lint.yaml b/.github/workflows/terraform_lint.yaml
index 9d715de16..d7b263335 100644
--- a/.github/workflows/terraform_lint.yaml
+++ b/.github/workflows/terraform_lint.yaml
@@ -2,15 +2,18 @@ name: 'Terraform lint'
 # This workflow is responsible for running the Haztrak react client tests.
 
 on:
-  push:
-
+  pull_request:
+    branches:
+      - main
+    paths:
+      - 'infra/**/*.tf'
 jobs:
   check_terraform_fmt:
     name: 'Terraform Format'
     runs-on: ubuntu-latest
     defaults:
       run:
-        working-directory: ./infra/gcp
+        working-directory: ./infra/gcp/dev
     steps:
       - name: 'Checkout'
         uses: actions/checkout@v3
@@ -38,13 +41,16 @@ jobs:
         run: sudo apt-get install terraform
 
       - name: 'Terraform Init'
+        id: init
         run: terraform init -input=false -no-color
 
       - name: 'terraform fmt'
-        run: terraform fmt -check -recursive
+        id: fmt
+        run: terraform fmt -check -recursive ..
 
       - name: 'Terraform Validate'
-        run: terraform validate
+        id: validate
+        run: terraform validate ..
 
       - name: 'Comment on PR'
         uses: actions/github-script@v6