Attempting template as action

xnoto · xnoto · commit e5e47eda4eb5 · 2025-06-29T10:31:41.000-06:00
diff --git a/.github/workflows/apply.yml b/.github/workflows/apply.yml
@@ -0,0 +1,28 @@
+---
+name: Apply - Terraform via ARC
+on:
+  push:
+    branches:
+      - main
+
+env:
+  SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }}
+
+jobs:
+  deploy:
+    runs-on: arc-dind
+    container: image-registry.openshift-image-registry.svc:5000/arc-runners/terraform-runner:latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Run Git as root
+        run: git config --global --add safe.directory '*'
+
+      - name: Install SSH key
+        uses: shimataro/ssh-key-action@v2
+        with:
+          key: ${{ secrets.SSH_PRIVATE_KEY }}
+
+      - name: Terraform apply
+        run: make apply
diff --git a/.github/workflows/plan.yml b/.github/workflows/plan.yml
@@ -0,0 +1,32 @@
+---
+name: Plan - Terraform via ARC
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+  workflow_dispatch:
+
+env:
+  SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }}
+
+jobs:
+  plan:
+    runs-on: arc-dind
+    container: image-registry.openshift-image-registry.svc:5000/arc-runners/terraform-runner:latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Run Git as root
+        run: git config --global --add safe.directory '*'
+
+      - name: Install SSH key
+        uses: shimataro/ssh-key-action@v2
+        with:
+          key: ${{ secrets.SSH_PRIVATE_KEY }}
+
+      - name: Run tests
+        run: make test
+
+      - name: Terraform plan
+        run: make plan
diff --git a/README.md b/README.md
@@ -22,7 +22,9 @@ No modules.
 | Name | Type |
 |------|------|
 | [libvirt_domain.runner](https://registry.terraform.io/providers/dmacvicar/libvirt/0.7.1/docs/resources/domain) | resource |
+| [libvirt_domain.template-server](https://registry.terraform.io/providers/dmacvicar/libvirt/0.7.1/docs/resources/domain) | resource |
 | [libvirt_volume.runner](https://registry.terraform.io/providers/dmacvicar/libvirt/0.7.1/docs/resources/volume) | resource |
+| [libvirt_volume.template-server](https://registry.terraform.io/providers/dmacvicar/libvirt/0.7.1/docs/resources/volume) | resource |
 | [sops_file.secret_vars](https://registry.terraform.io/providers/carlpett/sops/latest/docs/data-sources/file) | data source |
 
 ## Inputs
diff --git a/template-server.tf b/template-server.tf
@@ -0,0 +1,35 @@
+resource "libvirt_volume" "template-server" {
+  name = "template-server.qcow2"
+  size = "21474836480" # 20 Gigabyte to byte
+}
+
+resource "libvirt_domain" "template-server" {
+  name        = "template-server"
+  description = "GitHub Actions self-hosted template-server"
+  cpu {
+    mode = "host-passthrough"
+  }
+  vcpu   = "1"
+  memory = "4096"
+  disk {
+    file = data.sops_file.secret_vars.data["fedora_server_path"]
+  }
+  disk {
+    volume_id = libvirt_volume.template-server.id
+  }
+  network_interface {
+    network_name = "default"
+  }
+  network_interface {
+    network_name = "internal"
+  }
+  graphics {
+    type        = "vnc"
+    listen_type = "none"
+  }
+  boot_device {
+    dev = ["cdrom", "hd"]
+  }
+  depends_on = [libvirt_volume.template-server]
+}
+
