name: Constellation IAM create description: Create IAM configuration for a Constellation cluster. inputs: cloudProvider: description: "Either 'aws', 'azure' or 'gcp'." required: true namePrefix: description: "Name prefix to use for resources." required: true # # AWS specific inputs # awsZone: description: "AWS zone to deploy Constellation in." required: false # # Azure specific inputs # azureRegion: description: "Azure region to deploy Constellation in." required: false # # GCP specific inputs # gcpProjectID: description: "The GCP project ID to deploy Constellation in." required: false gcpZone: description: "The GCP zone to deploy Constellation in." required: false outputs: existingConfig: description: "Whether a configuration file has been created to be used in the next step." value: ${{ steps.setExistingConfig.outputs.existingConfig }} runs: using: "composite" steps: - name: Constellation iam create aws shell: bash if: inputs.cloudProvider == 'aws' run: | constellation iam create aws \ --zone=${{ inputs.awsZone }} \ --prefix=${{ inputs.namePrefix }} \ --generate-config --yes - name: Constellation iam create azure shell: bash if: inputs.cloudProvider == 'azure' run: | output=$(constellation --help) if [[ $output == *"tf-log"* ]]; then TFFLAG="--tf-log=DEBUG" fi constellation iam create azure \ --region=${{ inputs.azureRegion }} \ --resourceGroup="${{ inputs.namePrefix }}-rg" \ --servicePrincipal="${{ inputs.namePrefix }}-sp" \ --generate-config --yes ${TFFLAG:-} - name: Constellation iam create gcp shell: bash if: inputs.cloudProvider == 'gcp' run: | constellation iam create gcp \ --projectID=${{ inputs.gcpProjectID }} \ --zone=${{ inputs.gcpZone }} \ --serviceAccountID="${{ inputs.namePrefix }}-sa" \ --generate-config --yes - name: Set existing config id: setExistingConfig shell: bash run: | echo "existingConfig=true" | tee -a $GITHUB_OUTPUT