name: Terraform Apply

on:
  workflow_dispatch:
    inputs:
      pr_number:
        description: 'PR Number to comment on'
        required: false
        type: string

env:
  TF_CLOUD_ORGANIZATION: homelab_terraform
  TF_WORKSPACE: homelab

jobs:
  terraform-apply:
    name: Terraform Apply
    runs-on: gitea-runner-hestia
    environment: production
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Install Terraform
        run: |
          TERRAFORM_VERSION=1.10.0
          curl -fsSL "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" -o /tmp/terraform.zip
          unzip -o /tmp/terraform.zip -d /usr/local/bin/
          chmod +x /usr/local/bin/terraform
          terraform version

      - name: Write Terraform Cloud credentials
        env:
          TF_CLOUD_TOKEN: ${{ secrets.TF_CLOUD_TOKEN }}
        run: |
          mkdir -p ~/.terraform.d/credentials
          cat > ~/.terraform.d/credentials/tfcred.tfrc << EOF
credentials "app.terraform.io" {
  token = "$TF_CLOUD_TOKEN"
}
EOF

      - name: Terraform Init
        working-directory: ./terraform
        run: |
          terraform init \
            -backend=true \
            -backend-config="organization=$TF_CLOUD_ORGANIZATION" \
            -backend-config="workspaces.name=$TF_WORKSPACE" \
            -reconfigure

      - name: Terraform Apply
        working-directory: ./terraform
        run: |
          terraform apply -auto-approve -no-color 2>&1