chore(deps): bump the terraform group across 2 directories with 1 upd…

…ate (#218)

* chore(deps): bump the terraform group across 2 directories with 1 update

Bumps the terraform group with 1 update in the /stacks/sample_bucket directory: [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws).
Bumps the terraform group with 1 update in the /stacks/sample_instance directory: [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws).


Updates `hashicorp/aws` from 5.51.1 to 5.52.0
- [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-aws@v5.51.1...v5.52.0)

Updates `hashicorp/aws` from 5.51.1 to 5.52.0
- [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-aws@v5.51.1...v5.52.0)

---
updated-dependencies:
- dependency-name: hashicorp/aws
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: terraform
- dependency-name: hashicorp/aws
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: terraform
...

Signed-off-by: dependabot[bot] <support@github.com>

* add tf_instance sample workflow

* test

* retry

* replace terraform with tofu for dependabot automation

* retry with `-var-file`

* add `matrix.context`

* fix `matrix.context` reference

* include "deprovision step"

* add `Sample_Bucket` workflow

* add stg.tfbackend to test `matrix.context` for sample_bucket

* rename workflow to match purpose

* format yaml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Rishav Dhar <19497993+rdhar@users.noreply.github.com>

.github/dependabot.yaml

@@ -1,16 +1,18 @@
 ---
 version: 2
+
 updates:
   - package-ecosystem: github-actions
     directory: /
     schedule:
       interval: daily
+
   - package-ecosystem: terraform
     directories:
       - /stacks/sample_bucket
       - /stacks/sample_instance
     schedule:
-      interval: weekly
+      interval: daily
     groups:
       terraform:
         patterns:

.github/workflows/tf_sample.yaml

@@ -0,0 +1,93 @@
+---
+name: TF Sample
+on:
+  pull_request:
+    types: [opened, reopened, synchronize, closed]
+    paths: [stacks/sample_instance/**]
+
+permissions:
+  actions: read # Required for workflow query and artifact download.
+  checks: write # Required for adding summary to check status.
+  contents: read # Required for repository checkout.
+  id-token: write # Required for assuming AWS role via OIDC provider.
+  pull-requests: write # Required for commenting on PR.
+
+env:
+  AWS_REGION: us-east-1
+  TF_VERSION: ~> 1.7.0
+  TF_VAR_PREFIX: sample
+
+jobs:
+  Instance:
+    runs-on: ubuntu-latest
+    if: github.event.action != 'closed' || github.event.pull_request.merged
+
+    strategy:
+      fail-fast: false
+      matrix:
+        context: [dev, stg]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Authenticate AWS
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
+        with:
+          aws-region: ${{ env.AWS_REGION }}
+          role-to-assume: ${{ secrets.AWS_ROLE }}
+
+      - name: Setup TF
+        uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1
+        with:
+          terraform_version: ${{ env.TF_VERSION }}
+
+      - name: Provision TF
+        uses: ./
+        with:
+          command_input: ${{ format('-tf={0} -chdir=stacks/sample_instance -var-file=env/{1}.tfvars', github.event.action != 'closed' && 'plan' || 'apply', matrix.context) }}
+          cache_plugins: false
+
+      - name: Deprovision TF
+        if: github.event.action == 'closed'
+        uses: ./
+        with:
+          command_input: -tf=apply -chdir=stacks/sample_instance -var-file=env/${{ matrix.context }}.tfvars -destroy -auto-approve
+          cache_plugins: false
+
+  Bucket:
+    runs-on: ubuntu-latest
+    if: github.event.action != 'closed' || github.event.pull_request.merged
+
+    strategy:
+      fail-fast: false
+      matrix:
+        context: [dev, stg]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Authenticate AWS
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
+        with:
+          aws-region: ${{ env.AWS_REGION }}
+          role-to-assume: ${{ secrets.AWS_ROLE }}
+
+      - name: Setup TF
+        uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1
+        with:
+          terraform_version: ${{ env.TF_VERSION }}
+
+      - name: Provision TF
+        uses: ./
+        with:
+          command_input: ${{ format('-tf={0} -chdir=stacks/sample_bucket -backend-config=backend/{1}.tfbackend', github.event.action != 'closed' && 'plan' || 'apply', matrix.context) }}
+          cache_plugins: false
+
+      - name: Deprovision TF
+        if: github.event.action == 'closed'
+        uses: ./
+        with:
+          command_input: -tf=apply -chdir=stacks/sample_bucket -backend-config=backend/${{ matrix.context }}.tfbackend -destroy -auto-approve
+          cache_plugins: false

stacks/sample_bucket/backend/stg.tfbackend

@@ -0,0 +1,3 @@
+bucket = "tmp-workflow-tfstates"
+key    = "stg.tfstate"
+region = "us-east-1"

stacks/sample_bucket/terraform.tfvars

@@ -1,2 +1,2 @@
-aws_region        = "us-west-1"
+aws_region        = "eu-west-1"
 bucket_versioning = "Enabled"

stacks/sample_instance/env/dev.tfvars

@@ -1,2 +1,2 @@
-aws_region    = "us-west-1"
+aws_region    = "eu-west-1"
 instance_type = "t2.nano"

stacks/sample_instance/env/stg.tfvars

@@ -1,2 +1,2 @@
-aws_region    = "us-west-2"
+aws_region    = "eu-west-2"
 instance_type = "t2.micro"