I have a GitHub Actions workflow yml file which does terraform CDKTF diff, and it was working but once I added this if condition if: ${{ github.event.issue.pull_request && (github.event.comment.body == 'cdktf diff' || github.event.comment.body == 'cdktf deploy')}},
I am below getting error after the terraform plan output:
Error: Validation Failed: {"message":"The listed users and repositories cannot be searched either because the resources do not exist or you do not have permission to view them.","resource":"Search","field":"q","code":"invalid"}
Below is my workflow:
name: "Comment a CDKTF Command on a PR"
# Controls when the workflow will run
on:
workflow_dispatch:
issue_comment:
types: [ created ]
# Allows GHA to read comment and write terraform plan output on PR
permissions:
contents: read
pull-requests: write
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
cdktf_diff:
if: ${{ github.event.issue.pull_request && (github.event.comment.body == 'cdktf diff' || github.event.comment.body == 'cdktf deploy')}}
name: "Terraform CDK Diff"
runs-on: size/medium
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 17
- name: Setup Node
uses: actions/setup-node@v1
with:
node-version: "16"
- name: Generate module and provider bindings
run: |
cd postgres-rds-cdktf
npx cdktf-cli get --language java
- name: Run Terraform CDK Plan
uses: hashicorp/terraform-cdk-action@v0.1.0
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
with:
terraformVersion: 1.4.5
cdktfVersion: 0.15.5
mode: plan-only
githubToken: ${{ secrets.GITHUB_TOKEN }}
workingDirectory: postgres-rds-cdktf
After adding below permission, the error is resolved
permissions:
issues: write
found the answer in documentation here: https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs