@@ -152,23 +152,50 @@ jobs:
152152 steps :
153153 - name : Checkout code
154154 uses : actions/checkout@v6
155+ with :
156+ fetch-depth : 0
157+
158+ - name : Check Terraform changes
159+ id : terraform-changes
160+ run : |
161+ if [[ "${{ github.event_name }}" != "push" ]]; then
162+ echo "changed=true" >> "$GITHUB_OUTPUT"
163+ exit 0
164+ fi
165+
166+ BEFORE_SHA="${{ github.event.before }}"
167+ if [[ "$BEFORE_SHA" =~ ^0+$ ]]; then
168+ echo "changed=true" >> "$GITHUB_OUTPUT"
169+ exit 0
170+ fi
171+
172+ if git diff --quiet "$BEFORE_SHA" "${{ github.sha }}" -- terraform; then
173+ echo "changed=false" >> "$GITHUB_OUTPUT"
174+ echo "No Terraform changes detected; skipping Terraform apply."
175+ else
176+ echo "changed=true" >> "$GITHUB_OUTPUT"
177+ fi
155178
156179name : Authenticate to Google Cloud
180+ if : steps.terraform-changes.outputs.changed == 'true'
157181 uses : google-github-actions/auth@v3
158182 with :
159183 workload_identity_provider : ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
160184 service_account : ${{ secrets.GCP_SERVICE_ACCOUNT }}
161185
162186 - name : Setup Terraform
187+ if : steps.terraform-changes.outputs.changed == 'true'
163188 uses : hashicorp/setup-terraform@v4
164189 with :
165- terraform_version : 1.6.0
190+ terraform_version : 1.15.3
166191
167192 - name : Terraform init
193+ if : steps.terraform-changes.outputs.changed == 'true'
168194 working-directory : ./terraform
169195 run : terraform init -input=false
170196
171197 - name : Terraform plan
198+ if : steps.terraform-changes.outputs.changed == 'true'
172199 working-directory : ./terraform
173200 env :
174201 TF_VAR_supabase_url : ${{ secrets.SUPABASE_URL }}
@@ -183,6 +210,7 @@ jobs:
183210 run : terraform plan -out=tfplan -input=false
184211
185212 - name : Terraform apply
213+ if : steps.terraform-changes.outputs.changed == 'true'
186214 working-directory : ./terraform
187215 run : terraform apply -input=false tfplan
188216
0 commit comments