PR Validation Workflow
The ci-pr.yml workflow validates pull requests before merging.
Trigger
on:
pull_request:
branches:
- main
types:
- opened
- synchronize
- reopened
Jobs
1. Terraform Plan (Non-Production)
Generates a Terraform execution plan and comments on the PR.
terraform-plan-non-production:
uses: badal-io/devex-reusable-workflows/.github/workflows/tfc-plan.yml@main
with:
environment: non-production
tfc_org: Badal_devex
tfc_workspace: wrkspc-np-devex-backstage
create_artifact_on_pr: true
attest_plan_on_pr: false
secrets: inherit
This allows reviewers to see infrastructure changes before approval.
2. Backstage Build
Validates that the Backstage application builds successfully.
backstage:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- uses: actions/setup-node@v4
with:
node-version: 22
cache: yarn
cache-dependency-path: backstage/yarn.lock
- name: Build & Package
working-directory: backstage
env:
NODE_OPTIONS: --max-old-space-size=8192
run: |
yarn install --immutable
yarn tsc
yarn build:backend
What Gets Validated
| Check | Purpose |
|---|---|
yarn install --immutable | Dependencies match lockfile |
yarn tsc | TypeScript compilation |
yarn build:backend | Backend production build |
| Terraform Plan | Infrastructure change preview |
PR Comments
The Terraform plan job adds a comment to the PR showing:
- Resources to be created, modified, or destroyed
- Any validation errors
- Link to full plan in Terraform Cloud
Production Plan (Disabled)
A production Terraform plan job is commented out:
# terraform-plan-production:
# uses: badal-io/devex-reusable-workflows/.github/workflows/tfc-plan.yml@main
# with:
# environment: production
# tfc_org: Badal_devex
# tfc_workspace: wrkspc-p-devex-backstage
# create_artifact_on_pr: true
Enable this to see production infrastructure changes in PRs.