Bird
Raised Fist0
Terraformcloud~5 mins

Terraform in GitHub Actions - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is the main purpose of using Terraform in GitHub Actions?
To automate infrastructure deployment and management directly from GitHub workflows, enabling continuous infrastructure as code.
Click to reveal answer
beginner
Which GitHub Actions step is used to initialize Terraform before applying changes?
The terraform init command initializes the working directory containing Terraform configuration files.
Click to reveal answer
intermediate
Why should Terraform state files be stored remotely when using GitHub Actions?
To allow multiple runs and team members to share the same state safely, preventing conflicts and ensuring consistent infrastructure state.
Click to reveal answer
beginner
What is the role of secrets in GitHub Actions when running Terraform workflows?
Secrets securely store sensitive data like cloud provider credentials, which are injected into workflows without exposing them in logs or code.
Click to reveal answer
beginner
How does the terraform plan step help in GitHub Actions workflows?
It previews the changes Terraform will make to the infrastructure, allowing review before applying to avoid unintended modifications.
Click to reveal answer
What command should run first in a Terraform GitHub Actions workflow?
Aterraform destroy
Bterraform apply
Cterraform plan
Dterraform init
Where should Terraform state files be stored for safe collaboration in GitHub Actions?
ALocally on the runner
BIn the GitHub repository
CIn a remote backend like AWS S3 or Terraform Cloud
DIn environment variables
How do you securely provide cloud credentials to Terraform in GitHub Actions?
AHardcode them in the workflow file
BUse GitHub Secrets and inject them as environment variables
CStore them in the Terraform configuration files
DSend them via email
What does the terraform apply command do in a GitHub Actions workflow?
AApplies the planned infrastructure changes
BInitializes Terraform providers
CShows planned changes without applying
DDeletes all infrastructure
Why include a terraform plan step before terraform apply?
ATo preview changes and catch errors early
BTo speed up deployment
CTo delete old resources
DTo initialize Terraform
Explain the typical steps in a GitHub Actions workflow that uses Terraform to deploy infrastructure.
Think about setup, review, and deployment phases.
You got /5 concepts.
    Describe why storing Terraform state remotely is important when using GitHub Actions.
    Consider collaboration and safety.
    You got /4 concepts.

      Practice

      (1/5)
      1. What is the main purpose of using Terraform in GitHub Actions workflows?
      easy
      A. To store Terraform state files in GitHub issues
      B. To manually edit cloud resources from GitHub
      C. To automatically run Terraform commands when code changes
      D. To replace Terraform CLI with GitHub commands

      Solution

      1. Step 1: Understand Terraform automation

        Terraform automates cloud resource management by running commands like plan and apply.

      2. Step 2: Role of GitHub Actions

        GitHub Actions can trigger these Terraform commands automatically when code changes happen.

      3. Final Answer:

        To automatically run Terraform commands when code changes -> Option C

      4. Quick Check:

        Terraform automation = automatic runs [OK]
      Hint: Terraform in GitHub Actions automates runs on code changes [OK]
      Common Mistakes:
      • Thinking GitHub Actions replaces Terraform CLI
      • Believing Terraform state is stored in GitHub issues
      • Assuming manual edits happen inside GitHub
      2. Which syntax correctly defines a GitHub Actions step to run terraform init?
      easy
      A. - name: Terraform Init command: terraform init
      B. - run: terraform init name: Terraform Init
      C. - step: terraform init run: true
      D. - name: Terraform Init run: terraform init

      Solution

      1. Step 1: Check GitHub Actions step syntax

        Steps use name and run keys to describe and execute commands.

      2. Step 2: Validate correct order and keys

        - name: Terraform Init run: terraform init uses name then run with the correct command string.

      3. Final Answer:

        - name: Terraform Init run: terraform init -> Option D

      4. Quick Check:

        Step keys = name + run [OK]
      Hint: GitHub Actions steps use 'name' then 'run' keys [OK]
      Common Mistakes:
      • Using 'command' instead of 'run'
      • Swapping order of keys causing confusion
      • Using invalid keys like 'step'
      3. Given this GitHub Actions snippet, what will happen when a push occurs? 
      jobs:
  terraform:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Terraform Init
        run: terraform init
      - name: Terraform Plan
        run: terraform plan
      medium
      A. The workflow will fail due to missing apply step
      B. Terraform will initialize and then create a plan for changes
      C. Terraform will only checkout the code without running commands
      D. Terraform will apply changes automatically

      Solution

      1. Step 1: Analyze the steps in the workflow

        The workflow checks out code, runs terraform init, then runs terraform plan.

      2. Step 2: Understand Terraform commands effect

        terraform init prepares the environment; terraform plan shows what changes would happen but does not apply them.

      3. Final Answer:

        Terraform will initialize and then create a plan for changes -> Option B

      4. Quick Check:

        Init + Plan = prepare and preview [OK]
      Hint: Init prepares, Plan previews changes, Apply makes changes [OK]
      Common Mistakes:
      • Confusing plan with apply
      • Assuming apply runs automatically
      • Ignoring checkout step importance
      4. You wrote this GitHub Actions step but it fails: 
      - name: Terraform Apply
  run: terraform apply -auto-approve
      What is a common reason for failure in this context?
      medium
      A. Missing terraform init before apply
      B. Using -auto-approve flag incorrectly
      C. GitHub Actions does not support terraform apply
      D. The step name must be 'Apply Terraform' exactly

      Solution

      1. Step 1: Check Terraform command requirements

        Terraform requires terraform init to run first to set up backend and providers.

      2. Step 2: Identify missing initialization

        If terraform init is missing, terraform apply will fail due to uninitialized state.

      3. Final Answer:

        Missing terraform init before apply -> Option A

      4. Quick Check:

        Init must run before apply [OK]
      Hint: Always run 'terraform init' before 'terraform apply' [OK]
      Common Mistakes:
      • Thinking -auto-approve causes failure
      • Believing GitHub Actions blocks apply commands
      • Assuming step name affects execution
      5. You want to securely store Terraform state remotely and run terraform apply only after manual approval in GitHub Actions. Which setup is best?
      hard
      A. Use a remote backend like AWS S3 for state and add a manual approval job before apply
      B. Store state in GitHub repo and run apply automatically after plan
      C. Keep state local and run apply in the same job as plan
      D. Use GitHub Secrets to store state file content and apply immediately

      Solution

      1. Step 1: Secure state storage best practice

        Remote backends like AWS S3 keep Terraform state safe and shared among users.

      2. Step 2: Implement manual approval in workflow

        GitHub Actions supports manual approval jobs to pause before applying changes.

      3. Step 3: Combine both for safe, controlled deployment

        Using remote state plus manual approval ensures safety and control over apply.

      4. Final Answer:

        Use a remote backend like AWS S3 for state and add a manual approval job before apply -> Option A

      5. Quick Check:

        Remote state + manual approval = safe apply [OK]
      Hint: Remote state + manual approval = secure, controlled apply [OK]
      Common Mistakes:
      • Storing state in repo risking conflicts
      • Running apply automatically without checks
      • Using secrets to store entire state file