BFD-3234: Exclude kernel updates when patching app amis #11224

	name: 'CI - Terraform'
	on:
	pull_request:
	merge_group:

	env:
	# workflow file matchers - workflow jobs will only run if matching files are found
	# please see https://github.com/CMSgov/beneficiary-fhir-data/pull/773 for why we
	# are using this workflow logic
	workflow_files_re: ^ops/

	jobs:
	workflow:
	name: Checking workflow
	runs-on: ubuntu-20.04
	outputs:
	files: ${{ steps.workflow_files.outputs.files }}
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	fetch-depth: 2
	- id: workflow_files
	run: \|
	echo "::set-output name=files::$(git diff --name-only --diff-filter=ACMRTD HEAD^ HEAD \| grep -E '${{ env.workflow_files_re }}')"

	tf-validate:
	runs-on: ubuntu-20.04
	needs: workflow
	if: needs.workflow.outputs.files
	strategy:
	matrix:
	tf_version: ['0.12.31']
	tf_environment: [test, prod-sbx, prod, mgmt]
	tf_resources: [stateless, stateful]
	steps:
	- name: 'Checkout repo'
	uses: actions/checkout@v3
	- name: 'Run terraform init'
	uses: hashicorp/terraform-github-actions@master
	with:
	tf_actions_version: ${{ matrix.tf_version }}
	tf_actions_subcommand: init
	tf_actions_working_dir: ./ops/terraform/env/${{ matrix.tf_environment }}/${{ matrix.tf_resources }}/
	tf_actions_comment: false
	args: '-backend=false'
	- name: 'Run terraform validate'
	uses: hashicorp/terraform-github-actions@master
	with:
	tf_actions_version: ${{ matrix.tf_version }}
	tf_actions_subcommand: validate
	tf_actions_working_dir: ./ops/terraform/env/${{ matrix.tf_environment }}/${{ matrix.tf_resources }}/
	tf_actions_comment: false

Provide feedback