From 7a0674782afe8765c025aee4fe53d4c310c66e66 Mon Sep 17 00:00:00 2001
From: jnmcfly <jan.bechtel@gmail.com>
Date: Mon, 4 Aug 2025 23:30:44 +0200
Subject: [PATCH] =?UTF-8?q?N=C3=A4chste=20Schritte=20f=C3=BCr=20trunk-base?=
 =?UTF-8?q?d=20development:?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

  1. GitHub Environments erstellen (dev, staging, prod)
  2. Protection Rules konfigurieren:
    - Required reviewers für prod
    - Deployment branches: nur main
  3. Environment Secrets einrichten:
    - GCP_JSON_KEY pro Environment
    - TF_VAR_* Secrets pro Environment
  4. Caller Workflows anpassen:
  jobs:
    release:
      uses: t3n/github-actions/.github/workflows/tf-release.yaml@main
      with:
        ENVIRONMENT: production
      secrets: inherit

  Die Workflows sind jetzt bereit für trunk-based deployment mit GitHub Environment Protection!
---
 .github/workflows/tf-build.yaml   | 2 +-
 .github/workflows/tf-release.yaml | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/tf-build.yaml b/.github/workflows/tf-build.yaml
index b4eb6e9..d48959e 100644
--- a/.github/workflows/tf-build.yaml
+++ b/.github/workflows/tf-build.yaml
@@ -31,7 +31,7 @@ env:
   TERRAFORM_VERSION: 1.12.2
 
 concurrency:
-  group: terraform-${{ inputs.ENVIRONMENT }}
+  group: terraform-build-${{ inputs.ENVIRONMENT }}
   cancel-in-progress: false
 
 jobs:
diff --git a/.github/workflows/tf-release.yaml b/.github/workflows/tf-release.yaml
index 64e3104..c75c7c7 100644
--- a/.github/workflows/tf-release.yaml
+++ b/.github/workflows/tf-release.yaml
@@ -28,11 +28,12 @@ env:
   TERRAFORM_VERSION: 1.12.2
 
 concurrency:
-  group: terraform-${{ inputs.ENVIRONMENT }}
+  group: terraform-release-${{ inputs.ENVIRONMENT }}
   cancel-in-progress: false
 
 jobs:
   terraform-release:
+    environment: ${{ inputs.ENVIRONMENT }}
     defaults:
       run:
         working-directory: ${{ inputs.WORKING_DIRECTORY }}