- A GitHub repository with valid OpenTofu code
- Your cloud provider credentials:
- For AWS: Hashicorp’s AWS tutorial
- For GCP: Hashicorp’s GCP tutorial
- For Azure: Hashicorp’s Azure tutorial
 
1
Create your Digger account
Head to ui.digger.dev and sign up using your preferred method.You should see an empty dashboard after you sign up.
2
Install the Digger GitHub App
Install the Digger GitHub App into your repository.
Digger GitHub App does not need access to your cloud account, it just starts jobs in your CI. All sensitive data stays in your CI job.You can also self-host Digger orchestrator with a private GiHub app and issue your own token
3
Create Action Secrets with cloud credentials
In GitHub repository settings, go to Secrets and Variables - Actions. Create the following secrets:
- AWS
- GCP
- Azure
- AWS_ACCESS_KEY_ID-- AWS_SECRET_ACCESS_KEYYou can also use OIDC for AWS authentication.
4
Create digger.yml
This file contains Digger configuration and needs to be placed at the root level of your repository. Assuming your OpenTofu code is in the 
prod directory:5
Create Github Actions workflow file
Place it at 
.github/workflows/digger_workflow.yml (name is important!)- AWS
- GCP
- Azure
6
Create a PR to verify that it works
OpenTofu will run an existing plan against your code.Make any change to your OpenTofu code e.g. add a blank line. An action run should start (you can see log output in Actions). After some time you should see output of OpenTofu Plan added as a comment to your PR.Then you can add a comment like 
digger apply and shortly after apply output will be added as comment too.
