Set branch and main terraform build to separate jobs

Author: jameslinnell

.github/workflows/deploy-sandbox.yml

@@ -34,22 +34,12 @@ jobs:
         env:
           SANDBOX_NAME: ${{ github.event.inputs.sandbox_name }}
 
-  terraform--main:
-    runs-on: ubuntu-latest
-  terraform_process:
+  terraform-process--main:
     runs-on: ubuntu-latest
+    needs: validate--inputs
     environment: development
 
     steps:
-      - name: Validate inputs
-        run: |
-          if ! [[ "$SANDBOX_NAME" =~ ^[a-z0-9]{1,9}$ ]]; then
-            echo "Sandbox name must match [a-z0-9]{1,9} (lowercase letters and digits only, 1-9 chars)."
-            exit 1
-          fi
-        env:
-          SANDBOX_NAME: ${{ github.event.inputs.sandbox_name }}
-
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout main
         uses: actions/checkout@v5
@@ -97,6 +87,29 @@ jobs:
         run: terraform apply -auto-approve -input=false tf-main.plan
         working-directory: ./infrastructure
 
+  terraform-process--branch:
+    runs-on: ubuntu-latest
+    needs: terraform-process--main
+    environment: development
+
+    steps:
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v5
+        with:
+          role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
+          role-skip-session-tagging: true
+          aws-region: ${{ vars.AWS_REGION }}
+          mask-aws-account-id: true
+
+      - name: View AWS Role
+        run: aws sts get-caller-identity
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.11.4
+          terraform_wrapper: false
+
       - name: Checkout Branch
         if: ${{ github.event.inputs.git_ref != 'main' }}
         uses: actions/checkout@v5