From d513ac9bc75391dd15f958e304f70a541c46b240 Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 10:43:00 +1100 Subject: [PATCH 01/15] Push1 --- .github/workflows/terraform.yml | 69 +++++++++++++++++++++++++++++++++ terraform/eks-cluster.tf | 2 +- terraform/terraform.tf | 2 +- terraform/variables.tf | 2 +- 4 files changed, 72 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/terraform.yml diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml new file mode 100644 index 000000000..2ce7e18d8 --- /dev/null +++ b/.github/workflows/terraform.yml @@ -0,0 +1,69 @@ +name: "Vprofile IAC" +on: + push: + branches: + - main + - stage + paths: + - terraform/** + pull_request: + branches: + - main + paths: + - terraform/** + +env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY_ID }} + BUCKET_TF_STAGE: ${{ secrets.BUCKET_TF_STAGE }} + AWS_REGION: us-east-2 + EKS_CLUSTER: vprofile-eks + +jobs: + terraform: + name: "Apply terraform code changes" + runs-on: ubuntu-latest + defaults: + run: + shell: bash + working-directory: ./terraform + + steps: + # https://github.com/marketplace?category=&type=actions&verification=&query=checkout + - name: Checkout source code + uses: actions/checkout@v4 + + - name: Setup Terraform with specified version on the runner + uses: hashicorp/setup-terraform@v2 + # with: + # terraform_version: 1.6.3 + + - name: Terraform init + id: init + run: terraform init -backend-config="bucket=$BUCKET_TF_STAGE" + + - name: Terraform format + id: fmt + run: terraform fmt -check + # if the format of the code is not correct, it will return non-zero exit code and will fail the workflow + # then someone needs to make the correct format of the code, then again, commit the code. + + - name: Terraform validate + id: validate + run: terraform validate + + - name: Terraform plan + id: plan + run: terraform plan -no-color -input -out planfile + # -no-color: save some GPU + # -input: not passing any input + # -out planfile: avoid the parralle execution Terraform. This is to avoid bug in github action + continue-on-error: true + # we have a different way of failing this. Because we cannot really rely on this. + + - name: Terraform plan status + if: steps.plan.outcome == 'failure' + # if that variable value is failure, then we will execute command exit one, or anything that you can give, anything apart from zero + # When exit gets executed, it is going to kill that container and the workflow fail. + run: exit 1 + diff --git a/terraform/eks-cluster.tf b/terraform/eks-cluster.tf index 2c4610920..1c7f8bd9c 100644 --- a/terraform/eks-cluster.tf +++ b/terraform/eks-cluster.tf @@ -22,7 +22,7 @@ module "eks" { min_size = 1 max_size = 3 - desired_size = 2 + desired_size = 1 } two = { diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 67b75c673..06c3565f9 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -27,7 +27,7 @@ terraform { } backend "s3" { - bucket = "gitopsterrastate" + bucket = "vprofileactions22" key = "terraform.tfstate" region = "us-east-2" } diff --git a/terraform/variables.tf b/terraform/variables.tf index a41d982a0..f4328d85c 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -7,5 +7,5 @@ variable "region" { variable "clusterName" { description = "Name of the EKS cluster" type = string - default = "kitops-eks" + default = "gitops-eks" } From 4b002bfb560feee6509823413e44b7365149c5b4 Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 11:03:22 +1100 Subject: [PATCH 02/15] required_version = "~> 1.7.5" --- terraform/terraform.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 06c3565f9..94168aee0 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -32,7 +32,7 @@ terraform { region = "us-east-2" } - required_version = "~> 1.6.3" + required_version = "~> 1.7.5" } ## ## From 984fc89c63b97808d10cb28af09c12502e608577 Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 11:13:25 +1100 Subject: [PATCH 03/15] update --- .github/workflows/terraform.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 2ce7e18d8..58489eaf1 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -14,7 +14,7 @@ on: env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} BUCKET_TF_STAGE: ${{ secrets.BUCKET_TF_STAGE }} AWS_REGION: us-east-2 EKS_CLUSTER: vprofile-eks From 513a3f32b9082b7d1a35ad17ee7299abde74ad95 Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 11:16:53 +1100 Subject: [PATCH 04/15] update --- terraform/terraform.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 94168aee0..7b69180af 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -36,4 +36,4 @@ terraform { } ## ## -## + From 3978344d276bf0885db0c5a7037107f827fec495 Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 11:36:05 +1100 Subject: [PATCH 05/15] update --- .github/workflows/terraform.yml | 26 ++++++++++++++++++++++++++ terraform/terraform.tf | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 58489eaf1..c00133a91 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -67,3 +67,29 @@ jobs: # When exit gets executed, it is going to kill that container and the workflow fail. run: exit 1 +# new + - name: Terraform apply + id: apple + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + # if gitHub.ref is equal to main branch AND if there is a push github.event_name equal to push + run: terraform apply -auto-approve -input=false -parallelism=1 planfile + # -parallelism=1 to avoid bug in github actions + + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Get Kube config file + id: getconfig + if: steps.apple.outcome == 'success' + run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} + + - name: Install Ingress controller + if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' + run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml + + diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 7b69180af..5521332e0 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -35,5 +35,5 @@ terraform { required_version = "~> 1.7.5" } ## -## + From ad69432833e29f4a012adb445c515136e906c6fc Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 13:09:45 +1100 Subject: [PATCH 06/15] update --- .github/workflows/terraform.yml | 2 +- terraform/terraform.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index c00133a91..61ea1f53e 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -17,7 +17,7 @@ env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} BUCKET_TF_STAGE: ${{ secrets.BUCKET_TF_STAGE }} AWS_REGION: us-east-2 - EKS_CLUSTER: vprofile-eks + EKS_CLUSTER: gitops-eks jobs: terraform: diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 5521332e0..f4c822f62 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -34,6 +34,6 @@ terraform { required_version = "~> 1.7.5" } -## +### From 742b6b4bb0c3c0872cf33bf7ea374cd3e43a5520 Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 13:12:10 +1100 Subject: [PATCH 07/15] update --- terraform/terraform.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 5521332e0..6dc2a4e1a 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -34,6 +34,6 @@ terraform { required_version = "~> 1.7.5" } +### ## - From f919a3a8b1bc20fe070de47e4857f1cf87c6544d Mon Sep 17 00:00:00 2001 From: Wei Date: Sat, 16 Mar 2024 13:13:23 +1100 Subject: [PATCH 08/15] update --- terraform/terraform.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 6dc2a4e1a..e1924ff3e 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -36,4 +36,5 @@ terraform { } ### ## +### From 2da16953e0419e7016d70205f934e564963abf6a Mon Sep 17 00:00:00 2001 From: Leo <67815322+leol1328@users.noreply.github.com> Date: Sat, 16 Mar 2024 13:27:46 +1100 Subject: [PATCH 09/15] Update terraform.yml --- .github/workflows/terraform.yml | 103 +++++++++++++++++--------------- 1 file changed, 54 insertions(+), 49 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 61ea1f53e..7373aaa20 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -42,54 +42,59 @@ jobs: id: init run: terraform init -backend-config="bucket=$BUCKET_TF_STAGE" - - name: Terraform format - id: fmt - run: terraform fmt -check - # if the format of the code is not correct, it will return non-zero exit code and will fail the workflow - # then someone needs to make the correct format of the code, then again, commit the code. - - - name: Terraform validate - id: validate - run: terraform validate - - - name: Terraform plan - id: plan - run: terraform plan -no-color -input -out planfile - # -no-color: save some GPU - # -input: not passing any input - # -out planfile: avoid the parralle execution Terraform. This is to avoid bug in github action - continue-on-error: true - # we have a different way of failing this. Because we cannot really rely on this. - - - name: Terraform plan status - if: steps.plan.outcome == 'failure' - # if that variable value is failure, then we will execute command exit one, or anything that you can give, anything apart from zero - # When exit gets executed, it is going to kill that container and the workflow fail. - run: exit 1 - -# new - - name: Terraform apply - id: apple - if: github.ref == 'refs/heads/main' && github.event_name == 'push' - # if gitHub.ref is equal to main branch AND if there is a push github.event_name equal to push - run: terraform apply -auto-approve -input=false -parallelism=1 planfile - # -parallelism=1 to avoid bug in github actions - - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} - - - name: Get Kube config file - id: getconfig - if: steps.apple.outcome == 'success' - run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} - - - name: Install Ingress controller - if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' - run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml + - name: Terraform destroy + id: destroy + run: terraform destroy + + +# - name: Terraform format +# id: fmt +# run: terraform fmt -check +# # if the format of the code is not correct, it will return non-zero exit code and will fail the workflow +# # then someone needs to make the correct format of the code, then again, commit the code. + +# - name: Terraform validate +# id: validate +# run: terraform validate + +# - name: Terraform plan +# id: plan +# run: terraform plan -no-color -input -out planfile +# # -no-color: save some GPU +# # -input: not passing any input +# # -out planfile: avoid the parralle execution Terraform. This is to avoid bug in github action +# continue-on-error: true +# # we have a different way of failing this. Because we cannot really rely on this. + +# - name: Terraform plan status +# if: steps.plan.outcome == 'failure' +# # if that variable value is failure, then we will execute command exit one, or anything that you can give, anything apart from zero +# # When exit gets executed, it is going to kill that container and the workflow fail. +# run: exit 1 + +# # new +# - name: Terraform apply +# id: apple +# if: github.ref == 'refs/heads/main' && github.event_name == 'push' +# # if gitHub.ref is equal to main branch AND if there is a push github.event_name equal to push +# run: terraform apply -auto-approve -input=false -parallelism=1 planfile +# # -parallelism=1 to avoid bug in github actions + + +# - name: Configure AWS credentials +# uses: aws-actions/configure-aws-credentials@v1 +# with: +# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} +# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} +# aws-region: ${{ env.AWS_REGION }} + +# - name: Get Kube config file +# id: getconfig +# if: steps.apple.outcome == 'success' +# run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} + +# - name: Install Ingress controller +# if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' +# run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml From 94d64930bb1653b4c96b5043631b7ba88ef9085e Mon Sep 17 00:00:00 2001 From: Leo <67815322+leol1328@users.noreply.github.com> Date: Sat, 16 Mar 2024 13:31:56 +1100 Subject: [PATCH 10/15] Update terraform.yml --- .github/workflows/terraform.yml | 86 ++++++++++++++++----------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 7373aaa20..6abfaa2bc 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -53,48 +53,48 @@ jobs: # # if the format of the code is not correct, it will return non-zero exit code and will fail the workflow # # then someone needs to make the correct format of the code, then again, commit the code. -# - name: Terraform validate -# id: validate -# run: terraform validate - -# - name: Terraform plan -# id: plan -# run: terraform plan -no-color -input -out planfile -# # -no-color: save some GPU -# # -input: not passing any input -# # -out planfile: avoid the parralle execution Terraform. This is to avoid bug in github action -# continue-on-error: true -# # we have a different way of failing this. Because we cannot really rely on this. - -# - name: Terraform plan status -# if: steps.plan.outcome == 'failure' -# # if that variable value is failure, then we will execute command exit one, or anything that you can give, anything apart from zero -# # When exit gets executed, it is going to kill that container and the workflow fail. -# run: exit 1 - -# # new -# - name: Terraform apply -# id: apple -# if: github.ref == 'refs/heads/main' && github.event_name == 'push' -# # if gitHub.ref is equal to main branch AND if there is a push github.event_name equal to push -# run: terraform apply -auto-approve -input=false -parallelism=1 planfile -# # -parallelism=1 to avoid bug in github actions - - -# - name: Configure AWS credentials -# uses: aws-actions/configure-aws-credentials@v1 -# with: -# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} -# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} -# aws-region: ${{ env.AWS_REGION }} - -# - name: Get Kube config file -# id: getconfig -# if: steps.apple.outcome == 'success' -# run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} - -# - name: Install Ingress controller -# if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' -# run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml + - name: Terraform validate + id: validate + run: terraform validate + + - name: Terraform plan + id: plan + run: terraform plan -no-color -input -out planfile + # -no-color: save some GPU + # -input: not passing any input + # -out planfile: avoid the parralle execution Terraform. This is to avoid bug in github action + continue-on-error: true + # we have a different way of failing this. Because we cannot really rely on this. + + - name: Terraform plan status + if: steps.plan.outcome == 'failure' + # if that variable value is failure, then we will execute command exit one, or anything that you can give, anything apart from zero + # When exit gets executed, it is going to kill that container and the workflow fail. + run: exit 1 + +# new + - name: Terraform apply + id: apple + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + # if gitHub.ref is equal to main branch AND if there is a push github.event_name equal to push + run: terraform apply -auto-approve -input=false -parallelism=1 planfile + # -parallelism=1 to avoid bug in github actions + + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Get Kube config file + id: getconfig + if: steps.apple.outcome == 'success' + run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} + + - name: Install Ingress controller + if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' + run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml From 4b22bd5f3e0999c4d7640654b42771655a037946 Mon Sep 17 00:00:00 2001 From: Leo <67815322+leol1328@users.noreply.github.com> Date: Sat, 16 Mar 2024 13:34:23 +1100 Subject: [PATCH 11/15] Update terraform.tf --- terraform/terraform.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index f4c822f62..f11df935d 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -35,5 +35,6 @@ terraform { required_version = "~> 1.7.5" } ### +### From e807aad5478f6f14b8ca122d6742c75bc4049273 Mon Sep 17 00:00:00 2001 From: Leo <67815322+leol1328@users.noreply.github.com> Date: Sat, 16 Mar 2024 13:46:19 +1100 Subject: [PATCH 12/15] Update terraform.yml --- .github/workflows/terraform.yml | 68 +-------------------------------- 1 file changed, 2 insertions(+), 66 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 6abfaa2bc..7e8d22581 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -1,16 +1,5 @@ name: "Vprofile IAC" -on: - push: - branches: - - main - - stage - paths: - - terraform/** - pull_request: - branches: - - main - paths: - - terraform/** +on: workflow_dispatch env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} @@ -44,57 +33,4 @@ jobs: - name: Terraform destroy id: destroy - run: terraform destroy - - -# - name: Terraform format -# id: fmt -# run: terraform fmt -check -# # if the format of the code is not correct, it will return non-zero exit code and will fail the workflow -# # then someone needs to make the correct format of the code, then again, commit the code. - - - name: Terraform validate - id: validate - run: terraform validate - - - name: Terraform plan - id: plan - run: terraform plan -no-color -input -out planfile - # -no-color: save some GPU - # -input: not passing any input - # -out planfile: avoid the parralle execution Terraform. This is to avoid bug in github action - continue-on-error: true - # we have a different way of failing this. Because we cannot really rely on this. - - - name: Terraform plan status - if: steps.plan.outcome == 'failure' - # if that variable value is failure, then we will execute command exit one, or anything that you can give, anything apart from zero - # When exit gets executed, it is going to kill that container and the workflow fail. - run: exit 1 - -# new - - name: Terraform apply - id: apple - if: github.ref == 'refs/heads/main' && github.event_name == 'push' - # if gitHub.ref is equal to main branch AND if there is a push github.event_name equal to push - run: terraform apply -auto-approve -input=false -parallelism=1 planfile - # -parallelism=1 to avoid bug in github actions - - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} - - - name: Get Kube config file - id: getconfig - if: steps.apple.outcome == 'success' - run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} - - - name: Install Ingress controller - if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' - run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml - - + run: terraform destroy -auto-approve -input=false -parallelism=1 From 5406ec1e60734fa5175fd17a79ef7987621cf873 Mon Sep 17 00:00:00 2001 From: Leo <67815322+leol1328@users.noreply.github.com> Date: Sat, 16 Mar 2024 14:09:41 +1100 Subject: [PATCH 13/15] Update terraform.yml --- .github/workflows/terraform.yml | 67 +++++++++++++++++++++++++++++++-- 1 file changed, 63 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 7e8d22581..684d59038 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -1,5 +1,18 @@ name: "Vprofile IAC" -on: workflow_dispatch +# on: +# push: +# branches: +# - main +# - stage +# paths: +# - terraform/** +# pull_request: +# branches: +# - main +# paths: +# - terraform/** + +on: workflow_dispatch # only run the workflow when we manually trigger it. Later change env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} @@ -31,6 +44,52 @@ jobs: id: init run: terraform init -backend-config="bucket=$BUCKET_TF_STAGE" - - name: Terraform destroy - id: destroy - run: terraform destroy -auto-approve -input=false -parallelism=1 + - name: Terraform format + id: fmt + run: terraform fmt -check + # if the format of the code is not correct, it will return non-zero exit code and will fail the workflow + # then someone needs to make the correct format of the code, then again, commit the code. + + - name: Terraform validate + id: validate + run: terraform validate + + - name: Terraform plan + id: plan + run: terraform plan -no-color -input -out planfile + # -no-color: save some GPU + # -input: not passing any input + # -out planfile: avoid the parralle execution Terraform. This is to avoid bug in github action + continue-on-error: true + # we have a different way of failing this. Because we cannot really rely on this. + + - name: Terraform plan status + if: steps.plan.outcome == 'failure' + # if that variable value is failure, then we will execute command exit one, or anything that you can give, anything apart from zero + # When exit gets executed, it is going to kill that container and the workflow fail. + run: exit 1 + +# new + - name: Terraform apply + id: apple + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + # if gitHub.ref is equal to main branch AND if there is a push github.event_name equal to push + run: terraform apply -auto-approve -input=false -parallelism=1 planfile + # -parallelism=1 to avoid bug in github actions + + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Get Kube config file + id: getconfig + if: steps.apple.outcome == 'success' + run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER }} + + - name: Install Ingress controller + if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' + run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml From 0673f1a89c282454a5cfd8262050c66fd314b93e Mon Sep 17 00:00:00 2001 From: Leo <67815322+leol1328@users.noreply.github.com> Date: Sat, 16 Mar 2024 14:34:07 +1100 Subject: [PATCH 14/15] Update terraform.yml --- .github/workflows/terraform.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 684d59038..ddef96d8f 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -1,18 +1,18 @@ name: "Vprofile IAC" -# on: -# push: -# branches: -# - main -# - stage -# paths: -# - terraform/** -# pull_request: -# branches: -# - main -# paths: -# - terraform/** +on: + push: + branches: + - main + - stage + paths: + - terraform/** + pull_request: + branches: + - main + paths: + - terraform/** -on: workflow_dispatch # only run the workflow when we manually trigger it. Later change +# on: workflow_dispatch # only run the workflow when we manually trigger it. Later change env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} From d4817ec449311469afc80c90413eff77956a90ab Mon Sep 17 00:00:00 2001 From: Leo <67815322+leol1328@users.noreply.github.com> Date: Sat, 16 Mar 2024 14:34:46 +1100 Subject: [PATCH 15/15] Update terraform.tf --- terraform/terraform.tf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index e1924ff3e..57cd087af 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -34,7 +34,3 @@ terraform { required_version = "~> 1.7.5" } -### -## -### -