-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
35e4678
commit 2869c4a
Showing
11 changed files
with
330 additions
and
89 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,109 @@ | ||
name: AWS Terraform | ||
description: Runs Terraform against AWS | ||
inputs: | ||
terraform_state_s3_bucket: | ||
description: "S3 bucket for Terraform state" | ||
required: true | ||
terraform_state_s3_key_prefix: | ||
description: "S3 key prefix for Terraform state" | ||
required: true | ||
terraform_state_dynamodb_table: | ||
description: "DynamoDB table for Terraform state" | ||
required: true | ||
build_path: | ||
description: "Build path that contains the source" | ||
required: true | ||
environment: | ||
description: "Name of the environemnt e.g. dev, staging, prod" | ||
required: true | ||
branch: | ||
description: "Git branch being ran against" | ||
required: true | ||
image_tag: | ||
description: "Docker image tag to deploy" | ||
required: false | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Check permissions | ||
id: permissions | ||
run: | | ||
chmod 777 *.sh | ||
chmod +x *.sh | ||
echo -e "\n" | ||
shell: bash | ||
working-directory: "${{ github.action_path }}" | ||
|
||
- name: Setup build environment | ||
id: setup | ||
run: | | ||
${{ github.action_path }}/box.sh "Setting up build environment" | ||
echo -e "Installing TFLint" | ||
curl -L "$(curl -Ls https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" -o tflint.zip && unzip tflint.zip && rm tflint.zip | ||
curl -L "$(curl -Ls https://api.github.com/repos/terraform-linters/tflint-ruleset-aws/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" -o tflint-ruleset.zip && unzip tflint-ruleset.zip && rm tflint-ruleset.zip | ||
mkdir -p ./.tflint.d/plugins/ | ||
mv tflint-ruleset-aws ./.tflint.d/plugins/ | ||
echo -e "\n" | ||
shell: bash | ||
working-directory: "${{ inputs.build_path }}/infrastructure" | ||
|
||
- name: Terraform Init | ||
id: init | ||
run: | | ||
${{ github.action_path }}/box.sh "Running Terraform init" | ||
terraform init -backend-config="region=eu-west-1" -backend-config="dynamodb_table=${{ inputs.terraform_state_dynamodb_table }}" -backend-config="encrypt=true" -backend-config="workspace_key_prefix=${{ inputs.terraform_state_s3_key_prefix }}" -backend-config="bucket=${{ inputs.terraform_state_s3_bucket }}" -backend-config="key=${{ inputs.terraform_state_s3_key_prefix }}/${{ inputs.environment }}/terraform.tfstate" | ||
echo -e "Terraform S3 bucket: ${{ inputs.terraform_state_s3_bucket }}" | ||
echo -e "Terraform state file: ${{ inputs.terraform_state_s3_key_prefix }}/${{ inputs.environment }}/terraform.tfstate" | ||
echo -e "\n" | ||
shell: bash | ||
working-directory: "${{ inputs.build_path }}/infrastructure" | ||
|
||
- name: Terraform Validate | ||
id: validate | ||
run: | | ||
${{ github.action_path }}/box.sh "Running Terraform validate" | ||
terraform validate | ||
echo -e "\n" | ||
shell: bash | ||
working-directory: "${{ inputs.build_path }}/infrastructure" | ||
|
||
- name: TFLint | ||
id: lint | ||
run: | | ||
${{ github.action_path }}/box.sh "Running TFLint" | ||
./tflint --init | ||
export TFLINT_LOG=info | ||
./tflint --var-file='./environments/${{ inputs.environment }}/${{ inputs.environment }}.tfvars' --module --config=./.tflint.hcl || true | ||
# echo -e "\n" | ||
shell: bash | ||
working-directory: "${{ inputs.build_path }}/infrastructure" | ||
|
||
- name: Terraform Plan | ||
id: plan | ||
run: | | ||
export TF_VAR_environment=${environment} | ||
${{ github.action_path }}/box.sh "Running Terraform plan" | ||
plan_command="terraform plan -var-file='./environments/${{ inputs.environment }}/${{ inputs.environment }}.tfvars' -var 'region=${{ inputs.aws_deploy_region }}' -var 'image_tag=${{ inputs.image_tag }}' -input=false -out=plan.out" | ||
if [ "${{ inputs.branch }}" == "main" ]; then | ||
eval $plan_command | ||
else | ||
plan_command+=" -lock=false" | ||
eval $plan_command | ||
fi | ||
echo -e "\n" | ||
shell: bash | ||
working-directory: "${{ inputs.build_path }}/infrastructure" | ||
|
||
- name: Terraform Apply | ||
id: apply | ||
run: | | ||
if [ "${{ inputs.branch }}" == "main" ]; then | ||
${{ github.action_path }}/box.sh "Running Terraform apply" | ||
terraform apply -auto-approve -input=false plan.out | ||
else | ||
echo -e "Not on dev, staging or main branch, so skipping Terraform apply." | ||
fi | ||
echo -e "Terraform run completed successfully." | ||
shell: bash | ||
working-directory: "${{ inputs.build_path }}/infrastructure" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
#!/usr/bin/env bash | ||
echo $1 | sed -e 's/^/../' -e 's/$/../' -e 's/./*/g' | ||
echo $1 | sed -e 's/^/* /' -e 's/$/ */' | ||
echo $1 | sed -e 's/^/../' -e 's/$/../' -e 's/./*/g' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
environment_name = "development" | ||
log_level = "info" | ||
maker_mock_api_key = "test" | ||
maker_mock_private_key = "0xtest" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,2 @@ | ||
environment_name = "prod" | ||
image_tag = "0.0.1" | ||
az_count = 1 | ||
environment_name = "production" | ||
log_level = "info" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
environment_name = "staging" | ||
log_level = "info" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
locals { | ||
redis_plan = { | ||
development = "rediscloud" | ||
staging = "rediscloud:100" | ||
production = "rediscloud:500" | ||
} | ||
} |
Oops, something went wrong.