GithubHelp home page GithubHelp logo

jona7o / terraform-rewindio-example Goto Github PK

View Code? Open in Web Editor NEW

This project forked from rewindio/terraform-rewindio-example

0.0 1.0 0.0 8 KB

A sample repo showing the general layout of our Terraform repos

License: MIT License

HCL 100.00%

terraform-rewindio-example's Introduction

terraform-rewindio-example

An example repo showing the general layout of most of our Terraform repos at Rewind and illustrating how the Terraform Github actions are configured.

This repo is an example to accompany the blog post at TBD

Usage

Create a backend.tfvars file with your backend configuration. It should look something like:

bucket               = "terraform-state-bucket"
key                  = "terraform.tfstate"
workspace_key_prefix = "terraform-workspaces"
dynamodb_table       = "terraform_state_lock"
region               = "us-east-1"
profile              = "production"

external_ip_allow_list = [""]

Instructions on configuring dynamoDB for state locking are in the terraform docs. profile is the name of an AWS credentials profile that has access to the bucket for storing sate.

Once the workspace and backend file is configured, you can init and plan as usual

terraform init -backend-config ./backend.tfvars
terraform workspace new st-test-results-bucket_us-east-1
terraform apply -var-file ./backend.tfvars -var-file tfvars/staging/st-test-results-bucket_us-east-1.tfvars

Github actions

The .github/workflows folder contains the workflows for enabling terraform control via a github workflow. It requires the following secrets be set on the repo

  • deploy_user_PAT - this is a Github access token for a user that has read access to repos. This handles the case where terraform private modules are being used
  • AWS_ACCESS_KEY_ID_STAGING, AWS_SECRET_ACCESS_KEY_STAGING, AWS_ACCESS_KEY_ID_PRODUCTION, AWS_SECRET_ACCESS_KEY_PRODUCTION - AWS credentials for a staging and production account

The plan workflow will trigger on any new pull request to the repo and run a plan for any workspaces specified in the matrix strategy

    strategy:
      matrix:
        workspace: [st-test-results-bucket_us-east-1,
                    pd-test-results-bucket_us-east-1]

It expects to find tfvars files under tfvars/staging or tfvars/production that match the names of the workspaces.

The apply workflow is triggered by comments to the pull request of the form

terraform apply <directive>

use terraform help as a pull request comment to see the available directives

terraform-rewindio-example's People

Contributors

dnorth98 avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.