Terraform #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Terraform' | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| # Working directory input from user. | |
| terraform_operation: | |
| description: "Terraform operation: plan, apply, destroy" | |
| required: true | |
| default: "plan" | |
| type: choice | |
| options: | |
| - plan | |
| - apply | |
| - destroy | |
| jobs: | |
| Terraform_apply: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Terraform Init | |
| run: | | |
| export TF_VAR_USERNAME=$DB_USERNAME | |
| export TF_VAR_PASSWORD=$DB_PASSWORD | |
| export TF_VAR_S3_BUCKET_NAME=$S3_BUCKET_NAME | |
| export TF_VAR_S3_BUCKET_POLICY_ACTIONS=$S3_BUCKET_POLICY_ACTIONS | |
| export TF_VAR_DB_IDENTIFIER=$DB_IDENTIFIER | |
| export TF_VAR_PUBLIC_KEY=$PUBLIC_KEY | |
| export TF_VAR_CERTIFICATE_DOMAIN=$CERTIFICATE_DOMAIN | |
| export TF_VAR_DNS=$DNS | |
| export TF_VAR_GATEWAY_DNS=$GATEWAY_DNS | |
| terraform init | |
| env: | |
| DB_USERNAME: ${{secrets.DB_USERNAME}} | |
| DB_PASSWORD: ${{secrets.DB_PASSWORD}} | |
| S3_BUCKET_NAME: ${{secrets.S3_BUCKET_NAME}} | |
| DB_IDENTIFIER: ${{secrets.DB_IDENTIFIER}} | |
| PUBLIC_KEY: ${{secrets.PUBLIC_KEY}} | |
| CERTIFICATE_DOMAIN: ${{secrets.CERTIFICATE_DOMAIN}} | |
| DNS: ${{secrets.DNS}} | |
| GATEWAY_DNS: ${{secrets.GATEWAY_DNS}} | |
| - name: Terraform Plan | |
| run: | | |
| export TF_VAR_DB_USERNAME=$DB_USERNAME | |
| export TF_VAR_DB_PASSWORD=$DB_PASSWORD | |
| export TF_VAR_S3_BUCKET_NAME=$S3_BUCKET_NAME | |
| export TF_VAR_S3_BUCKET_POLICY_ACTIONS=$S3_BUCKET_POLICY_ACTIONS | |
| export TF_VAR_DB_IDENTIFIER=$DB_IDENTIFIER | |
| export TF_VAR_PUBLIC_KEY=$PUBLIC_KEY | |
| export TF_VAR_CERTIFICATE_DOMAIN=$CERTIFICATE_DOMAIN | |
| export TF_VAR_DNS=$DNS | |
| export TF_VAR_GATEWAY_DNS=$GATEWAY_DNS | |
| terraform plan -input=false | |
| env: | |
| DB_USERNAME: ${{secrets.DB_USERNAME}} | |
| DB_PASSWORD: ${{secrets.DB_PASSWORD}} | |
| S3_BUCKET_NAME: ${{secrets.S3_BUCKET_NAME}} | |
| DB_IDENTIFIER: ${{secrets.DB_IDENTIFIER}} | |
| PUBLIC_KEY: ${{secrets.PUBLIC_KEY}} | |
| CERTIFICATE_DOMAIN: ${{secrets.CERTIFICATE_DOMAIN}} | |
| DNS: ${{secrets.DNS}} | |
| GATEWAY_DNS: ${{secrets.GATEWAY_DNS}} | |
| if: ${{ github.event.inputs.terraform_operation == 'plan' }} | |
| - name: Terraform Validate | |
| id: validate | |
| run: terraform validate -no-color | |
| - name: Terraform Apply | |
| run: | | |
| export TF_VAR_DB_USERNAME=$DB_USERNAME | |
| export TF_VAR_DB_PASSWORD=$DB_PASSWORD | |
| export TF_VAR_S3_BUCKET_NAME=$S3_BUCKET_NAME | |
| export TF_VAR_S3_BUCKET_POLICY_ACTIONS=$S3_BUCKET_POLICY_ACTIONS | |
| export TF_VAR_DB_IDENTIFIER=$DB_IDENTIFIER | |
| export TF_VAR_PUBLIC_KEY=$PUBLIC_KEY | |
| export TF_VAR_CERTIFICATE_DOMAIN=$CERTIFICATE_DOMAIN | |
| export TF_VAR_DNS=$DNS | |
| export TF_VAR_GATEWAY_DNS=$GATEWAY_DNS | |
| terraform apply -input=false -auto-approve | |
| env: | |
| DB_USERNAME: ${{secrets.DB_USERNAME}} | |
| DB_PASSWORD: ${{secrets.DB_PASSWORD}} | |
| S3_BUCKET_NAME: ${{secrets.S3_BUCKET_NAME}} | |
| DB_IDENTIFIER: ${{secrets.DB_IDENTIFIER}} | |
| PUBLIC_KEY: ${{secrets.PUBLIC_KEY}} | |
| CERTIFICATE_DOMAIN: ${{secrets.CERTIFICATE_DOMAIN}} | |
| DNS: ${{secrets.DNS}} | |
| GATEWAY_DNS: ${{secrets.GATEWAY_DNS}} | |
| if: ${{ github.event.inputs.terraform_operation == 'apply' }} | |
| - name: Terraform Destroy | |
| id: destroy | |
| run: terraform destroy -auto-approve | |
| if: ${{ github.event.inputs.terraform_operation == 'destroy' }} |