This repository was to aid in the deployment of Terraform files in stvcooke/rearc-quest. It probably should be called "pipeline" instead of "infra", but it doesn't matter since this has failed.
The terraform executor needs access to the source code repository, it can't get by on just the plan itself. Ideally, there'd be an EBS volume attachment, github tokens used, and execution done not in /tmp/
.
It sets up a remote state through CloudFormation in remote-state.yaml
, then sets up an two step pipeline for infrastructure deployment.
- The first step is in github actions which essentially does a terraform plan and deposits the plan file into s3. The IAM and S3 resources are declared in
tf-planner/planner.tf
while the github actions are in the.github/workflows/tf-plan.yaml
of the rearc-quest repository. - The second step is a lambda function off an s3 trigger that takes the plan file in s3 and executes a terraform apply using it. It's resources are declared in
tf-executor/executor.tf
and the python script for it is insrc/service.py
.
- I have commented out the
DeletionPolicy: Retain
because I do not want to retain this state file after I am done with this quest. - I am forgoing a deletion step to tear down the infrastructure for the sake of time.