diff --git a/.github/reusable-workflows/tf-setup.yml b/.github/reusable-workflows/tf-setup.yml new file mode 100644 index 0000000..b6583cd --- /dev/null +++ b/.github/reusable-workflows/tf-setup.yml @@ -0,0 +1,28 @@ +name: Terraform Setup + +on: + workflow_call: + inputs: + tf-version: + description: Terraform version + required: true + type: number + tf-secret: + description: Terraform secret file content + required: true + type: string + +jobs: + terraform-setup: + runs-on: ubuntu-latest + steps: + - name: Setup Terrafrom + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: ${{ inputs.tf-version }} + + - name: Create Secret File + run: echo ${{ inputs.tf-secret }} > secret.tf + + - name: Terraform Init + run: terraform init diff --git a/.github/workflows/tf-apply.yml b/.github/workflows/tf-apply.yml new file mode 100644 index 0000000..17e9e93 --- /dev/null +++ b/.github/workflows/tf-apply.yml @@ -0,0 +1,31 @@ +name: Terraform Apply Workflow + +on: + workflow_dispatch: + inputs: + +env: + TF_SECRET_FILE: ${{ secrets.TF_SECRET_FILE }} + TF_VERSION: 1.6.3 + TF_PLAN_NAME: tfplan + +jobs: + apply: + name: Terraform Apply + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Download Plan Artifact + run: s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/das-pre-infra-vultr/${{ env.TF_PLAN_NAME }}-latest ${{ env.TF_PLAN_NAME }} + + - name: Setup Terraform + uses: ./.github/reusable-workflows/tf-setup.yml + with: + tf-version: ${{ env.TF_VERSION }} + tf-secret: ${{ env.TF_SECRET_FILE }} + + # TODO: check if file exists fist + - name: Apply Changes To The Cloud + run: terraform apply tfplan diff --git a/.github/workflows/tf-plan.yml b/.github/workflows/tf-plan.yml new file mode 100644 index 0000000..abcb57f --- /dev/null +++ b/.github/workflows/tf-plan.yml @@ -0,0 +1,61 @@ +name: Terraform Plan Workflow + +on: + workflow_dispatch: + inputs: + +env: + TF_SECRET_FILE: ${{ secrets.TF_SECRET_FILE }} + TF_VERSION: 1.6.3 + TF_PLAN_NAME: tfplan + + AWS_S3_BUCKET: das.singularitynet.io + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.AWS_REGION }} + +jobs: + - name: Setup AWS + run: |- + pip3 install awscli + aws configure set aws_access_key_id ${{ env.AWS_ACCESS_KEY_ID }} + aws configure set aws_secret_access_key ${{ env.AWS_SECRET_ACCESS_KEY }} + aws configure set region ${{ env.AWS_REGION }} + + validate: + name: Validate Terraform Code + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Terraform + uses: ./.github/reusable-workflows/tf-setup.yml + with: + tf-version: ${{ env.TF_VERSION }} + tf-secret: ${{ env.TF_SECRET_FILE }} + + - name: Check Configuration Files Format + run: terraform fmt -check -diff -recursive . + + - name: Validate Configuration + run: terraform validate + + plan: + name: Terrafrom Plan + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Terraform + uses: ./.github/reusable-workflows/tf-setup.yml + with: + tf-version: ${{ env.TF_VERSION }} + tf-secret: ${{ env.TF_SECRET_FILE }} + + - name: Create Infrastructure Plan + run: terraform plan -var-file=config.tfvars -out ${{ env.TF_PLAN_NAME }} + + - name: Upload Plan Artifact + run: s3 cp ${{ env.TF_PLAN_NAME }} s3://${{ secrets.AWS_S3_BUCKET }}/das-pre-infra-vultr/${{ env.TF_PLAN_NAME }}-latest diff --git a/.github/workflows/version-tagging.yml b/.github/workflows/version.yml similarity index 89% rename from .github/workflows/version-tagging.yml rename to .github/workflows/version.yml index 5aa6ebc..c6d17c8 100644 --- a/.github/workflows/version-tagging.yml +++ b/.github/workflows/version.yml @@ -1,10 +1,10 @@ -name: Version Tagging +name: Version on: workflow_dispatch: inputs: version: - description: "Version to tag" + description: "Version" required: true jobs: