Update main.tf #137
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: DIGITClusterworkflow | |
# Workflow branch | |
on: | |
push: | |
branches: | |
- master | |
- release-githubactions | |
workflow_dispatch: | |
inputs: | |
destroyCommand: | |
description: 'Type "destroy" to run the terraform_infra_destruction job.' | |
required: true | |
default: '' | |
jobs: | |
Input_validation: | |
if: ${{ github.event_name == 'push' }} | |
runs-on: ubuntu-latest | |
env: | |
TF_IN_AUTOMATION: "true" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Build project | |
run: echo "Githubactions Workflow has started" | |
- name: Displaying the input parameters provided | |
run: cat input.yaml | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Convert YAML to ENV | |
uses: dcarbone/yaml-to-env-action@main | |
with: | |
yaml-file: infra-as-code/terraform/sample-aws/input.yaml | |
debug: true # Optional: set to true to output some debug information | |
# Now, use the env vars in subsequent steps | |
- name: Display environment variables | |
run: | | |
echo "Cluster Name: $CLUSTER_NAME" | |
- name: Change working directory | |
run: echo "This command is run in the current directory" | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Updating different files based on parameters provided in input.yaml | |
run: go run init.go | |
working-directory: infra-as-code/terraform/scripts | |
- name: Archive infra-as-code folder | |
run: tar -czf infra-as-code.tar.gz infra-as-code/ | |
- name: Archive config-as-code folder | |
run: tar -czf config-as-code.tar.gz config-as-code/ | |
- name: Upload infra-as-code folder as artifact | |
uses: actions/upload-artifact@v4.4.0 | |
with: | |
name: infra-as-code-artifact-input | |
path: infra-as-code.tar.gz | |
- name: Upload config-as-code folder as artifact | |
uses: actions/upload-artifact@v4.4.0 | |
with: | |
name: config-as-code-artifact-input | |
path: config-as-code.tar.gz | |
# - name: Install AWS IAM Authenticator | |
# run: | | |
# curl -o aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/aws-iam-authenticator | |
# chmod +x ./aws-iam-authenticator | |
# sudo mv ./aws-iam-authenticator /usr/local/bin/aws-iam-authenticator | |
# aws-iam-authenticator version | |
# - name: Generate kubeconfig | |
# run: | | |
# aws eks update-kubeconfig --region ${{ secrets.AWS_REGION }} --name $CLUSTER_NAME | |
# cat ~/.kube/config > kubeconfig | |
# - name: Deleting Loadbalancer | |
# run: kubectl delete svc nginx-ingress-controller -n egov | |
# - name: Terraform Init - remotestate | |
# run: terraform init | |
# working-directory: infra-as-code/terraform/sample-aws/remote-state | |
# - name: Terraform Validate - remotestate | |
# run: terraform validate -no-color | |
# working-directory: infra-as-code/terraform/sample-aws/remote-state | |
# - name: Terraform Init - Infra destruction | |
# run: terraform init | |
# working-directory: infra-as-code/terraform/sample-aws | |
# - name: Terraform Validate - Infra destruction | |
# run: terraform validate -no-color | |
# working-directory: infra-as-code/terraform/sample-aws | |
# - name: Terraform Plan - Infra destruction | |
# run: terraform plan -destroy -no-color -input=false -var db_password=demo123456 | |
# working-directory: infra-as-code/terraform/sample-aws | |
# - name: Terraform Destroy - Infra destruction | |
# run: terraform destroy -no-color -auto-approve -var db_password=demo123456 | |
# working-directory: infra-as-code/terraform/sample-aws | |
Terraform_Infra_Creation: | |
if: ${{ github.event_name == 'push' }} | |
needs: Input_validation | |
runs-on: ubuntu-latest | |
env: | |
TF_IN_AUTOMATION: "true" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Download infra-as-code folder from artifacts | |
uses: actions/download-artifact@v4.1.8 | |
with: | |
name: infra-as-code-artifact-input | |
path: . | |
- name: Download config-as-code folder from artifacts | |
uses: actions/download-artifact@v4.1.8 | |
with: | |
name: config-as-code-artifact-input | |
path: . | |
- name: Extract infra-as-code folder | |
run: tar -xzf infra-as-code.tar.gz | |
- name: Extract config-as-code folder | |
run: tar -xzf config-as-code.tar.gz | |
- name: Convert YAML to ENV | |
uses: dcarbone/yaml-to-env-action@main | |
with: | |
yaml-file: infra-as-code/terraform/sample-aws/input.yaml | |
debug: true # Optional: set to true to output some debug information | |
# Now, use the env vars in subsequent steps | |
- name: Terraform Init - remotestate | |
id: init | |
run: terraform init | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Terraform Validate - remotestate | |
id: validate | |
run: terraform validate -no-color | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Terraform Plan - remotestate | |
id: plan | |
run: terraform plan -no-color -input=false | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Terraform Apply - remotestate | |
id: apply | |
run: terraform apply -no-color -input=false -auto-approve | |
continue-on-error: true | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Terraform init - Infra creation | |
id: init-Infra | |
run: terraform init | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Terraform Validate - Infra creation | |
id: validate-Infra | |
run: terraform validate -no-color | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Terraform Plan - Infra creation | |
id: plan-Infra | |
run: terraform plan -no-color -input=false -var db_password=demo123456 -lock=false | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Terraform Apply - Infra creation | |
id: apply-Infra | |
run: terraform apply -no-color -input=false -auto-approve -var db_password=demo123456 -lock=false | |
continue-on-error: true | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Install AWS IAM Authenticator | |
run: | | |
curl -o aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/aws-iam-authenticator | |
chmod +x ./aws-iam-authenticator | |
sudo mv ./aws-iam-authenticator /usr/local/bin/aws-iam-authenticator | |
aws-iam-authenticator version | |
- name: Generate kubeconfig | |
run: | | |
aws eks update-kubeconfig --region ${{ secrets.AWS_REGION }} --name $CLUSTER_NAME | |
cat ~/.kube/config > kubeconfig | |
- name: Verify kubectl configuration | |
run: kubectl config view | |
- name: Verfiy kubectl get nodes | |
run: | | |
kubectl get nodes | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
- name: Updating the terraform output data in environment.yaml files for deployment | |
run: terraform output -json | go run ../scripts/envYAMLUpdater.go | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Archive infra-as-code folder | |
run: tar -czf infra-as-code.tar.gz infra-as-code/ | |
- name: Archive config-as-code folder | |
run: tar -czf config-as-code.tar.gz config-as-code/ | |
- name: Upload infra-as-code folder as artifact | |
uses: actions/upload-artifact@v4.4.0 | |
with: | |
name: infra-as-code-artifact-creation | |
path: infra-as-code.tar.gz | |
- name: Upload config-as-code folder as artifact | |
uses: actions/upload-artifact@v4.4.0 | |
with: | |
name: config-as-code-artifact-creation | |
path: config-as-code.tar.gz | |
DIGIT-deployment: | |
if: ${{ github.event_name == 'push' }} | |
needs: Terraform_Infra_Creation | |
runs-on: ubuntu-latest | |
env: | |
TF_IN_AUTOMATION: "true" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Download infra-as-code folder from artifacts | |
uses: actions/download-artifact@v4.1.8 | |
with: | |
name: infra-as-code-artifact-creation | |
path: . | |
- name: Download config-as-code folder from artifacts | |
uses: actions/download-artifact@v4.1.8 | |
with: | |
name: config-as-code-artifact-creation | |
path: . | |
- name: Extract infra-as-code folder | |
run: tar -xzf infra-as-code.tar.gz | |
- name: Extract config-as-code folder | |
run: tar -xzf config-as-code.tar.gz | |
- name: Convert YAML to ENV | |
uses: dcarbone/yaml-to-env-action@main | |
with: | |
yaml-file: infra-as-code/terraform/sample-aws/input.yaml | |
debug: true # Optional: set to true to output some debug information | |
# Now, use the env vars in subsequent steps | |
- name: Install AWS IAM Authenticator | |
run: | | |
curl -o aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/aws-iam-authenticator | |
chmod +x ./aws-iam-authenticator | |
sudo mv ./aws-iam-authenticator /usr/local/bin/aws-iam-authenticator | |
aws-iam-authenticator version | |
- name: Generate kubeconfig | |
run: | | |
aws eks update-kubeconfig --region ${{ secrets.AWS_REGION }} --name $CLUSTER_NAME | |
cat ~/.kube/config > kubeconfig | |
- name: Verify kubectl configuration | |
run: kubectl config view | |
- name: Verfiy kubectl get nodes | |
run: | | |
kubectl get nodes | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
- name: Install sops | |
run: | | |
sudo apt update | |
sudo apt install -y gnupg | |
wget https://github.com/mozilla/sops/releases/download/v3.7.1/sops-v3.7.1.linux | |
chmod +x sops-v3.7.1.linux | |
sudo mv sops-v3.7.1.linux /usr/local/bin/sops | |
- name: digit deployment | |
run: go run digit_installer.go | |
working-directory: deploy-as-code/deployer | |
- name: Displaying the Loadbalancer ID | |
run: | | |
LB_ID=$(kubectl get svc nginx-ingress-controller -n egov -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') | |
echo "LoadBalancer ID: $LB_ID" | |
echo "Thank you for installing DIGIT! 🙏 Your installation is complete and ready to roll! 🚀" | |
echo "Please map the LoadBalancer ID ($LB_ID) with the domain provided in input.yaml to access the DIGIT UI" | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
terraform_infra_destruction: | |
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.destroyCommand == 'destroy' }} | |
runs-on: ubuntu-latest | |
env: | |
TF_IN_AUTOMATION: "true" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Convert YAML to ENV | |
uses: dcarbone/yaml-to-env-action@main | |
with: | |
yaml-file: infra-as-code/terraform/sample-aws/input.yaml | |
debug: true # Optional: set to true to output some debug information | |
- name: Display environment variables | |
run: | | |
echo "Cluster Name: $CLUSTER_NAME" | |
- name: Change working directory | |
run: echo "This command is run in the current directory" | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Updating different files based on parameters provided in input.yaml | |
run: go run init.go | |
working-directory: infra-as-code/terraform/scripts | |
- name: Install AWS IAM Authenticator | |
run: | | |
curl -o aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/aws-iam-authenticator | |
chmod +x ./aws-iam-authenticator | |
sudo mv ./aws-iam-authenticator /usr/local/bin/aws-iam-authenticator | |
aws-iam-authenticator version | |
- name: Generate kubeconfig | |
run: | | |
aws eks update-kubeconfig --region ${{ secrets.AWS_REGION }} --name $CLUSTER_NAME | |
cat ~/.kube/config > kubeconfig | |
continue-on-error: true | |
- name: Deleting Loadbalancer | |
run: kubectl delete svc nginx-ingress-controller -n egov | |
continue-on-error: true | |
- name: Terraform Init - remotestate | |
run: terraform init | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Terraform Validate - remotestate | |
run: terraform validate -no-color | |
working-directory: infra-as-code/terraform/sample-aws/remote-state | |
- name: Terraform Init - Infra destruction | |
run: terraform init | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Terraform Validate - Infra destruction | |
run: terraform validate -no-color | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Terraform Plan - Infra destruction | |
run: terraform plan -destroy -no-color -input=false -var db_password=demo123456 -lock=false | |
working-directory: infra-as-code/terraform/sample-aws | |
- name: Terraform Destroy - Infra destruction | |
run: terraform destroy -no-color -auto-approve -var db_password=demo123456 -lock=false | |
working-directory: infra-as-code/terraform/sample-aws |