From d878b140564fbc0f1593c668d1a9dd962223e7f0 Mon Sep 17 00:00:00 2001 From: victor-mungai Date: Wed, 5 Nov 2025 17:41:54 +0400 Subject: [PATCH 1/6] staging workflow --- .github/workflows/terraform.yml | 64 +++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 .github/workflows/terraform.yml diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml new file mode 100644 index 000000000..a99d1b5a1 --- /dev/null +++ b/.github/workflows/terraform.yml @@ -0,0 +1,64 @@ +name: "vprofile IAC" +on: + push: + branches: + - main + - stage + paths: + - terraform/** + pull_request: + branches: + - main + paths: + - terraform/** + +jobs: + terraform: + name: "Apply terraform packages" + runs-on: ubuntu-latest + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }} + AWS_REGION: "us-east-2" + defaults: + run: + shell: bash + working-directory: ./terraform + steps: + - name: "checkout repository" + uses: actions/checkout@v3 + + - name: "Setup Terraform" + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.7.6 + + - name: "Terraform Init" + id: init + run: | + terraform init \ + -backend-config="bucket=${BUCKET_TF_STATE}" \ + + - name: "Terraform format check" + id: fmt + run: | + terraform fmt -check + + - name: "Terraform Validate" + id: "Validate" + run: | + terraform validate + + - name: "Terraform Plan" + id: "Plan" + run: | + terraform plan -no-color -input=false -out=tfplan + continue-on-error: true + + - name: Terraform plan status + if: steps.Plan.outcome == 'failure' + run: exit 1 + + + From f3b7ff421fc020d48d54546cfdc772ddf5c82944 Mon Sep 17 00:00:00 2001 From: victor-mungai Date: Wed, 5 Nov 2025 18:16:24 +0400 Subject: [PATCH 2/6] first workflow --- terraform/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/main.tf b/terraform/main.tf index 94b6fc75a..081f66db1 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -13,4 +13,4 @@ locals { cluster_name = var.clusterName } -## \ No newline at end of file +# \ No newline at end of file From e61cbbf4b7e3eeefbef2eda575efaac0bc11c229 Mon Sep 17 00:00:00 2001 From: victor-mungai Date: Wed, 5 Nov 2025 18:18:04 +0400 Subject: [PATCH 3/6] workflow fix --- .github/workflows/terraform.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index a99d1b5a1..445fdf856 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,8 +31,7 @@ jobs: - name: "Setup Terraform" uses: hashicorp/setup-terraform@v2 - with: - terraform_version: 1.7.6 + - name: "Terraform Init" id: init From be68c5e0d35b2554538f11b7057042539f42e046 Mon Sep 17 00:00:00 2001 From: victor-mungai Date: Wed, 5 Nov 2025 18:25:54 +0400 Subject: [PATCH 4/6] workflow 2 --- terraform/main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/terraform/main.tf b/terraform/main.tf index 081f66db1..884ef5ac8 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -13,4 +13,3 @@ locals { cluster_name = var.clusterName } -# \ No newline at end of file From e61fdb4f8bc07fe593bf05978d22b7c7d8107a88 Mon Sep 17 00:00:00 2001 From: victor-mungai Date: Wed, 5 Nov 2025 18:28:17 +0400 Subject: [PATCH 5/6] workflow 3 --- .github/workflows/terraform.yml | 2 ++ terraform/vpc.tf | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 445fdf856..131f34fa0 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,6 +31,8 @@ jobs: - name: "Setup Terraform" uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.6.3 - name: "Terraform Init" diff --git a/terraform/vpc.tf b/terraform/vpc.tf index 5775ce1c3..1f3333dc7 100644 --- a/terraform/vpc.tf +++ b/terraform/vpc.tf @@ -23,4 +23,4 @@ module "vpc" { "kubernetes.io/cluster/${local.cluster_name}" = "shared" "kubernetes.io/role/internal-elb" = 1 } -} +} From a37e3f64718779e782a7e5b09be3e11bebe6f470 Mon Sep 17 00:00:00 2001 From: victor-mungai Date: Tue, 11 Nov 2025 21:46:40 +0400 Subject: [PATCH 6/6] workflow --- .github/workflows/terraform.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 131f34fa0..7ef8e43f4 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -61,5 +61,30 @@ jobs: if: steps.Plan.outcome == 'failure' run: exit 1 + - name: "Terraform Apply" + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + id: "Apply" + run: | + terraform apply -input=false -auto-approve tfplan + + - name: "Configure AWS Credentials" + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + + + - name: "Get kube config file" + id: getconfig + if: steps.Apply.outcome == 'success' || steps.Plan.outcome == 'success' + run: | + aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name kitops-eks + + - name: "Install ingress-nginx controller" + if: steps.getconfig.outcome == 'success' + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/aws/deploy.yaml +