Skip to content

Terraform update #1070

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

Terraform update #1070

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
1e574c6
terraform deployment added
vtaws Dec 16, 2024
7aab1d7
terraform manual deployment added
vtaws Dec 17, 2024
fd8c87d
tag_version added to the code
vtaws Jan 8, 2025
cec25f7
terraform fmt
vtaws Jan 8, 2025
5e4170f
variable default value updated
vtaws Jan 17, 2025
4bdb91a
readme udpated with variable value change
vtaws Jan 17, 2025
62c7eb1
manual deployment removed
vtaws Jan 21, 2025
18a0631
readme.md updated
vtaws Jan 21, 2025
607b29b
readme.md updated
vtaws Jan 21, 2025
38d8b69
used new version method and update readme
vtaws Jun 17, 2025
8ed555e
readme udpated
vtaws Jun 17, 2025
9e5832c
local-test scripts added
vtaws Jun 19, 2025
48c1208
re-arranged FAQs
vtaws Jun 19, 2025
90c6673
workflow file added
vtaws Jun 19, 2025
2b4a052
debug
vtaws Jun 19, 2025
8a3078b
path updated
vtaws Jun 19, 2025
672ff3d
path changed
vtaws Jun 19, 2025
8eb50b7
backend changed to local
vtaws Jun 19, 2025
28e1b4e
s3 backend in use
vtaws Jun 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
180 changes: 180 additions & 0 deletions .github/workflows/tf-test-deployment.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
name: Terraform Test Deployment

on:
pull_request:
branches:
- "*"

permissions:
id-token: write
contents: read

jobs:
test-deployment:
runs-on: ubuntu-latest

env:
DATABASE_NAME: cid_data_export

steps:
- uses: actions/checkout@v3

- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y bats jq

- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.x"

- name: Install dependencies
run: |
python -m pip install --upgrade pip

- name: Setup Terraform
uses: hashicorp/setup-terraform@v2

- name: Setup TFLint
uses: terraform-linters/setup-tflint@v3

- name: Get CID versions
id: versions
run: |
# Get CID CFN version from first Description line using the correct path
CFN_VERSION=$(grep "Description.*Cloud Intelligence Dashboards" ./cfn-templates/cid-cfn.yml | grep -o '[0-9]\+\.[0-9]\+\.[0-9]\+' | head -1)
echo "Using local CFN version: $CFN_VERSION"
echo "cid_cfn_version=$CFN_VERSION" >> $GITHUB_OUTPUT

# Get Data Export version
EXPORT_VERSION=$(curl -s https://raw.githubusercontent.com/aws-solutions-library-samples/cloud-intelligence-dashboards-data-collection/main/data-exports/deploy/data-exports-aggregation.yaml | grep Description | grep -o '[0-9]\+\.[0-9]\+\.[0-9]\+' | head -1)
echo "data_export_version=$EXPORT_VERSION" >> $GITHUB_OUTPUT

- name: Create terraform.tfvars file
run: |
# Create terraform.tfvars file in the cicd-deployment directory
cat > ./terraform/cicd-deployment/terraform.tfvars << EOF
global_values = {
destination_account_id = "${{ secrets.AWS_ACCOUNT_ID }}"
source_account_ids = "${{ secrets.AWS_ACCOUNT_ID }}"
aws_region = "${{ secrets.AWS_REGION }}"
quicksight_user = "${{ secrets.QUICKSIGHT_USER }}"
cid_cfn_version = "${{ steps.versions.outputs.cid_cfn_version }}"
data_export_version = "${{ steps.versions.outputs.data_export_version }}"
environment = "dev"
}
EOF

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.AWS_ROLE }}
aws-region: ${{ secrets.AWS_REGION }}
role-duration-seconds: 3600
role-skip-session-tagging: true

- name: Initialize Terraform
working-directory: ./terraform/cicd-deployment
run: |
# Replace the existing backend.tf with S3 configuration
cat > backend.tf << EOF
terraform {
backend "s3" {
bucket = "${{ secrets.BACKEND_S3_BUCKET }}"
key = "terraform/cid-test/terraform.tfstate"
region = "${{ secrets.AWS_REGION }}"
encrypt = true
}
}
EOF

# Show the updated backend configuration
echo "Updated backend.tf:"
cat backend.tf

# Initialize with the new backend
terraform init

- name: Run TFLint
working-directory: ./terraform/cicd-deployment
run: tflint --format=compact

- name: Terraform Format Check
working-directory: ./terraform/cicd-deployment
run: terraform fmt -check -recursive

- name: Terraform Validate
working-directory: ./terraform/cicd-deployment
run: terraform validate

- name: Prepare deploy and cleanup scripts
run: |
# Debug directory structure
echo "Current directory: $(pwd)"
echo "Checking for terraform-test directory:"
find ./terraform -type d | grep terraform-test || echo "terraform-test directory not found"

# Update the existing provider.tf file
cat > ./terraform/cicd-deployment/providers.tf << EOF
provider "aws" {
region = "${{ secrets.AWS_REGION }}"
}

provider "aws" {
alias = "destination_account"
region = "${{ secrets.AWS_REGION }}"
# Using the same credentials as the default provider
}
EOF

# Show the updated provider configuration
echo "Updated providers.tf:"
cat ./terraform/cicd-deployment/providers.tf

# Fix path in deploy.sh and cleanup.sh
sed -i 's|TERRAFORM_DIR=\"$PROJECT_ROOT/terraform\"|TERRAFORM_DIR=\"$PROJECT_ROOT/cicd-deployment\"|g' ./terraform/terraform-test/deploy.sh
sed -i 's|TERRAFORM_DIR=\"$PROJECT_ROOT/terraform\"|TERRAFORM_DIR=\"$PROJECT_ROOT/cicd-deployment\"|g' ./terraform/terraform-test/cleanup.sh

# Show the modified paths
echo "Modified paths in deploy.sh:"
grep -n "TERRAFORM_DIR" ./terraform/terraform-test/deploy.sh

echo "Modified paths in cleanup.sh:"
grep -n "TERRAFORM_DIR" ./terraform/terraform-test/cleanup.sh

# List files
ls -l ./terraform/*

- name: Run deploy script
run: |
export DATABASE_NAME="cid_data_export"
export RESOURCE_PREFIX="cid-tf"
export BACKEND_TYPE="s3"
export S3_BUCKET="${{ secrets.BACKEND_S3_BUCKET }}"
export S3_KEY="terraform/cid-test/terraform.tfstate"
export S3_REGION="${{ secrets.AWS_REGION }}"

# Debug deploy.sh content
echo "Content of deploy.sh:"
head -n 20 ./terraform/terraform-test/deploy.sh

# Run with bash explicitly to see any errors
bash -x ./terraform/terraform-test/deploy.sh

- name: Run cleanup script
if: always()
run: |
export RESOURCE_PREFIX="cid-tf"
export BACKEND_TYPE="s3"
export S3_BUCKET="${{ secrets.BACKEND_S3_BUCKET }}"
export S3_KEY="terraform/cid-test/terraform.tfstate"
export S3_REGION="${{ secrets.AWS_REGION }}"

# Debug cleanup.sh content
echo "Content of cleanup.sh:"
head -n 20 ./terraform/terraform-test/cleanup.sh

# Run with bash explicitly to see any errors
bash -x ./terraform/terraform-test/cleanup.sh

Loading
Loading