Skip to content

Terraform

Terraform #52

Workflow file for this run

name: "Terraform"
on:
# Trigger a specific workflow run on demand without need for a code push/pull request
workflow_dispatch:
inputs:
# clusterName:
# description: "Name of the GKE cluster"
# required: true
# gkeRegion:
# description: "GKE region for the cluster"
# required: true
action:
description: "Action to perform (apply/destroy)"
required: true
jobs:
apply_cluster:
permissions:
contents: "write"
id-token: "write"
runs-on: ubuntu-latest
# Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
defaults:
run:
shell: bash
if: ${{ github.event.inputs.action == 'apply' }}
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v3
- id: "auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v2"
with:
workload_identity_provider: "projects/1006240973223/locations/global/workloadIdentityPools/create-cluster-workflow/providers/github-actions-terraform"
service_account: "[email protected]"
access_token_lifetime: 300s
create_credentials_file: true
cleanup_credentials: true
access_token_scopes: https://www.googleapis.com/auth/cloud-platform
id_token_include_email: false
- name: Set up Google Cloud SDK
uses: google-github-actions/setup-gcloud@v2
with:
project_id: code-idp
# Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
# Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terraform Init
run: terraform init
# formats the file
- name: Terraform Format
run: terraform fmt
# Generates an execution plan for Terraform
- name: Terraform Plan
run: terraform plan -var 'auth_token=$(gcloud auth application-default print-access-token)'
# Apply terraform
- name: Terraform Apply
run: terraform apply -var 'auth_token=$(gcloud auth application-default print-access-token)'
- name: Terraform output
run: terraform output
destroy_cluster:
runs-on: ubuntu-latest
# Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
defaults:
run:
shell: bash
if: ${{ github.event.inputs.action == 'destroy' }}
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
- name: Set up Google Cloud SDK
uses: google-github-actions/setup-gcloud@v2
with:
project_id: deploying-with-terraform
# Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
# Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terraform Init
run: terraform init
# formats the file
- name: Terraform Format
run: terraform fmt
# Destroy cluster
- name: Terraform Destroy
run: terraform destroy -var 'gcp_credentials=${{ secrets.GCP_SA_KEY }}' -var 'gke_cluster_name=${{ github.event.inputs.clusterName }}' -var 'gcp_region=${{ github.event.inputs.gkeRegion }}' -auto-approve