Header Ads

Header ADS

Automate Terraform with GitHub Actions

    GitHub Actions is a powerful tool for automating workflows in your GitHub repositories. You can use it to build, test, and deploy your code, as well as automate other tasks.

This is not a complicated task to do so but requires attention when you're working in the production environment, and also when you have teams to dealing, this should require a process that should be followed by the teams to avoid any issues. 

Also should be fine if you create extra actions, to validate the PR and also send notifications via your message tool, which can be done on the terraform cloud or via GHA. 

The goal of this automation is to have the process of integration between terraform cloud and GitHub actions working properly to avoid the teams making any changes via CLI, and also the state file will be stored where? On terraform cloud. 

I'll not describe each step here in this post, but, to see this working you can take a look at one of my labs isweluiz/terraform, moving forward will be pretty interested if you take the time to have a look at the action documentation HashiCorp Action.

Follow the following documentation to get it ready https://developer.hashicorp.com/terraform/tutorials/automation/github-actions#set-up-a-github-repository

To summarize, the actions we need to take to have the integration working are: 

  1. Sign up for a Terraform Cloud account, if you don't already have one.
  2. Set up a new workspace in Terraform Cloud. You'll need to provide a name and select a version control provider (e.g., GitHub).
  3. In your GitHub repository, create a new file in the .github/workflows directory named terraform.yml. This file will define the workflow that will be run when you commit changes to your repository.
  4. In the terraform.yml file, define the job that will be run as part of your workflow. You'll need to specify the name of the job, as well as the steps that should be taken to run it.
  5. For each step in the job, specify the action that should be taken. For example, you might use the hashicorp/terraform-github-actions action to run a Terraform plan or apply.
  6. Optionally, you can also set up secrets in your GitHub repository to store sensitive information, such as your Terraform Cloud API token.
  7. Commit and push your changes to your GitHub repository. The workflow will be automatically triggered when you push changes to the repository.

As I said it's not complicated, the workflow basically will work like the following: 

  1. check whether the configuration is formatted properly to demonstrate how you can enforce best practices
  2. generate a plan for every pull request
  3. apply the configuration when you update the main branch

Then, you will create and merge a pull request to test the workflow.

After all your infrastructure will be provisioned as needed if it's all right, you and your team will be able to see the result of the plan and of the execution via terraform cloud GUI. 

No comments

Theme images by sandsun. Powered by Blogger.