Skip to content

InsightDI/mastery-github-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
.github/workflows
.github/workflows
 
 
ci-cd
ci-cd
 
 
docs
docs
 
 
services/sbus-queue-reader
services/sbus-queue-reader
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 

Repository files navigation

Continuous Integration with GitHub Actions and HashiCorp Terraform

GitHub Actions, repos, and packages examples

Manually Created sources

  • Service Account to run pipelines
  • Storage account for Terraform State and Plan files
  • AzDO Project
  • GitHub repository
  • GitHub secrets

Overview

In this scenario, continuous integration of an Azure environment is desired. Configuration is managed via HashiCorp Terraform. Continuous Integration is managed via GitHub Actions. By loading the necessary Terraform configuration files into this repository along with two GitHub Workflows, the Terraform files can be used to Plan and Apply into the target environment.

Details

This repository contains three GitHub Workflow files:

Terraform Plan

  • Checks the Terraform configuration for security vulnerabilities with tfsec.

  • Loads the Terraform CLI wrapper with Setup Terraform

  • Terraform CLI performs an Init and Plan based on the pull request's configuration.

  • GitHub Actions Bot adds a comment to the pull request with the results. Example Pull Request

You can view pervious Terraform Plan workflows here.

Terraform Apply

  • Loads the Terraform CLI wrapper with Setup Terraform

  • Terraform CLI performs an Init and Apply based on the new push configuration.

You can view pervious Terraform Apply workflows here.

Credentials

Credentials are stored in GitHub secrets.

CLIENTSECRET is the password for the Service Principal deploying the Terraform.

ACCESSKEY is the access key for the storage account where the Terraform State files are stored.

Terraform Documentation

Requirements

Name Version
terraform >= 0.12.29
azuredevops >= 0.0.1
azurerm 2.14
random 2.3.0

Providers

Name Version
azurerm 2.14

Inputs

Name Description Type Default Required
app_name The application to which the Terraform configuration is beholden string "mastery" no
client_id n/a string n/a yes
client_secret n/a string n/a yes
environment The environment to which the Terraform configuration will be deployed string "dev" no
region_primary The primary region to which the Terraform configuration is deployed string "eastus2" no
subscription_id n/a string n/a yes
tags The default tags to be applied to infrastructure map {} no
tenant_id n/a string n/a yes

Outputs

No output.

About

Repo to demonstrate the capabilities of GitHub during Mastery 2020

Resources

Readme

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

1 fork
Report repository

Releases 1

v1.0.0 Latest
Aug 11, 2020

Packages

 
 
 

Contributors

Languages