Stage

.github/workflows/terraform.yml

@@ -0,0 +1,92 @@
+name: "Vprofile IAC"
+
+on:
+  push:
+    branches:
+      - main
+      - stage
+    paths:
+      - terraform/**
+  pull_request:
+    branches:
+      - main
+    paths:
+      - terraform/**
+
+env:
+  BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }}
+  AWS_REGION: us-east-1
+  EKS_CLUSTER: vprofile-eks
+
+jobs:
+  terraform:
+    name: "Terraform Infrastructure Pipeline"
+    runs-on: ubuntu-latest
+
+    defaults:
+      run:
+        shell: bash
+        working-directory: ./terraform
+
+    steps:
+      # Checkout repo
+      - name: Checkout source code
+        uses: actions/checkout@v4
+
+      # Configure AWS credentials
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      # Setup Terraform (pin version)
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: 1.6.3
+
+      # Terraform init (remote backend)
+      - name: Terraform init
+        run: |
+          terraform init \
+            -backend-config="bucket=${BUCKET_TF_STATE}" \
+            -backend-config="key=vprofile/terraform.tfstate" \
+            -backend-config="region=${AWS_REGION}"
+
+      # Terraform format check
+      - name: Terraform format
+        run: terraform fmt -check
+
+      # Terraform validate
+      - name: Terraform validate
+        run: terraform validate
+
+      # Terraform plan
+      - name: Terraform plan
+        id: plan
+        run: terraform plan -no-color -input=false -out planfile
+        continue-on-error: true
+
+      # Fail workflow if plan fails
+      - name: Terraform plan status
+        if: steps.plan.outcome == 'failure'
+        run: exit 1
+
+      # Terraform apply (main branch only)
+      - name: Terraform apply
+        id: apply
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+        run: terraform apply -auto-approve -input=false planfile
+
+      # Update kubeconfig after EKS is created/updated
+      - name: Update kubeconfig
+        if: steps.apply.outcome == 'success'
+        run: aws eks update-kubeconfig --region $AWS_REGION --name $EKS_CLUSTER
+
+      # Install Ingress Controller (cluster add-on)
+      - name: Install Ingress controller
+        if: steps.apply.outcome == 'success'
+        run: |
+          kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml

terraform/eks-cluster.tf

@@ -3,7 +3,7 @@ module "eks" {
   version = "19.19.1"
 
   cluster_name    = local.cluster_name
-  cluster_version = "1.27"
+  cluster_version = "1.29"
 
   vpc_id                         = module.vpc.vpc_id
   subnet_ids                     = module.vpc.private_subnets

terraform/terraform.tf

@@ -27,9 +27,9 @@ terraform {
   }
 
   backend "s3" {
-    bucket = "gitopsterrastate"
+    bucket = "kops-state-9527"
     key    = "terraform.tfstate"
-    region = "us-east-2"
+    region = "us-east-1"
   }
 
   required_version = "~> 1.6.3"

terraform/variables.tf

@@ -1,11 +1,13 @@
 variable "region" {
   description = "AWS region"
   type        = string
-  default     = "us-east-2"
+  default     = "us-east-1"
 }
 
 variable "clusterName" {
   description = "Name of the EKS cluster"
   type        = string
-  default     = "kitops-eks"
+  default     = "vprofile-eks"
 }
+
+####