Last active
June 30, 2023 04:37
-
-
Save djheru/6fc53ebc5d753c8bda0ebc9abb366151 to your computer and use it in GitHub Desktop.
Terraform Sandbox
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Local .terraform directories | |
**/.terraform/* | |
# .tfstate files | |
*.tfstate | |
*.tfstate.* | |
# Crash log files | |
crash.log | |
# Exclude all .tfvars files, which are likely to contain sentitive data, | |
# such as password, private keys, and other secrets. These should not be part of version control | |
*.tfvars |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
application_id=$1 | |
aws_account_id=$2 | |
aws_region=$3 | |
bucket_name="polaris-${application_id}-${aws_account_id}-tf-state" | |
dynamodb_table_name="polaris-${application_id}-${aws_account_id}-tf-lock" | |
# Empty the S3 bucket | |
aws s3 rm s3://$bucket_name --recursive | |
# Delete the S3 bucket | |
aws s3api delete-bucket --bucket $bucket_name --region $aws_region | |
# Delete the DynamoDB table | |
aws dynamodb delete-table --table-name $dynamodb_table_name --region $aws_region |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Fail script on any error | |
set -e | |
# Input arguments | |
APP_ID=$1 | |
AWS_REGION=$2 | |
# Get AWS account id | |
AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text) | |
# Define the bucket name | |
BUCKET_NAME="polaris-${APP_ID}-${AWS_ACCOUNT_ID}-tf-state" | |
# Check if the S3 bucket exists and create if it does not | |
if ! aws s3api head-bucket --bucket $BUCKET_NAME 2>/dev/null; then | |
echo "Bucket does not exist, creating..." | |
aws s3api create-bucket --bucket $BUCKET_NAME --region $AWS_REGION --create-bucket-configuration LocationConstraint=$AWS_REGION | |
else | |
echo "Bucket exists" | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import { Injectable } from '@nestjs/common'; | |
import { Octokit } from "@octokit/rest"; | |
@Injectable() | |
export class GithubActionsService { | |
private octokit: Octokit; | |
constructor() { | |
this.octokit = new Octokit({ auth: `YOUR_PERSONAL_GITHUB_TOKEN` }); | |
} | |
async triggerWorkflow(applications: { [key: string]: string }) { | |
await this.octokit.actions.createWorkflowDispatch({ | |
owner: "GITHUB_USERNAME", | |
repo: "REPO_NAME", | |
workflow_id: "terraform_apply.yml", | |
ref: "master", | |
inputs: { | |
logLevel: "INFO", | |
applications: JSON.stringify(applications), | |
}, | |
}); | |
} | |
async triggerWorkflow1(inputs: { | |
logLevel: string, | |
viz_vector_deploy: string, | |
chyron_deploy: string, | |
tag_vs_deploy: string, | |
telos_deploy: string, | |
application_id: string, | |
}) { | |
await this.octokit.actions.createWorkflowDispatch({ | |
owner: "GITHUB_USERNAME", | |
repo: "REPO_NAME", | |
workflow_id: "terraform_apply.yml", | |
ref: "master", | |
inputs, | |
}); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
backend "s3" { | |
key = "state" | |
encrypt = true | |
} | |
} | |
provider "aws" { | |
region = "us-east-1" | |
} | |
module "VizVectar" { | |
source = "./module" | |
app_id = var.applications["VizVectar"] | |
ami_id = var.ami_id | |
subnet_id = var.subnet_id | |
sg_id = var.security_group_id | |
instance_type = var.instance_type | |
} | |
module "Chyron" { | |
source = "./module" | |
app_id = var.applications["Chyron"] | |
ami_id = var.ami_id | |
subnet_id = var.subnet_id | |
sg_id = var.security_group_id | |
instance_type = var.instance_type | |
} | |
module "TagVS" { | |
source = "./module" | |
app_id = var.applications["TagVS"] | |
ami_id = var.ami_id | |
subnet_id = var.subnet_id | |
sg_id = var.security_group_id | |
instance_type = var.instance_type | |
} | |
module "Telos" { | |
source = "./module" | |
app_id = var.applications["Telos"] | |
ami_id = var.ami_id | |
subnet_id = var.subnet_id | |
sg_id = var.security_group_id | |
instance_type = var.instance_type | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
resource "aws_instance" "application" { | |
ami = var.ami_id | |
instance_type = var.instance_type | |
subnet_id = var.subnet_id | |
vpc_security_group_ids = [var.sg_id] | |
user_data = <<-EOF | |
#!/bin/bash | |
apt-get update | |
apt-get install -y apache2 | |
sed -i -e 's/80/8080/' /etc/apache2/ports.conf | |
echo "${var.app_id}" > /var/www/html/index.html | |
systemctl restart apache2 | |
EOF | |
tags = { | |
Name = "${var.app_name}" | |
applicationId = "${var.app_id}" | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
variable "app_id" { | |
description = "Application ID for tagging the EC2 instance" | |
type = string | |
} | |
variable "ami_id" { | |
description = "AMI ID for the EC2 instance" | |
type = string | |
} | |
variable "subnet_id" { | |
description = "Subnet ID for the EC2 instance" | |
type = string | |
} | |
variable "sg_id" { | |
description = "Security Group ID for the EC2 instance" | |
type = string | |
} | |
variable "instance_type" { | |
description = "Instance type for the EC2 instance" | |
type = string | |
default = "t2.micro" | |
} | |
variable "app_name" { | |
description = "Application name for tagging the EC2 instance" | |
type = string | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"VizVectar": { | |
"application_id": "viz1", | |
"instance_type": "t2.micro", | |
"ami": "ami-0abcdef1234567890" | |
}, | |
"Chyron": { | |
"application_id": "chyron1", | |
"instance_type": "t2.micro", | |
"ami": "ami-0abcdef1234567890" | |
}, | |
"TagVS": { | |
"application_id": "tagvs1", | |
"instance_type": "t2.micro", | |
"ami": "ami-0abcdef1234567890" | |
}, | |
"Telos": { | |
"application_id": "telos1", | |
"instance_type": "t2.micro", | |
"ami": "ami-0abcdef1234567890" | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Terraform Apply' | |
on: | |
workflow_dispatch: | |
inputs: | |
awsAccountId: | |
description: 'AWS Account Id' | |
required: true | |
awsRegion: | |
description: 'AWS Region' | |
required: true | |
applicationId: | |
description: 'Application Id' | |
required: true | |
jobs: | |
terraform: | |
name: 'Terraform' | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./terraform | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v1 | |
with: | |
terraform_version: 0.12.x | |
- name: Check and Create S3 Bucket and DynamoDB Table | |
run: bash ./scripts/check_and_create_bucket.sh ${{ github.event.inputs.applicationId }} ${{ github.event.inputs.awsAccountId }} ${{ github.event.inputs.awsRegion }} | |
- name: Terraform Init | |
run: terraform init | |
- name: Terraform Validate | |
run: terraform validate | |
- name: Terraform Plan | |
run: terraform plan -var-file="application.tfvars.json" | |
- name: Terraform Apply | |
run: terraform apply -auto-approve -var-file="application.tfvars.json" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Terraform Destroy' | |
on: | |
workflow_dispatch: | |
inputs: | |
awsAccountId: | |
description: 'AWS Account Id' | |
required: true | |
awsRegion: | |
description: 'AWS Region' | |
required: true | |
applicationId: | |
description: 'Application Id' | |
required: true | |
jobs: | |
terraform: | |
name: 'Terraform' | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./terraform | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v1 | |
with: | |
terraform_version: 0.12.x | |
- name: Terraform Init | |
run: terraform init | |
- name: Terraform Validate | |
run: terraform validate | |
- name: Terraform Plan Destroy | |
run: terraform plan -destroy -var-file="application.tfvars.json" | |
- name: Terraform Apply Destroy | |
run: terraform destroy -auto-approve -var-file="application.tfvars.json" | |
- name: Cleanup S3 Bucket and DynamoDB Table | |
run: bash ./scripts/cleanup_resources.sh ${{ github.event.inputs.applicationId }} ${{ github.event.inputs.awsAccountId }} ${{ github.event.inputs.awsRegion }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
variable "applications" { | |
description = "A map of applications to be deployed with their respective application_id" | |
type = map(string) | |
} | |
variable "instance_type" { | |
description = "Instance type for the EC2 instances" | |
type = string | |
default = "t2.micro" | |
} | |
variable "ami_id" { | |
description = "AMI ID for the EC2 instances" | |
type = string | |
} | |
variable "subnet_id" { | |
description = "Subnet ID for the EC2 instances" | |
type = string | |
} | |
variable "security_group_id" { | |
description = "Security Group ID for the EC2 instances" | |
type = string | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment