Terraform Apply #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Terraform Apply' | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| module: | |
| type: choice | |
| description: "Select which module to deploy" | |
| options: | |
| - module-1 | |
| - module-2 | |
| required: true | |
| permissions: write-all | |
| jobs: | |
| terraform: | |
| name: 'Terraform' | |
| runs-on: ubuntu-latest | |
| environment: production | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_REGION: "us-east-1" | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Set Account ID | |
| id: account | |
| run: | | |
| echo "::set-output name=ACCOUNT_ID::$(aws sts get-caller-identity --query Account --output text)" | |
| - name: Check previous AWSGoat Deployment | |
| id: check | |
| run: | | |
| echo $ACCOUNT_ID | |
| aws s3api head-object --bucket do-not-delete-awsgoat-state-files-${{ steps.account.outputs.ACCOUNT_ID }} --key terraform.tfstate | |
| continue-on-error: true | |
| - name: Exit if previous deployment exists | |
| if: steps.check.outcome == 'success' | |
| run: | | |
| echo "A Previous AWSGoat deployment exists, run the Terraform Destroy Action" | |
| exit 1 | |
| # Initialize a new or existing Terraform working directory | |
| - name: Terraform Init | |
| run: | | |
| cd modules/${{ github.event.inputs.module }} | |
| terraform init | |
| # Installs boto3 | |
| - uses: actions/setup-python@v2 | |
| with: | |
| python-version: 3 | |
| - name: install | |
| run: | | |
| pip install boto3 | |
| - name: Terraform Plan | |
| id: plan | |
| run: | | |
| cd modules/${{ github.event.inputs.module }} | |
| terraform plan -input=false | |
| continue-on-error: false | |
| - name: Terraform Plan Status | |
| if: steps.plan.outcome == 'failure' | |
| run: exit 1 | |
| - name: Terraform Apply | |
| run: | | |
| cd modules/${{ github.event.inputs.module }} | |
| terraform apply -auto-approve -input=false | |
| continue-on-error: false | |
| # Copy tfstate file to s3 bucket | |
| - name: Copy terraform.tfstate file to s3bucket | |
| if: always() | |
| run: | | |
| cd modules/${{ github.event.inputs.module }} | |
| aws s3 cp ./terraform.tfstate s3://do-not-delete-awsgoat-state-files-${{ steps.account.outputs.ACCOUNT_ID }}/terraform.tfstate | |
| # Terraform Output the API Gateway url | |
| - name: Application URL | |
| run: | | |
| cd modules/${{ github.event.inputs.module }} | |
| terraform output |