Terraform Plan and Apply #81

Workflow file for this run

.github/workflows/terraform.yml at daddd5a

	name: Terraform Plan and Apply
	on:
	# push:
	# branches:
	# - main
	workflow_dispatch:
	inputs:
	run_terraform:
	description: 'Run Terraform job'
	required: false
	default: 'true'
	run_ansible:
	description: 'Run Ansible job'
	required: false
	default: 'true'
	run_teleport:
	description: 'Run Teleport job'
	required: false
	default: 'true'

	jobs:
	terraform:
	if: ${{ github.event.inputs.run_terraform != 'false' }}
	runs-on: ubuntu-latest
	env:
	TF_TOKEN_app_terraform_io: ${{ secrets.TF_TOKEN_APP_TERRAFORM_IO }}
	ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
	ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
	ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}

	defaults:
	run:
	working-directory: ./terraform

	steps:
	- uses: actions/checkout@v2

	- uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: latest

	- run: terraform init

	- run: terraform plan -out=tfplan


	- name: Validate terraform formatting
	run: terraform fmt -check

	- name: Terraform Validate
	run: terraform validate

	- run: terraform apply -auto-approve tfplan


	- name: Get Master Public IP
	id: master_ip
	run: echo "MASTER_IP=$(bash ./scripts/get_master_ip.sh)" >> $GITHUB_ENV
	working-directory: .


	- name: Update All Dynu DNS Records
	run: \|
	# Update main domai + wildcard
	curl -X POST "https://api.dynu.com/v2/dns/12956376" \
	-H "accept: application/json" \
	-H "API-Key: ${{ secrets.DYNU_API_KEY }}" \
	-H "Content-Type: application/json" \
	-d '{
	"id": 12956376,
	"name": "exploravis.mywire.org",
	"unicodeName": "exploravis.mywire.org",
	"ipv4Address": "'$MASTER_IP'",
	"ipv6Address": null,
	"ttl": 120,
	"ipv4": true,
	"ipv6": false,
	"ipv4WildcardAlias": true,
	"ipv6WildcardAlias": false
	}'

	# Update main domain A record
	curl -X POST "https://api.dynu.com/v2/dns/12956376/record/16541388" \
	-H "accept: application/json" \
	-H "API-Key: ${{ secrets.DYNU_API_KEY }}" \
	-H "Content-Type: application/json" \
	-d '{
	"nodeName": "",
	"recordType": "A",
	"ttl": 120,
	"state": true,
	"group": "",
	"ipv4Address": "'$MASTER_IP'"
	}'

	# Update teleport subdomain
	curl -X POST "https://api.dynu.com/v2/dns/12956376/record/16541285" \
	-H "accept: application/json" \
	-H "API-Key: ${{ secrets.DYNU_API_KEY }}" \
	-H "Content-Type: application/json" \
	-d '{
	"nodeName": "teleport",
	"recordType": "A",
	"ttl": 120,
	"state": true,
	"group": "",
	"ipv4Address": "'$MASTER_IP'"
	}'

	- name: Send Slack alert
	run: \|
	curl -X POST -H 'Content-type: application/json' --data '{"text":"Terraform infrastructure has been provisioned, dynu ddns has been configured in https://teleport.exploravis.mywire.org/"}' ${{ secrets.SLACK_WEBHOOK }}



	ansible:
	if: ${{ github.event.inputs.run_ansible != 'false' }}
	name: Ansible Kubernetes Deployment
	runs-on: ubuntu-latest
	needs: terraform
	env:
	TF_TOKEN_app_terraform_io: ${{ secrets.TF_TOKEN_APP_TERRAFORM_IO }}
	ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
	ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
	ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
	defaults:
	run:
	working-directory: .

	steps:
	- name: Checkout repo
	uses: actions/checkout@v2


	- uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: latest

	- run: terraform init -reconfigure
	working-directory: ./terraform


	- name: Generate ansible inventory
	run: bash ./scripts/generate_ansible_inv.sh

	- name: Run Ansible Inventory
	run: bash ./scripts/install_k3s.sh


	- name: Send Slack alert
	run: \|
	curl -X POST -H 'Content-type: application/json' --data '{"text":"Kubernetes has been installed and configured on the cluster"}' ${{ secrets.SLACK_WEBHOOK }}


	teleport:
	if: ${{ github.event.inputs.run_teleport != 'false' }}
	name: Install and setup Teleport with github
	runs-on: ubuntu-latest
	needs: ansible
	env:
	TF_TOKEN_app_terraform_io: ${{ secrets.TF_TOKEN_APP_TERRAFORM_IO }}
	ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
	ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
	ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
	EA_GITHUB_CLIENT_ID: ${{ secrets.EA_GITHUB_CLIENT_ID }}
	EA_GITHUB_CLIENT_SECRET: ${{ secrets.EA_GITHUB_CLIENT_SECRET }}
	ANSIBLE_VAULT_PASSWORD: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}

	defaults:
	run:
	working-directory: .

	steps:
	- name: Checkout repo
	uses: actions/checkout@v2


	- uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: latest

	- run: terraform init -reconfigure
	working-directory: ./terraform


	- name: Generate ansible inventory
	run: bash ./scripts/generate_ansible_inv.sh

	- name: Run Ansible Inventory
	run: bash ./scripts/setup_teleport.sh

	- name: Send Slack alert
	run: \|
	curl -X POST -H 'Content-type: application/json' --data '{"text":"Teleport has been installed and configured on the master VM https://teleport.exploravis.mywire.org"}' ${{ secrets.SLACK_WEBHOOK }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Terraform Plan and Apply #81

Workflow file

Terraform Plan and Apply #81

Uh oh!

Workflow file for this run