From af003e6e5adb3ded8522a70dd2dfa66c0a676aea Mon Sep 17 00:00:00 2001 From: ajithkumars3131 Date: Fri, 16 May 2025 11:47:00 +0530 Subject: [PATCH 1/7] github --- .github/workflows/terraform.yml | 113 ++++++++++++++++++++++++++++++++ terraform/eks-cluster.tf | 67 +++++++++++++------ terraform/main.tf | 26 ++++++-- terraform/outputs.tf | 13 ++-- terraform/terraform.tf | 21 +++--- terraform/variables.tf | 19 ++++++ terraform/vpc.notes | 98 +++++++++++++++++++++++++++ terraform/vpc.tf | 29 ++++---- 8 files changed, 330 insertions(+), 56 deletions(-) create mode 100644 .github/workflows/terraform.yml create mode 100644 terraform/vpc.notes diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml new file mode 100644 index 000000000..94d3568aa --- /dev/null +++ b/.github/workflows/terraform.yml @@ -0,0 +1,113 @@ +# Workflow name +name: "Vporfile IAC" + +# Trigger the workflow on push or pull request to specific branches and paths +on: + push: + branches: + - main # Run on push to 'main' + - stage # Run on push to 'stage' + paths: + - terraform/** # Only if files in 'terraform/' are changed + pull_request: + branches: + - main # Run on PR to 'main' + paths: + - terraform/** # Only if files in 'terraform/' are affected + +# Set environment variables available to all jobs +env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} # AWS access key from secrets + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # AWS secret key from secrets + BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }} # Terraform backend bucket name from secrets + AWS_REGION: us-east-2 # AWS region + EKS_CLUSTER: vprofile-eks # EKS cluster name + +jobs: + terraform: + name: "Apply terraform code changes" + runs-on: ubuntu-latest # Use latest Ubuntu runner + + defaults: + run: + shell: bash # Use Bash shell + working-directory: ./terraform # Set working directory for all run steps + + steps: + - name: Checkout source code + uses: actions/checkout@v4 # Checks out the repo content to the runner + + - name: Setup Terraform with specified version on the runner + uses: hashicorp/setup-terraform@v2 # Installs Terraform CLI + # Optional version specification commented out + # with: + # terraform_version: 1.6.3 + + - name: Terraform init + id: init + run: terraform init -backend-config="bucket=$BUCKET_TF_STATE" # Initializes Terraform with backend config + + - name: Terraform format + id: fmt + run: terraform fmt -check # Checks formatting of Terraform files + + - name: Terraform validate + id: validate + run: terraform validate # Validates Terraform configuration + + - name: Terraform plan + id: plan + run: terraform plan -no-color -input=false -out planfile # Creates an execution plan + continue-on-error: true # Allows workflow to continue even if plan fails + + - name: Terraform plan status + if: steps.plan.outcome == 'failure' # Only run if the plan step failed + run: exit 1 # Forces a failure in the workflow + + + + + + + + + + + +/* + +Workflow Triggers +Push Events: Runs when changes are pushed to main or stage branches, specifically targeting Terraform files (terraform/**). + +Pull Requests: Executes for pull requests to main, ensuring Terraform modifications are validated before merging. + +Environment Variables +AWS Credentials (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): Stored securely in GitHub secrets for authentication. + +Terraform State Storage (BUCKET_TF_STATE): Specifies the S3 bucket used to persist Terraform state. + +AWS Configuration (AWS_REGION): Defines the deployment region as us-east-2. + +EKS Cluster Reference (EKS_CLUSTER): Sets the target Kubernetes cluster for Terraform provisioning. + +Job Execution (terraform) +Runs on ubuntu-latest: Uses a Linux runner for Terraform execution. + +Sets Default Shell & Working Directory: Ensures Terraform commands execute correctly within ./terraform. + +Steps Breakdown +Checkout Repository: Pulls the source code (actions/checkout@v4). + +Setup Terraform: Installs Terraform on the runner (hashicorp/setup-terraform@v2). + +Initialize Terraform (terraform init): Configures backend storage using the S3 bucket. + +Format Check (terraform fmt -check): Ensures code follows Terraform formatting standards. + +Validation (terraform validate): Confirms Terraform configuration correctness. + +Plan Execution (terraform plan -no-color -input=false -out planfile): Generates an execution plan for resource changes. + +Error Handling (steps.plan.outcome == 'failure' β†’ exit 1): Stops execution if planning fails. + +*/ \ No newline at end of file diff --git a/terraform/eks-cluster.tf b/terraform/eks-cluster.tf index 2c4610920..dc11231b1 100644 --- a/terraform/eks-cluster.tf +++ b/terraform/eks-cluster.tf @@ -1,38 +1,67 @@ module "eks" { - source = "terraform-aws-modules/eks/aws" - version = "19.19.1" + source = "terraform-aws-modules/eks/aws" # Uses the AWS EKS module from Terraform Registry + version = "19.19.1" # Specifies the module version - cluster_name = local.cluster_name - cluster_version = "1.27" + cluster_name = local.cluster_name # Defines the EKS cluster name + cluster_version = "1.27" # Sets the Kubernetes version for the cluster - vpc_id = module.vpc.vpc_id - subnet_ids = module.vpc.private_subnets - cluster_endpoint_public_access = true + vpc_id = module.vpc.vpc_id # References VPC ID for EKS cluster networking + subnet_ids = module.vpc.private_subnets # Specifies private subnets for the cluster + cluster_endpoint_public_access = true # Enables public access to the EKS API endpoint eks_managed_node_group_defaults = { - ami_type = "AL2_x86_64" - + ami_type = "AL2_x86_64" # Sets default Amazon Linux 2 AMI type for node groups } eks_managed_node_groups = { one = { - name = "node-group-1" + name = "node-group-1" # Defines the first managed node group - instance_types = ["t3.small"] + instance_types = ["t3.small"] # Specifies instance type for the worker nodes - min_size = 1 - max_size = 3 - desired_size = 2 + min_size = 1 # Minimum number of nodes in the group + max_size = 3 # Maximum number of nodes allowed + desired_size = 2 # Desired number of nodes initially } two = { - name = "node-group-2" + name = "node-group-2" # Defines the second managed node group - instance_types = ["t3.small"] + instance_types = ["t3.small"] # Specifies instance type for this node group - min_size = 1 - max_size = 2 - desired_size = 1 + min_size = 1 # Minimum number of nodes in the group + max_size = 2 # Maximum number of nodes allowed + desired_size = 1 # Desired number of nodes initially } } } + + +/* + +Deploys an AWS EKS cluster with managed node groups for scalable Kubernetes workloads. πŸš€ Let me know if you need further details! + +*/ + + +/* + +This eks_managed_node_groups section in your Terraform code defines and configures AWS EKS managed node groups. Here's what it does: + +Creates two managed node groups (node-group-1 & node-group-2) for the EKS cluster. + +Assigns instance types (t3.small) to each node group. + +Defines auto-scaling parameters: + +min_size: Minimum number of nodes. + +max_size: Maximum allowed nodes. + +desired_size: Initial number of nodes when deployed. + +These settings ensure that Kubernetes worker nodes are provisioned efficiently, automatically scaled, and optimized for workload demands within the EKS cluster. πŸš€ + +Let me know if you need further details! + +*/ \ No newline at end of file diff --git a/terraform/main.tf b/terraform/main.tf index 94b6fc75a..d950bfe0f 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -1,16 +1,30 @@ provider "kubernetes" { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + host = module.eks.cluster_endpoint # Connects to the EKS cluster endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) # Decodes the cluster CA certificate for secure communication } provider "aws" { - region = var.region + region = var.region # Specifies AWS region for resource provisioning } -data "aws_availability_zones" "available" {} +data "aws_availability_zones" "available" {} # Fetches available AWS availability zones dynamically locals { - cluster_name = var.clusterName + cluster_name = var.clusterName # Defines the local variable for the EKS cluster name } -## \ No newline at end of file +/* + +This Terraform configuration sets up the required providers and resources for deploying and managing an AWS EKS (Elastic Kubernetes Service) cluster. Here’s the purpose of each section: + +Kubernetes Provider: Connects to the EKS cluster using its endpoint and certificate for managing Kubernetes resources. + +AWS Provider: Specifies the AWS region where infrastructure resources will be provisioned. + +AWS Availability Zones Data Source: Fetches available AWS availability zones dynamically to optimize resource placement. + +Locals Block: Defines a local variable cluster_name that holds the name of the EKS cluster, improving modularity and reusability. + +Overall, this code is part of a Terraform-based infrastructure-as-code setup to streamline AWS Kubernetes deployments efficiently. Let me know if you need further details or modifications! πŸš€ + +*/ \ No newline at end of file diff --git a/terraform/outputs.tf b/terraform/outputs.tf index 7d55c64ae..52add93cf 100644 --- a/terraform/outputs.tf +++ b/terraform/outputs.tf @@ -1,20 +1,19 @@ output "cluster_name" { description = "Amazon Web Service EKS Cluster Name" - value = module.eks.cluster_name + value = module.eks.cluster_name # Outputs the EKS cluster name } output "cluster_endpoint" { - description = "Endpoint for Amazon Web Service EKS " - value = module.eks.cluster_endpoint + description = "Endpoint for Amazon Web Service EKS" + value = module.eks.cluster_endpoint # Provides the API endpoint for Kubernetes access } output "region" { description = "Amazon Web Service EKS Cluster region" - value = var.region + value = var.region # Displays the AWS region where the EKS cluster is deployed } - output "cluster_security_group_id" { - description = "Security group ID for the Amazon Web Service EKS Cluster " - value = module.eks.cluster_security_group_id + description = "Security group ID for the Amazon Web Service EKS Cluster" + value = module.eks.cluster_security_group_id # Outputs the security group ID for network access control } diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 67b75c673..e4f30c877 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -2,38 +2,35 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.25.0" + version = "~> 5.25.0" # Specifies AWS provider version } random = { source = "hashicorp/random" - version = "~> 3.5.1" + version = "~> 3.5.1" # Generates random values for resources } tls = { source = "hashicorp/tls" - version = "~> 4.0.4" + version = "~> 4.0.4" # Handles TLS certificate creation and management } cloudinit = { source = "hashicorp/cloudinit" - version = "~> 2.3.2" + version = "~> 2.3.2" # Enables cloud-init script execution for instances } kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.23.0" + version = "~> 2.23.0" # Manages Kubernetes resources from Terraform } } backend "s3" { - bucket = "gitopsterrastate" - key = "terraform.tfstate" - region = "us-east-2" + bucket = "vprofileaction1097" # Stores Terraform state remotely in an S3 bucket + key = "terraform.tfstate" # Defines the state file path in S3 + region = "us-east-2" # Specifies AWS region for the backend storage } - required_version = "~> 1.6.3" + required_version = "~> 1.6.3" # Ensures Terraform uses compatible version } -## -## -## diff --git a/terraform/variables.tf b/terraform/variables.tf index a41d982a0..71c040389 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -1,9 +1,28 @@ +/* +Purpose: Specifies the AWS region where the resources will be deployed. + +Default Value: us-east-2 (Ohio region). If no custom value is provided, Terraform will use this region. + +Usage: Ensures flexibility, allowing deployments to different AWS regions based on user input. + +*/ + variable "region" { description = "AWS region" type = string default = "us-east-2" } +/* + +Purpose: Defines the name of the Kubernetes cluster created with AWS Elastic Kubernetes Service (EKS). + +Default Value: "kitops-eks", but it can be customized per environment. + +Usage: Helps uniquely identify the EKS cluster within AWS for managing containerized applications. + +*/ + variable "clusterName" { description = "Name of the EKS cluster" type = string diff --git a/terraform/vpc.notes b/terraform/vpc.notes new file mode 100644 index 000000000..b2239dba3 --- /dev/null +++ b/terraform/vpc.notes @@ -0,0 +1,98 @@ +Today +ehat is used of the commond +It looks like you might be asking about the use of a commandβ€”could you clarify a bit? Are you referring to command-line commands in a computer, commands in programming, or something else entirely? I'm happy to help! + +git config core.Ssh coomand "ssh -i ~/.ssh/New_Gitops -F /dev/null" +It looks like you're trying to configure Git to use a specific SSH command. Your command: + +sh +git config core.sshCommand "ssh -i ~/.ssh/New_Gitops -F /dev/null" +does the following: + +core.sshCommand is a Git configuration setting that specifies a custom SSH command to use for Git operations. + +ssh -i ~/.ssh/New_Gitops tells SSH to use the private key New_Gitops located in the ~/.ssh/ directory. + +-F /dev/null disables the use of an SSH configuration file by specifying /dev/null (essentially an empty file). + +This setup ensures that Git uses the specified SSH key for authentication while ignoring any existing SSH config file that might interfere. + +If you're configuring access to a remote Git repository with this, make sure that the corresponding public key (New_Gitops.pub) is added to the server or service (such as GitHub, GitLab, or Bitbucket) to allow authentication. + +Let me know if you need any tweaks or explanations! πŸš€ + +key poin only +Here are the key points of your Git command: + +core.sshCommand: Configures Git to use a custom SSH command. + +ssh -i ~/.ssh/New_Gitops: Specifies an SSH key for authentication. + +-F /dev/null: Ignores the default SSH configuration file. + +This ensures Git uses the specified SSH key while bypassing any existing SSH config. πŸš€ + +keypints os the code, this terraform what will do module "vpc" { source = "terraform-aws-modules/vpc/aws" version = "5.1.2" name = "vprofile-eks" cidr = "172.20.0.0/16" azs = slice(data.aws_availability_zones.available.names, 0, 3) private_subnets = ["172.20.1.0/24", "172.20.2.0/24", "172.20.3.0/24"] public_subnets = ["172.20.4.0/24", "172.20.5.0/24", "172.20.6.0/24"] enable_nat_gateway = true single_nat_gateway = true enable_dns_hostnames = true public_subnet_tags = { "kubernetes.io/cluster/${local.cluster_name}" = "shared" "kubernetes.io/role/elb" = 1 } private_subnet_tags = { "kubernetes.io/cluster/${local.cluster_name}" = "shared" "kubernetes.io/role/internal-elb" = 1 } } +Here are the key points of your Terraform module: + +VPC Creation: Defines a Virtual Private Cloud (VPC) using the terraform-aws-modules/vpc/aws module. + +CIDR Block: Allocates 172.20.0.0/16 as the VPC's IP range. + +Availability Zones: Selects the first three availability zones dynamically. + +Subnet Configuration: + +Private subnets: 172.20.1.0/24, 172.20.2.0/24, 172.20.3.0/24 + +Public subnets: 172.20.4.0/24, 172.20.5.0/24, 172.20.6.0/24 + +NAT Gateway: Enables a single NAT gateway for private subnets. + +DNS Hostnames: Allows DNS hostnames within the VPC. + +Kubernetes Integration: Tags subnets to associate with an EKS cluster for load balancer (elb) and internal load balancer (internal-elb) roles. + +This setup creates a scalable, Kubernetes-ready network environment in AWS. πŸš€ Let me know if you need more details! + +More keypoint with easy understable with tags +Here are more key points in a simple format with tags: + +πŸ“Œ VPC Setup +Creates a VPC (terraform-aws-modules/vpc/aws) + +CIDR Block: 172.20.0.0/16 (Defines network range) + +Availability Zones: Uses first 3 zones dynamically + +🌐 Subnet Configuration +Private subnets: Used for backend resources + +172.20.1.0/24, 172.20.2.0/24, 172.20.3.0/24 + +Public subnets: Used for internet-facing resources + +172.20.4.0/24, 172.20.5.0/24, 172.20.6.0/24 + +πŸš€ Network Features +βœ… NAT Gateway: Enables internet access for private subnets + +βœ… Single NAT Gateway: Saves cost by using one NAT instance + +βœ… DNS Hostnames: Allows instances to resolve domain names + +πŸ“Œ Kubernetes (EKS) Integration +Public Subnet Tags: + +kubernetes.io/cluster/${local.cluster_name} = shared β†’ Links subnets to Kubernetes cluster + +kubernetes.io/role/elb = 1 β†’ Supports external load balancer + +Private Subnet Tags: + +kubernetes.io/cluster/${local.cluster_name} = shared β†’ Links subnets to Kubernetes cluster + +kubernetes.io/role/internal-elb = 1 β†’ Supports internal load balancer + +πŸ”Ή Purpose +This setup prepares a Kubernetes-ready VPC with both private and public networking, ensuring proper communication, scalability, and cost-efficient cloud operations. \ No newline at end of file diff --git a/terraform/vpc.tf b/terraform/vpc.tf index 5775ce1c3..4dba23080 100644 --- a/terraform/vpc.tf +++ b/terraform/vpc.tf @@ -1,26 +1,31 @@ module "vpc" { - source = "terraform-aws-modules/vpc/aws" - version = "5.1.2" + source = "terraform-aws-modules/vpc/aws" # Using an AWS VPC module from Terraform Registry + version = "5.1.2" # Defining the module version for consistency - name = "vprofile-eks" + name = "vprofile-eks" # Name of the VPC - cidr = "172.20.0.0/16" - azs = slice(data.aws_availability_zones.available.names, 0, 3) + cidr = "172.20.0.0/16" # Setting the CIDR range for the VPC + azs = slice(data.aws_availability_zones.available.names, 0, 3) # Selecting the first 3 availability zones dynamically + # Defining private subnets (used for backend services) private_subnets = ["172.20.1.0/24", "172.20.2.0/24", "172.20.3.0/24"] + + # Defining public subnets (used for internet-facing services) public_subnets = ["172.20.4.0/24", "172.20.5.0/24", "172.20.6.0/24"] - enable_nat_gateway = true - single_nat_gateway = true - enable_dns_hostnames = true + enable_nat_gateway = true # Enables NAT gateway for private subnets to access the internet + single_nat_gateway = true # Uses a single NAT gateway to reduce cost + enable_dns_hostnames = true # Allows instances to use DNS hostnames + # Tags for Kubernetes integration (for public subnets) public_subnet_tags = { - "kubernetes.io/cluster/${local.cluster_name}" = "shared" - "kubernetes.io/role/elb" = 1 + "kubernetes.io/cluster/${local.cluster_name}" = "shared" # Links subnet to the Kubernetes cluster + "kubernetes.io/role/elb" = 1 # Marks subnet for public Load Balancers } + # Tags for Kubernetes integration (for private subnets) private_subnet_tags = { - "kubernetes.io/cluster/${local.cluster_name}" = "shared" - "kubernetes.io/role/internal-elb" = 1 + "kubernetes.io/cluster/${local.cluster_name}" = "shared" # Links subnet to the Kubernetes cluster + "kubernetes.io/role/internal-elb" = 1 # Marks subnet for internal Load Balancers } } From 75dabc2abc0b049f6b63b1b40c442d1d4ca4b5a8 Mon Sep 17 00:00:00 2001 From: ajithkumars3131 Date: Fri, 16 May 2025 11:53:13 +0530 Subject: [PATCH 2/7] fixed the issue --- .github/workflows/terraform.yml | 43 --------------------------------- 1 file changed, 43 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 94d3568aa..f7a92685c 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -68,46 +68,3 @@ jobs: - - - - - - -/* - -Workflow Triggers -Push Events: Runs when changes are pushed to main or stage branches, specifically targeting Terraform files (terraform/**). - -Pull Requests: Executes for pull requests to main, ensuring Terraform modifications are validated before merging. - -Environment Variables -AWS Credentials (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): Stored securely in GitHub secrets for authentication. - -Terraform State Storage (BUCKET_TF_STATE): Specifies the S3 bucket used to persist Terraform state. - -AWS Configuration (AWS_REGION): Defines the deployment region as us-east-2. - -EKS Cluster Reference (EKS_CLUSTER): Sets the target Kubernetes cluster for Terraform provisioning. - -Job Execution (terraform) -Runs on ubuntu-latest: Uses a Linux runner for Terraform execution. - -Sets Default Shell & Working Directory: Ensures Terraform commands execute correctly within ./terraform. - -Steps Breakdown -Checkout Repository: Pulls the source code (actions/checkout@v4). - -Setup Terraform: Installs Terraform on the runner (hashicorp/setup-terraform@v2). - -Initialize Terraform (terraform init): Configures backend storage using the S3 bucket. - -Format Check (terraform fmt -check): Ensures code follows Terraform formatting standards. - -Validation (terraform validate): Confirms Terraform configuration correctness. - -Plan Execution (terraform plan -no-color -input=false -out planfile): Generates an execution plan for resource changes. - -Error Handling (steps.plan.outcome == 'failure' β†’ exit 1): Stops execution if planning fails. - -*/ \ No newline at end of file From bf0bdd4ccae6eea377fb6465c5938524e5e1c11e Mon Sep 17 00:00:00 2001 From: ajithkumars3131 Date: Fri, 16 May 2025 11:54:53 +0530 Subject: [PATCH 3/7] working --- .github/workflows/notes | 37 +++++++++++++++++++++++++++++++++ .github/workflows/terraform.yml | 1 + terraform/outputs.tf | 2 ++ 3 files changed, 40 insertions(+) create mode 100644 .github/workflows/notes diff --git a/.github/workflows/notes b/.github/workflows/notes new file mode 100644 index 000000000..5bdc21bb7 --- /dev/null +++ b/.github/workflows/notes @@ -0,0 +1,37 @@ +/* + +Workflow Triggers +Push Events: Runs when changes are pushed to main or stage branches, specifically targeting Terraform files (terraform/**). + +Pull Requests: Executes for pull requests to main, ensuring Terraform modifications are validated before merging. + +Environment Variables +AWS Credentials (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): Stored securely in GitHub secrets for authentication. + +Terraform State Storage (BUCKET_TF_STATE): Specifies the S3 bucket used to persist Terraform state. + +AWS Configuration (AWS_REGION): Defines the deployment region as us-east-2. + +EKS Cluster Reference (EKS_CLUSTER): Sets the target Kubernetes cluster for Terraform provisioning. + +Job Execution (terraform) +Runs on ubuntu-latest: Uses a Linux runner for Terraform execution. + +Sets Default Shell & Working Directory: Ensures Terraform commands execute correctly within ./terraform. + +Steps Breakdown +Checkout Repository: Pulls the source code (actions/checkout@v4). + +Setup Terraform: Installs Terraform on the runner (hashicorp/setup-terraform@v2). + +Initialize Terraform (terraform init): Configures backend storage using the S3 bucket. + +Format Check (terraform fmt -check): Ensures code follows Terraform formatting standards. + +Validation (terraform validate): Confirms Terraform configuration correctness. + +Plan Execution (terraform plan -no-color -input=false -out planfile): Generates an execution plan for resource changes. + +Error Handling (steps.plan.outcome == 'failure' β†’ exit 1): Stops execution if planning fails. + +*/ \ No newline at end of file diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index f7a92685c..94b0ab4bb 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -68,3 +68,4 @@ jobs: +# \ No newline at end of file diff --git a/terraform/outputs.tf b/terraform/outputs.tf index 52add93cf..d49e82ceb 100644 --- a/terraform/outputs.tf +++ b/terraform/outputs.tf @@ -17,3 +17,5 @@ output "cluster_security_group_id" { description = "Security group ID for the Amazon Web Service EKS Cluster" value = module.eks.cluster_security_group_id # Outputs the security group ID for network access control } + +# \ No newline at end of file From cc69a12925f9a168d314d6116358cc92e9b1bdf6 Mon Sep 17 00:00:00 2001 From: ajithkumars3131 Date: Fri, 16 May 2025 11:56:50 +0530 Subject: [PATCH 4/7] terraform version has been updated --- terraform/terraform.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index e4f30c877..83363cceb 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -32,5 +32,5 @@ terraform { region = "us-east-2" # Specifies AWS region for the backend storage } - required_version = "~> 1.6.3" # Ensures Terraform uses compatible version + required_version = "~> 1.12.0" # Ensures Terraform uses compatible version } From d7c847683dd910786a0070ac1f5c4ae7ca00d952 Mon Sep 17 00:00:00 2001 From: ajithkumars3131 Date: Fri, 16 May 2025 12:01:33 +0530 Subject: [PATCH 5/7] checking --- .github/workflows/terraform.yml | 2 +- terraform/terraform.tf | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 94b0ab4bb..187456537 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -49,7 +49,7 @@ jobs: - name: Terraform format id: fmt - run: terraform fmt -check # Checks formatting of Terraform files + run: terraform fmt -recursive # Checks formatting of Terraform files - name: Terraform validate id: validate diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 83363cceb..e80384fa0 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -34,3 +34,5 @@ terraform { required_version = "~> 1.12.0" # Ensures Terraform uses compatible version } + +# \ No newline at end of file From 79a8f5b749423127b2b756429d686cc087249a01 Mon Sep 17 00:00:00 2001 From: ajithkumars3131 Date: Fri, 16 May 2025 12:35:16 +0530 Subject: [PATCH 6/7] working --- .github/workflows/terraform.yml | 10 ++++++++++ terraform/terraform.tf | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 187456537..dd14637d7 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -64,6 +64,16 @@ jobs: if: steps.plan.outcome == 'failure' # Only run if the plan step failed run: exit 1 # Forces a failure in the workflow + - name: Terraform Apply # Descriptive name of the step shown in the Actions UI + id: apple # Unique ID for this step (can be referenced in later steps) + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + # Conditional execution: only run if the workflow is triggered by a push to the 'main' branch + run: terraform apply -auto-approve -input=false -parallelism=1 planfile + # Executes 'terraform apply' using the saved planfile + # -auto-approve: Skips interactive approval + # -input=false: Prevents Terraform from asking for input + # -parallelism=1: Applies resources one at a time (helps avoid throttling or race conditions) + # planfile: The plan file generated in the previous step (must exist) diff --git a/terraform/terraform.tf b/terraform/terraform.tf index e80384fa0..45f73603b 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -35,4 +35,4 @@ terraform { required_version = "~> 1.12.0" # Ensures Terraform uses compatible version } -# \ No newline at end of file +## \ No newline at end of file From 8a5acf83148d358b90bd02e7b7c0694f8967b3a2 Mon Sep 17 00:00:00 2001 From: ajithkumars3131 Date: Fri, 16 May 2025 12:35:16 +0530 Subject: [PATCH 7/7] working --- .github/workflows/terraform.yml | 36 +++++++++++++++++++++++++++++++++ terraform/terraform.tf | 2 +- 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 187456537..aaea7ea0f 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -64,7 +64,43 @@ jobs: if: steps.plan.outcome == 'failure' # Only run if the plan step failed run: exit 1 # Forces a failure in the workflow + - name: Terraform Apply # Descriptive name of the step shown in the Actions UI + id: apple # Unique ID for this step (can be referenced in later steps) + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + # Conditional execution: only run if the workflow is triggered by a push to the 'main' branch + run: terraform apply -auto-approve -input=false -parallelism=1 planfile + # Executes 'terraform apply' using the saved planfile + # -auto-approve: Skips interactive approval + # -input=false: Prevents Terraform from asking for input + # -parallelism=1: Applies resources one at a time (helps avoid throttling or race conditions) + # planfile: The plan file generated in the previous step (must exist) + # Step: Configure AWS credentials using GitHub Actions + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + # AWS access key from GitHub Secrets + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + # AWS secret access key from GitHub Secrets + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # AWS region from environment variables + aws-region: ${{ env.AWS_REGION }} + + # Step: Get Kubernetes config for accessing the EKS cluster + - name: Get Kube config file + id: getconfig + # Only run this step if the 'apple' step (Terraform Apply) was successful + if: steps.apple.outcome == 'success' + # Update kubeconfig to access the EKS cluster + # NOTE: The '--name' should ideally be the EKS cluster name, not the region + run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.AWS_REGION }} + + # Step: Install NGINX Ingress Controller into the EKS cluster + - name: Install Ingress controller + # Run only if both Terraform Apply and Kubeconfig steps were successful + if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' + # Apply the Ingress controller manifest from the official GitHub URL + run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/aws/deploy.yaml diff --git a/terraform/terraform.tf b/terraform/terraform.tf index e80384fa0..45f73603b 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -35,4 +35,4 @@ terraform { required_version = "~> 1.12.0" # Ensures Terraform uses compatible version } -# \ No newline at end of file +## \ No newline at end of file