Execute Terraform Environment Apply.
This Action uses the Cloudify Profile environment variables described in the official Cloudify documentation (see More Information below).
(Certain commonly-used inputs are documented in our official website; see More Information below)
Name | Description |
---|---|
module-file |
URL/path to Terraform module archive |
module-source-path |
path to Terraform module inside the archive |
variables-file |
YAML/JSON file containing template variables |
environment-file |
YAML/JSON file containing environment variables to pass to the Terraform process |
environment-mapping |
A whitespace-delimited list of strings denoting environment variables to pass through (see below) |
Name | Description |
---|---|
terraform-outputs |
Terraform module outputs |
-
this action handles environment name and labels collision, and it will handle that by passing [environment-id]
-
it will check if the environment exists or not [ if it doesn't exist it will create one and execute apply ] and if it exists it will trigger reload_terraform_template workflow
-
environment-mapping
is whitespace-delimited list of strings. For each item:- If it is of the form
k=v
, then the value of the environment variablek
is passed as environment variablev
to Terraform. - Otherwise, let the value be
x
; then the environment variablex
is passed as-is to Terraform.
This effectively passes environment variables, visible to the CI/CD platform, as environment variables to Terraform. Useful, among others, for passing Cloud credentials - stored in the CI/CD platform - to Terraform
- If it is of the form
jobs:
test_job:
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Create module archive
run: tar -cvzf /tmp/terraform-module.tar.gz -C tf/modules/ .
- name: Upload to S3
run: aws s3 cp /tmp/terraform-module.tar.gz s3://cloudify-cicd-public/
- name: Create environment
uses: cloudify-cosmo/terraform-apply-action@v1.3
with:
environment-name: "test-terraform-$GITHUB_RUN_ID"
labels: some_label:label_value,yet_another_label:some_value
module-file: https://cloudify-cicd-public.s3.amazonaws.com/terraform-module.tar.gz
module-source-path: '.'
variables-file: tf/test-params/integration.yaml
environment-mapping: AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY
Once code is checked out, the Terraform module within the codebase is archived, and
uploaded to an S3 bucket (the aws
CLI is included with the Cloudify CLI Docker image). This is done
in order to make the Terraform module available for Cloudify Manager to download.
As the Terraform AWS Provider supports obtaining AWS credentials from environment variables,
we define those variables based on GitHub Secrets, and use the environment-mapping
input so
the variables are passed as-is to the Terraform executable.
Refer to Cloudify CI/CD Integration for additional information about Cloudify's integration with CI/CD tools.