Certainly! Below is the updated README file with instructions on how to configure the CircleCI pipeline from the CircleCI interface:
This repository contains the CircleCI pipeline configuration for deploying infrastructure using Terraform, with support for multiple environments (dev, test, prod).
The CircleCI pipeline is designed to automate the deployment of infrastructure using Terraform while ensuring consistency and reliability across different environments. The pipeline consists of several jobs, including linting, Terraform plan, Terraform apply, and manual approval steps.
- Executor:
tfsec
- Description: This job runs tfsec, a static analysis tool for Terraform code, to ensure adherence to security best practices.
- Executor:
terraform
- Description: This job initializes Terraform, validates the configuration, and generates an execution plan. The environment type (
ENV_TYPE
) is determined based on the branch name ($CIRCLE_BRANCH
), and the appropriate backend configuration and variable files are used accordingly.
- Executor:
terraform
- Description: This job initializes Terraform and applies the changes to the infrastructure. Similar to the
terraform-plan
job, the environment type (ENV_TYPE
) is determined based on the branch name, and the appropriate backend configuration and variable files are used.
- Description: This job represents a manual approval step. It requires approval before proceeding to the
terraform-apply
job.
This workflow orchestrates the deployment process and consists of the following steps:
tfsec
: Run tfsec to analyze the Terraform code for security vulnerabilities.terraform-plan
: Generate an execution plan for Terraform based on the branch name. The plan is displayed for review.hold
: Manual approval step. Requires approval before proceeding to apply changes.terraform-apply
: Apply the Terraform changes to the infrastructure after approval.
The pipeline dynamically selects the appropriate environment configuration based on the Git branch name ($CIRCLE_BRANCH
). The environment type (ENV_TYPE
) is set accordingly, allowing seamless deployment to different environments.
- dev: Development environment
- test: Testing environment
- master: Production environment
- Open Organization Settings: Navigate to the CircleCI organization settings from the menu.
- Create Context: Inside the organization settings, create a context for managing environment variables.
- Add Variables: Within the context, add the following variables:
AWS_ACCESS_KEY_ID
: AWS access key ID for accessing AWS services.AWS_SECRET_ACCESS_KEY
: AWS secret access key corresponding to the access key ID.- Other environment-specific variables as required for your deployment.
Below is an example of how the pipeline configuration adapts to different branches:
- Dev Branch (
dev
): The pipeline deploys changes to the development environment usingdev_backend.hcl
anddev.tfvars
. - Test Branch (
test
): The pipeline deploys changes to the testing environment usingtest_backend.hcl
andtest.tfvars
. - Master Branch (
master
): The pipeline deploys changes to the production environment usingprod_backend.hcl
andprod.tfvars
.