This repository provides a robust, reusable CI/CD pipeline built with GitHub Actions for managing Terraform-based infrastructure.
Designed for efficiency and consistency, it enables automated and manual deployments across multiple environments — ensuring high-quality, reliable, and secure infrastructure provisioning.
- Automatically detects changes in Terraform directories within pull requests.
- Extracts Terraform workspace names from PR descriptions.
- Dynamically selects GitHub environments for secure secret management.
- Performs
terraform planand posts results directly to the pull request for review.
- Supports manual triggering for specific resource directories and Terraform workspaces.
- Enables controlled
terraform planandterraform applyoperations for targeted updates.
- Categorizes environments into
prod,nonprod, andmgmtclasses. - Supports distinct stages like
dev,qa,stag,uat,prodgreen, andprodblue. - Enforces isolation by recommending separate Terraform modules and state files for each environment.
- Integrates pre-commit hooks for:
terraform fmtterraform validateterraform tflint
- Ensures consistent, error-free, and high-quality Terraform code before every commit.
| Tool | Purpose |
|---|---|
| Terraform | Infrastructure as Code provisioning |
| GitHub Actions | CI/CD pipeline automation |
| Pre-commit Hooks | Automated code quality checks |
| GitHub Environments | Secure secret and environment management |
flowchart LR
A[Pull Request Created] --> B[Terraform Plan in CI]
B --> C[Plan Posted to PR for Review]
C --> D[Merge or Manual Trigger]
D --> E[Terraform Apply]
E --> F[Infrastructure Updated Across Environments]
name: Terraform CI/CD
on:
pull_request:
paths:
- 'terraform/**'
workflow_dispatch:
jobs:
terraform:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.6.6
- run: terraform init
- run: terraform plan- Fork or Clone this repository.
- Configure GitHub Environments (
dev,qa,prod) and add required secrets (e.g., cloud credentials, Terraform backend config). - Structure your infrastructure under
/terraform:terraform/ ├── dev/ ├── qa/ ├── prod/ └── mgmt/ - Trigger Deployment:
- Pull Request: Runs
terraform planautomatically. - Manual Dispatch: Allows selective
planorapplyexecution.
- Pull Request: Runs
✅ Accelerated Deployment Cycles — Reduce manual effort and deployment time.
✅ Enhanced Reliability — Eliminate errors with automated validation and linting.
✅ Consistent Environments — Standardize infra setups across all stages.
✅ Secure Operations — Safely handle credentials via GitHub Environments.
✅ Scalable Infrastructure — Modular structure supports easy expansion.
We specialize in end-to-end DevOps automation, focusing on:
- Automated Infrastructure Provisioning using Terraform & GitHub Actions
- Cost Optimization through smart resource management
- Security & Compliance integration in CI/CD workflows
- DevOps Transformation — enabling teams to operate with full automation maturity
Our solutions are designed to help organizations scale confidently, reduce risk, and accelerate delivery.
Are you looking to streamline your infrastructure deployments or need expert guidance in Terraform and GitHub Actions automation?
We’re ready to collaborate and help you achieve cloud efficiency and operational excellence.
📩 Contact: mahesh.devops.automationpro@gmail.com
💼 Portfolio: [https://github.com/maheshdevopsautomationpro-bit]
🔗 LinkedIn: [https://www.linkedin.com/in/mahesh-muruganantham/]
This project is licensed under the MIT License — feel free to reuse and adapt it for your own infrastructure projects.
Built with reusable for automated, reliable, and scalable cloud infrastructure.