Skip to content

Commit

Permalink
update deployment to be more configurable via secrets and variables
Browse files Browse the repository at this point in the history
  • Loading branch information
alismx committed Oct 15, 2024
1 parent 6f74a20 commit f1d3625
Show file tree
Hide file tree
Showing 3 changed files with 42 additions and 45 deletions.
31 changes: 14 additions & 17 deletions .github/workflows/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,27 +3,24 @@ name: Deploy to ECS
on:
workflow_dispatch:
inputs:
environment:
description: 'The environment to deploy to'
workspace:
description: 'The workspace to deploy to'
required: true
type: choice
options:
- ""
- prod

concurrency:
group: ${{ github.event.inputs.environment }}-deploy
group: ${{ github.event.inputs.workspace }}-deploy
cancel-in-progress: false

permissions:
id-token: write
contents: read

env:
aws_region: us-east-1
environment: ${{ github.event.inputs.environment }}
owner: "skylight"
project: "dibbs"
workspace: ${{ github.event.inputs.workspace }}

jobs:
terraform:
Expand All @@ -45,23 +42,23 @@ jobs:
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-session-name: githubDeploymentWorkflow
aws-region: ${{ env.aws_region }}
aws-region: ${{ secrets.AWS_REGION }}

- name: Terraform
env:
ENVIRONMENT: ${{ env.environment }}
WORKSPACE: ${{ env.workspace }}
BUCKET: ${{ secrets.TFSTATE_BUCKET }}
DYNAMODB_TABLE: ${{ secrets.TFSTATE_DYNAMODB_TABLE }}
REGION: ${{ env.aws_region }}
OWNER: ${{ env.owner }}
PROJECT: ${{ env.project }}
REGION: ${{ secrets.AWS_REGION }}
OWNER: ${{ vars.OWNER }}
PROJECT: ${{ vars.PROJECT }}
shell: bash
run: |
echo "ENVIRONMENT=$ENVIRONMENT" >> .env
echo "WORKSPACE=$WORKSPACE" >> .env
echo "BUCKET=$BUCKET" >> .env
echo "DYNAMODB_TABLE=$DYNAMODB_TABLE" >> .env
echo "REGION=$REGION" >> .env
echo "owner = \"$OWNER\"" >> $ENVIRONMENT.tfvars
echo "project = \"$PROJECT\"" >> $ENVIRONMENT.tfvars
echo "region = \"$REGION\"" >> $ENVIRONMENT.tfvars
./deploy.sh -e $ENVIRONMENT --ci
echo "owner = \"$OWNER\"" >> $WORKSPACE.tfvars
echo "project = \"$PROJECT\"" >> $WORKSPACE.tfvars
echo "region = \"$REGION\"" >> $WORKSPACE.tfvars
./deploy.sh -e $WORKSPACE --ci
54 changes: 27 additions & 27 deletions terraform/implementation/ecs/deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ if [ -f .env ]; then
fi

# set default values
ENVIRONMENT="${ENVIRONMENT:-}"
WORKSPACE="${WORKSPACE:-}"
BUCKET="${BUCKET:-}"
DYNAMODB_TABLE="${DYNAMODB_TABLE:-}"
REGION="${REGION:-}"
Expand All @@ -20,7 +20,7 @@ do

case $key in
-env|--env|-e)
ENVIRONMENT="$2"
WORKSPACE="$2"
shift
shift
;;
Expand Down Expand Up @@ -71,9 +71,9 @@ if ! command -v terraform &> /dev/null; then
exit 1
fi

if [ -z "$ENVIRONMENT" ] || [ -z "$BUCKET" ] || [ -z "$DYNAMODB_TABLE" ] || [ -z "$REGION" ]; then
if [ -z "$WORKSPACE" ] || [ -z "$BUCKET" ] || [ -z "$DYNAMODB_TABLE" ] || [ -z "$REGION" ]; then
echo "Missing required arguments. Please provide all the required arguments."
echo "ENVIRONMENT: $ENVIRONMENT"
echo "WORKSPACE: $WORKSPACE"
echo "BUCKET: $BUCKET"
echo "DYNAMODB_TABLE: $DYNAMODB_TABLE"
echo "REGION: $REGION"
Expand All @@ -82,69 +82,69 @@ if [ -z "$ENVIRONMENT" ] || [ -z "$BUCKET" ] || [ -z "$DYNAMODB_TABLE" ] || [ -z
fi

if [ "$CI" = false ]; then
if [ ! -f "$ENVIRONMENT.tfvars" ]; then
echo "Creating $ENVIRONMENT.tfvars"
touch "$ENVIRONMENT.tfvars"
if [ ! -f "$WORKSPACE.tfvars" ]; then
echo "Creating $WORKSPACE.tfvars"
touch "$WORKSPACE.tfvars"
fi

if ! grep -q "owner" "$ENVIRONMENT.tfvars"; then
if ! grep -q "owner" "$WORKSPACE.tfvars"; then
read -p "Who is the owner of this infrastructure? ( default=skylight ): " owner_choice
owner_choice=${owner_choice:-skylight}
echo "owner = \"$owner_choice\"" >> "$ENVIRONMENT.tfvars"
echo "owner = \"$owner_choice\"" >> "$WORKSPACE.tfvars"
fi

if ! grep -q "project" "$ENVIRONMENT.tfvars"; then
if ! grep -q "project" "$WORKSPACE.tfvars"; then
read -p "What is this project called? ( default=dibbs ): " project_choice
project_choice=${project_choice:-dibbs}
echo "project = \"$project_choice\"" >> "$ENVIRONMENT.tfvars"
echo "project = \"$project_choice\"" >> "$WORKSPACE.tfvars"
fi

if ! grep -q "region" "$ENVIRONMENT.tfvars"; then
if ! grep -q "region" "$WORKSPACE.tfvars"; then
read -p "What aws region are you setting up in? ( default=us-east-1 ): " region_choice
region_choice=${region_choice:-us-east-1}
echo "region = \"$region_choice\"" >> "$ENVIRONMENT.tfvars"
echo "region = \"$region_choice\"" >> "$WORKSPACE.tfvars"
fi
fi

echo "Running Terraform with the following variables:"
echo "Environment: $ENVIRONMENT"
echo "Terraform Workspace: $ENVIRONMENT"
echo "Environment: $WORKSPACE"
echo "Terraform Workspace: $WORKSPACE"
echo "Bucket: $BUCKET"
echo "DynamoDB Table: $DYNAMODB_TABLE"
echo "Region: $REGION"
cat "$ENVIRONMENT.tfvars"
cat "$WORKSPACE.tfvars"
echo ""

terraform init \
-var-file="$ENVIRONMENT.tfvars" \
-var-file="$WORKSPACE.tfvars" \
-backend-config "bucket=$BUCKET" \
-backend-config "dynamodb_table=$DYNAMODB_TABLE" \
-backend-config "region=$REGION" \
|| (echo "terraform init failed, exiting..." && exit 1)


# Check if workspace exists
if terraform workspace list | grep -q "$ENVIRONMENT"; then
echo "Selecting $ENVIRONMENT terraform workspace"
terraform workspace select "$ENVIRONMENT"
if terraform workspace list | grep -q "$WORKSPACE"; then
echo "Selecting $WORKSPACE terraform workspace"
terraform workspace select "$WORKSPACE"
else
if [ "$CI" = false ]; then
read -p "Workspace '$ENVIRONMENT' does not exist. Do you want to create it? (y/n): " choice
read -p "Workspace '$WORKSPACE' does not exist. Do you want to create it? (y/n): " choice
if [[ $choice =~ ^[Yy]$ ]]; then
echo "Creating '$ENVIRONMENT' terraform workspace"
terraform workspace new "$ENVIRONMENT"
echo "Creating '$WORKSPACE' terraform workspace"
terraform workspace new "$WORKSPACE"
else
echo "Workspace creation cancelled."
exit 1
fi
else
echo "Creating '$ENVIRONMENT' terraform workspace"
terraform workspace new "$ENVIRONMENT"
echo "Creating '$WORKSPACE' terraform workspace"
terraform workspace new "$WORKSPACE"
fi
fi

if [ "$CI" = false ]; then
terraform apply -var-file="$ENVIRONMENT.tfvars"
terraform apply -var-file="$WORKSPACE.tfvars"
else
terraform apply -auto-approve -var-file="$ENVIRONMENT.tfvars"
terraform apply -auto-approve -var-file="$WORKSPACE.tfvars"
fi
2 changes: 1 addition & 1 deletion terraform/implementation/ecs/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -35,5 +35,5 @@ module "ecs" {
# internal = false

# If the intent is to disable authentication, set ecr_viewer_app_env to "test" (default is "prod")
ecr_viewer_app_env = "test"
# ecr_viewer_app_env = "test"
}

0 comments on commit f1d3625

Please sign in to comment.