merger #18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "F5XC + NAP Apply" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| terraform_infra: | |
| name: "AWS Infra" | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./infra | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
| - name: Setup Terraform Backend | |
| run: | | |
| cat > backend.tf << EOF | |
| terraform { | |
| cloud { | |
| organization = "${{ secrets.TF_CLOUD_ORGANIZATION }}" | |
| workspaces { | |
| name = "${{ secrets.TF_CLOUD_WORKSPACE_INFRA }}" | |
| } | |
| } | |
| } | |
| EOF | |
| - name: Terraform Init | |
| run: terraform init | |
| - name: Terraform Validate | |
| run: terraform validate -no-color | |
| - name: Terraform Plan | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| export TF_LOG=DEBUG | |
| terraform plan -no-color -input=false > plan.txt | |
| cat plan.txt | |
| - name: Terraform Plan Status | |
| run: | | |
| if grep -q "Error" plan.txt; then | |
| echo "❌ Terraform plan contains errors!" | |
| exit 1 | |
| else | |
| echo "✅ Terraform plan is clean!" | |
| fi | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| run: terraform apply -auto-approve -input=false | |
| terraform_eks: | |
| name: "AWS EKS" | |
| runs-on: ubuntu-latest | |
| needs: terraform_infra | |
| defaults: | |
| run: | |
| working-directory: ./eks-cluster | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
| - name: Setup Terraform Backend | |
| run: | | |
| cat > backend.tf << EOF | |
| terraform { | |
| cloud { | |
| organization = "${{ secrets.TF_CLOUD_ORGANIZATION }}" | |
| workspaces { | |
| name = "${{ secrets.TF_CLOUD_WORKSPACE_EKS }}" | |
| } | |
| } | |
| } | |
| EOF | |
| - name: Terraform Init | |
| run: terraform init | |
| - name: Terraform Validate | |
| run: terraform validate -no-color | |
| - name: Terraform Plan | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| export TF_LOG=DEBUG | |
| terraform plan -no-color -input=false | tee plan.txt | |
| cat plan.txt | |
| continue-on-error: true | |
| - name: Terraform Plan Status | |
| run: | | |
| if grep -q "Error" plan.txt; then | |
| echo "❌ Terraform plan contains errors!" | |
| exit 1 | |
| else | |
| echo "✅ Terraform plan is clean!" | |
| fi | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| run: terraform apply -auto-approve -input=false | |
| terraform_nap: | |
| name: "NGINX App Protect" | |
| runs-on: ubuntu-latest | |
| needs: terraform_eks | |
| defaults: | |
| run: | |
| working-directory: ./nap | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
| - name: Setup Terraform Backend | |
| run: | | |
| cat > backend.tf << EOF | |
| terraform { | |
| cloud { | |
| organization = "${{ secrets.TF_CLOUD_ORGANIZATION }}" | |
| workspaces { | |
| name = "${{ secrets.TF_CLOUD_WORKSPACE_NAP }}" | |
| } | |
| } | |
| } | |
| EOF | |
| - name: Terraform Init | |
| run: terraform init | |
| - name: Terraform Validate | |
| run: terraform validate -no-color | |
| - name: Terraform Plan | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| export TF_LOG=DEBUG | |
| terraform plan -no-color -input=false | tee plan.txt | |
| cat plan.txt | |
| continue-on-error: true | |
| - name: Terraform Plan Status | |
| run: | | |
| if grep -q "Error" plan.txt; then | |
| echo "❌ Terraform plan contains errors!" | |
| exit 1 | |
| else | |
| echo "✅ Terraform plan is clean!" | |
| fi | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| run: terraform apply -auto-approve -input=false | |
| terraform_arcadia: | |
| name: "Arcadia WebApp" | |
| runs-on: ubuntu-latest | |
| needs: terraform_nap | |
| defaults: | |
| run: | |
| working-directory: ./arcadia | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
| - name: Setup Terraform Backend | |
| run: | | |
| cat > backend.tf << EOF | |
| terraform { | |
| cloud { | |
| organization = "${{ secrets.TF_CLOUD_ORGANIZATION }}" | |
| workspaces { | |
| name = "${{ secrets.TF_CLOUD_WORKSPACE_ARCADIA }}" | |
| } | |
| } | |
| } | |
| EOF | |
| - name: Terraform Init | |
| run: terraform init | |
| - name: Terraform Validate | |
| run: terraform validate -no-color | |
| - name: Terraform Plan | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| export TF_LOG=DEBUG | |
| terraform plan -no-color -input=false | tee plan.txt | |
| cat plan.txt | |
| continue-on-error: true | |
| - name: Terraform Plan Status | |
| run: | | |
| if grep -q "Error" plan.txt; then | |
| echo "❌ Terraform plan contains errors!" | |
| exit 1 | |
| else | |
| echo "✅ Terraform plan is clean!" | |
| fi | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| run: terraform apply -auto-approve -input=false | |