Giter Club home page Giter Club logo

04_06_ci_cd_infrastructure_as_code's Introduction

04_06_ci_cd_for_infrastructure_as_code

GitHub allows each step in a workflow to send text to the Actions interface using a variable called GITHUB_STEP_SUMMARY.

GITHUB_STEP_SUMMARY is a variable that contains a path to a file where each step can store text.

If the file contains any text at the end of a step’s run, the text is written to the workflow summary and styled as Github Flavored Markdown. Along with Markdown, we can also use emojis to add extra flair to the step summary.

Example use of GITHUB_STEP_SUMMARY

- name: Terraform Plan
continue-on-error: true
id: plan
run: |
    terraform plan -input=false -no-color -out=tfplan
    terraform show -no-color tfplan > plan.txt


- name: Display the plan summary
id: display
run: |
    {
    awk '/No changes. Your infrastructure matches the configuration./ {
        print "## " $0
        print "Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed."
        exit
    }' plan.txt

    awk '/Terraform will perform the following actions:/ {
        print "## Terraform will perform the following actions:"
        print "|Action|Resource|"
        print "|------|--------|"
        exit
    }' plan.txt

    awk '/Terraform used the selected/{ next } /will be/ || /must be/ {print "|" $5 "|" $2 "|"; next} /Plan:/{ print "## " $0; next }' plan.txt \
        | sed -e 's/created/:white_check_mark: create/' -e 's/destroyed/:bangbang: destroy/' -e 's/replaced/:recycle: replace/'
    } > plan.md
    cat plan.md >> $GITHUB_STEP_SUMMARY

Using the Terraform configuration provided, this produces the following output on the initial plan:

Terraform Plan Styled as Markdown with Emojis

Recommended Reading

Using the Exercise Files

1. Add permissions to your service account; Create an S3 bucket

  1. For details on creating or updating a service account, see the instructions in lesson 04_04.

    Add the following permission to the service account you will use for this exercise:

     AmazonS3FullAccess

  2. Create an S3 bucket to use for storing Terraform state files.

    1. Go to the S3 homepage.
    2. Select Create bucket.
    3. Give your bucket a name. The bucket name must be globally unique and must not contain spaces or uppercase letters. See rules for bucket naming.
    4. Confirm the region for the bucket. It should be the same region you will use to configure your service account in the repository.
    5. Keep all defaults and select Create bucket at the bottom of the form.
    6. Make a note of your bucket name. Make a note of the region where you created the bucket.

2. Add and update the exercise files

  1. Create a new repo and add the exercise files for this lesson.

  2. Move the workflow files into .github/workflows:

  3. Update the terraform configuration to match your AWS account settings.

    1. Edit terraform.tf. Update the bucket and region assignments so that they match the bucket and region you used in the previous steps.

       terraform {
     required_version = "~> 1.4"

     backend "s3" {
         key    = "github-actions-cicd/terraform.tfstate"
         bucket = "ADD_YOUR_BUCKET_NAME_HERE" # the bucket
         region = "ADD_YOUR_REGION_NAME_HERE" # the region
     }
 }

3. Configure service account credentials; Configure branch and environment protection rules

  1. Configure the service account credentials.

    1. Select Settings -> Secrets and variables -> Actions.
    2. Select New respository secret.
    3. Create entries for the following using the values retrieved when you created the service account.
      • AWS_ACCESS_KEY_ID
      • AWS_SECRET_ACCESS_KEY
      • AWS_ACCOUNT_NUMBER
    4. Select the Variables tab.
    5. Select New repository variable.
    6. Create an entry for AWS_REGION using the same region as the bucket created in previous steps.

  2. Create a branch protection rule.

    1. Select Settings -> Branches -> Add branch protection rule.
    2. Under "Branch name pattern" enter: main.
    3. Under "Protect matching branches":
      • Select Require a pull request before merging.
      • Un-select Require approvals. (This is because you can't approve your own merge requests. Keeping this option selected would require you to override the merge protection on each pull request.)
      • Select Require status checks to pass before merging.
      • At the bottom of the page, select Create.

  3. Create an environment protection rule.

    1. Select Settings -> Environments -> New environment.
    2. For the name, enter Production. Select Configure environment.
    3. Select Required reviewers.
    4. In the search field, enter your GitHub user name and select it.
    5. Select Save protection rules.

4. Edit the Terraform configuration and create a pull request (PR)

  1. Edit the file variables.tf.

  2. Find the server_count code block at the top of the file.

     variable "server_count" {
     type        = number
     default     = 3
     description = "The total number of VMs to create"
 }

    Change default = 3 -> default = 4.

  3. Select Commit changes.

  4. Select Create a new branch for this commit and start a pull request. Then select, Propose changes.

  5. Select Create pull request.

  6. Observe the checks and summaries from GitHub Actions being written to the pull request. Wait for the workflow to complete.

  7. Select Merge pull request -> Confirm merge.

  8. Go to the Actions tab. Select the most recent running workflow.

  9. Observe the pipeline's progress and note the updates to the workflow summary.

  10. When prompted, select Review deployments.

  11. Select Production -> Approve and deploy.

  12. Observe the pipeline's progress and note the updates to the workflow summary.

  13. Follow the links in the workflow summary to view the e-commerce site deployed by the workflow.

5. Remove the resources

To avoid costs associated with running resources in AWS, please remove them by running the 99-Destroy Resources workflow.

  1. Select the Actions tab.
  2. Select the workflow 99-Destroy Resources.
  3. Next to "This workflow has a workflow_dispatch event trigger.", Select Run workflow -> Run workflow.
  4. Select the running workflow. Observe the pipeline's progress and note the updates to the workflow summary.
  5. When prompted, select Review deployments.
  6. Select Production -> Approve and deploy.
  7. Observe the pipeline's progress and note the updates to the workflow summary.

04_06_ci_cd_infrastructure_as_code's People

Contributors

alirek avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.