diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 000000000..7fd0e5aa3 Binary files /dev/null and b/.DS_Store differ diff --git a/.github/workflows/terraform-1.yml b/.github/workflows/terraform-1.yml new file mode 100644 index 000000000..3fb8f7714 --- /dev/null +++ b/.github/workflows/terraform-1.yml @@ -0,0 +1,83 @@ +name: "Nomad IaC" +on: + push: + branches: + - main + - stage + paths: + - terraform/** + pull_request: + branches: + - main + paths: + - terraform/** + +env: + #Credentials for AWS + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + #Storage for Terraform State + BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }} + AWS_REGION: "us-east-1" + EKS_CLUSTER_NAME: "nomadops-eks" + +jobs: + terraform: + name: "Terraform Apply" + runs-on: ubuntu-latest + defaults: + run: + shell: bash + working-directory: ./terraform + + steps: + - name: "Checkout Repo" + uses: actions/checkout@v4 + + - name: "Setup Terraform" + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: "1.6.3" + + - name: "Terraform Init" + id: init + run: terraform init -backend-config="bucket=${{ env.BUCKET_TF_STATE }}" -input=false + + - name: "Terraform Format" + id: fmt + run: terraform fmt -check + + - name: "Terraform Validate" + id: validate + run: terraform validate + + - name: "Terraform Plan" + id: plan + run: terraform plan -no-color -input=false -out planfile + continue-on-error: true + + - name: Terraform plan status + if: steps.plan.outcome == 'failure' + run: echo "Terraform plan failed. Please check the configuration." + + - name: "Terraform Apply" + id: apple + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + run: terraform apply -auto-approve -input=false -parallelism=1 planfile + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Get Kube config file + id: getconfig + if: steps.apple.outcome == 'success' + run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER_NAME }} + + - name: Install Ingress Controller + if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success' + run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/aws/deploy.yaml + diff --git a/.github/workflows/terraform-destroy.yml b/.github/workflows/terraform-destroy.yml new file mode 100644 index 000000000..cf341526b --- /dev/null +++ b/.github/workflows/terraform-destroy.yml @@ -0,0 +1,45 @@ +name: "Nomad IaC Destroy" + +on: + workflow_dispatch: # Allows manual trigger from GitHub Actions + + +env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }} + AWS_REGION: "us-east-1" + +jobs: + terraform-destroy: + name: "Terraform Destroy" + runs-on: ubuntu-latest + defaults: + run: + shell: bash + working-directory: ./terraform + + steps: + - name: "Checkout Repo" + uses: actions/checkout@v4 + + - name: "Setup Terraform" + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: "1.6.3" + + - name: "Configure AWS credentials" + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: "Terraform Init" + run: terraform init -backend-config="bucket=${{ env.BUCKET_TF_STATE }}" -input=false + + - name: "Terraform Validate" + run: terraform validate + + - name: "Terraform Destroy" + run: terraform destroy -auto-approve -input=false -parallelism=1 diff --git a/.github/workflows/terraform.old b/.github/workflows/terraform.old new file mode 100644 index 000000000..cf61a2957 --- /dev/null +++ b/.github/workflows/terraform.old @@ -0,0 +1,61 @@ +name: "Nomad IaC" +on: + push: + branches: + - main + - stage + paths: + - terraform/** + pull_request: + branches: + - main + paths: + - terraform/** + +env: + #Credentials for AWS + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + #Storage for Terraform State + BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }} + AWS_REGION: "us-east-1" + EKS_CLUSTER_NAME: "nomadapp-eks" + +jobs: + terraform: + name: "Terraform Apply" + runs-on: ubuntu-latest + defaults: + run: + shell: bash + working-directory: ./terraform + + steps: + - name: "Checkout Repo" + uses: actions/checkout@v4 + + - name: "Setup Terraform" + uses: hashicorp/setup-terraform@v2 + # with: + # terraform_version: "1.6.3" + + - name: "Terraform Init" + id: init + run: terraform init -backend-config="bucket=${{ env.BUCKET_TF_STATE }}" + + - name: "Terrform Format" + id: fmt + run: terraform fmt -check + + - name: "Terraform Validate" + id: validate + run: terraform validate + + - name: "Terraform Plan" + id: plan + run: terraform plan -no-color -input=false -out=tfplan + continue-on-error: true + + - name: Terraform plan status + if: steps.plan.outcome == 'failure' + run: echo "Terraform plan failed. Please check the configuration." \ No newline at end of file diff --git a/terraform/eks-cluster.tf b/terraform/eks-cluster.tf index 2c4610920..27ce584e5 100644 --- a/terraform/eks-cluster.tf +++ b/terraform/eks-cluster.tf @@ -3,14 +3,15 @@ module "eks" { version = "19.19.1" cluster_name = local.cluster_name - cluster_version = "1.27" + cluster_version = "1.33" vpc_id = module.vpc.vpc_id subnet_ids = module.vpc.private_subnets cluster_endpoint_public_access = true eks_managed_node_group_defaults = { - ami_type = "AL2_x86_64" + ami_type = "BOTTLEROCKET_x86_64" + } diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 67b75c673..c7984be1f 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -27,9 +27,9 @@ terraform { } backend "s3" { - bucket = "gitopsterrastate" + bucket = "nomadprofile" key = "terraform.tfstate" - region = "us-east-2" + region = "us-east-1" } required_version = "~> 1.6.3" diff --git a/terraform/variables.tf b/terraform/variables.tf index a41d982a0..7e2330628 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -1,11 +1,13 @@ variable "region" { description = "AWS region" type = string - default = "us-east-2" + default = "us-east-1" } variable "clusterName" { description = "Name of the EKS cluster" type = string - default = "kitops-eks" + default = "nomadops-eks" } + +############### \ No newline at end of file diff --git a/terraform/vpc.tf b/terraform/vpc.tf index 5775ce1c3..870cddb34 100644 --- a/terraform/vpc.tf +++ b/terraform/vpc.tf @@ -2,7 +2,7 @@ module "vpc" { source = "terraform-aws-modules/vpc/aws" version = "5.1.2" - name = "vprofile-eks" + name = "nomadapp-eks" cidr = "172.20.0.0/16" azs = slice(data.aws_availability_zones.available.names, 0, 3)