Feature: Terraform CI (#4)

* add tf workflow * update ci * update exit command * update return code * update exit code * fmt * update readme
guyzsarun · Dec 17, 2023 · 89c4946 · 89c4946
1 parent fa4a899
commit 89c4946
Show file tree

Hide file tree

Showing 8 changed files with 57 additions and 26 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,30 @@
+name: terraform
+
+on:
+  push:
+    branches:
+    - master
+  pull_request:
+    types: [opened, synchronize, reopened]
+    branches:
+      - master
+  workflow_dispatch:
+
+jobs:
+  terraform:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Init
+        run: terraform init
+
+      - name: Linting
+        run: |
+          if ! terraform fmt -recursive -check; then
+            echo 'Please run  "terraform fmt -recursive" '
+            exit 1
+          fi
+
+      - name: Validate
+        run: terraform validate
diff --git a/README.md b/README.md
@@ -1 +1,2 @@
-# terraform-aws
+# terraform-aws
+[![terraform](https://github.com/guyzsarun/terraform-aws/actions/workflows/main.yml/badge.svg)](https://github.com/guyzsarun/terraform-aws/actions/workflows/main.yml)
diff --git a/bastion.tf b/bastion.tf
@@ -11,7 +11,7 @@ resource "aws_instance" "bastion-vm" {
 
   subnet_id = aws_subnet.main-vpc-subnet-public[0].id
 
-  user_data =  "${file("helper/init.sh")}"
+  user_data = file("helper/init.sh")
 
   vpc_security_group_ids = [
     aws_security_group.allow_ssh.id,

diff --git a/eks.tf b/eks.tf
@@ -7,7 +7,7 @@ module "eks" {
   cluster_version = var.eks-config.version
 
   vpc_id     = aws_vpc.main-vpc.id
-  subnet_ids = [ for i in aws_subnet.main-vpc-subnet-private  : i.id]
+  subnet_ids = [for i in aws_subnet.main-vpc-subnet-private : i.id]
 
   cluster_endpoint_public_access = true
   eks_managed_node_groups = {
@@ -53,19 +53,19 @@ locals {
       name = "terraform"
       user = {
         exec = {
-          apiVersion = "client.authentication.k8s.io/v1beta1"
-          command= "aws"
-          interactiveMode= "IfAvailable"
-          provideClusterInfo= false
+          apiVersion         = "client.authentication.k8s.io/v1beta1"
+          command            = "aws"
+          interactiveMode    = "IfAvailable"
+          provideClusterInfo = false
           args = [
-           "--region",
-           split(":",module.eks.cluster_arn)[3],
-           "eks",
-           "get-token",
-           "--cluster-name",
-           "${module.eks.cluster_name}",
-           "--output",
-           "json"
+            "--region",
+            split(":", module.eks.cluster_arn)[3],
+            "eks",
+            "get-token",
+            "--cluster-name",
+            "${module.eks.cluster_name}",
+            "--output",
+            "json"
           ]
         }
       }

diff --git a/output.tf b/output.tf
@@ -17,15 +17,15 @@ output "private-vm" {
 
 output "nat-gateway" {
   value = {
-    public_ip = aws_nat_gateway.nat-gw.public_ip
+    public_ip  = aws_nat_gateway.nat-gw.public_ip
     private_ip = aws_nat_gateway.nat-gw.private_ip
   }
 }
 
-output "eks"{
+output "eks" {
   value = {
-    cluster_name = module.eks.cluster_name
-    cluster_endpoint = module.eks.cluster_endpoint
+    cluster_name           = module.eks.cluster_name
+    cluster_endpoint       = module.eks.cluster_endpoint
     get_kubeconfig_command = "aws eks update-kubeconfig --name ${module.eks.cluster_name}"
   }
 }
diff --git a/security_group.tf b/security_group.tf
@@ -67,8 +67,8 @@ resource "aws_vpc_security_group_egress_rule" "allow_egress_rule_ipv6" {
 }
 
 resource "aws_network_acl" "main-vpc-nacl-public" {
-  vpc_id = aws_vpc.main-vpc.id
-  subnet_ids =[for i in aws_subnet.main-vpc-subnet-public : i.id]
+  vpc_id     = aws_vpc.main-vpc.id
+  subnet_ids = [for i in aws_subnet.main-vpc-subnet-public : i.id]
 
   egress {
     protocol   = -1
@@ -95,7 +95,7 @@ resource "aws_network_acl" "main-vpc-nacl-public" {
 }
 
 resource "aws_network_acl" "main-vpc-nacl-private" {
-  vpc_id = aws_vpc.main-vpc.id
+  vpc_id     = aws_vpc.main-vpc.id
   subnet_ids = [for i in aws_subnet.main-vpc-subnet-private : i.id]
 
   egress {

diff --git a/variables.tf b/variables.tf
@@ -17,8 +17,8 @@ variable "ssh_key_pair" {
 
 variable "eks-config" {
   type = object({
-    name = string
-    version = string
+    name     = string
+    version  = string
     min_node = number
     max_node = number
   })

diff --git a/vpc.tf b/vpc.tf
@@ -55,7 +55,7 @@ resource "aws_route_table" "main-vpc-private-routetable" {
   vpc_id = aws_vpc.main-vpc.id
 
   route {
-    cidr_block = "0.0.0.0/0"
+    cidr_block     = "0.0.0.0/0"
     nat_gateway_id = aws_nat_gateway.nat-gw.id
   }
 
@@ -91,7 +91,7 @@ resource "aws_internet_gateway" "gw" {
 }
 
 resource "aws_eip" "nat" {
-  domain   = "vpc"
+  domain = "vpc"
   tags = {
     Name = "nat"
   }