Skip to content

skip changes updates #1467

skip changes updates

skip changes updates #1467

Workflow file for this run

name: Lab Pipeline
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "main" branch
push:
branches: ["main"]
paths-ignore:
- '**/**.md'
- '**/**.png'
pull_request:
branches: ["main"]
paths-ignore:
- '**/**.md'
- '**/**.png'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# jobs for Argo, Active Directory, BIG-IP, F5XC, GoDaddy, Kubernetes, and NGINX
jobs:
Active-Directory-Terraform-Infrastructure:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure]
# Environment Variables
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_APPID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_PASSWORD }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT }}
TF_VAR_active-directory-username: ${{ secrets.ACTIVE_DIRECTORY_USER }}
TF_VAR_active-directory-password: ${{ secrets.ACTIVE_DIRECTORY_PASSWORD }}
# Where are the Terraform files
defaults:
run:
working-directory: services/active-directory/terraform/infrastructure
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.7.4
- name: Terraform Active-Directory-Terraform-Infrastructure fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform Active-Directory-Terraform-Infrastructure Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform Active-Directory-Terraform-Infrastructure Validate
id: validate
run: terraform validate -no-color
- name: Terraform Active-Directory-Terraform-Infrastructure Apply
id: apply
run: terraform apply --auto-approve
########################################################################################################
Argo-Terraform-Configuration:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, Kubernetes-Terraform-Configuration]
# Environment Variables
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_APPID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_PASSWORD }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT }}
# Where are the Terraform files
defaults:
run:
working-directory: services/argo/terraform
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- name: Azure login
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.AZURE_APPID }}","clientSecret":"${{ secrets.AZURE_PASSWORD }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION }}","tenantId":"${{ secrets.AZURE_TENANT }}"}'
- name: Azure Kubernetes Context
id: set-context
uses: azure/aks-set-context@v3
with:
resource-group: '${{ secrets.AZURE_AKS_RG }}'
cluster-name: '${{ secrets.AZURE_AKS_NAME }}'
- name: Setup kubectl
id: install-kubectl
uses: azure/setup-kubectl@v3
- name: HashiCorp Terraform Setup
uses: hashicorp/setup-terraform@v2
- name: Terraform Argo-Terraform-Configuration fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform Argo-Terraform-Configuration Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform Argo-Terraform-Configuration Validate
id: validate
run: terraform validate -no-color
- name: Terraform Argo-Terraform-Configuration Apply
id: apply
run: terraform apply --auto-approve
########################################################################################################
BIG-IP-Resources-Available:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, BIG-IP-Terraform-Infrastructure]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: cURL BIG-IP
run: curl --max-time 10 -u ${{ secrets.BIGIP_USER }}:${{ secrets.BIGIP_PASSWORD }} -X GET -k https://${{ secrets.BIGIP_HOSTNAME }}/mgmt/tm/sys/ready/
BIG-IP-Ansible-Configuration:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, BIG-IP-Resources-Available]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2
- name: Install PIP
run: sudo apt-get install -y python3-pip
- name: Install apt-get dependencies
run: sudo pip3 install jmespath
- name: Setup ansible
run: |
ansible --version
pipx inject ansible-core jmespath
- name: Working directory
run: pwd
- name: Run Ansible Playbooks
uses: dawidd6/action-ansible-playbook@v2
with:
# Optional, additional flags to pass to ansible-playbook
options: |
--extra-vars "@../defaults/main.yaml"
--extra-vars "BIGIPhost01=${{ secrets.BIGIP_HOSTNAME }}"
--extra-vars "BIGIPadminUsername=${{ secrets.BIGIP_USER }}"
--extra-vars "BIGIPadminPassword=${{ secrets.BIGIP_PASSWORD }}"
--extra-vars "BIGIPAKSUsername=${{ secrets.BIGIP_AKS_USER }}"
--extra-vars "BIGIPAKSPassword=${{ secrets.BIGIP_AKS_PASSWORD }}"
--extra-vars "otel_host=${{ secrets.OTEL_HOST }}"
--extra-vars "otel_token=${{ secrets.OTEL_TOKEN }}"
# --verbose -vvvv
# Required, playbook filepath
playbook: "big-ip-playbook.yaml"
# Optional, directory where playbooks live
directory: "./big-ip/ansible/configuration/playbooks"
BIG-IP-Terraform-Infrastructure:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Active-Directory-Terraform-Infrastructure]
# Environment Variables
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_APPID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_PASSWORD }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
BIGIP_USER: ${{ secrets.BIGIP_USER }}
BIGIP_PASSWORD: ${{ secrets.BIGIP_PASSWORD }}
TF_VAR_allowed_ips: ${{ secrets.ALLOWED_IPS }}
TF_VAR_big-ip-username: ${{ secrets.BIGIP_USER }}
TF_VAR_big-ip-password: ${{ secrets.BIGIP_PASSWORD }}
# Where are the Terraform files
defaults:
run:
working-directory: big-ip/terraform/infrastructure
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.7.1
- name: cURL ipify.org
run: curl 'https://api.ipify.org?format=json'
- name: Terraform BIG-IP-Terraform-Infrastructure fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform BIG-IP-Terraform-Infrastructure Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform BIG-IP-Terraform-Infrastructure Validate
id: validate
run: terraform validate -no-color
- name: Terraform BIG-IP-Terraform-Infrastructure Apply
id: apply
run: terraform apply --auto-approve
BIG-IP-Terraform-Configuration:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, BIG-IP-Ansible-Configuration]
# Environment Variables
env:
BIGIP_USER: ${{ secrets.BIGIP_USER }}
BIGIP_PASSWORD: ${{ secrets.BIGIP_PASSWORD }}
BIGIP_HOST: ${{ secrets.BIGIP_HOSTNAME }}
TF_VAR_ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
TF_VAR_ad_service_ldap_password: ${{ secrets.AD_SERVICE_LDAP_PASSWORD }}
# Where are the Terraform files
defaults:
run:
working-directory: big-ip/terraform/configuration
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.7.4
- name: Terraform BIG-IP-Terraform-Configuration fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform BIG-IP-Terraform-Configuration Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform BIG-IP-Terraform-Configuration Validate
id: validate
run: terraform validate -no-color
- name: Terraform BIG-IP-Terraform-Configuration Apply
id: apply
run: terraform apply --auto-approve
########################################################################################################
F5XC-Resources-Available:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- name: cURL F5XC
run: curl --max-time 10 --cert-type P12 --cert certs/${{ secrets.VES_TENANT }}.api-creds.p12:${{ secrets.VES_P12_PASSWORD }} -X GET https://${{ secrets.VES_TENANT }}.console.ves.volterra.io/api/web/namespaces/j-calalang
F5XC-Terraform-Infrastructure:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, F5XC-Resources-Available]
# Environment Variables
env:
TF_VAR_f5xc-cloud-credential: ${{ secrets.F5XC_CLOUD_CREDENTIAL }}
TF_VAR_f5xc-customer-edge-ssh-key: ${{ secrets.F5XC_CUSTOMER_EDGE_SSH_KEY }}
VES_P12_PASSWORD: ${{ secrets.VES_P12_PASSWORD }}
# Where are the Terraform files
defaults:
run:
working-directory: distributed-cloud/terraform/infrastructure
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.7.4
- name: Terraform F5XC-Terraform fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform F5XC-Terraform Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform F5XC-Terraform Validate
id: validate
run: terraform validate -no-color
- name: Terraform F5XC-Terraform Apply
id: apply
run: terraform apply --auto-approve
F5XC-Terraform-Configuration:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, F5XC-Resources-Available, F5XC-Terraform-Infrastructure]
# Environment Variables
env:
TF_VAR_jwk-calalang-net: ${{ secrets.JWK_CALALANG_NET }}
TF_VAR_wildcard-calalang-net-certificate: ${{ secrets.CALALANG_NET_CERT }}
TF_VAR_wildcard-calalang-net-key: ${{ secrets.CALALANG_NET_KEY }}
VES_P12_PASSWORD: ${{ secrets.VES_P12_PASSWORD }}
# Where are the Terraform files
defaults:
run:
working-directory: distributed-cloud/terraform/configuration
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.7.4
- name: Terraform F5XC-Terraform fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform F5XC-Terraform Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform F5XC-Terraform Validate
id: validate
run: terraform validate -no-color
- name: Terraform F5XC-Terraform Apply
id: apply
run: terraform apply --auto-approve
########################################################################################################
#
# GoDaddy-Terraform-Configuration:
# # The type of runner that the job will run on
# runs-on: ubuntu-20.04
#
# # Environment Variables
# env:
# GODADDY_API_KEY: ${{ secrets.GODADDY_API_KEY }}
# GODADDY_API_SECRET: ${{ secrets.GODADDY_API_SECRET }}
#
# # Where are the Terraform files
# defaults:
# run:
# working-directory: godaddy/terraform/
#
# # Steps represent a sequence of tasks that will be executed as part of the job
# steps:
# - uses: actions/checkout@v3
#
# - uses: hashicorp/setup-terraform@v2
# with:
# terraform_version: 1.7.4
#
# - name: Terraform GoDaddy-Terraform fmt
# id: fmt
# run: terraform fmt -check
# continue-on-error: false
#
# - name: Terraform GoDaddy-Terraform Init
# id: init
# run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.#TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
#
# - name: Terraform GoDaddy-Terraform Validate
# id: validate
# run: terraform validate -no-color
#
# - name: Terraform GoDaddy-Terraform Apply
# id: apply
# run: terraform apply --auto-approve
#
########################################################################################################
Kubernetes-Terraform-Infrastructure:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure]
# Environment Variables
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_APPID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_PASSWORD }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT }}
# Where are the Terraform files
defaults:
run:
working-directory: kubernetes/terraform/infrastructure
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- name: HashiCorp Terraform Setup
uses: hashicorp/setup-terraform@v2
- name: Terraform Kubernetes-Terraform-Infrastructure fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform Kubernetes-Terraform-Infrastructure Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform Kubernetes-Terraform-Infrastructure Validate
id: validate
run: terraform validate -no-color
- name: Terraform Kubernetes-Terraform-Infrastructure Apply
id: apply
run: terraform apply --auto-approve
Kubernetes-Terraform-Configuration:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, Kubernetes-Terraform-Infrastructure]
# Environment Variables
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_APPID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_PASSWORD }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT }}
TF_VAR_f5xc_site_token: ${{ secrets.F5XC_SITE_TOKEN }}
TF_VAR_nginx_repo_jwt: ${{ secrets.NGINX_REPO_JWT }}
TF_VAR_bigip_aks_username: ${{ secrets.BIGIP_AKS_USER }}
TF_VAR_bigip_aks_password: ${{ secrets.BIGIP_AKS_PASSWORD }}
TF_VAR_ves_vk8s_context: ${{ secrets.VES_VK8S_CONTEXT }}
TF_VAR_ves_vk8s_client_certificate: ${{ secrets.VES_VK8S_CLIENT_CERTIFICATE }}
TF_VAR_ves_vk8s_client_key: ${{ secrets.VES_VK8S_CLIENT_KEY }}
TF_VAR_ves_vk8s_cluster_ca_certificate: ${{ secrets.VES_VK8S_CLUSTER_CA_CERTIFICATE }}
TF_VAR_ves_vk8s_server: ${{ secrets.VES_VK8S_SERVER }}
# Where are the Terraform files
defaults:
run:
working-directory: kubernetes/terraform/configuration
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- name: Azure login
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.AZURE_APPID }}","clientSecret":"${{ secrets.AZURE_PASSWORD }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION }}","tenantId":"${{ secrets.AZURE_TENANT }}"}'
- name: Azure Kubernetes Context
id: set-context
uses: azure/aks-set-context@v3
with:
resource-group: '${{ secrets.AZURE_AKS_RG }}'
cluster-name: '${{ secrets.AZURE_AKS_NAME }}'
- name: Setup kubectl
id: install-kubectl
uses: azure/setup-kubectl@v3
- name: Add argo-cd charts
id: argo-cd-add
run: helm repo add argo https://argoproj.github.io/argo-helm
continue-on-error: false
- name: Add f5networks charts
id: f5networks-add
run: helm repo add f5-stable https://f5networks.github.io/charts/stable
continue-on-error: false
- name: Add nginxinc charts
id: nginxinc-add
run: helm repo add nginx-stable https://helm.nginx.com/stable
continue-on-error: false
- name: Update charts
id: charts-update
run: helm repo update
continue-on-error: false
- name: HashiCorp Terraform Setup
uses: hashicorp/setup-terraform@v2
- name: Terraform Kubernetes-Terraform-Configuration fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform Kubernetes-Terraform-Configuration Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform Kubernetes-Terraform-Configuration Validate
id: validate
run: terraform validate -no-color
- name: Terraform Kubernetes-Terraform-Configuration Apply
id: apply
run: terraform apply --auto-approve
######################################################################################################
Cloud-Network-Terraform-Infrastructure:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
# Environment Variables
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_APPID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_PASSWORD }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# Where are the Terraform files
defaults:
run:
working-directory: networking/terraform/infrastructure
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.7.4
- name: Terraform Cloud-Network-Terraform-Infrastructure fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform Cloud-Network-Terraform-Infrastructure Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform Cloud-Network-Terraform-Infrastructure Validate
id: validate
run: terraform validate -no-color
- name: Terraform Cloud-Network-Terraform-Infrastructure Apply
id: apply
run: terraform apply --auto-approve
######################################################################################################
NGINX-One-Resources-Available:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, NGINX-Terraform-Infrastructure]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- name: cURL NGINX-One
run: curl --max-time 10 -H "Authorization:${{ secrets.NGINX_ONE_F5XC_API_TOKEN }}" -X GET https://${{ secrets.NGINX_ONE_F5XC_TENANT }}.console.ves.volterra.io/api/nginx/one/namespaces/default/instances/summary
NGINX-One-Ansible-Configuration:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Cloud-Network-Terraform-Infrastructure, NGINX-One-Resources-Available]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2
- name: Install PIP
run: sudo apt-get install -y python3-pip
- name: Install apt-get dependencies
run: sudo pip3 install jmespath
- name: Setup ansible
run: |
ansible --version
pipx inject ansible-core jmespath
- name: Working directory
run: pwd
- name: Run Ansible Playbooks
uses: dawidd6/action-ansible-playbook@v2
with:
# Optional, additional flags to pass to ansible-playbook
options: |
--extra-vars "@../defaults/main.yaml"
--extra-vars "nginx_one_f5xc_api_token='${{ secrets.NGINX_ONE_F5XC_API_TOKEN }}'"
--extra-vars "nginx_one_f5xc_tenant='${{ secrets.NGINX_ONE_F5XC_TENANT }}'"
# --verbose -vvvv
# Required, playbook filepath
playbook: "nginx.yaml"
# Optional, directory where playbooks live
directory: "./nginx/ansible/configuration/playbooks"
NGINX-Terraform-Infrastructure:
# The type of runner that the job will run on
runs-on: ubuntu-20.04
needs: [Active-Directory-Terraform-Infrastructure]
# Environment Variables
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_APPID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_PASSWORD }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT }}
TF_VAR_nginx_username: ${{ secrets.NGINX_USER }}
TF_VAR_nginx_password: ${{ secrets.NGINX_PASSWORD }}
TF_VAR_nginx_one_dataplane_key: ${{ secrets.NGINX_ONE_DATAPLANE_KEY }}
# Where are the Terraform files
defaults:
run:
working-directory: nginx/terraform/infrastructure
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.7.4
- name: Terraform NGINX-Terraform-Infrastructure fmt
id: fmt
run: terraform fmt -check
continue-on-error: false
- name: Terraform NGINX-Terraform-Infrastructure Init
id: init
run: terraform init -backend-config="hostname=${{ secrets.TF_CLOUD_HOSTNAME }}" -backend-config="organization=${{ secrets.TF_CLOUD_ORGANIZATION }}" -backend-config="token=${{ secrets.TF_CLOUD_TOKEN }}"
- name: Terraform NGINX-Terraform-Infrastructure Validate
id: validate
run: terraform validate -no-color
- name: Terraform NGINX-Terraform-Infrastructure Apply
id: apply
run: terraform apply --auto-approve