Add action to terraform and deploy

mikeheft · Jul 7, 2024 · 41e914c · 41e914c
1 parent 1a39ffb
commit 41e914c
Showing 1 changed file with 78 additions and 0 deletions.
diff --git a/.github/workflows/terraform_and_deploy.yaml b/.github/workflows/terraform_and_deploy.yaml
@@ -0,0 +1,78 @@
+name: Terraform and Deploy to Elastic Beanstalk
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  terraform:
+    name: Terraform Plan and Apply
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'push' && contains(github.event.head_commit.modified, 'terraform/') }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: 1.3.5
+
+      - name: Initialize Terraform
+        run: terraform init
+        working-directory: terraform
+
+      - name: Terraform Plan
+        run: terraform plan -out=tfplan
+        working-directory: terraform
+
+      - name: Terraform Apply
+        run: terraform apply -auto-approve tfplan
+        working-directory: terraform
+
+  deploy:
+    name: Deploy to Elastic Beanstalk
+    runs-on: ubuntu-latest
+
+    needs: [terraform]
+
+    if: ${{ needs.terraform.result != 'skipped' }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.0
+
+      - name: Install dependencies
+        run: bundle install
+
+      - name: Set up EB CLI
+        run: |
+          pip install awsebcli
+          eb --version
+
+      - name: Deploy to Elastic Beanstalk
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: "us-west-2"
+        run: |
+          eb init -p ruby-3.0 -r us-west-2 my-eb-app
+          eb use prod-env
+          eb deploy
+
+      - name: Set environment variables
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: "us-west-2"
+        run: |
+          DB_PASSWORD=$(aws secretsmanager get-secret-value --secret-id creds --query 'SecretString' --output text | jq -r '.ROUTE_RATER_DATABASE_PASSWORD')
+          GOOGLE_API_KEY=$(aws secretsmanager get-secret-value --secret-id creds --query 'SecretString' --output text | jq -r '.GOOGLE_API_KEY')
+          eb setenv ROUTE_RATER_DATABASE_PASSWORD=$DB_PASSWORD GOOGLE_API_KEY=$GOOGLE_API_KEY