This is project to setup templates for github actions for both infrastructure and application. Setting this up prior to a project helps not to have to do it at the beginning of a project.
The folowing things need to happen to setup this CI/CD pipeline.
- Setup an OIDC Provider in AWS
- Create a role for GitHub actions
- Setup a backend for Terraform, otherwise the Terraform state files end up on the runner and then disappaer
- Use a aws-actions/configure-aws-credentials@v4 action to get the AWS credentials
In order to setup the the role use the configure-aws-role.yml in the /utils directory. This is a CloudFormation file which can be uploaded and run.
This uses Terraform to setup Terraform, and because this setup is required to run the Terraform code in GitHub Actions this code cannot be mixed with the core Terraform code. Hence the files for this setup are in: src/setup. The backend is then configured in the terraform.tf file. Run the files in this folder to complete the setup. This creates two resources:
- A Dynamodb table for locks
- An S3 bucket for statefiles
Terraform destroy can then be used to remove the configuration.
The files in src/iac are a sample setup to demonstrate the system working.