fix(ci/cd): add variable to setup influxdb token in servers #11
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Stage deploy using Terraform' | |
# Garante que esse workflow irá executar apenas quando alterados arquivos | |
# da pasta instances, que é o local onde está concentrado os arquivos de infraestrura | |
# declarados com Terraform. | |
on: | |
push: | |
branches: | |
- "feature/*" | |
- "hotfix/*" | |
paths: | |
- "instances/**" | |
- ".github/workflows/terraform-stage.yml" | |
jobs: | |
terraform: | |
name: 'Terraform' | |
runs-on: ubuntu-latest | |
steps: | |
# Confira o repositório para o GitHub Actions runner | |
- name: Checkout | |
uses: actions/checkout@v3 | |
# with: | |
# submodules: true # Clona os submódulos junto com o repositório principal | |
# fetch-depth: 0 # Garante que o histórico completo seja baixado, necessário para alguns submódulos | |
# token: ${{ secrets.GITHUB_TOKEN }} # Usa o Github token para acessar submódulos privados | |
- name: Setup SSH key | |
env: | |
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
run: | | |
mkdir -p ~/.ssh | |
echo "$SSH_PRIVATE_KEY" > ~/.ssh/ailton-krenak.pem | |
# Instale a versão mais recente do Terraform CLI e defina a configuração do Terraform CLI. | |
- name: Install Terraform | |
run: | | |
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg | |
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list | |
sudo apt update && sudo apt install terraform | |
# Inicia uma serie de comandos para publicar nossa infraestrura. | |
# Como estamos publicando uma infraestrutura na AWS é necessário garantir | |
# a configuração dos secrets AWS_ACCESS_KEY_ID e AWS_SECRET_ACCESS_KEY no repositório do Github. | |
- name: Terraform Initialize | |
working-directory: ./instances | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
TF_VAR_INFLUXDB_TOKEN: ${{ secrets.INFLUXDB_TOKEN }} | |
run: terraform init | |
- name: Terraform Validate | |
working-directory: ./instances | |
run: terraform validate | |
# Define que iremos trabalhar no ambiente de stage | |
- name: Terraform Select Workspace | |
working-directory: ./instances | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
TF_VAR_INFLUXDB_TOKEN: ${{ secrets.INFLUXDB_TOKEN }} | |
run: terraform workspace select stage | |
- name: Terraform Plan | |
working-directory: ./instances | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
TF_VAR_INFLUXDB_TOKEN: ${{ secrets.INFLUXDB_TOKEN }} | |
run: terraform plan -var="influxdb_token=${TF_VAR_INFLUXDB_TOKEN}" | |
- name: Terraform Apply | |
working-directory: ./instances | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
TF_VAR_INFLUXDB_TOKEN: ${{ secrets.INFLUXDB_TOKEN }} | |
run: terraform apply -auto-approve -var="influxdb_token=${TF_VAR_INFLUXDB_TOKEN}" |