Continuous Integration and Continuous Deployment (CI/CD) pipelines are crucial for the development cycle, allowing teams to automate testing and deployment. This tutorial outlines how to utilize Terraform with GitHub Actions to create an efficient, automated CI/CD pipeline. Whether you’re new to these tools or have some experience, this guide aims to offer insights at various levels.

Prerequisites:

A GitHub account and a basic understanding of how GitHub works.

Basic knowledge of Infrastructure as Code (IaC) concepts and Terraform.
An AWS (Amazon Web Services) account for hosting resources deployed by Terraform.

Phase 1: Setting Up Your Terraform Project

First, you need a Terraform project. Here’s a simple setup:

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = ">= 2.68"
    }
  }
}

provider "aws" {
  region = "us-west-2"
}

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
}

Initialize your project with terraform init and then apply it with terraform apply to create an AWS instance. This is your base for the CI/CD pipeline.

Phase 2: Setting Up GitHub Actions

Create a .github/workflows directory in your project with a YAML file for your CI pipeline, for example, terraform_ci.yml:

name: Terraform CI

on:
  push:
    branches:
      - main

jobs:
  terraform:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v1
        with:
          terraform_version: 0.12.29
      - name: Terraform Init
        run: terraform init
      - name: Terraform Validate
        run: terraform validate
      - name: Terraform Plan
        run: terraform plan

This script triggers on a push to the main branch, checks out the code, sets up Terraform, and runs terraform init and terraform plan.

Phase 3: Implementing CI/CD with Terraform and GitHub Actions

Extend the terraform_ci.yml file to include deployment:

      - name: Terraform Apply
        run: terraform apply -auto-approve
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

Use GitHub Secrets to securely store your AWS credentials. Navigate to your repository settings, find the Secrets section, and add AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY there.

Now, every push to the main branch not only triggers validation but also automatically deploys your infrastructure changes.

Advanced Usage

For more complex scenarios, such as when working with different environments (dev, staging, production), you can expand your workflow with conditional steps or use different workflow files for each environment. An example would be to include a stepping process that requires a manual approval before deploying to production. This can be done by adding a workflow_dispatch or environment condition to trigger the action manually or upon certain conditions.

Conclusion

By combining Terraform with GitHub Actions, you establish a powerful CI/CD pipeline that automates testing and deployment across various environments. This guide provided a foundation, but as you evolve in your CI/CD journey, consider exploring further customizations and optimizations to fit your project’s specific needs.

Next Article: Methods to Install Terraform on Ubuntu

Previous Article: Terraform: How to concatenate lists

Series: Terraform Tutorials

DevOps