Skip to content

updates readme #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
NgaNaNa merged 1 commit into from
May 26, 2025
Merged

updates readme #29

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 40 additions & 11 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ docker buildx build --platform linux/amd64,linux/arm64 -t nrampling/demo-node-ap
Update the image tag in `infra/eks/envs/dev.tfvars`


## 3 · Deploy with Terraform from directory infra/eks
## 3 · Deploy with Terraform from directory infra/eks/

```bash
AWS_PROFILE=node-app-terraform-dev terraform plan -var-file=../envs/dev.tfvars
Expand Down Expand Up @@ -66,8 +66,47 @@ Lookup for url for the exposed k8s Service for ingress-nginx controller
```bash
kubectl -n ingress-nginx get svc
```


---

## GitHub Actions for Terraform CI/CD – EKS Infra
This GitHub Actions workflow automates the infrastructure provisioning lifecycle for the demo Node.js app using Terraform.

### Workflow Triggers
Pull Requests to main: Run CI checks (format, validate, plan).

Push to main: Auto-applies Terraform to deploy infrastructure in dev.

### Job: terraform-dev
- Runs inside the infra/ directory

- terraform init: Uses a backend config with an S3 bucket passed as a secret.

- On PRs:
- Checks formatting consistency.
- Validates Terraform configuration.
- Creates an execution plan using envs/dev.tfvars
- Automatically comments the plan and outcomes back to the PR using actions/github-script.

- On Plan Failure:
- Marks the PR check as failed (exit 1).

- On Push to Main:
- Executes terraform apply with dev.tfvars, auto-approving without manual input.

### Security and Permissions
GitHub token permissions are explicitly set to allow reading content and commenting on PRs.

### Notes
Production-related jobs (terraform-prod-ci and terraform-prod-cd) are defined but commented out (Preparation for future)
The workflow is scoped to infrastructure compute resource only deployments, not application code or Docker builds.

---

---


# Amazon ECS Infrastructure Provisioning using Terraform

*(Please note, the PR trigger for automatically deploying changes to ECS (Infra resources) has been commented out (Disabled). This was introduced while I am working on GitHub CICD automation for deploying infra resources for AWS EKS. See above )*
Expand Down Expand Up @@ -127,14 +166,6 @@ alb_dns_name = dev-app-alb-123456.ap-southeast-2.elb.amazonaws.com
cluster_name = dev-ecs-cluster
```

Open:

```
http://dev-app-alb-123456.ap-southeast-2.elb.amazonaws.com/ping
```

once the ALB target turns **healthy**.

---

## Contributing
Expand Down Expand Up @@ -198,5 +229,3 @@ The workflow is scoped to infrastructure compute resource only deployments, not
## Author

Nga Rampling

# Testing
1 change: 0 additions & 1 deletion infra/eks/cluster.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ module "eks" {

cluster_endpoint_private_access = true
cluster_endpoint_public_access = true
# cluster_endpoint_public_access_cidrs = []

enable_cluster_creator_admin_permissions = true

Expand Down