Skip to content

Commit

Permalink
feat: add eks cluster gha (#112)
Browse files Browse the repository at this point in the history
  • Loading branch information
@leiicamundi
leiicamundi authored Sep 18, 2024
1 parent 8182e00 commit 0471f79
Show file tree
Hide file tree
Showing 24 changed files with 1,752 additions and 656 deletions.
151 changes: 151 additions & 0 deletions .github/actions/aurora-manage-cluster/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
# Deploy RDS Aurora Cluster

## Description

This GitHub Action automates the deployment of an RDS Aurora cluster using Terraform.
This action will also install Terraform and awscli. It will output the Aurora cluster endpoint.


## Inputs

| name | description | required | default |
| --- | --- | --- | --- |
| `cluster-name` | <p>Name of the RDS Aurora cluster to deploy</p> | `true` | `""` |
| `username` | <p>Username for the PostgreSQL admin user</p> | `true` | `""` |
| `password` | <p>Password for the PostgreSQL admin user</p> | `true` | `""` |
| `vpc-id` | <p>VPC ID to create the cluster in</p> | `true` | `""` |
| `subnet-ids` | <p>List of subnet IDs to create the cluster in</p> | `true` | `""` |
| `cidr-blocks` | <p>CIDR blocks to allow access from and to</p> | `true` | `""` |
| `availability-zones` | <p>Array of availability zones to use for the Aurora cluster</p> | `true` | `""` |
| `additional-terraform-vars` | <p>JSON object containing additional Terraform variables</p> | `false` | `{}` |
| `s3-backend-bucket` | <p>Name of the S3 bucket to store Terraform state</p> | `true` | `""` |
| `s3-bucket-region` | <p>Region of the bucket containing the resources states</p> | `false` | `""` |
| `tf-modules-revision` | <p>Git revision of the tf modules to use</p> | `false` | `main` |
| `tf-modules-path` | <p>Path where the tf Aurora modules will be cloned</p> | `false` | `./.action-tf-modules/aurora/` |
| `tf-cli-config-credentials-hostname` | <p>The hostname of a HCP Terraform/Terraform Enterprise instance to place within the credentials block of the Terraform CLI configuration file. Defaults to <code>app.terraform.io</code>.</p> | `false` | `app.terraform.io` |
| `tf-cli-config-credentials-token` | <p>The API token for a HCP Terraform/Terraform Enterprise instance to place within the credentials block of the Terraform CLI configuration file.</p> | `false` | `""` |
| `tf-terraform-version` | <p>The version of Terraform CLI to install. Defaults to <code>latest</code>.</p> | `false` | `latest` |
| `tf-terraform-wrapper` | <p>Whether or not to install a wrapper to wrap subsequent calls of the <code>terraform</code> binary and expose its STDOUT, STDERR, and exit code as outputs named <code>stdout</code>, <code>stderr</code>, and <code>exitcode</code> respectively. Defaults to <code>true</code>.</p> | `false` | `true` |
| `awscli-version` | <p>Version of the aws cli to use</p> | `false` | `2.15.52` |


## Outputs

| name | description |
| --- | --- |
| `aurora-endpoint` | <p>The endpoint of the deployed Aurora cluster</p> |
| `terraform-state-url` | <p>URL of the Terraform state file in the S3 bucket</p> |
| `all-terraform-outputs` | <p>All outputs from Terraform</p> |


## Runs

This action is a `composite` action.

## Usage

```yaml
- uses: camunda/camunda-tf-eks-module/aurora-manage-cluster@main
with:
cluster-name:
# Name of the RDS Aurora cluster to deploy
#
# Required: true
# Default: ""

username:
# Username for the PostgreSQL admin user
#
# Required: true
# Default: ""

password:
# Password for the PostgreSQL admin user
#
# Required: true
# Default: ""

vpc-id:
# VPC ID to create the cluster in
#
# Required: true
# Default: ""

subnet-ids:
# List of subnet IDs to create the cluster in
#
# Required: true
# Default: ""

cidr-blocks:
# CIDR blocks to allow access from and to
#
# Required: true
# Default: ""

availability-zones:
# Array of availability zones to use for the Aurora cluster
#
# Required: true
# Default: ""

additional-terraform-vars:
# JSON object containing additional Terraform variables
#
# Required: false
# Default: {}

s3-backend-bucket:
# Name of the S3 bucket to store Terraform state
#
# Required: true
# Default: ""

s3-bucket-region:
# Region of the bucket containing the resources states
#
# Required: false
# Default: ""

tf-modules-revision:
# Git revision of the tf modules to use
#
# Required: false
# Default: main

tf-modules-path:
# Path where the tf Aurora modules will be cloned
#
# Required: false
# Default: ./.action-tf-modules/aurora/

tf-cli-config-credentials-hostname:
# The hostname of a HCP Terraform/Terraform Enterprise instance to place within the credentials block of the Terraform CLI configuration file. Defaults to `app.terraform.io`.
#
# Required: false
# Default: app.terraform.io

tf-cli-config-credentials-token:
# The API token for a HCP Terraform/Terraform Enterprise instance to place within the credentials block of the Terraform CLI configuration file.
#
# Required: false
# Default: ""

tf-terraform-version:
# The version of Terraform CLI to install. Defaults to `latest`.
#
# Required: false
# Default: latest

tf-terraform-wrapper:
# Whether or not to install a wrapper to wrap subsequent calls of the `terraform` binary and expose its STDOUT, STDERR, and exit code as outputs named `stdout`, `stderr`, and `exitcode` respectively. Defaults to `true`.
#
# Required: false
# Default: true

awscli-version:
# Version of the aws cli to use
#
# Required: false
# Default: 2.15.52
```
170 changes: 170 additions & 0 deletions .github/actions/aurora-manage-cluster/action.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,170 @@
---
name: Deploy RDS Aurora Cluster

description: |
This GitHub Action automates the deployment of an RDS Aurora cluster using Terraform.
This action will also install Terraform and awscli. It will output the Aurora cluster endpoint.
inputs:
cluster-name:
description: Name of the RDS Aurora cluster to deploy
required: true

username:
description: Username for the PostgreSQL admin user
required: true

password:
description: Password for the PostgreSQL admin user
required: true

vpc-id:
description: VPC ID to create the cluster in
required: true

subnet-ids:
description: List of subnet IDs to create the cluster in
required: true

cidr-blocks:
description: CIDR blocks to allow access from and to
required: true

availability-zones:
description: Array of availability zones to use for the Aurora cluster
required: true

additional-terraform-vars:
description: JSON object containing additional Terraform variables
required: false
default: '{}'

s3-backend-bucket:
description: Name of the S3 bucket to store Terraform state
required: true

s3-bucket-region:
description: Region of the bucket containing the resources states
required: false

tf-modules-revision:
description: Git revision of the tf modules to use
default: main

tf-modules-path:
description: Path where the tf Aurora modules will be cloned
default: ./.action-tf-modules/aurora/

# inherited from https://github.com/hashicorp/setup-terraform/blob/main/action.yml
tf-cli-config-credentials-hostname:
description: The hostname of a HCP Terraform/Terraform Enterprise instance to place within the credentials block of the Terraform CLI configuration
file. Defaults to `app.terraform.io`.
default: app.terraform.io

tf-cli-config-credentials-token:
description: The API token for a HCP Terraform/Terraform Enterprise instance to place within the credentials block of the Terraform CLI configuration
file.
required: false

tf-terraform-version:
description: The version of Terraform CLI to install. Defaults to `latest`.
default: latest

tf-terraform-wrapper:
description: Whether or not to install a wrapper to wrap subsequent calls of the `terraform` binary and expose its STDOUT, STDERR, and exit code
as outputs named `stdout`, `stderr`, and `exitcode` respectively. Defaults to `true`.
default: 'true'

awscli-version:
description: Version of the aws cli to use
# renovate: datasource=github-releases depName=aws/aws-cli
default: 2.15.52

outputs:
aurora-endpoint:
description: The endpoint of the deployed Aurora cluster
value: ${{ steps.apply.outputs.aurora_endpoint }}

terraform-state-url:
description: URL of the Terraform state file in the S3 bucket
value: ${{ steps.utility.outputs.terraform-state-url }}

# Add all terraform outputs dynamically
all-terraform-outputs:
description: All outputs from Terraform
value: ${{ steps.fetch_outputs.outputs.all_terraform_outputs }}

runs:
using: composite
steps:
- name: Use Utility Actions
id: utility
# see https://github.com/orgs/community/discussions/41927 it's not possible to optimize this yet
# steps.uses cannot access the github context.
# uses: ${{ github.action_repository }}/utility-action@${{ github.action_ref }}
# TODO: hard pin this one once it's merged
#uses: "camunda/camunda-tf-eks-module/utility-action@main"
uses: ./.github/actions/utility-action
with:
awscli-version: ${{ inputs.awscli-version }}
terraform-version: ${{ inputs.terraform-version }}

s3-backend-bucket: ${{ inputs.s3-backend-bucket }}
s3-bucket-region: ${{ inputs.s3-bucket-region }}

tf-state-key: terraform/${{ inputs.cluster-name }}/gha/aurora/terraform.tfstate

tf-cli-config-credentials-hostname: ${{ inputs.tf-cli-config-credentials-hostname }}
tf-cli-config-credentials-token: ${{ inputs.tf-cli-config-credentials-token }}
tf-terraform-wrapper: ${{ inputs.tf-terraform-wrapper }}

- name: Checkout Repository Aurora modules
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
repository: camunda/camunda-tf-eks-module
ref: ${{ inputs.tf-modules-revision }}
path: ${{ inputs.tf-modules-path }}
fetch-depth: 0

- name: Terraform Init
shell: bash
id: init
working-directory: ${{ inputs.tf-modules-path }}/modules/aurora/
run: |
cp ../fixtures/backend.tf ./
terraform version
terraform init -backend-config="bucket=${{ steps.utility.outputs.TFSTATE_BUCKET }}" -backend-config="key=${{ steps.utility.outputs.TFSTATE_KEY }}" -backend-config="region=${{ steps.utility.outputs.TFSTATE_REGION }}"
terraform validate -no-color
- name: Terraform Plan
shell: bash
id: plan
working-directory: ${{ inputs.tf-modules-path }}/modules/aurora/
run: |
echo '${{ inputs.additional-terraform-vars }}' > /tmp/var.tfvars.json
terraform plan -no-color -out aurora.plan \
-var-file=/tmp/var.tfvars.json \
-var "cluster_name=${{ inputs.cluster-name }}" \
-var "username=${{ inputs.username }}" \
-var "password=${{ inputs.password }}" \
-var 'availability_zones=${{ inputs.availability-zones }}' \
-var "vpc_id=${{ inputs.vpc-id }}" \
-var 'subnet_ids=${{ inputs.subnet-ids }}' \
-var 'cidr_blocks=${{ inputs.cidr-blocks }}'
- name: Terraform Apply
shell: bash
id: apply
working-directory: ${{ inputs.tf-modules-path }}/modules/aurora/
run: |
terraform apply -no-color aurora.plan
export aurora_endpoint="$(terraform output -raw aurora_endpoint)"
echo "aurora_endpoint=$aurora_endpoint" >> "$GITHUB_OUTPUT"
- name: Fetch Terraform Outputs
shell: bash
id: fetch_outputs
working-directory: ${{ inputs.tf-modules-path }}/modules/aurora/
run: |
all_outputs=$(terraform output -json | jq -c .)
echo "all_terraform_outputs=$all_outputs" | tee -a "$GITHUB_OUTPUT"
57 changes: 57 additions & 0 deletions .github/actions/eks-cleanup-resources/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
# Delete EKS resources

## Description

This GitHub Action automates the deletion of EKS resources using a shell script.


## Inputs

| name | description | required | default |
| --- | --- | --- | --- |
| `tf-bucket` | <p>Bucket containing the resources states</p> | `true` | `""` |
| `tf-bucket-region` | <p>Region of the bucket containing the resources states, if not set, will fallback on AWS_REGION</p> | `false` | `""` |
| `max-age-hours` | <p>Maximum age of resources in hours</p> | `false` | `20` |
| `target` | <p>Specify an ID to destroy specific resources or "all" to destroy all resources</p> | `false` | `all` |
| `temp-dir` | <p>Temporary directory prefix used for storing resource data during processing</p> | `false` | `./tmp/eks-cleanup/` |


## Runs

This action is a `composite` action.

## Usage

```yaml
- uses: camunda/camunda-tf-eks-module/eks-cleanup-resources@main
with:
tf-bucket:
# Bucket containing the resources states
#
# Required: true
# Default: ""

tf-bucket-region:
# Region of the bucket containing the resources states, if not set, will fallback on AWS_REGION
#
# Required: false
# Default: ""

max-age-hours:
# Maximum age of resources in hours
#
# Required: false
# Default: 20

target:
# Specify an ID to destroy specific resources or "all" to destroy all resources
#
# Required: false
# Default: all

temp-dir:
# Temporary directory prefix used for storing resource data during processing
#
# Required: false
# Default: ./tmp/eks-cleanup/
```
Loading

0 comments on commit 0471f79

Please sign in to comment.