If you are following my blog series, this is my 4th post. In my last, I have covered terraform cloud. I have shown directory structure and terraform workspaces. In this blog, I will cover creating a deployment pipeline for vpc and security groups. I will show how you can deploy vpc and security groups from development to production environments.
We will be using the GitOps method for deploying terraform resources. GitOps uses a Git repository as the single source of truth for infrastructure definitions. The core idea of GitOps is having a Git repository that always contains declarative descriptions of the infrastructure currently desired in your actual environments. If you want to deploy a new application or update an existing one, you only need to make a pull request to your git repository - the automated process handles everything else. In the case of GitHub, Github Actions takes care of everything.
For our deployment pipeline, we will be using Github Actions.
GitHub Actions makes it easy to automate all your CI/CD workflows, You can build, test, and deploy your code right from GitHub Repo. Make code reviews, branch management, and issue triaging work the way you want.
Github Actions offers free plans.
You can learn more about GitHub Actions from the bellow link
GitOps and Terraform WorkFlow
Separate Repo for each service (Network-VPC, Network-Security Groups, Compute-ASG, Compute-EC2)
I have created three branches (Develop, Stage and Prod). Each branch represents our actual infrastructure environments or terraforms workspaces.
Workflow starts when the DevOps engineer starts making changes to infrastructure.
DevOps engineer creates feature branch from prod(origin branch).
Make your changes and create a pull request to develop the branch.
I have created a separate workflow for each branch (terraform-develop.yml,terraform-stage.yml,terraform-prod.yml). The workflow is an automated procedure that you add to your repository. Workflows are made up of one or more jobs and can be scheduled or triggered by an event. The workflow can be used to build, test, package, release, or deploy a project on GitHub.
Checks out feature branch code.
Checks for syntax check.
Generate a plan for every pull requests.
When a pull request is merged with develop branch, resources will get deployed to development environment.
Deploy the changes Development Branch.
Again creates pull request to stage branch and same to prod branch.
Did you find this article valuable?
Support Nitheesh Poojary by becoming a sponsor. Any amount is appreciated!