TerraformAzureActionTemplate

This repository will have some basic folder structure and a GitHub action for deploying Terraform IaC to Azure. It will serve as a template for future projects/lab work.

Azure Integration

In order for Terraform to be able to connect to Azure you'll need to create a service principal along with a secret. Once you create the service principal add the following secrets to your GitHub Repository under Repository Settings > Secrets and variables > Actions:

  • AZURE_CLIENT_ID
  • AZURE_CLIENT_SECRET
  • AZURE_SUBSCRIPTION_ID
  • AZURE_TENANT_ID

GitHub Actions

There are several workflows in this template which can be found under ./.github/workflows. Keep in mind these are very simple examples meant for my lab, and would not be appropriate for most production deployments.

Terraform-destroy.yml

This workflow installs Terraform and then runs terraform destory. This is helpful for cleaning up lab environments so you don't get billed for something you're not using.

Terraform-docs.yml

This workflow used a pre-built action to run Terraform Docs. There is a config file located in the ./terraform directory which allows for customization. This action also supports more advanced configurations such as nested modules and Atlantis files. This workflow runs on any pull request and ensures that documentation Markdown is generated before merging the pull request.

Terraform-plan-apply.yml

This is the core worklfow which actually applies the IaC (Infrastructure as Code) using Terraform. This workflow performs a number of actions:

  1. TFLint - This step runs a pre-built GitHub action that runs TFLint and leaves appropriate comments directly on the code in the pull-request. reviewdog/action-tflint@master
  2. Terraform Format
  3. Terraform Validate
  4. Terraform Init
  5. Terraform Plan
  6. PR Comment Script - This step runs a custom bash script based on a script provided by Hashicorp. The script takes the output from the previous steps including the full Terraform Plan output and submits them as a comment on the PR for easy review.
  7. Terraform Apply - Once the PR has been merged into the main branch (or upon any commit directly to the main branch) the final action is to run Terraform Apply. This step will only run if the Terraform Apply step was successful.

super-linter.yml

This is a Linter created by GitHub which is capable of checking code in multiple languages. This is helpful for generic templates that may be used with any language. More information and configuration options can be found here.

Terraform Docs

The output from Terrform Docs can be found: here

References

  1. GitHub Actions
  2. Terraform
  3. Terraform Docs
  4. Terraform Linter
  5. Markdown