Push Workflow

Let’s take a look at the push workflow.

.github/workflows/push.yml

name: Push Up
on:
  push:
    branches:
      - main

jobs:
  run:
    runs-on: ubuntu-latest

    env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_REGION: us-west-2
      GH_TOKEN: ${{ secrets.GH_TOKEN }}
      TS_ENV: dev
      TS_TOKEN: ${{ secrets.TS_TOKEN }}

    steps:
    - name: Checkout
      uses: actions/checkout@v3

    - name: Install Ruby
      uses: ruby/setup-ruby@v1
      with:
        ruby-version: 3.1
        bundler-cache: true # runs 'bundle install' and caches installed gems automatically

    - name: Install
      run:
        .github/bin/install

    - name: Terraspace Command
      run: |
        terraspace up demo -y

Supporting Script

The install script installs Terraform and Terraspace and looks something like this.

.github/bin/install

#!/bin/bash
brew install tfenv
tfenv install latest
tfenv use latest
bundle install
bundle exec terraspace new shim

Environment Variables

We should set these environment variables. Note that the AWS variables are required only if you’re using terraspace_plugin_aws.

With GitHub, you have to configure these secrets before running the workflow.

Steps:

  1. Go to the Repo Settings. It’s the tab on the right-hand side. You must own the repo or have admin permissions to see it.
  2. On the left-hand menu, go to Secrets / Actions.
  3. Click on the New repository secret
  4. Create the secrets, IE: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, GH_TOKEN, and TS_TOKEN.

Terraspace Command

At the very end, the terraspace up demo -y command will run to deploy the demo stack. You can customize this command or add additional commands. IE: You might want to use terraspace all up if you prefer.

Commit and Push

Let’s commit and push the files to start the workflow.

git add .
git commit -m 'add ci'
git push -u origin main

This starts the build process immediately.

Results

After the job starts, you’ll see something like the following. You may have to refresh to see the job running.

You can see that a resource was created.

Next, we’ll look at the Pull Request Workflow.

More tools: