Automating Terraform configuration by utilizing CircleCI to deploy an S3 backed web application.
The continuous integration workflow enables development teams to automate, self-test, quickly build, clone, and deploy software. Terraform deploys infrastructure repeatably. By adding Terraform into a CircleCI workflow, you can deploy your infrastructure in the same pipeline.
Benefits of continuous integration-continuous deployment (CI-CD)
- Smaller code changes are simpler and have fewer consequences.
- Fault isolation is simpler and quicker.
- Testability improves due to smaller, specific changes.
- Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions. → https://learn.hashicorp.com/tutorials/terraform/install-cli
- GitHub is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. → https://github.com/
- CircleCI is a modern continuous integration and continuous delivery (CI/CD) platform. → https://circleci.com/signup/
- AWS → https://aws.amazon.com/free/
Make sure you insert your GitHub name!
$ git clone https://github.com/YOUR-USER-NAME/learn-terraform-circleci
Change directories to your forked repository.
$ cd learn-terraform-circleci/.circleci
Analyze CircleCI configuration:
config.yml file in your file editor. There will be a total of four jobs in this workflow:
You will then use these jobs to define the automated Terraform workflow. Each job must declare an executor, an operating system which will launch and perform the actions you define, and a series of steps.
stepsin this configuration are actions that CircleCI takes in the workflow to perform your job. Steps are a collection of executable commands.
attach_workspacestep in the
applyjob loads the previously persisted workspace in the
terraform applyusing the execution plan generated from the previous job.
The Plan Destroy and Destroy Jobs
plan-destroyjob creates an execution plan and the
destroyjob executes that with
terraform apply tfdestroyjob to remove all of the infrastructure you created.
- Workflow defines order, precedence, and requirements to perform the jobs within the pipeline
Setup the CircleCI UI
- In the CircleCI web UI, choose the Projects icon from the left. Search for the repo you forked and choose Set Up Project.
2. Choose “Hello World” as the language and choose the “Use Existing Config” option.
3. Choose “Start Building” and you should be presented with a popup confirming you have created
4. It will fail because the job needs our AWS credentials.
- To generate an access key and secret access key file, log in to your AWS account and create them in IAM.
- Add and save these variables in your CircleCI Build Settings.
Create Remote Backend:
- In your terminal, change into the
s3_backenddirectory of the
$ cd s3_backend
2. Initialize and apply the backend configuration. You will be prompted to choose an AWS region for your S3 bucket.
$ terraform init && terraform apply
3. Change into the root directory of the
$ cd ..
$ vim main.tf
4. Open the
main.tf file and add the backend configuration with your unique bucket ID and region.
Trigger The Workflow with Git:
- Prepare to add your changes to your GitHub repository.
$ git add main.tf variables.tfvars
2. Commit changes.
$ git commit -m "Add remote backend and variable definitions"
3. Push these changes to your forked repositories master branch
$ git push
- If you get an error as such below, run terraform fmt before committing GIT to make sure there are no errors with the main.tf configuration.
- After editing the Main.tf file come back to the terminal and run Git again.
4. The CircleCI web UI should indicate that your build has started.
5. Click on-hold, click hold-apply, then click approve button.
- Review that job by navigating to the workflows for
plan_approve_apply. In each job in the workflow, you can click on each step to expand the output.
- Once the deployment job is complete, your workflow will be on hold. The hold in your configuration is the step before destruction. The output in the job displays your webapp address.
- Navigate to that address and verify your app deployed correctly.
Example: Endpoint = “terramino.hashicorp.fun.xxxxxx.s3-website-us-east-1.amazon.com”
Generate Destroy Plan:
plan-destroy step in the workflow will prevent CircleCI from continuing to the next job in your workflow.
hold-destroy is a manual gate step which allows you to decide when to move to the final step in the configuration. Click on the hold step and then choose "approve" to move on to the
destroy job in this workflow.
Destroy State S3 bucket.
- Navigate to the
$ cd s3_backend
terraform destroy to destroy the S3 bucket.
$ terraform destroy
yes to approve the destroy job.