This repository contains sample files demonstrating how to utilize GitHub Actions in conjunction with Terraform to deploy resources to Microsoft Azure.
Terraform is an open-source Infrastructure as Code (IaC) tool that allows you to define and provision infrastructure using a declarative configuration language. By integrating Terraform with GitHub Actions, you can automate your infrastructure deployments, ensuring consistency and reliability. This repository provides examples and workflows to help you get started with this integration.
-
.github/workflows/: Contains GitHub Actions workflow files that define the automation processes.
-
terraform/: Holds Terraform configuration files for deploying various Azure resources.
Before using the samples in this repository, ensure you have the following:
-
Azure Subscription: Active subscription to deploy resources.
-
Azure Resource Group: A resource group to be used for the deployment.
-
GitHub Account: To set up and run GitHub Actions.
-
Azure Storage Account: To store Terraform state files remotely.
-
Azure Service Principal: For GitHub Actions to authenticate and deploy resources to Azure. Also needs appropriate rights on the Storage Account.
-
git clone https://github.com/HaikoHertes/ActionsDemo2025.simple.git
-
Configure Remote Backend for Terraform State:
-
Create an Azure Storage Account to store Terraform state files.
-
Make sure the Service Principal has appropriate rights on the Storage Account to create and write the TF state file.
-
-
Set Up Azure Credentials:
-
az ad sp create-for-rbac --name "GitHubActionsDemo" --role Contributor --scopes /subscriptions/{SUBSCRIPTION_ID}/resourceGroups/{RESOURCE_GROUP_NAME} --json-auth
-
Note the JSON output, which contains your Azure credentials.
-
Add the following secrets to your GitHub repository under "Settings" > "Secrets and variables" > "Actions":
-
AZURE_CREDS: The JSON output from the previous step.
-
AZURE_SUB_ID: Your Azure Subscription ID.
-
ARM_CLIENT_ID: Client ID for the Service Principal from the JSON above
-
ARM_CLIENT_SECRET: Client Secret for the Service Principal from the JSON above
-
ARM_TENANT_ID: Tenant ID for the Service Principal from the JSON above
-
STORAGE_ACCOUNT_NAME: Name of Storage Account to be used for TF state file
-
STORAGE_CONTAINER_NAME: Name of Storage Account Blob Container to be used for TF state file
-
-
-
Review and Modify Terraform Configurations:
-
Navigate to the terraform/ directory and review the provided .tf files.
-
Modify them as needed to fit your specific requirements.
-
-
Configure GitHub Actions Workflows:
-
Examine the workflows in .github/workflows/.
-
Adjust the workflows to reference your Terraform configurations and any specific deployment parameters.
-
-
Trigger the Workflow:
- Push changes to the repository or manually trigger the workflow via the GitHub Actions tab.
-
Terraform Documentation
Contributions are welcome! Please fork this repository, make your changes, and submit a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.