Skip to content

Commit 3f7e145

Browse files
exploratoryprorammerexploratoryprorammer
committed
optmized terraform
1 parent ad94032 commit 3f7e145

File tree

3 files changed

+83
-23
lines changed

3 files changed

+83
-23
lines changed

.github/workflows/terraform.yml

Lines changed: 23 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
name: Terraform Apply
1+
name: Terraform Deploy
22

33
on:
44
push:
@@ -13,7 +13,7 @@ permissions:
1313
id-token: write
1414

1515
jobs:
16-
terraform:
16+
setup-backend:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Checkout Repository
@@ -31,34 +31,34 @@ jobs:
3131
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
3232
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
3333

34-
- name: Setup Terraform State Storage
34+
- name: Setup State Backend
35+
working-directory: backend-setup
3536
run: |
36-
# Create resource group for state if it doesn't exist
37-
az group create --name terraform-state-rg --location eastus2 || true
37+
terraform init
38+
terraform apply -auto-approve
3839
39-
# Create storage account if it doesn't exist
40-
az storage account create \
41-
--name isfterraformstate \
42-
--resource-group terraform-state-rg \
43-
--location eastus2 \
44-
--sku Standard_LRS \
45-
--encryption-services blob || true
40+
deploy-infrastructure:
41+
needs: setup-backend
42+
runs-on: ubuntu-latest
43+
steps:
44+
- name: Checkout Repository
45+
uses: actions/checkout@v4
4646

47-
# Create container if it doesn't exist
48-
az storage container create \
49-
--name tfstate \
50-
--account-name isfterraformstate || true
47+
- name: Setup Terraform
48+
uses: hashicorp/setup-terraform@v3
49+
with:
50+
terraform_version: 1.9.8
51+
52+
- name: Azure Login via OIDC
53+
uses: azure/login@v2
54+
with:
55+
client-id: ${{ secrets.AZURE_CLIENT_ID }}
56+
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
57+
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
5158

5259
- name: Terraform Init
5360
run: terraform init
5461

55-
- name: Import Existing Resources
56-
continue-on-error: true
57-
run: |
58-
terraform import -var-file="env.tfvars" azurerm_resource_group.rg /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/isfinfa-rg || true
59-
terraform import -var-file="env.tfvars" azurerm_service_plan.asp /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/isfinfa-rg/providers/Microsoft.Web/serverFarms/isfinfa-plan || true
60-
terraform import -var-file="env.tfvars" azurerm_linux_web_app.backend /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/isfinfa-rg/providers/Microsoft.Web/sites/isfinfa-go-backend || true
61-
6262
- name: Terraform Validate
6363
run: terraform validate
6464

backend-setup/main.tf

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
terraform {
2+
required_providers {
3+
azurerm = {
4+
source = "hashicorp/azurerm"
5+
version = "~> 3.0"
6+
}
7+
}
8+
}
9+
10+
provider "azurerm" {
11+
features {}
12+
}
13+
14+
resource "azurerm_resource_group" "state" {
15+
name = "terraform-state-rg"
16+
location = "eastus2"
17+
}
18+
19+
resource "azurerm_storage_account" "state" {
20+
name = "isfterraformstate"
21+
resource_group_name = azurerm_resource_group.state.name
22+
location = azurerm_resource_group.state.location
23+
account_tier = "Standard"
24+
account_replication_type = "LRS"
25+
}
26+
27+
resource "azurerm_storage_container" "state" {
28+
name = "tfstate"
29+
storage_account_name = azurerm_storage_account.state.name
30+
container_access_type = "private"
31+
}
32+
33+
output "storage_account_name" {
34+
value = azurerm_storage_account.state.name
35+
}
36+
37+
output "container_name" {
38+
value = azurerm_storage_container.state.name
39+
}
40+
41+
output "resource_group_name" {
42+
value = azurerm_resource_group.state.name
43+
}

import.tf

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
# Import existing resources if they were created outside Terraform
2+
# Remove this file after first successful apply
3+
4+
import {
5+
to = azurerm_resource_group.rg
6+
id = "/subscriptions/e00ac8d0-d7ed-48ef-9463-cc5138d2a3db/resourceGroups/isfinfa-rg"
7+
}
8+
9+
import {
10+
to = azurerm_service_plan.asp
11+
id = "/subscriptions/e00ac8d0-d7ed-48ef-9463-cc5138d2a3db/resourceGroups/isfinfa-rg/providers/Microsoft.Web/serverFarms/isfinfa-plan"
12+
}
13+
14+
import {
15+
to = azurerm_linux_web_app.backend
16+
id = "/subscriptions/e00ac8d0-d7ed-48ef-9463-cc5138d2a3db/resourceGroups/isfinfa-rg/providers/Microsoft.Web/sites/isfinfa-go-backend"
17+
}

0 commit comments

Comments
 (0)