improved main.yml, extracted infra ouputs

Author: NeckerFree

.github/workflows/main.yml

@@ -35,20 +35,25 @@ jobs:
         with:
             terraform_version: 1.5.0
 
-      - name: 📦 Terraform Init
-        run: terraform -chdir=infra init
+      # - name: 📦 Terraform Init
+      #   run: terraform -chdir=infra init
 
-      - name: 🐛 Debug Terraform Outputs
-        run: terraform -chdir=infra output
+      # - name: 🐛 Debug Terraform Outputs
+      #   run: terraform -chdir=infra output
 
       - name: 📤 Export Terraform Outputs
         id: tf
         run: |
           json=$(terraform -chdir=infra output -json)
           echo "DB_HOST=$(echo $json | jq -r '.mysql_fqdn.value')" >> $GITHUB_ENV
           echo "DB_USER=$(echo $json | jq -r '.mysql_admin_user.value')" >> $GITHUB_ENV
-          echo "DB_PASS=$(echo $json | jq -r '.mysql_admin_pwd.value')" >> $GITHUB_ENV
           echo "DB_NAME=$(echo $json | jq -r '.mysql_database_name.value')" >> $GITHUB_ENV
+          echo "DB_PASS<<EOF" >> $GITHUB_ENV
+          echo "$(echo $json | jq -r '.mysql_admin_pwd.value')" >> $GITHUB_ENV
+          echo "EOF" >> $GITHUB_ENV
+      # Mask the password and pass it securely
+      # echo "DB_PASS=$(echo $json | jq -r '.mysql_admin_pwd.value')" >> $GITHUB_ENV
+          
 
       - name: ✅ Validate Terraform Outputs
         run: |

.github/workflows/terraform.yml

@@ -110,10 +110,6 @@ jobs:
         run: |
           terraform -chdir=infra output -json > infra/tf_outputs.json
 
-      # cat infra/tf_outputs.json
-      # echo "Trying to extract IP:"
-      # jq -r '.control_node_public_ip' infra/tf_outputs.json
-
       - name: 📦 Upload inventory.ini as artifact
         uses: actions/upload-artifact@v4
         with:
@@ -127,10 +123,4 @@ jobs:
           chmod 600 ~/.ssh/vm_ssh_key
           echo -e "Host *\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
 
-      # - name: 📤 Copy inventory.ini to jumpbox
-      #   run: |
-      #     CONTROL_IP=$(terraform -chdir=infra output -raw control_node_public_ip.value)
-      #     SSH_USER=$(terraform -chdir=infra output -raw ssh_user.value)
-      #     echo "Using IP: $CONTROL_IP and user: $SSH_USER"
-      #     scp -i ~/.ssh/vm_ssh_key ansible/inventory.ini $SSH_USER@$CONTROL_IP:~/inventory.ini
 

infra/main.tf

@@ -91,34 +91,4 @@ module "app-service" {
   environment         = local.environment
 }
 
-output "mysql_fqdn" {
-  value = module.mysql-database.mysql_fqdn
-}
-
-output "mysql_admin_user" {
-  value     = module.mysql-database.mysql_admin_user
-  sensitive = true
-}
-
-output "mysql_admin_pwd" {
-  value     = module.mysql-database.mysql_admin_pwd
-  sensitive = true
-}
-
-output "mysql_database_name" {
-  value = module.mysql-database.mysql_database_name
-}
-
-output "lb_api_url" {
-  value = module.load-balancer.lb_api_url
-}
 
-output "control_node_public_ip" {
-  description = "Jumpbox IP"
-  value       = module.load-balancer.control_node_public_ip
-}
-
-output "ssh_user" {
-  description = "SSH admin user for VMs"
-  value       = var.admin_username
-}

infra/outputs.tf

@@ -0,0 +1,31 @@
+output "mysql_fqdn" {
+  value = module.mysql-database.mysql_fqdn
+}
+
+output "mysql_admin_user" {
+  value     = module.mysql-database.mysql_admin_user
+  sensitive = true
+}
+
+output "mysql_admin_pwd" {
+  value     = module.mysql-database.mysql_admin_pwd
+  sensitive = true
+}
+
+output "mysql_database_name" {
+  value = module.mysql-database.mysql_database_name
+}
+
+output "lb_api_url" {
+  value = module.load-balancer.lb_api_url
+}
+
+output "control_node_public_ip" {
+  description = "Jumpbox IP"
+  value       = module.load-balancer.control_node_public_ip
+}
+
+output "ssh_user" {
+  description = "SSH admin user for VMs"
+  value       = var.admin_username
+}

infra/variables.tf

@@ -38,7 +38,8 @@ variable "mysql_user" {
 }
 
 variable "admin_username" {
-  default = "adminuser"
+  default   = "adminuser"
+  sensitive = true
 }
 
 variable "allowed_ssh_ip" {