Skip to content

Commit 39cd726

Browse files
NeckerFreeNeckerFree
authored
Merge pull request #9 from NeckerFree/simplify
passed from simplify to master
2 parents 389f5e4 + 6b8a2e7 commit 39cd726

36 files changed

+873
-855
lines changed

.github/workflows/main.yml

Lines changed: 0 additions & 124 deletions
This file was deleted.

.github/workflows/terraform-destroy.yml

Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
name: Terraform Destroy
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
confirm_destroy:
7+
description: "⚠️ Type 'YES' to confirm destroying the infrastructure"
8+
required: true
9+
10+
permissions:
11+
contents: read
12+
id-token: write
13+
14+
env:
15+
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
16+
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
17+
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
18+
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
19+
20+
jobs:
21+
destroy:
22+
name: Terraform Destroy
23+
runs-on: ubuntu-latest
24+
25+
steps:
26+
- name: 🛑 Validate confirmation input
27+
if: ${{ github.event.inputs.confirm_destroy != 'YES' }}
28+
run: |
29+
echo "You must type YES to proceed with destroy."
30+
exit 1
31+
32+
- name: 📦 Checkout code
33+
uses: actions/checkout@v3
34+
35+
- name: ⚙️ Setup Terraform
36+
uses: hashicorp/setup-terraform@v2
37+
with:
38+
terraform_version: 1.5.0
39+
40+
- name: 🔐 Azure Login with Service Principal
41+
uses: azure/login@v1
42+
with:
43+
creds: >-
44+
{
45+
"clientId": "${{ secrets.ARM_CLIENT_ID }}",
46+
"clientSecret": "${{ secrets.ARM_CLIENT_SECRET }}",
47+
"subscriptionId": "${{ secrets.ARM_SUBSCRIPTION_ID }}",
48+
"tenantId": "${{ secrets.ARM_TENANT_ID }}"
49+
}
50+
51+
- name: 🧪 Verify Azure login
52+
run: az account show
53+
54+
- name: 📥 Terraform Init
55+
run: |
56+
terraform -chdir=infra init \
57+
-backend-config="resource_group_name=soft-tfstate-rg" \
58+
-backend-config="storage_account_name=softsastate" \
59+
-backend-config="container_name=tfstate" \
60+
-backend-config="key=terraform.tfstate"
61+
62+
- name: ⚠️ Terraform Destroy
63+
run: |
64+
terraform -chdir=infra destroy -auto-approve -input=false \
65+
-var="subscription_id=${{ secrets.ARM_SUBSCRIPTION_ID }}" \
66+
-var="client_id=${{ secrets.ARM_CLIENT_ID }}" \
67+
-var="client_secret=${{ secrets.ARM_CLIENT_SECRET }}" \
68+
-var="tenant_id=${{ secrets.ARM_TENANT_ID }}" \
69+
-var="allowed_ssh_ip=${{ secrets.MY_IP_ADDRESS }}" \
70+
-var="mysql_user=${{ secrets.MYSQL_USER }}" \
71+
-var="mysql_admin_password=${{ secrets.MYSQL_ADMIN_PASSWORD }}" \
72+
-var="ssh_public_key=${{ secrets.VM_SSH_PUB_KEY }}"

.github/workflows/terraform.yml

Lines changed: 111 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -106,51 +106,133 @@ jobs:
106106
if: github.ref == 'refs/heads/master'
107107
run: terraform -chdir=infra apply -auto-approve -input=false -var-file=terraform.tfvars
108108

109+
# - name: 📄 Generate Terraform outputs
110+
# run: |
111+
# terraform -chdir=infra output -json > infra/tf_outputs.json
112+
# echo "✅ tf_outputs.json generated"
113+
109114
- name: 📄 Generate Terraform outputs
110115
run: |
111-
terraform -chdir=infra output -json > infra/tf_outputs.json
112-
113-
# cat infra/tf_outputs.json
114-
# echo "Trying to extract IP:"
115-
# jq -r '.control_node_public_ip' infra/tf_outputs.json
116+
"$TERRAFORM_CLI_PATH/terraform-bin" -chdir=infra output -json > infra/tf_outputs.json
116117
118+
# - name: 🐛 Debug Terraform outputs
119+
# run: |
120+
# cat infra/tf_outputs.json
121+
117122
- name: 📦 Upload inventory.ini as artifact
118123
uses: actions/upload-artifact@v4
119124
with:
120125
name: inventory
121126
path: ansible/inventory.ini
122-
123-
- name: 🔑 Configure SSH for jumpbox
127+
128+
- name: 📤 Export Terraform outputs to GitHub ENV
124129
run: |
125-
mkdir -p ~/.ssh
126-
echo "${{ secrets.VM_SSH_KEY }}" > ~/.ssh/vm_ssh_key
127-
chmod 600 ~/.ssh/vm_ssh_key
128-
echo -e "Host *\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
130+
echo "📥 Exporting variables to GitHub ENV..."
131+
echo "APP_SERVICE_NAME=$(jq -r '.app_service_name.value' infra/tf_outputs.json)" >> $GITHUB_ENV
132+
echo "RESOURCE_GROUP_NAME=$(jq -r '.resource_group_name.value' infra/tf_outputs.json)" >> $GITHUB_ENV
133+
echo "LB_API_URL=$(jq -r '.lb_api_url.value' infra/tf_outputs.json)" >> $GITHUB_ENV
134+
echo "LB_API_PORT=$(jq -r '.api_public_port.value' infra/tf_outputs.json)" >> $GITHUB_ENV
129135
130-
- name: 🚀 Upload Inventory to Jumpbox
136+
- name: 🔧 Compose LB API URL
131137
run: |
138+
echo "LB_API_URL=${LB_API_URL}:${LB_API_PORT}" >> $GITHUB_ENV
139+
140+
- name: 🗃️ Run Script Configure Jumpbox
141+
run: |
142+
chmod +x ./ansible/configure-jumpbox.sh
143+
132144
# Get outputs from Terraform
133-
JUMP_HOST=$(terraform -chdir=infra output -raw control_node_public_ip 2>/dev/null | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' | tail -n1)
134-
JUMP_USER=$(terraform -chdir=infra output -raw ssh_user 2>/dev/null | grep -Eo '^[a-zA-Z0-9]+' | tail -n1)
145+
JUMP_HOST=$(terraform -chdir=infra output -raw control_node_public_ip | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' | tail -n1)
146+
JUMP_USER=$(terraform -chdir=infra output -raw ssh_user | grep -Eo '^[a-zA-Z0-9]+' | tail -n1)
135147
136-
# Log and validate
137-
echo "JUMP_HOST: $JUMP_HOST"
138-
echo "JUMP_USER: $JUMP_USER"
148+
SSH_KEY_CONTENT="${{ secrets.VM_SSH_KEY }}"
149+
ANSIBLE_DIR=./ansible
150+
REMOTE_DIR=/home/${JUMP_USER}/ansible-setup
151+
./ansible/configure-jumpbox.sh "$JUMP_HOST" "$JUMP_USER" "$SSH_KEY_CONTENT" "$ANSIBLE_DIR" "$REMOTE_DIR"
139152
140-
if [[ -z "$JUMP_HOST" || -z "$JUMP_USER" ]]; then
141-
echo "❌ Terraform outputs not found!"
153+
- name: 🛢️ Run Script Deploy Database
154+
run: |
155+
chmod +x ./ansible/deploy-db-from-local.sh
156+
# ✅ Ejecuta y guarda el resultado de terraform output
157+
# Get clean DB_HOST - Ultimate reliable method
158+
DB_HOST=$(terraform -chdir=infra output -raw mysql_fqdn 2>&1 | grep -oE '[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}' | head -n1)
159+
# echo "Extracted DB_HOST='$DB_HOST'"
160+
161+
# Fallback if raw output fails
162+
if [ -z "$DB_HOST" ]; then
163+
DB_HOST=$(terraform -chdir=infra output mysql_fqdn | grep -oE '[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}' | head -n1)
164+
# echo "Fallback extracted DB_HOST='$DB_HOST'"
165+
fi
166+
167+
# Final validation
168+
if [[ ! "$DB_HOST" =~ ^[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
169+
echo "ERROR: Could not extract valid DB_HOST"
170+
echo "Raw terraform output:"
171+
terraform -chdir=infra output mysql_fqdn
172+
exit 1
173+
fi
174+
DB_USER="${{ secrets.MYSQL_USER }}"
175+
DB_PASS="${{ secrets.MYSQL_ADMIN_PASSWORD }}"
176+
DB_NAME="movie_analyst"
177+
178+
JUMP_HOST=$(terraform -chdir=infra output -raw control_node_public_ip | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' | tail -n1)
179+
JUMP_USER=$(terraform -chdir=infra output -raw ssh_user | grep -Eo '^[a-zA-Z0-9]+' | tail -n1)
180+
181+
./ansible/deploy-db-from-local.sh "$DB_HOST" "$DB_USER" "$DB_PASS" "$DB_NAME" "$JUMP_HOST" "$JUMP_USER"
182+
183+
- name: 🧩 Run Script Deploy API from Jumpbox to VMs
184+
run: |
185+
chmod +x ./ansible/deploy-api-jumpbox-to-vms.sh
186+
187+
# Get clean DB_HOST - Ultimate reliable method
188+
DB_HOST=$(terraform -chdir=infra output -raw mysql_fqdn 2>&1 | grep -oE '[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}' | head -n1)
189+
# echo "Extracted DB_HOST='$DB_HOST'"
190+
191+
# Fallback if raw output fails
192+
if [ -z "$DB_HOST" ]; then
193+
DB_HOST=$(terraform -chdir=infra output mysql_fqdn | grep -oE '[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}' | head -n1)
194+
# echo "Fallback extracted DB_HOST='$DB_HOST'"
195+
fi
196+
197+
# Final validation
198+
if [[ ! "$DB_HOST" =~ ^[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
199+
echo "ERROR: Could not extract valid DB_HOST"
200+
echo "Raw terraform output:"
201+
terraform -chdir=infra output mysql_fqdn
142202
exit 1
143203
fi
144204
145-
# Create remote directory
146-
ssh -i ~/.ssh/vm_ssh_key -o StrictHostKeyChecking=no ${JUMP_USER}@${JUMP_HOST} \
147-
"mkdir -p /home/${JUMP_USER}/ansible-setup"
205+
JUMP_HOST=$(terraform -chdir=infra output -raw control_node_public_ip | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' | tail -n1)
206+
JUMP_USER=$(terraform -chdir=infra output -raw ssh_user | grep -Eo '^[a-zA-Z0-9]+' | tail -n1)
207+
208+
209+
DB_USER="${{ secrets.MYSQL_USER }}"
210+
DB_PASS="${{ secrets.MYSQL_ADMIN_PASSWORD }}"
211+
DB_NAME="movie_analyst"
148212
149-
# Upload inventory
150-
scp -i ~/.ssh/vm_ssh_key -o StrictHostKeyChecking=no \
151-
./ansible/inventory.ini \
152-
${JUMP_USER}@${JUMP_HOST}:/home/${JUMP_USER}/ansible-setup/inventory.ini
213+
# echo "=== Final Variables ==="
214+
# echo "DB_HOST: $DB_HOST"
215+
# echo "JUMP_HOST: $JUMP_HOST"
216+
# echo "JUMP_USER: $JUMP_USER"
153217
154-
# Verify upload
155-
ssh -i ~/.ssh/vm_ssh_key -o StrictHostKeyChecking=no ${JUMP_USER}@${JUMP_HOST} \
156-
"ls -la /home/${JUMP_USER}/ansible-setup/"
218+
./ansible/deploy-api-jumpbox-to-vms.sh "$DB_HOST" "$DB_USER" "$DB_PASS" "$DB_NAME" "$JUMP_HOST" "$JUMP_USER"
219+
220+
- name: Deploy Frontend
221+
run: |
222+
chmod +x ./ansible/deploy-frontend.yml
223+
echo "Using values:"
224+
echo "APP_SERVICE_NAME=$APP_SERVICE_NAME"
225+
echo "RESOURCE_GROUP_NAME=$RESOURCE_GROUP_NAME"
226+
echo "LB_API_URL=$LB_API_URL"
227+
ansible-playbook ansible/deploy-frontend.yml -i localhost,
228+
env:
229+
APP_SERVICE_NAME: ${{ env.APP_SERVICE_NAME }}
230+
RESOURCE_GROUP_NAME: ${{ env.RESOURCE_GROUP_NAME }}
231+
LB_API_URL: ${{ env.LB_API_URL }}
232+
233+
- name: 🌐 Show frontend URL
234+
run: |
235+
echo "✅ Your frontend is deployed and available at:"
236+
echo "https://${APP_SERVICE_NAME}.azurewebsites.net"
237+
env:
238+
APP_SERVICE_NAME: ${{ env.APP_SERVICE_NAME }}

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,3 +65,4 @@ infra/.terraform.lock.hcl
6565
*node_modules/*
6666
docs/query.txt
6767
infra/import-resources.bat
68+
docs/tests.txt

0 commit comments

Comments
 (0)