add ci

Author: joshgubler

.github/workflows/ci.yml

@@ -0,0 +1,78 @@
+name: CI
+
+on:
+  pull_request:
+    branches: [master]
+    types: [opened, reopened, synchronize, edited]
+env:
+  tf_version: "0.12.26" # must match value in examples/ci/ci.tf
+
+jobs:
+  env:
+    name: Set Env Vars
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up DEV Environment Variables
+        if: github.base_ref == 'master'
+        run: |
+          matrix='{
+            "env":[
+              {
+                "tf_working_dir":"./examples/ci",
+                "aws_key_name":"byu_oit_terraform_dev_key",
+                "aws_secret_name":"byu_oit_terraform_dev_secret"
+              }
+            ]
+          }'
+          echo "::set-env name=matrix::`echo $matrix | jq -c .`"
+
+    outputs:
+      matrix: ${{ env.matrix }}
+
+  format:
+    name: Terraform Format
+    runs-on: ubuntu-latest
+    needs: env
+    strategy:
+      matrix: ${{ fromJson(needs.env.outputs.matrix) }}
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Terraform Setup
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: ${{ env.tf_version }}
+
+      - name: Terraform Format
+        working-directory: "./"
+        run: terraform fmt -check -recursive
+
+  plan:
+    name: Terraform Plan
+    runs-on: ubuntu-latest
+    needs: env
+    strategy:
+      matrix: ${{ fromJson(needs.env.outputs.matrix) }}
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets[matrix.env.aws_key_name] }}
+          aws-secret-access-key: ${{ secrets[matrix.env.aws_secret_name] }}
+          aws-region: us-west-2
+
+      - name: Terraform Setup
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: ${{ env.tf_version }}
+
+      - name: Terraform Init
+        working-directory: ${{ matrix.env.tf_working_dir }}
+        run: terraform init
+
+      - name: Terraform Plan
+        working-directory: ${{ matrix.env.tf_working_dir }}
+        run: terraform plan -input=false
+    # TODO: Post plan back to PR

examples/ci/ci.tf

@@ -0,0 +1,67 @@
+terraform {
+  required_version = "0.12.26"
+}
+
+provider "aws" {
+  version = "~> 2.56"
+  region  = "us-west-2"
+}
+
+module "acs" {
+  source = "github.com/byu-oit/terraform-aws-acs-info?ref=v2.1.0"
+}
+
+module "lambda_api" {
+  source                        = "../../"
+  app_name                      = "my-lambda"
+  env                           = "dev"
+  lambda_zip_file               = "./lambda.zip"
+  handler                       = "index.handler"
+  runtime                       = "nodejs12.x"
+  hosted_zone                   = module.acs.route53_zone
+  https_certificate_arn         = module.acs.certificate.arn
+  vpc_id                        = module.acs.vpc.id
+  public_subnet_ids             = module.acs.public_subnet_ids
+  role_permissions_boundary_arn = module.acs.role_permissions_boundary.arn
+
+  lambda_vpc_config = {
+    subnet_ids         = module.acs.private_subnet_ids
+    security_group_ids = []
+  }
+}
+
+output "lambda" {
+  value = module.lambda_api.lambda
+}
+
+output "lambda_security_group" {
+  value = module.lambda_api.lambda_security_group
+}
+
+output "lambda_live_alias" {
+  value = module.lambda_api.lambda_live_alias
+}
+
+output "codedeploy_deployment_group" {
+  value = module.lambda_api.codedeploy_deployment_group
+}
+
+output "codedeploy_appspec_json_file" {
+  value = module.lambda_api.codedeploy_appspec_json_file
+}
+
+output "alb" {
+  value = module.lambda_api.alb
+}
+
+output "alb_security_group" {
+  value = module.lambda_api.alb_security_group
+}
+
+output "dns_record" {
+  value = module.lambda_api.dns_record
+}
+
+output "cloudwatch_log_group" {
+  value = module.lambda_api.cloudwatch_log_group
+}