Skip to content
Terraform

chore: moved storage/cache stuff over to the same region as github ru… #143

Sign in to view logs

chore: moved storage/cache stuff over to the same region as github ru…

chore: moved storage/cache stuff over to the same region as github ru… #143

Workflow file for this run

.github/workflows/terraform.yml at 0b200d0
name: Terraform
on: [push]
env:
REGION: ${{ vars.FVST_PROJECT_REGION }}
DOCKER_TAG: gh-run-${{ github.run_number }}
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
include:
- service: "blog-graphql"
use_prisma: true
environment: "staging"
google_cloud_token: "GOOGLE_CLOUD_TOKEN_STAGING"
turborepo_bucket: "FVST_PROJECT_TURBOREPO_BUCKET_STAGING"
- service: "todo-graphql"
use_prisma: true
environment: "staging"
google_cloud_token: "GOOGLE_CLOUD_TOKEN_STAGING"
turborepo_bucket: "FVST_PROJECT_TURBOREPO_BUCKET_STAGING"
- service: "user-graphql"
use_prisma: true
environment: "staging"
google_cloud_token: "GOOGLE_CLOUD_TOKEN_STAGING"
turborepo_bucket: "FVST_PROJECT_TURBOREPO_BUCKET_STAGING"
- service: "graphql-gateway"
use_prisma: false
environment: "staging"
google_cloud_token: "GOOGLE_CLOUD_TOKEN_STAGING"
turborepo_bucket: "FVST_PROJECT_TURBOREPO_BUCKET_STAGING"
env:
PROJECT: ${{ vars.FVST_PROJECT_PREFIX }}-fvst-${{matrix.environment}}
REGISTRY: us-docker.pkg.dev/${{ vars.FVST_PROJECT_PREFIX }}-fvst-${{matrix.environment}}/registry
steps:
- uses: "actions/checkout@v3"
- uses: ./.github/actions/setup-google-cloud-auth
id: "auth"
with:
google_cloud_token: ${{ secrets[matrix.google_cloud_token] }}
- uses: ./.github/actions/setup-turborepo-remote-cache
id: "turborepo-cache"
with:
bucket: ${{ vars[matrix.turborepo_bucket] }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push
uses: docker/build-push-action@v4
with:
push: true
allow: network.host
tags: ${{env.REGISTRY}}/${{matrix.service}}:${{env.DOCKER_TAG}},${{env.REGISTRY}}/${{matrix.service}}:latest
file: tooling/docker/nest/Dockerfile
cache-to: type=registry,ref=${{env.REGISTRY}}/${{matrix.service}}:buildcache,mode=max
cache-from: type=registry,ref=${{env.REGISTRY}}/${{matrix.service}}:buildcache
# cache-from: type=registry,ref=${{env.REGISTRY}}/${{matrix.service}}:latest
# cache-to: type=inline
build-args: |
APP_NAME=${{ matrix.service }}
TURBO_TOKEN=${{ steps.turborepo-cache.outputs.TURBO_TOKEN }}
TURBO_TEAMID=${{ steps.turborepo-cache.outputs.TURBO_TEAMID }}
TURBO_API=${{ steps.turborepo-cache.outputs.TURBO_API_FOR_DOCKER }}
deploy:
runs-on: ubuntu-latest
needs: build
strategy:
matrix:
include:
- environment: staging
google_cloud_token: GOOGLE_CLOUD_TOKEN_STAGING
terraform_bucket: FVST_PROJECT_TF_STATE_BUCKET_STAGING
# - environment: production
# google_cloud_token: GOOGLE_CLOUD_TOKEN_PRODUCTION
# terraform_bucket: FVST_PROJECT_TF_STATE_BUCKET_PRODUCTION
env:
PROJECT: ${{ vars.FVST_PROJECT_PREFIX }}-fvst-${{matrix.environment}}
GOOGLE_CLOUD_TOKEN_ENV: ${{ secrets[matrix.google_cloud_token] }}
TERRAFORM_BUCKET: ${{ vars[matrix.terraform_bucket] }}
TF_VAR_project: ${{ vars.FVST_PROJECT_PREFIX }}-fvst-${{matrix.environment}}
TF_VAR_region: ${{ vars.FVST_PROJECT_REGION }}
steps:
- uses: "actions/checkout@v3"
- uses: ./.github/actions/setup-google-cloud-auth
id: "auth"
with:
google_cloud_token: ${{ secrets[matrix.google_cloud_token] }}
- name: Setup terraform remote and configuration
run: |
cat <<EOT >> "./infra/envs/${{matrix.environment}}/backend.tf"
terraform {
backend "gcs" {
bucket = "$TERRAFORM_BUCKET"
}
}
EOT
- name: Terraform init
working-directory: ./infra/envs/${{matrix.environment}}
run: terraform init
- name: Terraform apply
working-directory: ./infra/envs/${{matrix.environment}}
run: terraform apply -auto-approve