Create local cluster #39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create eks-terraform cluster | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| name: | |
| type: string | |
| default: "" | |
| description: Name of the cluster | |
| required: true | |
| region: | |
| type: choice | |
| description: AWS Region to deploy | |
| default: "eu-central-2" | |
| options: | |
| - "eu-central-1" | |
| - "eu-west-1" | |
| - "eu-west-2" | |
| - "eu-west-3" | |
| - "eu-north-1" | |
| - "sa-east-1" | |
| single_nat_gateway: | |
| type: boolean | |
| description: "Deploy the NAT gateway only in one AZ (saves cost)" | |
| default: true | |
| eks_version: | |
| type: choice | |
| default: "1.28" | |
| options: | |
| - "1.24" | |
| - "1.25" | |
| - "1.26" | |
| - "1.27" | |
| - "1.28" | |
| description: Version of eks to deploy | |
| worker_count: | |
| type: string | |
| default: "1" | |
| description: Number of worker nodes to deploy (per AZ) | |
| env: | |
| STATE_BUCKET: "grapesstate" | |
| STATE_BUCKET_REGION: "eu-west-1" | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: configure aws credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::296119450228:role/grapes | |
| role-session-name: grapes | |
| aws-region: ${{ github.event.inputs.region }} | |
| - name: Create IAM user for cluster | |
| id: aws_user | |
| run: | | |
| aws iam create-user --user-name ${{ github.event.inputs.name }} | |
| aws iam attach-user-policy --policy-arn "arn:aws:iam::aws:policy/AdministratorAccess" --user-name ${{ github.event.inputs.name }} | |
| aws iam create-access-key --user-name ${{ github.event.inputs.name }} --output=json > eks-terraform/creds.json | |
| - name: Create Terraform backend configuration | |
| run: | | |
| tee eks-terraform/s3.tfbackend << END | |
| bucket = "${{ env.STATE_BUCKET }}" | |
| key = "${{ github.event.inputs.name }}-state" | |
| region = "${{ env.STATE_BUCKET_REGION }}" | |
| END | |
| - name: Create variables file | |
| run: | | |
| tee eks-terraform/vars.tfvars << END | |
| name = "${{ github.event.inputs.name }}" | |
| single_nat_gateway = "${{ github.event.inputs.single_nat_gateway }}" | |
| eks_version = "${{ github.event.inputs.eks_version }}" | |
| worker_count = "${{ github.event.inputs.worker_count }}" | |
| END | |
| - name: Save Terraform configuration to s3 bucket | |
| run: | | |
| aws --region ${{ env.STATE_BUCKET_REGION }} s3 sync eks-terraform/ s3://${{ env.STATE_BUCKET }}/${{ github.event.inputs.name }} | |
| - name: Setup terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: 1.6.5 | |
| terraform_wrapper: false | |
| - name: Terraform Init | |
| id: init | |
| run: terraform -chdir=eks-terraform init -backend-config=s3.tfbackend | |
| - name: Terraform Apply | |
| run: terraform -chdir=eks-terraform apply -auto-approve -input=false -var-file vars.tfvars | |
| - name: Rollback cluster | |
| if: failure() | |
| run: terraform -chdir=eks-terraform destroy -auto-approve -input=false -var-file vars.tfvars | |
| - name: Terraform Output | |
| if: success() | |
| run: terraform -chdir=eks-terraform output > $GITHUB_STEP_SUMMARY | |
| - name: Rollback state | |
| if: failure() | |
| run: | | |
| aws --region ${{ env.STATE_BUCKET_REGION }} s3 rm s3://${{ env.STATE_BUCKET }}/${{ github.event.inputs.name }} --recursive | |
| aws --region ${{ env.STATE_BUCKET_REGION }} s3 rm s3://${{ env.STATE_BUCKET }}/${{ github.event.inputs.name }}-state |