Skip to content

Campus-Molndal-Projekt-SG01G02/SG01G02_Infra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

413 Commits
.github/workflows
.github/workflows
 
 
ansible
ansible
 
 
self-hosted-runner
self-hosted-runner
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

SG01G02_Infra

Validate Code

Infrastructure for the SG01G02 Project

This folder structure is intended to manage the infrastructure for the SG01G02 project using Terraform and Ansible.

It contains all necessary files and folders to create and manage resources in Azure, as well as to configure servers with Ansible.

Overview

Terraform

Terraform is used to provision and manage Azure resources such as virtual machines, virtual networks, subnets, nsg, storage accounts, and other cloud infrastructure components.
It enables infrastructure as code (IaC), allowing for version-controlled, idempotent, repeatable, and automated -deployments.
The Terraform configuration files define the desired state of the infrastructure, and changes are applied consistently across environments.

Ansible

Ansible is responsible for configuring the provisioned resources, installing required software, and deploying applications. It automates tasks such as package installation, service configuration, and application updates. Ansible playbooks are used to ensure that servers are consistently configured according to project requirements.

Secrets and Authentication Management

Ansible integrates with Azure Key Vault to securely retrieve and manage sensitive information such as passwords, API keys, certificates, connectionstrings and much more. This ensures that secrets are not stored in source code and are accessed securely during deployment and configuration tasks. Github Secrets is also used to store sensitive information such as Azure Credetials, GitHub tokens, and other secrets needed for the CI/CD pipeline. This allows for secure access to resources without exposing sensitive information in the codebase.

File Structure

sg01g02_infra/
├── .github/                        # GitHub Actions for CI/CD
│   └── workflows/                  # Automated workflows
│      ├── main-deployment.yml      # Main workflow for running Ansible and Terraform
│      ├── shared-variables.yml     # Shared variables for all workflows
│      └── validate-code.yml        # Validates infrastructure changes
│
├── terraform/                      # Terraform manages the infrastructure.
│
├── ansible/                        # Ansible manages configuration.
│
├── .gitignore                      # Ignore sensitive files and folders
└── README.md                       # Overview and documentation.

CI/CD Pipeline

The CI/CD pipeline is set up to automatically validate and deploy changes to the infrastructure and applications.

The pipeline automatically detects which components need deployment based on changed files and can be triggered manually with options for full, infrastructure-only, or application-only deployments.

The pipeline is triggered by changes to the main branch and pull requests, and runs the following steps:

  • Shared Variables: Retrieves shared variables from Azure Key Vault for use in the deployment process. This includes sensitive information such as passwords and API keys. And is used by the other workflows to minimize redundancy.

  • Detect Changes: Automatically identifies which components (Terraform, Ansible infrastructure, or Ansible applications) have been modified using path filters.

  • Validate Terraform: Runs terraform validate and terraform fmt to check for syntax errors and formatting when Terraform files are changed.

  • Validate Infrastructure: Validates Ansible infrastructure playbooks and roles using ansible-playbook --syntax-check when infrastructure-related files are modified.

  • Deploy Infrastructure: Runs terraform apply to create or update the infrastructure in Azure. Configures servers using Ansible setup playbooks.

  • Deploy Applications: Updates applications using Ansible deployment playbooks when application-related files are changed.

Deployment methodology: Scaled Trunk Based Development (STBD) with a focus on infrastructure and application changes.


Feature Branch
    │
    ├── Push changes → Validate Code workflow runs
    │   │ 
    │   ├── Detect Changes (smart path filtering)
    │   │ 
    │   ├── Validate Terraform (if terraform files changed)
    │   │   ├── Terraform syntax check
    │   │   └── Terraform format check
    │   │ 
    │   ├── Validate Infrastructure (if infra files changed)
    │   │   └── Ansible playbook validation
    │   │ 
    │   └── Validate Applications (if app files changed)
    │       ├── App playbook syntax check
    │       ├── App role validation
    │       └── Configuration variable check
    │
    └── After approved review → Merge to main
          │
          ├── Main Deployment is triggered
          │
          ├── Get Shared Variables
          │
          ├── Analyze Changes
          │   ├── Detect infrastructure changes
          │   └── Detect application changes
          │
          ├── Deploy Infrastructure (if needed)
          │   ├── Terraform apply
          │   └── Ansible infrastructure setup
          │
          └── Deploy Application (if needed)
             └── Ansible app deployment

Self-Hosted Runner

If a self-hosted runner is needed, you can use the provided script to create and start a new Docker container for the GitHub Actions runner.

Use the script gh_create_and_start_runner.sh to create and start a new Docker container for the GitHub Actions runner. Edit the content of the script to set the necessary variabled GITHUB_OWNER, GITHUB_REPO, ENDING and run it.

./gh_create_and_start_runner.sh "runner-token" # Grab token from GitHub

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages