Terraform Automation with Github & Atlantis - Session 3

Terraform Automation with Github & Atlantis - Session 3

Create Module and Resources

oke kita akan create module dan resources, sebagai contoh di sini akan membuat VPC module dan VPC Resources. Untuk membuat file module dan resources kita akan selalu melihat Terraform Document. Struktur folder nanti akan seperti ini :

Create Module/VPC

main.tf

terraform {
  backend "s3" {}
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "4.48.0"
    }
  }
}

provider "aws" {
  region                   = var.region
  shared_credentials_files = var.shared_credentials_files
  profile                  = var.profile
}

resource "aws_vpc" "default" {
  cidr_block = var.cidr_block

  tags = {
    Name = var.name
  }
}

resource "aws_subnet" "default" {
  vpc_id     = aws_vpc.default.id
  cidr_block = var.cidr_block_subnet[count.index]
  count      = length(var.cidr_block_subnet)

  tags = {
    Name = "${var.name}-subnet-${count.index + 1}"
  }
}

output.tf

output "vpc_id" {
  value = aws_vpc.default.id
}

output "subnet_id" {
  value = aws_subnet.default.*.id
}

vars.tf

variable "region" {
  type = string
}

variable "shared_credentials_files" {
  type = list(any)
}

variable "profile" {
  type = string
}

variable "cidr_block" {
  type = string
}

variable "name" {
  type = string
}

variable "cidr_block_subnet" {
  type = list(any)
}

Create Resources/staging/

terragrunt.hcl

locals {
    region = "ap-southeast-3"
    shared_credentials_file = "/home/ubuntu/.aws/credentials > folder credentials"
    profile = "nama profile di aws-cli credentials"
}

remote_state {
    backend = "s3"
    config = {
            bucket         = "nama bucket"
            key            = "${path_relative_to_include()}"
            region         = local.region
            encrypt        = true
            shared_credentials_file = local.shared_credentials_file
            profile = local.profile
  }
}

inputs = {
    region = local.region
    shared_credentials_files = [ local.shared_credentials_file]
    profile = local.profile
    name = "${basename(get_terragrunt_dir())}"
    ami = "ami-0a2bcdce90f0df342 *sesuaikan"
}

vpc/vpc-test-1/terragrunt.hcl

terraform {
    source = "../../../../module/vpc"
}

include {
    path = find_in_parent_folders()
}

inputs = {
    cidr_block = "10.0.0.0/16 *sesuaikan"
    cidr_block_subnet = ["10.0.1.0/24", "10.0.2.0/24" *sesuaikan]
}

oke konfigurasi sudah di buat semua module dan resources, selanjut nya push ke repository yang sudah di buat yang kita setting webhook nya.

buat branch baru selain branch master, branch vpc-test-1.

nanti di repository muncul branch baru seperti di gambar. next ke Pull Request -> New Pull Request.

pada bagian compare pilih vpc-test-1 & Create pull request.

nanti ada proses seperti gambar di atas. jika ada error nanti seperti gambar di bawah.

klik details nanti akan di arahkan ke web server atlantis.

sampai sini masih dalam tahap plan. untuk tahap apply cukup comment dengan perintah atlantis apply.

oke check di AWS Console apakah vpc sudah terbuat.

mantapp jiwaa ....

jika sudah sesuai lakukan merge pull request & delete branch.

Next kita coba Destroy. kita buat branch baru lagi terserah nama apa delete-vpc-test-1. selanjut nya di file mana aja kita trigger buat comment atau apalah.

Commit > Publish Branch.

kembali ke github repository, ke menu pull request > new pull request.

create pull request.

comment di bawah dengan perintah atlantis plan -- -destroy

oke ada keterangan 4 to destroy. ydah lanjut comment atlantis apply.

cek aws console dan sudah terhapus semua. jangan lupa untuk delete branch delete-vpc-test-1.

Lakukan buat branch baru jika setiap ada perubahan seperti menambah VPC atau menambah EC2 atau yang lain2

Selesai ......