🚀 Terraform Full Deploy - dvsa/des-workflow-actions GitHub Wiki
Description
This reusable workflow enables the full deployment and full destruction of a nonprod environment. Unlike the other Terraform deploy workflows for DEV, UAT, PREP, & LIVE, this allows for both full deployment from scratch and complete teardown. It utilises this reusable workflow to execute Terraform actions and orchestrates the start and stop of an EC2 instance runner for the jobs to run on.
Workflow Triggers
On Workflow Call
This workflow is called from the des-terraform repository whenever a full deployment or destruction is manually triggered.
Inputs
| Name | Description | Options |
|---|---|---|
| branch | The Terraform branch to deploy | N/A |
| aws-account | The AWS account to deploy to | nonprod |
| tf-environment | The Terraform environment to deploy to | perf |
| tf-action | The Terraform action to take | apply | destroy |
| release-tag | The version of the microservices to be deployed | N/A |
| tf-args | Additional Terraform arguments | N/A |
Artefacts
- A plan is uploaded for each component to the summary.
Notes
- Requires the secrets
AWS_NONPROD_ACCOUNT_ID,DVSA_AWS_REGION,GH_TOKEN, andAWS_ROLE_NONPRODto be configured in the repository. - A
delete-log-groupsjob is included to clean up AWS CloudWatch logs associated with the RDS instances on environment destruction. - Because of the dependency issue between the API and DRS components (caused by ref-data service), the API component needs to be run first with a targeted apply on destroy. On apply, there is a first_run flag that will commit certain resources to eliminate the dependency issue.
[!IMPORTANT] This workflow has been set up specifically to destroy the nonprod PERF environment from the caller workflow.