Stage

.github/workflows/main.yml

@@ -0,0 +1,60 @@
+name: "IAC"
+on:
+  push:
+    branches:
+      - stage
+      - main
+    paths:  
+      - terraform/**
+  pull_request:
+    branches:
+      - main
+      - stage
+    paths:
+      - terraform/**
+
+env:
+
+  # S3 bucket for the Terraform state
+  BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE}}
+  GCP_REGION: us-central1
+  GKE_CLUSTER: gke-cluster
+
+jobs:
+  terraform:
+    name: "Apply terraform code changes"
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+        working-directory: ./terraform
+
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform with specified version on the runner
+        uses: hashicorp/setup-terraform@v2
+        #with:
+        #  terraform_version: 1.6.3
+
+      - name: Terraform init
+        id: init
+        run: terraform init -backend-config="bucket=$BUCKET_TF_STATE"
+
+      - name: Terraform format
+        id: fmt
+        run: terraform fmt -check
+
+      - name: Terraform validate
+        id: validate
+        run: terraform validate
+
+      - name: Terraform plan
+        id: plan
+        run: terraform plan -no-color -input=false -out planfile
+        continue-on-error: true
+
+      - name: Terraform plan status
+        if: steps.plan.outcome == 'failure'
+        run: exit 1

.gitignore

@@ -1,2 +1,2 @@
-.terraform*
-DS_Store
+
+key.json

README.md

@@ -1,4 +1,4 @@
-# Terraform code 
+# Terraform code  Hieu
 
 ## Maintain vpc & eks with terraform for vprofile project
 
@@ -12,4 +12,5 @@ Terraform version 1.6.3
 * terraform plan -out planfile
 * terraform apply -auto-approve -input=false -parallelism=1 planfile
 ####
-#####
+######
+

terraform/gke-cluster.tf

@@ -0,0 +1,138 @@
+# google_client_config and kubernetes provider must be explicitly specified like the following.
+data "google_client_config" "default" {}
+
+provider "kubernetes" {
+  host                   = "https://${module.gke.endpoint}"
+  token                  = data.google_client_config.default.access_token
+  cluster_ca_certificate = base64decode(module.gke.ca_certificate)
+}
+
+module "gke" {
+  source                     = "terraform-google-modules/kubernetes-engine/google"
+  project_id                 = "gitops-project-424508"
+  name                       = "gke-cluster"
+  region                     = "us-central1"
+  zones                      = ["us-central1-c"]
+  network                    = "gitops-vpc"
+  subnetwork                 = "us-central1-01"
+  ip_range_pods              = "us-central1-01-gke-01-pods"
+  ip_range_services          = "us-central1-01-gke-01-services"
+  http_load_balancing        = false
+  network_policy             = false
+  horizontal_pod_autoscaling = true
+  filestore_csi_driver       = false
+
+  node_pools = [
+    {
+      name                      = "default-node-pool"
+      machine_type              = "e2-medium"
+      node_locations            = "us-central1-c"
+      min_count                 = 1
+      max_count                 = 3
+      local_ssd_count           = 0
+      spot                      = false
+      disk_size_gb              = 80
+      disk_type                 = "pd-standard"
+      image_type                = "COS_CONTAINERD"
+      enable_gcfs               = false
+      enable_gvnic              = false
+      logging_variant           = "DEFAULT"
+      auto_repair               = true
+      auto_upgrade              = true
+      service_account           = "project-service-account@<PROJECT ID>.iam.gserviceaccount.com"
+      preemptible               = false
+      initial_node_count        = 80
+    },
+  ]
+
+  node_pools_oauth_scopes = {
+    all = [
+      "https://www.googleapis.com/auth/logging.write",
+      "https://www.googleapis.com/auth/monitoring",
+    ]
+  }
+
+  node_pools_labels = {
+    all = {}
+
+    default-node-pool = {
+      default-node-pool = true
+    }
+  }
+
+  node_pools_metadata = {
+    all = {}
+
+    default-node-pool = {
+      node-pool-metadata-custom-value = "my-node-pool"
+    }
+  }
+
+  node_pools_taints = {
+    all = []
+
+    default-node-pool = [
+      {
+        key    = "default-node-pool"
+        value  = true
+        effect = "PREFER_NO_SCHEDULE"
+      },
+    ]
+  }
+
+  node_pools_tags = {
+    all = []
+
+    default-node-pool = [
+      "default-node-pool",
+    ]
+  }
+}
+
+
+
+
+
+
+
+
+
+
+# module "eks" {
+#   source  = "terraform-aws-modules/eks/aws"
+#   version = "19.19.1"
+
+#   cluster_name    = local.cluster_name
+#   cluster_version = "1.27"
+
+#   vpc_id                         = module.vpc.vpc_id
+#   subnet_ids                     = module.vpc.private_subnets
+#   cluster_endpoint_public_access = true
+
+#   eks_managed_node_group_defaults = {
+#     ami_type = "AL2_x86_64"
+
+#   }
+
+#   eks_managed_node_groups = {
+#     one = {
+#       name = "node-group-1"
+
+#       instance_types = ["t3.small"]
+
+#       min_size     = 1
+#       max_size     = 3
+#       desired_size = 2
+#     }
+
+#     two = {
+#       name = "node-group-2"
+
+#       instance_types = ["t3.small"]
+
+#       min_size     = 1
+#       max_size     = 2
+#       desired_size = 1
+#     }
+#   }
+# }

terraform/main.tf

@@ -1,16 +1,11 @@
-provider "kubernetes" {
-  host                   = module.eks.cluster_endpoint
-  cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
-}
-
-provider "aws" {
-  region = var.region
-}
 
-data "aws_availability_zones" "available" {}
 
-locals {
-  cluster_name = var.clusterName
+# Define provider
+provider "google" {
+  credentials = file("key.json")
+  project = var.project_id
+  region  = var.region
 }
 
+
 ##

terraform/outputs.tf

@@ -1,20 +1,67 @@
 output "cluster_name" {
-  description = "Amazon Web Service EKS Cluster Name"
-  value       = module.eks.cluster_name
+  description = "Google Kubernetes Engine Cluster Name"
+  value       = module.gke.name
 }
 
 output "cluster_endpoint" {
-  description = "Endpoint for Amazon Web Service EKS "
-  value       = module.eks.cluster_endpoint
+  description = "Endpoint for Google Kubernetes Engine"
+  value       = module.gke.endpoint
 }
 
-output "region" {
-  description = "Amazon Web Service EKS Cluster region"
-  value       = var.region
+output "location" {
+  description = "Google Cloud Platform location (zone) of the GKE Cluster"
+  value       = "us-central1-c"
 }
 
+output "cluster_ca_certificate" {
+  description = "CA Certificate for the Google Kubernetes Engine Cluster"
+  value       = module.gke.ca_certificate
+}
+
+output "node_pools" {
+  description = "Node pools configuration for the Google Kubernetes Engine Cluster"
+  value       = module.gke.node_pools
+}
 
-output "cluster_security_group_id" {
-  description = "Security group ID for the Amazon Web Service EKS Cluster "
-  value       = module.eks.cluster_security_group_id
+output "network" {
+  description = "VPC network name"
+  value       = module.gke.network
 }
+
+output "subnetwork" {
+  description = "Subnetwork name"
+  value       = module.gke.subnetwork
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+# output "cluster_name" {
+#   description = "Amazon Web Service EKS Cluster Name"
+#   value       = module.eks.cluster_name
+# }
+
+# output "cluster_endpoint" {
+#   description = "Endpoint for Amazon Web Service EKS "
+#   value       = module.eks.cluster_endpoint
+# }
+
+# output "region" {
+#   description = "Amazon Web Service EKS Cluster region"
+#   value       = var.region
+# }
+
+
+# output "cluster_security_group_id" {
+#   description = "Security group ID for the Amazon Web Service EKS Cluster "
+#   value       = module.eks.cluster_security_group_id
+# }

terraform/terraform.tf

@@ -1,9 +1,5 @@
 terraform {
   required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 5.25.0"
-    }
 
     random = {
       source  = "hashicorp/random"
@@ -26,13 +22,12 @@ terraform {
     }
   }
 
-  backend "s3" {
-    bucket = "gitopsterrastate"
-    key    = "terraform.tfstate"
-    region = "us-east-2"
+  backend "gcs" {
+    bucket = "my-gitops-project-state"
+    prefix = "terraform/state"
   }
 
-  required_version = "~> 1.6.3"
+  required_version = ">= 1.6.0"
 }
 ##
 ##

terraform/test.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+
+str="hello world"
+echo "${str:6:5}"  # Output: world