From fc9ff1bf5eb7ac5c916fffe7e924ba73e9991e68 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Sat, 6 Dec 2025 15:04:50 +0000 Subject: [PATCH] test to merge --- .github/workflows/terraform-apply.yml | 46 +++++++ .github/workflows/terraform-plan.yml | 83 ++++++++++++ aws_environment/eks_aws.tf | 3 + aws_environment/outputs.tf | 3 + aws_environment/routes53.tf | 186 ++++++++++++++++++++++++++ aws_environment/terraform.tf | 35 +++++ aws_environment/variables.tf | 17 +++ 7 files changed, 373 insertions(+) create mode 100644 .github/workflows/terraform-apply.yml create mode 100644 .github/workflows/terraform-plan.yml create mode 100644 aws_environment/eks_aws.tf create mode 100644 aws_environment/outputs.tf create mode 100644 aws_environment/routes53.tf create mode 100644 aws_environment/terraform.tf create mode 100644 aws_environment/variables.tf diff --git a/.github/workflows/terraform-apply.yml b/.github/workflows/terraform-apply.yml new file mode 100644 index 0000000..ff2a792 --- /dev/null +++ b/.github/workflows/terraform-apply.yml @@ -0,0 +1,46 @@ +name: "Terraform Apply" + +on: + push: + branches: + - main + +env: + TF_CLOUD_ORGANIZATION: "MealCraft" + TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}" + TF_WORKSPACE: "production" + CONFIG_DIRECTORY: "./" + TF_VAR_public_ip: "${{ secrets.PUBLIC_IP }}" + +jobs: + terraform: + if: github.repository != 'hashicorp-education/learn-terraform-github-actions' + name: "Terraform Apply" + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Upload Configuration + uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0 + id: apply-upload + with: + workspace: ${{ env.TF_WORKSPACE }} + directory: ${{ env.CONFIG_DIRECTORY }} + + - name: Create Apply Run + uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0 + id: apply-run + with: + workspace: ${{ env.TF_WORKSPACE }} + configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }} + + - name: Apply + uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.0.0 + if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable + id: apply + with: + comment: "Apply Run from GitHub Actions CI ${{ github.sha }}" + run: ${{ steps.apply-run.outputs.run_id }} diff --git a/.github/workflows/terraform-plan.yml b/.github/workflows/terraform-plan.yml new file mode 100644 index 0000000..924c1c9 --- /dev/null +++ b/.github/workflows/terraform-plan.yml @@ -0,0 +1,83 @@ +name: "Terraform Plan" + +on: + pull_request: + +env: + TF_CLOUD_ORGANIZATION: "MealCraft" + TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}" + TF_WORKSPACE: "production" + CONFIG_DIRECTORY: "./" + TF_VAR_public_ip: "${{ secrets.PUBLIC_IP }}" + +jobs: + terraform: + if: github.repository != 'hashicorp-education/learn-terraform-github-actions' + name: "Terraform Plan" + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Upload Configuration + uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0 + id: plan-upload + with: + workspace: ${{ env.TF_WORKSPACE }} + directory: ${{ env.CONFIG_DIRECTORY }} + speculative: true + + - name: Create Plan Run + uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0 + id: plan-run + with: + workspace: ${{ env.TF_WORKSPACE }} + configuration_version: ${{ steps.plan-upload.outputs.configuration_version_id }} + plan_only: true + + - name: Get Plan Output + uses: hashicorp/tfc-workflows-github/actions/plan-output@v1.0.0 + id: plan-output + with: + plan: ${{ fromJSON(steps.plan-run.outputs.payload).data.relationships.plan.data.id }} + + - name: Update PR + uses: actions/github-script@v6 + id: plan-comment + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + // 1. Retrieve existing bot comments for the PR + const { data: comments } = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + }); + const botComment = comments.find(comment => { + return comment.user.type === 'Bot' && comment.body.includes('Terraform Cloud Plan Output') + }); + const output = `#### Terraform Cloud Plan Output + \`\`\` + Plan: ${{ steps.plan-output.outputs.add }} to add, ${{ steps.plan-output.outputs.change }} to change, ${{ steps.plan-output.outputs.destroy }} to destroy. + \`\`\` + [Terraform Cloud Plan](${{ steps.plan-run.outputs.run_link }}) + `; + if (botComment) { + github.rest.issues.deleteComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: botComment.id, + }); + } + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }) + + - name: Print TF_VAR_public_ip + run: 'echo "📡 Public IP used by Terraform: $TF_VAR_public_ip"' diff --git a/aws_environment/eks_aws.tf b/aws_environment/eks_aws.tf new file mode 100644 index 0000000..5ff54f0 --- /dev/null +++ b/aws_environment/eks_aws.tf @@ -0,0 +1,3 @@ +provider "aws" { + region = var.region +} \ No newline at end of file diff --git a/aws_environment/outputs.tf b/aws_environment/outputs.tf new file mode 100644 index 0000000..282fbfa --- /dev/null +++ b/aws_environment/outputs.tf @@ -0,0 +1,3 @@ +output "public_ip" { + value = var.public_ip +} \ No newline at end of file diff --git a/aws_environment/routes53.tf b/aws_environment/routes53.tf new file mode 100644 index 0000000..2324f4b --- /dev/null +++ b/aws_environment/routes53.tf @@ -0,0 +1,186 @@ +# Needed for gmail workspace and juntekim.com + +resource "aws_route53_zone" "main" { + name = "mealcraft.com" +} + +resource "aws_route53_zone" "second" { + name = "mealcraft.co.uk" +} + +resource "aws_route53_record" "txt_main" { + name = "mealcraft.com" + type = "TXT" + ttl = "300" + records = ["google-site-verification=2aboGYgSXVAN7o06u6ZQgBAGeylfV4CL_5hLZJldTCs"] + zone_id = aws_route53_zone.main.zone_id +} + +resource "aws_route53_record" "txt_second" { + name = "mealcraft.co.uk" + type = "TXT" + ttl = "300" + records = ["google-site-verification=bvyqS_UJmEQjZOD1gin4eWXlk1xbNkxif5Hrh2e79F4"] + zone_id = aws_route53_zone.second.zone_id +} + +resource "aws_route53_record" "cname_mailpoet1" { + name = "mailpoet1._domainkey.mealcraft.com" + type = "CNAME" + ttl = "300" + records = ["dkim1.sendingservice.net"] + zone_id = aws_route53_zone.main.zone_id +} + +resource "aws_route53_record" "cname_mailpoet2" { + name = "mailpoet2._domainkey.mealcraft.com" + type = "CNAME" + ttl = "300" + records = ["dkim2.sendingservice.net"] + zone_id = aws_route53_zone.main.zone_id +} + +resource "aws_route53_record" "txt_mailpoet" { + name = "_mailpoet.mealcraft.com" + type = "TXT" + ttl = "300" + records = ["0d8da0c4aa902bd7d8914489852aac26"] + zone_id = aws_route53_zone.main.zone_id +} + +resource "aws_route53_record" "another_text_mailpoet" { + name = "_dmarc.mealcraft.com" + type = "TXT" + ttl = "300" + records = ["v=DMARC1; p=none;"] + zone_id = aws_route53_zone.main.zone_id +} + +resource "aws_route53_record" "mx_main" { + name = "mealcraft.com" + type = "MX" + ttl = "300" + records = [ + "1 ASPMX.L.GOOGLE.COM", + "5 ALT1.ASPMX.L.GOOGLE.COM", + "5 ALT2.ASPMX.L.GOOGLE.COM", + "10 ALT3.ASPMX.L.GOOGLE.COM", + "10 ALT4.ASPMX.L.GOOGLE.COM" + ] + zone_id = aws_route53_zone.main.zone_id +} + +resource "aws_route53_record" "mx_second" { + name = "mealcraft.co.uk" + type = "MX" + ttl = "300" + records = [ + "1 ASPMX.L.GOOGLE.COM", + "5 ALT1.ASPMX.L.GOOGLE.COM", + "5 ALT2.ASPMX.L.GOOGLE.COM", + "10 ALT3.ASPMX.L.GOOGLE.COM", + "10 ALT4.ASPMX.L.GOOGLE.COM" + ] + zone_id = aws_route53_zone.second.zone_id +} + +resource "aws_route53_record" "a_mealcraft" { + name = "mealcraft.com" + type = "A" + ttl = "300" + records = [var.public_ip] + zone_id = aws_route53_zone.main.zone_id +} + +resource "aws_route53_record" "a_wildcard_mealcraft" { + name = "*.mealcraft.com" + type = "A" + ttl = "300" + records = [var.public_ip] + zone_id = aws_route53_zone.main.zone_id +} + + +resource "aws_route53_record" "cname_www_mealcraft" { + name = "www.mealcraft.com" + type = "CNAME" + ttl = "300" + records = ["meal-craft-73h1m6.custom-domain-proxy.flutterflow.app"] + zone_id = aws_route53_zone.main.zone_id +} + +# Create the Route 53 hosted zone for juntekim.com +resource "aws_route53_zone" "juntekim" { + name = "juntekim.com" +} + +# A record for juntekim.com pointing to the public IP +resource "aws_route53_record" "a_juntekim" { + name = "juntekim.com" + type = "A" + ttl = "300" + records = [var.public_ip] + zone_id = aws_route53_zone.juntekim.zone_id +} + +# A record for wildcard subdomains of juntekim.com pointing to the public IP +resource "aws_route53_record" "a_wildcard_juntekim" { + name = "*.juntekim.com" + type = "A" + ttl = "300" + records = [var.public_ip] + zone_id = aws_route53_zone.juntekim.zone_id +} + +# CNAME record for www.juntekim.com to redirect to the main domain +resource "aws_route53_record" "cname_www_juntekim" { + name = "www.juntekim.com" + type = "CNAME" + ttl = "300" + records = ["juntekim.com"] + zone_id = aws_route53_zone.juntekim.zone_id +} + + +#### RecallPlnanner.com + +# Create the Route 53 hosted zone for recallplanner.com +resource "aws_route53_zone" "recallplanner" { + name = "recallplanner.com" +} + +# A record for recallplanner.com pointing to the public IP +resource "aws_route53_record" "a_recallplanner" { + name = "recallplanner.com" + type = "A" + ttl = "300" + records = [var.public_ip] + zone_id = aws_route53_zone.recallplanner.zone_id +} + +# A record for wildcard subdomains of recallplanner.com pointing to the public IP +resource "aws_route53_record" "a_wildcard_recallplanner" { + name = "*.recallplanner.com" + type = "A" + ttl = "300" + records = [var.public_ip] + zone_id = aws_route53_zone.recallplanner.zone_id +} + +# CNAME record for www.recallplanner.com to redirect to the main domain +resource "aws_route53_record" "cname_www_recallplanner" { + name = "www.recallplanner.com" + type = "CNAME" + ttl = "300" + records = ["recallplanner.com"] + zone_id = aws_route53_zone.recallplanner.zone_id +} + +# TXT record for Google Site Verification +resource "aws_route53_record" "txt_recallplanner" { + name = "recallplanner.com" + type = "TXT" + ttl = "300" + records = ["google-site-verification=jmj-PFshzPJy4IK1z7InBIQjj6RKDW0cIBZuaPSbWCc"] + zone_id = aws_route53_zone.recallplanner.zone_id +} diff --git a/aws_environment/terraform.tf b/aws_environment/terraform.tf new file mode 100644 index 0000000..50e2f42 --- /dev/null +++ b/aws_environment/terraform.tf @@ -0,0 +1,35 @@ + +terraform { + + cloud { + workspaces { + name = "mealcraft-production" + } + } + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.7.0" + } + + random = { + source = "hashicorp/random" + version = "~> 3.5.1" + } + + tls = { + source = "hashicorp/tls" + version = "~> 4.0.4" + } + + cloudinit = { + source = "hashicorp/cloudinit" + version = "~> 2.3.2" + } + + } + + required_version = "~> 1.3" +} + diff --git a/aws_environment/variables.tf b/aws_environment/variables.tf new file mode 100644 index 0000000..12c41f7 --- /dev/null +++ b/aws_environment/variables.tf @@ -0,0 +1,17 @@ + +variable "region" { + description = "AWS region" + type = string + default = "eu-west-2" +} + +variable "public_ip" { + description = "The public IP address for mealcraft.com" + type = string + default = "change it in github secrets" +} + + + + +