# Template Terraform to deploy to Cloud Infrastructure # This template allows you to deploy your infrastructure using Terraform to supported cloud providers. # The workflow allows running tests, security scans on feature branches (as well as master). # After merging code to master the infrastructure will be deployed to cloud according to the given terraform template. # Prerequisites: credentials according to used cloud provider. # For advanced cases, please, follow terraform docs https://www.terraform.io/docs/index.html. image: hashicorp/terraform pipelines: default: - parallel: - step: name: Test script: - terraform init - terraform validate - step: name: Security Scan script: # Run a security scan for sensitive data. # See more security tools at https://bitbucket.org/product/features/pipelines/integrations?&category=security - pipe: atlassian/git-secrets-scan:0.4.3 branches: master: #- step: # name: Security Scan # script: # # Run a security scan for sensitive data. # # See more security tools at https://bitbucket.org/product/features/pipelines/integrations?&category=security # - pipe: atlassian/git-secrets-scan:0.4.3 - step: name: Run Terraform Plan #deployment: Plan script: - export TF_BACKEND_BUCKET=${TF_BACKEND_BUCKET} - export TF_BACKEND_DYNDB_TABLE=${TF_BACKEND_DYNDB_TABLE} - export TF_BACKEND_REGION=${TF_BACKEND_REGION} - export TF_BACKEND_KEY=${TF_BACKEND_KEY} - export TF_VAR_api_key=${TF_VAR_api_key} - export TF_VAR_app_key=${TF_VAR_app_key} - chmod +x ci-cd/scripts/terraform/terraform_plan.sh - ./ci-cd/scripts/terraform/terraform_plan.sh artifacts: - .terraform/** - tfplan - step: name: Deploy to Production #deployment: Apply trigger: manual script: - pwd && ls -la ../artifact/ - pwd && ls -la ../data/ - pwd && ls -la ../tmp/ - pwd && ls -la - export TF_IN_AUTOMATION=1 - terraform init - terraform apply tfplan