From 55590f1f340b1922f200eeb889241d7f6b853796 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Wed, 29 Oct 2025 07:06:08 +0000 Subject: [PATCH] Update README with setup instructions --- README.md | 50 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8a74729..cbce0d4 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,49 @@ -# terraform-template-repo +# Terraform Template Repository -Template repository for Terraform CI/CD pipelines with Gitea Actions \ No newline at end of file +Template repository for Terraform projects with CI/CD pipeline. + +## Pipeline Stages + +1. **Lint & Validate** - Format check and syntax validation +2. **Security Scan** - Checkov and tfsec security scanning +3. **Plan** - Terraform init and plan with artifact upload +4. **Apply** - Apply with manual approval (production environment) +5. **Destroy** - Manual destroy with special approval (production-destroy environment) + +## Setup + +1. **Update workflow variables** (`.gitea/workflows/terraform.yml`): + - Line 23: `TF_VERSION` - Your Terraform version + - Line 24: `WORKING_DIR` - Path to your Terraform code + +2. **Configure provider credentials** (lines 103-113): + - Uncomment your cloud provider (AWS/Azure/GCP) + - Add secrets to repository: Settings → Secrets → Actions + +3. **Create environments** (Settings → Environments): + - `production` - For apply operations (add reviewers) + - `production-destroy` - For destroy operations (add senior reviewers) + +4. **Add your Terraform code** to `./terraform/` directory + +## Required Secrets + +**AWS:** +- `AWS_ACCESS_KEY_ID` +- `AWS_SECRET_ACCESS_KEY` + +**Azure:** +- `ARM_CLIENT_ID` +- `ARM_CLIENT_SECRET` +- `ARM_SUBSCRIPTION_ID` +- `ARM_TENANT_ID` + +**Backend (optional):** +- `BACKEND_ACCESS_KEY` +- `BACKEND_SECRET_KEY` + +## Usage + +- **Push to main/develop** → Runs lint, security, plan +- **Create PR to main** → Runs full pipeline, posts plan as comment +- **Manual trigger** → Actions tab → Run workflow → Select action (plan/apply/destroy)