wbyc/terraform-template-repo
2
0
Fork 0
Code Issues Pull Requests Wiki Activity
3 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Terraform Template Repository

Template repository for Terraform projects with CI/CD pipeline.

Pipeline Stages

  1. Lint & Validate - Format check and syntax validation
  2. Security Scan - Checkov and tfsec security scanning
  3. Plan - Terraform init and plan with artifact upload
  4. Apply - Apply with manual approval (production environment)
  5. Destroy - Manual destroy with special approval (production-destroy environment)

Setup

  1. Update workflow variables (.gitea/workflows/terraform.yml):

    • Line 23: TF_VERSION - Your Terraform version
    • Line 24: WORKING_DIR - Path to your Terraform code

  2. Configure provider credentials (lines 103-113):

    • Uncomment your cloud provider (AWS/Azure/GCP)
    • Add secrets to repository: Settings → Secrets → Actions

  3. Create environments (Settings → Environments):

    • production - For apply operations (add reviewers)
    • production-destroy - For destroy operations (add senior reviewers)

  4. Add your Terraform code to ./terraform/ directory

Required Secrets

AWS:

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY

Azure:

  • ARM_CLIENT_ID
  • ARM_CLIENT_SECRET
  • ARM_SUBSCRIPTION_ID
  • ARM_TENANT_ID

Backend (optional):

  • BACKEND_ACCESS_KEY
  • BACKEND_SECRET_KEY

Usage

  • Push to main/develop → Runs lint, security, plan
  • Create PR to main → Runs full pipeline, posts plan as comment
  • Manual trigger → Actions tab → Run workflow → Select action (plan/apply/destroy)
Description
Template repository for Terraform CI/CD pipelines with Gitea Actions
Readme 28 KiB