1

Setup-Guide

gitea-admin edited this page 2025-10-29 07:30:13 +00:00

Table of Contents

• Terraform Template Repository
• Pipeline Stages
• Setup
• Required Secrets
• Usage
• Repository

Terraform Template Repository

Template repository for Terraform projects with CI/CD pipeline.

Pipeline Stages

1. Lint & Validate - Format check and syntax validation
2. Security Scan - Checkov and tfsec security scanning
3. Plan - Terraform init and plan with artifact upload
4. Apply - Apply with manual approval (production environment)
5. Destroy - Manual destroy with special approval (production-destroy environment)

Setup

1. Update workflow variables (.gitea/workflows/terraform.yml):

   • Line 23: TD_VERSION - Your Terraform version
   • Line 24: WORKING_DIR - Path to your Terraform code

2. Configure provider credentials (lines 103-113):

   • Uncomment your cloud provider (AWS/Azure/GCP)
   • Add secrets to repository: Settings → Secrets → Actions

3. Create environments (Settings → Environments):

   • production - For apply operations (add reviewers)
   • production-destroy - For destroy operations (add senior reviewers)

4. Add your Terraform code to ./terraform/ directory

Required Secrets

AWS:

• AWS_ACCESS_KEY_ID
• AWS_SECRET_ACCESS_KEY

Azure:

• ARM_CLIENT_ID
• ARM_CLIENT_SECRET
• ARM_SUBSCRIPTION_ID
• ARM_TENANT_ID

Backend (optional):

• BACKEND_ACCESS_KEY
• BACKEND_SECRET_KEY

Usage

• Push to main/develop → Runs lint, security, plan
• Create PR to main → Runs full pipeline, posts plan as comment
• Manual trigger → Actions tab → Run workflow → Select action (plan/apply/destroy)

Repository

https://git.bsdserver.nl/wbyc/terraform-template-repo