- Set up a GCP account (reference)
- Fork this repository to your organization/account (reference)
- Create and enter a GitHub Codespace for the forked repository in the IDE of your choice (VS Code or browser)
- Press
CTRL+`to open the terminal in the root of the repository. - Run
bash ./init.shto run the initialization script. - When prompted, log into your GCP as well as your GitHub account using the browser.
- Once the script has executed successfully, you should see a secret called
GCP_WORKLOAD_PROVIDERcreated for your GitHub repository (reference):
- Create a new branch (e.g.:
feature/new_infrastructure). - Extend
main.tfwith IaC configuration that you would like to implement. - Commit and push your code.
- Navigate to the Actions tab of your GitHub repository to see your running jobs (reference)
- You should see a job named
tf plan. - The result of your terraform plan should show up there:
Caution
Without this configuration your pipeline will set up a local backend during runtime which are discarded on a Github-hosted runner after completion!
To set up a backend, you need to follow two more steps during setup:
- Configure the partial backend configuration by replacing
"local"with your preffered backend inbackend.tf, e.g.:gcs. - Provide the backend configuration to the GitHub workflow
terraform initsteps (multiple!) so it can use the correct backend. The details should be provided via GitHub secrets and the authentication to the backend should always use identity federation or other secure alternatives!