Search
Question:
Step by Step guide to Deploy Terraform in Azure using GitHub Actions

Introduction

As organizations move towards infrastructure as code (IaC) to manage their cloud resources, Terraform has emerged as a powerful tool for provisioning and managing infrastructure across various cloud providers, including Microsoft Azure. To automate the Terraform deployment process, we can leverage GitHub Actions, a powerful continuous integration and continuous deployment (CI/CD) platform provided by GitHub.


In this step-by-step guide, we will walk through the process of deploying Terraform in Azure using GitHub Actions. By the end of this tutorial, you will have a fully automated workflow for deploying and managing your infrastructure in Azure using Terraform and GitHub Actions.


Prerequisites

Before you begin, make sure you have the following prerequisites in place:


Azure Account: You will need an active Microsoft Azure account to create and manage resources.


Terraform Installed: Ensure you have Terraform installed on your local development machine. You can download it from the official Terraform website and follow the installation instructions.


GitHub Repository: Create a new GitHub repository or use an existing one to store your Terraform code and configuration files.


Step 1: Setting up Azure Credentials

To interact with your Azure account from GitHub Actions, you need to set up the necessary credentials securely. Azure supports Service Principal and Client Secret authentication methods. For this guide, we will use the Service Principal authentication method.


  • Log in to the Azure Portal and navigate to Azure Active Directory.


  • Click on App registrations and then New registration.


  • Provide a name for the application, select the appropriate account type, and specify the redirect URI (you can use http://localhost).


  • After registering the application, note down the Application (client) ID and Directory (tenant) ID. You will need these values later.


  • Next, create a new client secret. Under the application settings, click on Certificates & secrets, then New client secret. Note down the generated secret value.


  • Now, assign the appropriate permissions to the service principal. Go to your resource group or subscription, click on Access control (IAM), then Add a role assignment, and assign the desired role to the service principal.


Step 2: Configure GitHub Secrets

To keep sensitive information like Azure credentials secure, we'll use GitHub Secrets. These secrets are encrypted and can be used in GitHub Actions workflows.


In your GitHub repository, go to Settings > Secrets > New repository secret.


Create the following secrets:


  1. ARM_CLIENT_ID: Set this to the Application (client) ID of your Azure service principal.

  2. ARM_CLIENT_SECRET: Set this to the client secret you generated earlier.

  3. ARM_SUBSCRIPTION_ID: Set this to your Azure subscription ID.

  4. ARM_TENANT_ID: Set this to the Directory (tenant) ID of your Azure service principal.


Step 3: Writing Terraform Code

Write the Terraform code to define your infrastructure in Azure. For this guide, we'll create a simple example to provision an Azure Resource Group.


Create a new file named main.tf in the root of your GitHub repository and add the following code:


provider "azurerm" {

  features {}

}


resource "azurerm_resource_group" "example" {

  name     = "my-resource-group"

  location = "East US"

}



Step 4: Create GitHub Actions Workflow

Now, let's create a GitHub Actions workflow to deploy our Terraform code automatically.


Inside your repository, create a new directory named .github/workflows.


Create a new YAML file inside the workflows directory, for example, terraform.yml.


Add the following content to the terraform.yml file:


name: Terraform Deployment


on:

  push:

    branches:

      - main


jobs:

  terraform:

    runs-on: ubuntu-latest


    steps:

    - name: Checkout repository

      uses: actions/checkout@v2


    - name: Set up Terraform

      uses: hashicorp/setup-terraform@v1

      with:

        terraform_version: "1.0.0"  # Replace with the desired Terraform version


    - name: Terraform Init

      run: terraform init


    - name: Terraform Plan

      run: terraform plan


    - name: Terraform Apply

      run: terraform apply -auto-approve

      env:

        ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}

        ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}

        ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}

        ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}




This workflow will be triggered automatically when code is pushed to the main branch. It sets up Terraform, initializes it, and then applies the changes to Azure. The necessary Azure credentials are fetched securely from the GitHub Secrets.


Step 5: Commit and Push Changes

Commit the main.tf file and the .github/workflows/terraform.yml file to your repository and push the changes to the main branch.


Step 6: Verify Deployment

Once the push is successful, the GitHub Actions workflow will be triggered. You can navigate to the Actions tab in your GitHub repository to monitor the progress.


After completion, log in to the Azure Portal and verify that the resource group has been created as per the Terraform code.


Now You have successfully deployed Terraform in Azure using GitHub Actions. From here, you can expand your Terraform code to manage more complex infrastructure and use GitHub Actions to automate the deployment of your infrastructure as code.

Ritu Singh

Ritu Singh

Submit
0 Answers
Top Questions
31-07-2023

Step by Step guide to Deploy Terraform in Azure using GitHub Actions

Related Questions

Step by Step guide to Deploy Terraform in Azure using GitHub Actions
img