Voi Community Infrastructure

Terraform infrastructure that manages the deployment of apps and services.

---

Table of contents

• 1. Introduction

• 2. Requirements
• 3. Setup A New Environment
  • 3.1. Set Up Terraform Cloud
  • 3.2. Add A New Directory
  • 3.3. Add Terraform API token
  • 3.4. Setup GitHub Actions Workflow
• 4. Miscellaneous
  • 4.1. Useful Commands
• 5. How To Contribute
• 6. License

🎉 1. Introduction

All elements of the infrastructure is to be written in code, using Terraform, and put under source control. The main objective of implementing infrastructure as code (IaC) for the platform is the need to easily spin up an entire environment and for traceability; it’s important to know what changes have been made, and why.

📋 2. Requirements

• Terraform CLI Terraform CLI 0.14+

^{Back to top ^}

📐 3. Setup A New Environment

Below outlines the steps necessary to create a new environment. For the purpose of this guide, we will be creating a new environment called: boundary.

See this guide for more information.

^{Back to top ^}

3.1. Set Up Terraform Cloud

1. On the "Workspaces" page, press "New workspace" and select "API-driven workflow". Name your workspace boundary and click "Create workspace".

2. Next, go to the variables menu and under Workspace variables select Terraform variable, then add, at the very least:

   • digitalocean_access_token - the Digital Ocean personal access token that gives Terraform accesses to orchestrate resources on DigitalOcean.

^{Back to top ^}

3.2. Add A New Directory

1. Create a new directory: ./workspaces/boundary

2. Create a new ./workspaces/boundary/versions.tf file and add the following:

terraform {
  # use terraform cloud to handle state
  cloud {
    organization = "voicommunity"

    workspaces {
      name = "boundary"
    }
  }

  required_providers {
    digitalocean = {
      source = "digitalocean/digitalocean"
    }
  }
}

3. Create a new ./workspaces/boundary/variables.tf file and add the following:

# A Digital Ocean personal access token.
variable "digitalocean_access_token" {
  type = string
}

# The region to deploy the infrastructure to.
# See https://slugs.do-api.dev/ for valid options.
variable "region" {
  type    = string
  default = "nyc3"
}

4. Create a new ./workspaces/boundary/provider.tf file and add the following:

provider "digitalocean" {
  token = var.digitalocean_access_token
}

5. Create a new ./workspaces/boundary/main.tf file here you can start adding resources.

^{Back to top ^}

3.3. Create a Terraform API Token

1. Go to GitHub, navigate to "Settings" then "Secrets". Create a new secret named TERRAFORM_API_TOKEN, setting the Terraform Cloud API token.

^{Back to top ^}

3.4. Setup GitHub Actions Workflow

1. Create a new workflow YAML file ./.github/workflows/boundary.yml and add the following:

name: Boundary

on:
  push:
    branches:
      - main
    paths:
      - 'workspaces/boundary/**'
  pull_request:
    paths:
      - 'workspaces/boundary/**'

jobs:
  default_workflow:
    name: "Validate, Plan and Apply"
    uses: ./.github/workflows/validate_plan_and_apply.yml
    with:
      workspace_name: "boundary"
    secrets:
      TERRAFORM_API_TOKEN: ${{ secrets.TERRAFORM_API_TOKEN }}

^{Back to top ^}

📑 4. Miscellaneous

4.1. Useful Commands

Command	Description
terraform init	Initialize the workspace ready to run plans.
terraform fmt -recursive	Formats all the .tf files in the current directory and subdirectories. Useful to use before opening PRs, otherwise they will fail CI.
terraform plan -input=false	Runs a plan using the variables stored on Terraform Cloud.

^{Back to top ^}

👏 5. How To Contribute

Please read the contributing guide to learn about the development process.

^{Back to top ^}

📄 6. License

Please refer to the LICENSE file.

^{Back to top ^}