From ebffc7ffcd172810a848b7aca6c88f81329e1cb4 Mon Sep 17 00:00:00 2001
From: LeoDiazL <116020815+LeoDiazL@users.noreply.github.com>
Date: Wed, 21 Feb 2024 17:29:17 -0300
Subject: [PATCH] Bump commons (#57)
* Initial bump
* Further fixes
* Fixes
* Fixing things in action.yaml
* Bumping README version
* Typo in action
* Missing correct commons version
---
README.md | 181 +++++++++++++++++++++++++++++++++++++---------------
action.yaml | 131 +++++++++++++++++++++----------------
2 files changed, 205 insertions(+), 107 deletions(-)
diff --git a/README.md b/README.md
index a3d5678..9380f40 100644
--- a/README.md
+++ b/README.md
@@ -23,9 +23,7 @@ If you would like to deploy a backend app/service, check out our other actions:
# Need help or have questions?
This project is supported by [Bitovi, A DevOps consultancy](https://www.bitovi.com/services/devops-consulting).
-You can **get help or ask questions** on our:
-
-- [Discord Community](https://discord.gg/zAHn4JBVcX)
+You can **get help or ask questions** on our [Discord channel](https://discord.gg/zAHn4JBVcX)! Come hang out with us; We love discussing solutions!
Or, you can hire us for training, consulting, or development. [Set up a free consultation](https://www.bitovi.com/services/devops-consulting).
@@ -37,6 +35,24 @@ Or, you can hire us for training, consulting, or development. [Set up a free con
- `ST2_AUTH_USERNAME`
- `ST2_AUTH_PASSWORD`
+:warning: In the latest release, some variables were replaced. Old one will not work.
+
+| Old variable | Replaced By |
+| - | - |
+| aws_extra_tags | aws_additional_tags |
+| aws_ec2_instance_profile | aws_ec2_iam_instance_profile |
+| aws_ec2_instance_vol_size | aws_ec2_instance_root_vol_size |
+| aws_domain_name | aws_r53_domain_name |
+| aws_sub_domain_name | aws_r53_sub_domain_name |
+| aws_root_domain_deploy | aws_r53_root_domain_deploy |
+| aws_cert_arn | aws_r53_cert_arn |
+| aws_create_root_cert | aws_r53_create_root_cert |
+| aws_create_sub_cert | aws_r53_create_sub_cert |
+| aws_no_cert | aws_r53_enable_cert :warning: |
+
+> :warning: `aws_no_cert` has the opossite value of `aws_r53_enable_cert`. Cert lookup is set to `true` by default, and won't fail if it can't find any.
+
+
## Example usage
Create a Github Action Workflow `.github/workflow/deploy-st2.yaml` with the following to build on push to the `main` branch.
@@ -79,56 +95,117 @@ This will create the following resources in AWS:
## Customizing
### Inputs
+1. [Action Defaults](#action-defaults-inputs)
+2. [AWS Configuration](#aws-configuration-inputs)
+4. [EC2](#ec2-instance-config)
+5. [Stackstorm inputs](#stackstorm-inputs)
+6. [Stack Management](#stack-management)
+7. [Domains and certificates](#domains-and-certificates)
+8. [VPC](#vpc-configuration)
+9. [Advanced Options](#advanced-options)
+
+### Outputs
+1. [Action Outpus](#action-outputs)
+
The following inputs can be used as `steps.with` keys:
+
+
+
+#### **Action defaults Inputs**
+| Name | Type | Description |
+|------------------|---------|------------------------------------|
+| `checkout` | Boolean | Set to `false` if the code is already checked out. (Default is `true`). |
+
+
+
+#### **AWS Configuration Inputs**
+| Name | Type | Description |
+|------------------|---------|------------------------------------|
+| `aws_access_key_id` | String | AWS access key ID |
+| `aws_secret_access_key` | String | AWS secret access key |
+| `aws_session_token` | String | AWS session token |
+| `aws_default_region` | String | AWS default region. Defaults to `us-east-1` |
+| `aws_resource_identifier` | String | Set to override the AWS resource identifier for the deployment. Defaults to `${GITHUB_ORG_NAME}-${GITHUB_REPO_NAME}-${GITHUB_BRANCH_NAME}`. |
+| `aws_additional_tags` | JSON | Add additional tags to the terraform [default tags](https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider), any tags put here will be added to all provisioned resources. |
+
+
+
+ #### **EC2 Instance config**
+| Name | Type | Description |
+|------------------|---------|------------------------------------|
+| `aws_ec2_instance_type` | String | The AWS IAM instance type to use. Default is `t3.medium`. See [this list](https://aws.amazon.com/ec2/instance-types/) for reference. |
+| `aws_ec2_instance_root_vol_size` | Integer | Define the volume size (in GiB) for the root volume on the AWS Instance. Defaults to `8`. |
+| `aws_ec2_instance_root_vol_preserve` | Boolean | Set this to true to avoid deletion of root volume on termination. Defaults to `false`. |
+| `aws_ec2_security_group_name` | String | The name of the EC2 security group. Defaults to `SG for ${aws_resource_identifier} - EC2`. |
+| `aws_ec2_iam_instance_profile` | String | The AWS IAM instance profile to use for the EC2 instance. Will create one if none provided with the name `aws_resource_identifier`. |
+| `aws_ec2_create_keypair_sm` | Boolean | Generates and manages a secret manager entry that contains the public and private keys created for the ec2 instance. Defaults to `false`. |
+| `aws_ec2_instance_public_ip` | Boolean | Add a public IP to the instance or not. Defaults to `true`. |
+| `aws_ec2_additional_tags` | JSON | Add additional tags to the terraform [default tags](https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider), any tags put here will be added to ec2 provisioned resources.|
+
+
+
+ #### **Stackstorm inputs**
+| Name | Type | Description |
+|------------------|---------|------------------------------------|
+| `st2_auth_username` | String | Username used by StackStorm standalone authentication. Set as a secret in GH Actions. |
+| `st2_auth_password` | String | Password used by StackStorm standalone authentication. Set as a secret in GH Actions. |
+| `st2_packs` | String | Comma separated list of packs to install. If you modify this option, be sure to also include `st2` in the list. Defaults to `"st2"` |
+| `st2_ansible_extra_vars_file` | String | Relative path from project root to Ansible vars file. If you'd like to adjust more advanced configuration; st2 version, st2.conf, RBAC, chatops, auth, etc. See https://github.com/stackStorm/ansible-st2#variables for the full list of settings. The Ansible vars will take higher precedence over the GHA inputs. |
+| `st2_version_tag` | String | Stackstorm Ansible release tag to use. See https://github.com/StackStorm/ansible-st2/releases |
+
+
+
+#### **Stack Management**
+| Name | Type | Description |
+|------------------|---------|------------------------------------|
+| `tf_stack_destroy` | Boolean | Set to `true` to destroy the stack - Will delete the `elb logs bucket` after the destroy action runs. |
+| `tf_state_file_name` | String | Change this to be anything you want to. Carefull to be consistent here. A missing file could trigger recreation, or stepping over destruction of non-defined objects. Defaults to `tf-state-aws`. |
+| `tf_state_file_name_append` | String | Appends a string to the tf-state-file. Setting this to `unique` will generate `tf-state-aws-unique`. (Can co-exist with `tf_state_file_name`) |
+| `tf_state_bucket` | String | AWS S3 bucket name to use for Terraform state. See [note](#s3-buckets-naming) |
+| `tf_state_bucket_destroy` | Boolean | Force purge and deletion of S3 bucket defined. Any file contained there will be destroyed. `tf_stack_destroy` must also be `true`. Default is `false`. |
+
+
+
+#### **Domains and certificates**
+| Name | Type | Description |
+|------------------|---------|------------------------------------|
+| `aws_r53_domain_name` | String | Define the root domain name for the application. e.g. bitovi.com'. |
+| `aws_r53_sub_domain_name` | String | Define the sub-domain part of the URL. Defaults to `aws_resource_identifier`. |
+| `aws_r53_root_domain_deploy` | Boolean | Deploy application to root domain. Will create root and www records. Default is `false`. |
+| `aws_r53_enable_cert` | Boolean | Set this to true if you wish to manage certificates through AWS Certificate Manager with Terraform. **See note**. Default is `false`. |
+| `aws_r53_cert_arn` | String | Define the certificate ARN to use for the application. **See note**. |
+| `aws_r53_create_root_cert` | Boolean | Generates and manage the root cert for the application. **See note**. Default is `false`. |
+| `aws_r53_create_sub_cert` | Boolean | Generates and manage the sub-domain certificate for the application. **See note**. Default is `false`. |
+| `aws_r53_additional_tags` | JSON | Add additional tags to the terraform [default tags](https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider), any tags put here will be added to R53 provisioned resources.|
+
+
+
+#### **VPC configuration**
+| Name | Type | Description |
+|------------------|---------|------------------------------------|
+| `aws_vpc_create` | Boolean | Define if a VPC should be created. Defaults to `false`. |
+| `aws_vpc_name` | String | Define a name for the VPC. Defaults to `VPC for ${aws_resource_identifier}`. |
+| `aws_vpc_cidr_block` | String | Define Base CIDR block which is divided into subnet CIDR blocks. Defaults to `10.0.0.0/16`. |
+| `aws_vpc_public_subnets` | String | Comma separated list of public subnets. Defaults to `10.10.110.0/24`|
+| `aws_vpc_private_subnets` | String | Comma separated list of private subnets. If no input, no private subnet will be created. Defaults to ``. |
+| `aws_vpc_availability_zones` | String | Comma separated list of availability zones. Defaults to `aws_default_region+` value. If a list is defined, the first zone will be the one used for the EC2 instance. |
+| `aws_vpc_id` | String | **Existing** AWS VPC ID to use. Accepts `vpc-###` values. |
+| `aws_vpc_subnet_id` | String | **Existing** AWS VPC Subnet ID. If none provided, will pick one. (Ideal when there's only one). |
+| `aws_vpc_enable_nat_gateway` | Boolean | Adds a NAT gateway for each public subnet. Defaults to `false`. |
+| `aws_vpc_single_nat_gateway` | Boolean | Toggles only one NAT gateway for all of the public subnets. Defaults to `false`. |
+| `aws_vpc_external_nat_ip_ids` | String | **Existing** comma separated list of IP IDs if reusing. (ElasticIPs). |
+| `aws_vpc_additional_tags` | JSON | Add additional tags to the terraform [default tags](https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider), any tags put here will be added to vpc provisioned resources.|
+
+
-| Name | Type | Default | Description |
-|------------------|---------|-------------|------------------------------------|
-| `checkout` | bool | `true` | Specifies if this action should checkout the code (i.e. whether or not to run the `uses: actions/checkout@v3` action prior to deploying so that the deployment has access to the repo files) |
-| **AWS configuration** |
-| `aws_access_key_id` | string | | AWS access key ID (Required) |
-| `aws_secret_access_key` | string | | AWS secret access key (Required) |
-| `aws_session_token` | string | | AWS session token, if you're using temporary credentials |
-| `aws_default_region` | string | `us-east-1` | AWS default region (Required) |
-| `aws_resource_identifier` | string | `${org}-${repo}-${branch}` | Auto-generated by default so it's unique for org/repo/branch. Set to override with custom naming the unique AWS resource identifier for the deployment. |
-| `aws_extra_tags` | json | | A list of additional tags that will be included on created resources. Example: `{"key1": "value1", "key2": "value2"}`. |
-| **EC2 Instance config** |
-| `aws_ec2_instance_type` | string | `t2.medium` | The AWS EC2 instance type. |
-| `aws_ec2_instance_profile` | string | | [The AWS IAM instance profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) to use for the EC2 instance. Use if you want to pass an AWS role with specific permissions granted to the instance |
-| `aws_ec2_create_keypair_sm` | bool | | Generates and manage a secret manager entry that contains the public and private keys created for the ec2 instance. |
-| `aws_ec2_instance_vol_size` | string | 8 | Define the volume size (in GiB) for the root volume on the AWS Instance. |
-| `aws_ec2_additional_tags` | string | | Add additional tags to the terraform [default tags](https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider), any tags put here will be added to ec2 provisioned resources.|
-| `infrastructure_only` | bool | `false` | Set to true to provision infrastructure (with Terraform) but skip the app deployment (with ansible) |
-| **StackStorm configuration** |
-| `st2_auth_username` | string | | Username used by StackStorm standalone authentication. Set as a secret in GH Actions. |
-| `st2_auth_password` | string | | Password used by StackStorm standalone authentication. Set as a secret in GH Actions. |
-| `st2_packs` | string |`"st2"` | Comma separated list of packs to install. If you modify this option, be sure to also include `st2` in the list. |
-| `st2_ansible_extra_vars_file` | string | | Relative path from project root to Ansible vars file. If you'd like to adjust more advanced configuration; st2 version, st2.conf, RBAC, chatops, auth, etc. See https://github.com/stackStorm/ansible-st2#variables for the full list of settings. The Ansible vars will take higher precedence over the GHA inputs. |
-| `st2_version_tag` | | Stackstorm Ansible release tag to use. See https://github.com/StackStorm/ansible-st2/releases |
-| **Stack Management** |
-| `tf_stack_destroy` | bool | `false` | Set to `true` to Destroy the created AWS infrastructure for this instance |
-| `tf_state_file_name` | string | `tf-state-aws` | Change this to be anything you want to. Carefull to be consistent here. A missing file could trigger recreation, or stepping over destruction of non-defined objects. |
-| `tf_state_file_name_append` | string | | Appends a string to the tf-state-file name. Setting this to `unique` will generate `tf-state-aws-unique`. (Can co-exist with `tf_state_file_name`) |
-| `tf_state_bucket` | string | `${aws_resource_identifier}-tf-state` | AWS S3 bucket to use for Terraform state. By default, a new deployment will be created for each unique branch. Hardcode if you want to keep a shared resource state between the several branches. |
-| `tf_state_bucket_destroy` | bool | `false` | Force purge and deletion of `tf_state_bucket` defined. Any file contained there will be destroyed. `tf_stack_destroy` must also be `true` |
-| **Domain and certificates configuration** |
-| `aws_domain_name` | string | | Define the root domain name for the application. e.g. bitovi.com'. If empty, ELB URL will be provided. |
-| `aws_sub_domain` | string | `${org}-${repo}-${branch}` | Define the sub-domain part of the URL. |
-| `aws_root_domain` | bool | `false` | Deploy application to root domain. Will create root and www DNS records. Domain must exist in Route53. |
-| `aws_cert_arn` | string | | Existing certificate ARN to be used in the ELB. Use if you manage a certificate outside of this action. See [this](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-list.html) for how to find the certificate ARN. **See note**. |
-| `aws_create_root_cert` | bool | `false`| Generates and manage the root certificate for the application to be used in the ELB. **See note**.|
-| `aws_create_sub_cert` | bool | `false` | Generates and manage the sub-domain certificate for the application to be used in the ELB. **See note**.|
-| `aws_no_cert` | bool | `false` | Set this to true if you want not to use a certificate in the ELB. **See note**. |
-| **VPC configuration** |
-| `aws_vpc_create` | bool | | Define if a VPC should be created |
-| `aws_vpc_name` | string | | Define a name for the VPC. If none defined, will use `VPC for ${aws_resource_identifier}`. |
-| `aws_vpc_cidr_block` | string | `10.0.0.0/16` | Define Base CIDR block which is divided into subnet CIDR blocks. |
-| `aws_vpc_public_subnets` | string | `10.10.110.0/24` | Comma separated list of public subnets. |
-| `aws_vpc_private_subnets` | string | | Comma separated list of private subnets. If no input, no private subnet will be created. |
-| `aws_vpc_availability_zones` | string | `aws_default_region+` | Comma separated list of availability zones. If a list is defined, the first zone will be the one used for the EC2 instance. |
-| `aws_vpc_id` | string | | AWS VPC ID to use with existing VPCs. Accepts `vpc-###` values. |
-| `aws_vpc_subnet_id` | string | | AWS VPC Subnet ID. If none provided, will pick one. (Ideal when there's only one) |
-| `aws_vpc_additional_tags` | string | | Add additional tags to the VPC resources. |
+#### **Action Outputs**
+| Name | Description |
+|------------------|------------------------------------|
+| `aws_vpc_id` | The selected VPC ID used. |
+| `vm_url` | The URL of the generated app. |
+| `instance_endpoint` | The URL of the generated ec2 instance. |
+| `ec2_sg_id` | SG ID for the EC2 instance. |
### Note about AWS resource identifiers
Most resources will contain the tag `GITHUB_ORG-GITHUB_REPO-GITHUB_BRANCH` to make them unique. Because some AWS resources have a length limit, we shorten identifiers to a `60` characters max string.
@@ -190,7 +267,7 @@ jobs:
steps:
- id: deploy-st2-advanced
name: Deploy StackStorm with extra Ansible vars
- uses: bitovi/github-actions-deploy-stackstorm@v0.4.1
+ uses: bitovi/github-actions-deploy-stackstorm@v0.4.2
with:
aws_default_region: us-east-1
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID}}
@@ -210,7 +287,7 @@ We encourage to keep your infrastructure codified!
You can pass additional `BITOPS_` ENV variables to adjust the deployment behavior.
```yaml
- name: Deploy StackStorm to AWS (dry-run)
- uses: bitovi/github-actions-deploy-stackstorm@v0.4.1
+ uses: bitovi/github-actions-deploy-stackstorm@v0.4.2
env:
# Extra BitOps configuration:
BITOPS_LOGGING_LEVEL: INFO
diff --git a/action.yaml b/action.yaml
index 003dd0d..072a38f 100644
--- a/action.yaml
+++ b/action.yaml
@@ -12,47 +12,48 @@ inputs:
# AWS Configuration
aws_access_key_id:
description: 'AWS access key ID'
- required: true
+ required: false
aws_secret_access_key:
description: 'AWS secret access key'
- required: true
+ required: false
aws_session_token:
- description: "AWS session token, if you're using temporary credentials"
+ description: 'AWS session token'
required: false
aws_default_region:
description: 'AWS default region'
- required: true
- default: us-east-1
+ required: false
aws_resource_identifier:
- description: "Auto-generated by default so it's unique for org/repo/branch. Set to override with custom naming the unique AWS resource identifier for the deployment. Defaults to `${org}-${repo}-${branch}`."
- aws_extra_tags:
- description: 'A list of additional tags that will be included on created resources. Example: `{"key1": "value1", "key2": "value2"}`'
+ description: 'Set to override the AWS resource identifier for the deployment. Defaults to `${org}-{repo}-{branch}`. Use with destroy to destroy specific resources.'
+ required: false
+ aws_additional_tags:
+ description: 'A JSON object of additional tags that will be included on created resources. Example: `{"key1": "value1", "key2": "value2"}`'
required: false
- default: '{}'
# EC2 Instance config
- aws_ec2_instance_type:
- description: 'The AWS EC2 instance type'
- default: t2.medium
+ aws_ec2_iam_instance_profile:
+ description: 'The AWS IAM instance profile to use for the EC2 instance'
+ required: false
+ aws_ec2_instance_type:
+ description: 'The AWS Instance type'
+ default: t3.medium
required: false
- aws_ec2_instance_profile:
- description: 'The AWS IAM instance profile to use for the EC2 instance. Use if you want to pass an AWS role with specific permissions granted to the instance'
+ aws_ec2_instance_root_vol_size:
+ description: 'Define the volume size (in GiB) for the root volume on the AWS Instance.'
+ required: false
+ default: 10
+ aws_ec2_instance_root_vol_preserve:
+ description: 'Set this to true to avoid deletion of root volume on termination. Defaults to false.'
required: false
aws_ec2_create_keypair_sm:
description: 'Creates a Secret in AWS secret manager to store a kypair'
- default: false
required: false
- aws_ec2_instance_vol_size:
- description: 'Root disk size for the EC2 instance'
- default: 10
+ aws_ec2_instance_public_ip:
+ description: 'Add a public IP to the instance or not. (Not an Elastic IP)'
required: false
+ default: true
aws_ec2_additional_tags:
description: 'A JSON object of additional tags that will be included on created resources. Example: `{"key1": "value1", "key2": "value2"}`'
required: false
- infrastructure_only:
- description: 'Set to true to provision infrastructure (with Terraform) but skip the app deployment (with ansible)'
- default: "false"
- required: false
# StackStorm configuration
st2_auth_username:
@@ -89,26 +90,29 @@ inputs:
required: false
# Domains
- aws_domain_name:
+ aws_r53_domain_name:
description: "Define the root domain name for the application. e.g. bitovi.com. If empty, ELB URL will be provided."
required: false
- aws_sub_domain:
+ aws_r53_sub_domain_name:
description: 'Define the sub-domain part of the URL. Defaults to `${org}-${repo}-{branch}`'
- aws_root_domain:
- description: 'Deploy application to root domain. Will create root and www DNS records. Domain must exist in Route53.'
required: false
- aws_cert_arn:
- description: 'Existing certificate ARN to be used in the ELB. Use if you manage a certificate outside of this action. See https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-list.html for how to find the certificate ARN.'
+ aws_r53_root_domain_deploy:
+ description: 'Deploy to root domain. Will generate two DNS recrods, one for root, another for www'
required: false
- aws_create_root_cert:
- description: 'Generates and manage the root certificate for the application to be used in the ELB.'
+ aws_r53_enable_cert:
+ description: 'Makes the application use a certificate by enabling a certificate lookup.'
required: false
- aws_create_sub_cert:
- description: 'Generates and manage the sub-domain certificate for the application to be used in the ELB.'
+ aws_r53_cert_arn:
+ description: 'Define the certificate ARN to use for the application'
required: false
- aws_no_cert:
- description: 'Set this to true if you want not to use a certificate in the ELB.'
- default: false
+ aws_r53_create_root_cert:
+ description: 'Generates and manage the root cert for the application'
+ required: false
+ aws_r53_create_sub_cert:
+ description: 'Generates and manage the sub-domain certificate for the application'
+ required: false
+ aws_r53_additional_tags:
+ description: 'A JSON object of additional tags that will be included on created resources. Example: `{"key1": "value1", "key2": "value2"}`'
required: false
# VPC Inputs
@@ -136,25 +140,37 @@ inputs:
aws_vpc_subnet_id:
description: 'Specify a Subnet to be used with the instance. If none provided, will pick one.'
required: false
+ aws_vpc_enable_nat_gateway:
+ description: 'Enables NAT gateway'
+ required: false
+ aws_vpc_single_nat_gateway:
+ description: 'Creates only one NAT gateway'
+ required: false
+ aws_vpc_external_nat_ip_ids:
+ description: 'Comma separated list of IP IDS to reuse in the NAT gateways'
+ required: false
aws_vpc_additional_tags:
description: 'A JSON object of additional tags that will be included on created resources. Example: `{"key1": "value1", "key2": "value2"}`'
required: false
outputs:
+ # VPC
+ aws_vpc_id:
+ description: "The selected VPC ID used."
+ value: ${{ steps.deploy.outputs.aws_vpc_id }}
vm_url:
- description: 'The URL of the generated app'
+ description: "The URL of the generated app"
value: ${{ steps.deploy.outputs.vm_url }}
-# CREATE_VPC: ${{ inputs.aws_create_vpc }}
+ instance_endpoint:
+ description: "The URL of the generated ec2 instance"
+ value: ${{ steps.deploy.outputs.instance_endpoint }}
+ ec2_sg_id:
+ description: "SG ID for the EC2 instance"
+ value: ${{ steps.deploy.outputs.ec2_sg_id }}
runs:
using: 'composite'
steps:
- - name: Invert boolean Variable
- shell: bash
- id: set-cert
- if: ${{ inputs.aws_no_cert == 'false' }}
- run: echo "enable_cert=true" >> $GITHUB_OUTPUT
-
- name: Push ST2_PACKS to env_file
shell: bash
id: set-env_file
@@ -163,7 +179,7 @@ runs:
- name: Deploy with BitOps
id: deploy
- uses: bitovi/github-actions-commons@v0.0.7
+ uses: bitovi/github-actions-commons@v0.0.13
with:
# Current repo vars
gh_action_repo: ${{ github.action_path }}
@@ -172,7 +188,6 @@ runs:
checkout: ${{ inputs.checkout }}
bitops_extra_env_vars: -e ST2_AUTH_USERNAME=${{ inputs.st2_auth_username }} -e ST2_AUTH_PASSWORD=${{ inputs.st2_auth_password }} -e ST2_VERSION_TAG=${{ inputs.st2_version_tag }}
bitops_extra_env_vars_file: extra_env
- ansible_skip : ${{ inputs.infrastructure_only }}
# AWS
aws_access_key_id: ${{ inputs.aws_access_key_id }}
@@ -180,16 +195,18 @@ runs:
aws_session_token: ${{ inputs.aws_session_token }}
aws_default_region: ${{ inputs.aws_default_region }}
aws_resource_identifier: ${{ inputs.aws_resource_identifier }}
- aws_additional_tags: ${{ inputs.aws_extra_tags }}
+ aws_additional_tags: ${{ inputs.aws_additional_tags }}
# EC2
aws_ec2_instance_create: true
aws_ec2_ami_filter: 'ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*'
+ aws_ec2_ami_owner: '099720109477'
aws_ec2_iam_instance_profile: ${{ inputs.aws_ec2_instance_profile }}
aws_ec2_instance_type: ${{ inputs.aws_ec2_instance_type }}
- aws_ec2_instance_public_ip: true
- aws_ec2_create_keypair_sm: ${{ inputs.aws_ec2_create_keypair_sm }}
aws_ec2_instance_root_vol_size: ${{ inputs.aws_ec2_instance_vol_size }}
+ aws_ec2_instance_root_vol_preserve: ${{ inputs.aws_ec2_instance_root_vol_preserve }}
+ aws_ec2_create_keypair_sm: ${{ inputs.aws_ec2_create_keypair_sm }}
+ aws_ec2_instance_public_ip: true
aws_ec2_additional_tags: ${{ inputs.aws_ec2_additional_tags }}
# AWS ELB
@@ -208,13 +225,14 @@ runs:
# AWS Route53 Domains abd Certificates
aws_r53_enable: true
- aws_r53_domain_name: ${{ inputs.aws_domain_name }}
- aws_r53_sub_domain_name: ${{ inputs.aws_sub_domain }}
- aws_r53_root_domain_deploy: ${{ inputs.aws_root_domain }}
- aws_r53_enable_cert: ${{ steps.set-cert.outputs.enable_cert }}
- aws_r53_cert_arn: ${{ inputs.aws_cert_arn }}
- aws_r53_create_root_cert: ${{ inputs.aws_create_root_cert }}
- aws_r53_create_sub_cert: ${{ inputs.aws_create_sub_cert }}
+ aws_r53_domain_name: ${{ inputs.aws_r53_domain_name }}
+ aws_r53_sub_domain_name: ${{ inputs.aws_r53_sub_domain_name }}
+ aws_r53_root_domain_deploy: ${{ inputs.aws_r53_root_domain_deploy }}
+ aws_r53_enable_cert: ${{ inputs.aws_r53_enable_cert }}
+ aws_r53_cert_arn: ${{ inputs.aws_r53_cert_arn }}
+ aws_r53_create_root_cert: ${{ inputs.aws_r53_create_root_cert }}
+ aws_r53_create_sub_cert: ${{ inputs.aws_r53_create_sub_cert }}
+ aws_r53_additional_tags: ${{ inputs.aws_r53_additional_tags }}
aws_vpc_create: ${{ inputs.aws_vpc_create }}
aws_vpc_name: ${{ inputs.aws_vpc_name }}
@@ -224,4 +242,7 @@ runs:
aws_vpc_availability_zones: ${{ inputs.aws_vpc_availability_zones }}
aws_vpc_id: ${{ inputs.aws_vpc_id }}
aws_vpc_subnet_id: ${{ inputs.aws_vpc_subnet_id }}
+ aws_vpc_enable_nat_gateway: ${{ inputs.aws_vpc_enable_nat_gateway }}
+ aws_vpc_single_nat_gateway: ${{ inputs.aws_vpc_single_nat_gateway }}
+ aws_vpc_external_nat_ip_ids: ${{ inputs.aws_vpc_external_nat_ip_ids }}
aws_vpc_additional_tags: ${{ inputs.aws_vpc_additional_tags }}
\ No newline at end of file