Added Github action deploy workflows for CICD pipeline

Author: Emmy-github-webdev

.github/workflows/deploy.yaml

@@ -0,0 +1,70 @@
+name: Terraform Deploy
+
+on:
+  push:
+    branches:
+      - staging
+      - main
+  workflow_dispatch:
+
+env:
+  TF_WORKING_DIR: terraform
+
+jobs:
+  terraform:
+    name: Terraform (plan & apply)
+    runs-on: ubuntu-latest
+    environment: ${{ github.ref == 'refs/heads/main' && 'prod' || 'staging' }}
+    permissions:
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: 1.5.6
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Terraform Init
+        working-directory: ${{ env.TF_WORKING_DIR }}
+        run: terraform init -input=false
+
+      - name: Terraform Validate & Format
+        working-directory: ${{ env.TF_WORKING_DIR }}
+        run: |
+          terraform fmt -check
+          terraform validate
+
+      - name: Terraform Plan
+        id: plan
+        working-directory: ${{ env.TF_WORKING_DIR }}
+        run: |
+          if [ "${{ github.ref }}" = "refs/heads/staging" ]; then
+            terraform plan -var-file="staging.tfvars" -out=tfplan
+          else
+            terraform plan -var-file="prod.tfvars" -out=tfplan
+          fi
+
+      - name: Terraform Apply
+        if: github.ref == 'refs/heads/staging'
+        working-directory: ${{ env.TF_WORKING_DIR }}
+        run: terraform apply -input=false -auto-approve tfplan
+
+      - name: Terraform Apply (prod) - requires env approval
+        if: github.ref == 'refs/heads/main'
+        working-directory: ${{ env.TF_WORKING_DIR }}
+        run: terraform apply -input=false -auto-approve tfplan
+
+      - name: Show outputs
+        if: success()
+        working-directory: ${{ env.TF_WORKING_DIR }}
+        run: terraform output -json

README.md

@@ -31,4 +31,4 @@ Run the python funtion locally using VS Code Run Button
 
 - Create the terraform folder structure
 
-- imp
+- Deploy with: terraform init then terraform apply -var-file="staging.tfvars" (or prod.tfvars)

lambda/hello.py lambda/lambda_function.pylambda/hello.py renamed to lambda/lambda_function.py

@@ -1,5 +1,5 @@
 resource "aws_apigatewayv2_api" "health_api" {
-  name          = "${var.environment}-health-check-api"
+  name          = "${var.environment}-serverless-health-check-api"
   protocol_type = "HTTP"
 
   cors_configuration {
@@ -55,7 +55,7 @@ resource "aws_apigatewayv2_stage" "default" {
 }
 
 resource "aws_cloudwatch_log_group" "api_gateway_logs" {
-  name              = "/aws/apigateway/${var.environment}-health-check-api"
+  name              = "/aws/apigateway/${var.environment}-serverless-health-check-api"
   retention_in_days = 7
 
   tags = var.common_tags

terraform/modules/api-gateway/main.tf

@@ -5,7 +5,7 @@ data "archive_file" "lambda_zip" {
 }
 
 resource "aws_lambda_function" "health_check" {
-  function_name    = "${var.environment}-health-check-function"
+  function_name    = "${var.environment}-serverless-health-check-api"
   role             = var.lambda_role_arn
   handler          = "lambda_function.lambda_handler"
   source_code_hash = data.archive_file.lambda_zip.output_base64sha256