Deployment Using GitHub Actions
Installation Guide for DIGIT via GitHub Actions in AWS
Overview
This guide provides step-by-step instructions for installing DIGIT using GitHub Actions within an AWS environment.
Pre-requisites
AWS account
Github account
Installation
Prepare AWS IAM User
Create an IAM User in your AWS account.
Generate
ACCESS_KEY
andSECRET_KEY
for the IAM user.Assign Administrator Access to the IAM user for necessary permissions.
Configure GitHub Repository
Fork the DIGIT-DevOps Repository into your organization account on GitHub.
Navigate to the repository settings, then to Secrets and Variables, click actions and add the following repository secrets:
AWS_ACCESS_KEY_ID: <GENERATED_ACCESS_KEY>
AWS_SECRET_ACCESS_KEY: <GENERATED_SECRET_KEY>
AWS_DEFAULT_REGION: ap-south-1
AWS_REGION: ap-south-1
Enable GitHub Actions
Clone the DIGIT-DevOps repository which you've forked and open the repo in the code editor.
Switch the branch from master to DIGIT-2.9LTS using the below command.
Open the GitHub Actions workflow file.
Specify the branch name you wish to enable GitHub Actions for.
Configure Infrastructure-as-Code
Navigate to
infra-as-code/terraform/sample-aws
.Open
input.yaml
and enter details such asdomain_name
,cluster_name
,bucket_name
,db_name
and addpublic_ssh_key
generated using below SSH Key Pair.
Configure Application Secrets
Navigate to deploy
-as-code/charts/environments
.Open
env-secrets.yaml
.Enter
db_password
andssh_private_key
. Add thepublic_key
to your GitHub account.
Generate SSH Key Pair
Choose one of the following methods to generate an SSH key pair:
Method a: Use an online website (Note: This is not recommended for production setups, only for demo purposes):
https://8gwifi.org/sshfunctions.jsp
Method b: Use OpenSSL commands:
Finalize Installation
After entering all the details, push these changes to the remote GitHub repository. Open the Actions
tab in your GitHub account to view the workflow. You should see that the workflow has started, and the pipelines are completed successfully.
This indicates that your setup is correctly configured, and your application is ready to be deployed. Monitor the output of the workflow for any errors or success messages to ensure everything is functioning as expected.
KubeConfig Setup
For guidance on setting up your AWS CLI, please follow the instructions provided in Installation Guide - Production Setup on AWS. Additionally, ensure your AWS CLI is correctly configured by referring to the official AWS documentation on Configuring the AWS CLI - AWS Command Line Interface. Confirm your AWS credentials are correctly set by executing:
Proceed only after verifying the correct configuration of your credentials. For any uncertainties on how to set up the credentials, consult the AWS documentation for detailed instructions.
Run the below command to export AWS Credentials
Use this link to get the kubeconfig from EKS to get the kubeconfig file for the cluster. The region code is the default region provided in the availability zones in variables.tf. Eg. ap-south-1. EKS cluster name also should've been filled in variables.tf.
Verify that you can connect to the cluster by running the following command.
Once the deployment is done get the CNAME of the nginx-ingress-controller:
The output of this will be the something like this:
ae210873da6ff4c03bde2ad22e18fe04-233d3411.ap-south-1.elb.amazonaws.com
Add the CNAME to your domain provider against your domain name.
Post Deployment
Login to the employee dashboard with the username and password provided in env-secrets.yaml file using the domain name provided in input.yaml.
Cleanup & Uninstallation Of DIGIT Infrastructure
As you wrap up your work with DIGIT, ensuring a smooth and error-free cleanup of the resources is crucial. Regular monitoring of the GitHub Actions workflow's output is essential during the destruction process. Watch out for any error messages or signs of issues. A successful job completion will be confirmed by a success message in the GitHub Actions window, indicating that the infrastructure has been effectively destroyed.
When you're ready to remove DIGIT and clean up the resources it created, proceed with executing the terraform_infra_destruction
job. This action is designed to dismantle all setup resources, clearing the environment neatly.
We hope your experience with DIGIT was positive and that this guide makes the uninstallation process straightforward.
How to Run the Terraform Infrastructure Destruction Job
To initiate the destruction of a Terraform-managed infrastructure, follow these steps:
Navigate to Actions.
Click DIGIT-Install workflow.
Select Run workflow.
When prompted, type "destroy". This action starts the
terraform_infra_destruction
job.
You can observe the progress of the destruction job in the actions window.
Note: For DIGIT configurations created using the master branch.
If DIGIT is installed from a branch other than the main one, ensure that the branch name is correctly specified in the workflow file. For instance, if the installation is done from the digit-install branch, the following snippet should be updated to reflect that.
Last updated