hkhcoder · hgure · Dec 16, 2025 · Dec 16, 2025 · Dec 16, 2025 · Dec 16, 2025
diff --git a/.DS_Store b/.DS_Store
diff --git a/.github/workflows/terraform-1.yml b/.github/workflows/terraform-1.yml
@@ -0,0 +1,83 @@
+name: "Nomad IaC"
+on:
+    push:
+        branches:
+            - main
+            - stage
+        paths:
+            - terraform/**
+    pull_request:
+        branches:
+            - main
+        paths:
+            - terraform/**
+
+env: 
+    #Credentials for AWS
+    AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+    AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    #Storage for Terraform State
+    BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }}
+    AWS_REGION: "us-east-1"
+    EKS_CLUSTER_NAME: "nomadops-eks"
+
+jobs:
+    terraform:
+        name: "Terraform Apply"
+        runs-on: ubuntu-latest
+        defaults:
+            run:
+                shell: bash
+                working-directory: ./terraform
+
+        steps:
+            - name: "Checkout Repo"
+              uses: actions/checkout@v4
+
+            - name: "Setup Terraform"
+              uses: hashicorp/setup-terraform@v2
+              with:
+                  terraform_version: "1.6.3"
+
+            - name: "Terraform Init"
+              id: init
+              run: terraform init -backend-config="bucket=${{ env.BUCKET_TF_STATE }}" -input=false
+
+            - name: "Terraform Format"
+              id: fmt
+              run: terraform fmt -check
+
+            - name: "Terraform Validate"
+              id: validate
+              run: terraform validate
+
+            - name: "Terraform Plan"
+              id: plan
+              run: terraform plan -no-color -input=false -out planfile
+              continue-on-error: true
+
+            - name: Terraform plan status
+              if: steps.plan.outcome == 'failure'
+              run: echo "Terraform plan failed. Please check the configuration."
+
+            - name: "Terraform Apply"
+              id: apple
+              if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+              run: terraform apply -auto-approve -input=false -parallelism=1 planfile
+
+            - name: Configure AWS credentials
+              uses: aws-actions/configure-aws-credentials@v2
+              with:
+                  aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+                  aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+                  aws-region: ${{ env.AWS_REGION }}
+
+            - name: Get Kube config file
+              id: getconfig
+              if: steps.apple.outcome == 'success'
+              run: aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ env.EKS_CLUSTER_NAME }}
+
+            - name: Install Ingress Controller
+              if: steps.apple.outcome == 'success' && steps.getconfig.outcome == 'success'
+              run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/aws/deploy.yaml
+
diff --git a/.github/workflows/terraform-destroy.yml b/.github/workflows/terraform-destroy.yml
@@ -0,0 +1,45 @@
+name: "Nomad IaC Destroy"
+
+on:
+  workflow_dispatch:   # Allows manual trigger from GitHub Actions
+
+
+env: 
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }}
+  AWS_REGION: "us-east-1"
+
+jobs:
+  terraform-destroy:
+    name: "Terraform Destroy"
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+        working-directory: ./terraform
+
+    steps:
+      - name: "Checkout Repo"
+        uses: actions/checkout@v4
+
+      - name: "Setup Terraform"
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: "1.6.3"
+
+      - name: "Configure AWS credentials"
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: "Terraform Init"
+        run: terraform init -backend-config="bucket=${{ env.BUCKET_TF_STATE }}" -input=false
+
+      - name: "Terraform Validate"
+        run: terraform validate
+
+      - name: "Terraform Destroy"
+        run: terraform destroy -auto-approve -input=false -parallelism=1
diff --git a/.github/workflows/terraform.old b/.github/workflows/terraform.old
@@ -0,0 +1,61 @@
+name: "Nomad IaC"
+on:
+    push:
+        branches:
+            - main
+            - stage
+        paths:
+            - terraform/**
+    pull_request:
+        branches:
+            - main
+        paths:
+            - terraform/**
+
+env: 
+    #Credentials for AWS
+    AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+    AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    #Storage for Terraform State
+    BUCKET_TF_STATE: ${{ secrets.BUCKET_TF_STATE }}
+    AWS_REGION: "us-east-1"
+    EKS_CLUSTER_NAME: "nomadapp-eks"
+
+jobs:
+    terraform:
+        name: "Terraform Apply"
+        runs-on: ubuntu-latest
+        defaults:
+            run:
+                shell: bash
+                working-directory: ./terraform
+
+        steps:
+            - name: "Checkout Repo"
+              uses: actions/checkout@v4
+
+            - name: "Setup Terraform"
+              uses: hashicorp/setup-terraform@v2
+            #   with:
+            #       terraform_version: "1.6.3"
+
+            - name: "Terraform Init"
+              id: init
+              run: terraform init -backend-config="bucket=${{ env.BUCKET_TF_STATE }}"
+
+            - name: "Terrform Format"
+              id: fmt
+              run: terraform fmt -check
+
+            - name: "Terraform Validate"
+              id: validate
+              run: terraform validate
+
+            - name: "Terraform Plan"
+              id: plan
+              run: terraform plan -no-color -input=false -out=tfplan
+              continue-on-error: true
+
+            - name: Terraform plan status
+              if: steps.plan.outcome == 'failure'
+              run: echo "Terraform plan failed. Please check the configuration."
diff --git a/terraform/eks-cluster.tf b/terraform/eks-cluster.tf
@@ -3,14 +3,15 @@ module "eks" {
   version = "19.19.1"
 
   cluster_name    = local.cluster_name
-  cluster_version = "1.27"
+  cluster_version = "1.33"
 
   vpc_id                         = module.vpc.vpc_id
   subnet_ids                     = module.vpc.private_subnets
   cluster_endpoint_public_access = true
 
   eks_managed_node_group_defaults = {
-    ami_type = "AL2_x86_64"
+    ami_type = "BOTTLEROCKET_x86_64"
+
 
   }
 

diff --git a/terraform/terraform.tf b/terraform/terraform.tf
@@ -27,9 +27,9 @@ terraform {
   }
 
   backend "s3" {
-    bucket = "gitopsterrastate"
+    bucket = "nomadprofile"
     key    = "terraform.tfstate"
-    region = "us-east-2"
+    region = "us-east-1"
   }
 
   required_version = "~> 1.6.3"

diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -1,11 +1,13 @@
 variable "region" {
   description = "AWS region"
   type        = string
-  default     = "us-east-2"
+  default     = "us-east-1"
 }
 
 variable "clusterName" {
   description = "Name of the EKS cluster"
   type        = string
-  default     = "kitops-eks"
+  default     = "nomadops-eks"
 }
+
+###############
diff --git a/terraform/vpc.tf b/terraform/vpc.tf
@@ -2,7 +2,7 @@ module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
   version = "5.1.2"
 
-  name = "vprofile-eks"
+  name = "nomadapp-eks"
 
   cidr = "172.20.0.0/16"
   azs  = slice(data.aws_availability_zones.available.names, 0, 3)