Skip to content

feat: enhance project with CI/CD pipeline, automated formatting, and improved outputs #32

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mazenessam77 wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: enhance project with CI/CD pipeline, automated formatting, and improved outputs #32

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
82 changes: 82 additions & 0 deletions .github/workflows/terraform-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
name: "Terraform CI"

on:
push:
branches: [main]
paths:
- "DevOps-Project-11/**"
pull_request:
branches: [main]
paths:
- "DevOps-Project-11/**"
Comment on lines +3 to +11
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 31, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Branch mismatch: workflow triggers on main but PR targets master.

The workflow is configured to trigger on push and pull_request events to the main branch, but according to the PR objectives, this PR targets the master branch. This means the workflow will not run for this PR or future changes targeting master.

Either update the workflow to trigger on master, or ensure the repository's default branch is main.

🐛 Proposed fix if targeting master branch 
 on:
   push:
-    branches: [main]
+    branches: [master]
     paths:
       - "DevOps-Project-11/**"
   pull_request:
-    branches: [main]
+    branches: [master]
     paths:
       - "DevOps-Project-11/**"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
on:
push:
branches: [main]
paths:
- "DevOps-Project-11/**"
pull_request:
branches: [main]
paths:
- "DevOps-Project-11/**"
on:
push:
branches: [master]
paths:
- "DevOps-Project-11/**"
pull_request:
branches: [master]
paths:
- "DevOps-Project-11/**"
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/terraform-ci.yml around lines 3 - 11, The workflow's event
triggers currently list branches: [main] under the push and pull_request keys so
it won't run for PRs targeting master; update the branches arrays under the on:
push: and on: pull_request: sections to include "master" (or replace "main" with
"master"), or list both ["main","master"] to support both default-branch names
so the workflow runs for PRs targeting master; locate the branches: [main]
entries in the workflow's on/push and on/pull_request blocks and modify them
accordingly.


env:
TF_VERSION: "1.7.0"
WORKING_DIR: "DevOps-Project-11"

jobs:
format:
name: Terraform Format Check
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TF_VERSION }}

- name: Terraform Format Check
working-directory: ${{ env.WORKING_DIR }}
run: terraform fmt -check -recursive -diff

validate:
name: Terraform Validate
runs-on: ubuntu-latest
needs: format
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TF_VERSION }}

- name: Terraform Init
working-directory: ${{ env.WORKING_DIR }}
run: terraform init -backend=false

- name: Terraform Validate
working-directory: ${{ env.WORKING_DIR }}
run: terraform validate

plan:
name: Terraform Plan
runs-on: ubuntu-latest
needs: validate
if: github.event_name == 'pull_request'
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TF_VERSION }}

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1

- name: Terraform Init
working-directory: ${{ env.WORKING_DIR }}
run: terraform init

- name: Terraform Plan
working-directory: ${{ env.WORKING_DIR }}
run: terraform plan -var-file=variables.tfvars -no-color -input=false
Comment on lines +55 to +82
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 31, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Plan job is well-configured but will fail due to module output errors.

The plan job structure is correct—it runs only on PRs, configures AWS credentials, and uses the correct var-file. However, it will fail during terraform validate (in the earlier job) due to the resource label mismatches in the module outputs (alb-tg/outputs.tf and aws-rds/outputs.tf).

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/terraform-ci.yml around lines 55 - 82, The Terraform plan
job fails because module output definitions reference incorrect resource labels
in the module outputs (see alb-tg/outputs.tf and aws-rds/outputs.tf); open those
output blocks and update the referenced resource names/attributes to match the
actual resource blocks declared in their modules (or adjust the resource labels
in the modules to match the outputs), ensuring each output uses the correct
symbol (e.g., target_group ARN/ID, ALB listener ARN, RDS instance identifier)
and valid attribute paths so terraform validate/plan succeed; after changes run
terraform validate locally or in CI to confirm the mismatches are resolved.

14 changes: 14 additions & 0 deletions DevOps-Project-11/modules/alb-tg/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
output "alb_dns_name" {
description = "The DNS name of the Application Load Balancer"
value = aws_lb.alb.dns_name
}

output "alb_arn" {
description = "The ARN of the Application Load Balancer"
value = aws_lb.alb.arn
}

output "target_group_arn" {
description = "The ARN of the ALB target group"
value = aws_lb_target_group.tg.arn
}
Comment on lines +1 to +14
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 31, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Resource label mismatches will cause terraform to fail.

All outputs reference incorrect resource labels. According to DevOps-Project-11/modules/alb-tg/main.tf:

  • The ALB resource is labeled web-elb, not alb
  • The target group resource is labeled web-tg, not tg

These mismatches will cause terraform validate and terraform plan to fail with undefined reference errors.

🐛 Proposed fix to correct resource references 
 output "alb_dns_name" {
   description = "The DNS name of the Application Load Balancer"
-  value       = aws_lb.alb.dns_name
+  value       = aws_lb.web-elb.dns_name
 }

 output "alb_arn" {
   description = "The ARN of the Application Load Balancer"
-  value       = aws_lb.alb.arn
+  value       = aws_lb.web-elb.arn
 }

 output "target_group_arn" {
   description = "The ARN of the ALB target group"
-  value       = aws_lb_target_group.tg.arn
+  value       = aws_lb_target_group.web-tg.arn
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
output "alb_dns_name" {
description = "The DNS name of the Application Load Balancer"
value = aws_lb.alb.dns_name
}
output "alb_arn" {
description = "The ARN of the Application Load Balancer"
value = aws_lb.alb.arn
}
output "target_group_arn" {
description = "The ARN of the ALB target group"
value = aws_lb_target_group.tg.arn
}
output "alb_dns_name" {
description = "The DNS name of the Application Load Balancer"
value = aws_lb.web-elb.dns_name
}
output "alb_arn" {
description = "The ARN of the Application Load Balancer"
value = aws_lb.web-elb.arn
}
output "target_group_arn" {
description = "The ARN of the ALB target group"
value = aws_lb_target_group.web-tg.arn
}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@DevOps-Project-11/modules/alb-tg/outputs.tf` around lines 1 - 14, The outputs
in outputs.tf reference non-existent resources (aws_lb.alb and
aws_lb_target_group.tg); update the output values to use the actual resource
labels defined in main.tf: replace aws_lb.alb.dns_name and aws_lb.alb.arn with
aws_lb.web-elb.dns_name and aws_lb.web-elb.arn respectively, and replace
aws_lb_target_group.tg.arn with aws_lb_target_group.web-tg.arn so outputs
"alb_dns_name", "alb_arn", and "target_group_arn" point to the correct
resources.

14 changes: 14 additions & 0 deletions DevOps-Project-11/modules/aws-rds/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
output "rds_cluster_endpoint" {
description = "The writer endpoint of the Aurora RDS cluster"
value = aws_rds_cluster.rds-cluster.endpoint
}

output "rds_reader_endpoint" {
description = "The reader endpoint of the Aurora RDS cluster"
value = aws_rds_cluster.rds-cluster.reader_endpoint
}

output "rds_cluster_port" {
description = "The port of the Aurora RDS cluster"
value = aws_rds_cluster.rds-cluster.port
}
Comment on lines +1 to +14
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 31, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Resource label mismatch will cause terraform to fail.

All outputs reference aws_rds_cluster.rds-cluster, but according to DevOps-Project-11/modules/aws-rds/main.tf (lines 9-25), the RDS cluster resource is labeled aurora_cluster (with underscore), not rds-cluster (with hyphen).

This mismatch will cause terraform validate and terraform plan to fail with undefined reference errors.

🐛 Proposed fix to correct resource references 
 output "rds_cluster_endpoint" {
   description = "The writer endpoint of the Aurora RDS cluster"
-  value       = aws_rds_cluster.rds-cluster.endpoint
+  value       = aws_rds_cluster.aurora_cluster.endpoint
 }

 output "rds_reader_endpoint" {
   description = "The reader endpoint of the Aurora RDS cluster"
-  value       = aws_rds_cluster.rds-cluster.reader_endpoint
+  value       = aws_rds_cluster.aurora_cluster.reader_endpoint
 }

 output "rds_cluster_port" {
   description = "The port of the Aurora RDS cluster"
-  value       = aws_rds_cluster.rds-cluster.port
+  value       = aws_rds_cluster.aurora_cluster.port
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
output "rds_cluster_endpoint" {
description = "The writer endpoint of the Aurora RDS cluster"
value = aws_rds_cluster.rds-cluster.endpoint
}
output "rds_reader_endpoint" {
description = "The reader endpoint of the Aurora RDS cluster"
value = aws_rds_cluster.rds-cluster.reader_endpoint
}
output "rds_cluster_port" {
description = "The port of the Aurora RDS cluster"
value = aws_rds_cluster.rds-cluster.port
}
output "rds_cluster_endpoint" {
description = "The writer endpoint of the Aurora RDS cluster"
value = aws_rds_cluster.aurora_cluster.endpoint
}
output "rds_reader_endpoint" {
description = "The reader endpoint of the Aurora RDS cluster"
value = aws_rds_cluster.aurora_cluster.reader_endpoint
}
output "rds_cluster_port" {
description = "The port of the Aurora RDS cluster"
value = aws_rds_cluster.aurora_cluster.port
}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@DevOps-Project-11/modules/aws-rds/outputs.tf` around lines 1 - 14, The
outputs rds_cluster_endpoint, rds_reader_endpoint, and rds_cluster_port
reference a non-existent resource label aws_rds_cluster.rds-cluster; update each
output value to reference the actual RDS resource name
aws_rds_cluster.aurora_cluster (e.g., use
aws_rds_cluster.aurora_cluster.endpoint,
aws_rds_cluster.aurora_cluster.reader_endpoint, and
aws_rds_cluster.aurora_cluster.port) so Terraform can resolve the resource.

14 changes: 14 additions & 0 deletions DevOps-Project-11/modules/aws-waf-cdn-acm-route53/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
output "cloudfront_domain_name" {
description = "The domain name of the CloudFront distribution"
value = aws_cloudfront_distribution.cf.domain_name
}

output "cloudfront_distribution_id" {
description = "The ID of the CloudFront distribution"
value = aws_cloudfront_distribution.cf.id
}

output "acm_certificate_arn" {
description = "The ARN of the ACM certificate"
value = aws_acm_certificate.acm.arn
}
Comment on lines +1 to +14
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 31, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify CloudFront and ACM resource labels in the module's main.tf

echo "=== Searching for CloudFront distribution resource label ==="
rg -n 'resource\s+"aws_cloudfront_distribution"' DevOps-Project-11/modules/aws-waf-cdn-acm-route53/

echo ""
echo "=== Searching for ACM certificate resource label ==="
rg -n 'resource\s+"aws_acm_certificate"' DevOps-Project-11/modules/aws-waf-cdn-acm-route53/

Repository: NotHarshhaa/DevOps-Projects

Length of output: 411

Fix resource label references in outputs — both CloudFront and ACM certificate references are incorrect.

The outputs reference non-existent resource labels:

  • Line 3 references aws_cloudfront_distribution.cf, but the resource is labeled aws_cloudfront_distribution.cdn-web-elb-distribution (in cdn.tf)
  • Line 13 references aws_acm_certificate.acm, but the resource is labeled aws_acm_certificate.cert (in acm.tf)

Update lines 3 and 8 to use aws_cloudfront_distribution.cdn-web-elb-distribution and line 13 to use aws_acm_certificate.cert.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@DevOps-Project-11/modules/aws-waf-cdn-acm-route53/outputs.tf` around lines 1
- 14, The outputs currently reference incorrect resource labels: update output
"cloudfront_domain_name" and "cloudfront_distribution_id" to use
aws_cloudfront_distribution.cdn-web-elb-distribution instead of
aws_cloudfront_distribution.cf, and update output "acm_certificate_arn" to use
aws_acm_certificate.cert instead of aws_acm_certificate.acm; ensure the value
expressions reference the correct resource attributes (domain_name, id, arn) on
those exact resource symbols.

29 changes: 29 additions & 0 deletions DevOps-Project-11/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# -----------------------------------------------------------------------------
# Root Outputs — Two-Tier AWS Architecture
# These values are printed to the console after a successful `terraform apply`.
# -----------------------------------------------------------------------------

output "alb_dns_name" {
description = "DNS name of the Application Load Balancer (HTTP entry point)"
value = module.alb.alb_dns_name
}

output "cloudfront_domain_name" {
description = "Domain name of the CloudFront distribution (HTTPS entry point)"
value = module.route53.cloudfront_domain_name
}

output "rds_endpoint" {
description = "Writer endpoint of the Aurora MySQL cluster"
value = module.rds.rds_cluster_endpoint
}

output "rds_reader_endpoint" {
description = "Reader endpoint of the Aurora MySQL cluster (read replicas)"
value = module.rds.rds_reader_endpoint
}

output "cloudfront_distribution_id" {
description = "CloudFront distribution ID (useful for cache invalidation)"
value = module.route53.cloudfront_distribution_id
}