Introduce state file on s3 bucket

.github/workflows/terraform-apply.yml

@@ -1,23 +1,98 @@
-name: Terraform apply
+name: Terraform Apply with Remote State
 run-name: ${{ github.actor }} is deploying on AWS 🚀
 on:
   push:
     branches: 
-      - feature/aws-s3-module
+      - mihai-satmarean-patch-1
 jobs:
   Deploy-AWS-Ec2:
     runs-on: ubuntu-latest
     steps:
+      # Step 1: Configure AWS credentials
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MARIUS }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MARIUS }}
           aws-region: eu-central-1
+
+      # Step 2: Checkout the repository code
       - name: Checkout Repository
         uses: actions/checkout@v4
-      - name: Deploy Infrastructure
+
+      # Step 3: Ensure Terraform state S3 bucket exists
+      - name: Create Terraform State Bucket
         run: |
-          cd terraform/terraform-modules/tf-ec2-module/
+          cd terraform/terraform-modules/state-bucket
           terraform init
+          terraform apply -auto-approve || echo "Bucket already exists, continuing..."
+      # Step 4: Reconfigure Backend to Use S3
+      - name: Reconfigure Backend to S3
+        run: |
+          cd terraform/terraform-modules/tf-ec2-module/
+          terraform init -backend-config="bucket=terraform_state_bucket" \
+                         -backend-config="key=state/${GITHUB_REF#refs/heads/}/terraform.tfstate" \
+                         -backend-config="region=eu-central-1"
+
+      # Step 5: Apply Terraform with S3 backend
+      - name: Finalize Infrastructure Deployment
+        run: |
+          cd terraform/terraform-modules/tf-ec2-module/
+          terraform apply -auto-approve
+
+      # Step 6: Refresh Terraform State to ensure it's up to date with AWS
+      - name: Refresh Terraform State
+        run: |
+          cd terraform/terraform-modules/tf-ec2-module/
+          terraform refresh
+      # Step 7: Capture Terraform Outputs to Variables
+      - name: Capture Terraform Outputs
+        id: terraform_outputs
+        run: |
+          cd terraform/terraform-modules/tf-ec2-module/
+          export VPC_ID=$(terraform output -raw vpc_id)
+          export PUBLIC_SUBNET_ID=$(terraform output -raw public_subnet_id)
+          export PRIVATE_SUBNET_ID=$(terraform output -raw private_subnet_id)
+          export SECURITY_GROUP_ID=$(terraform output -raw security_group_id)
+          echo "VPC_ID=$VPC_ID" >> $GITHUB_ENV
+          echo "PUBLIC_SUBNET_ID=$PUBLIC_SUBNET_ID" >> $GITHUB_ENV
+          echo "PRIVATE_SUBNET_ID=$PRIVATE_SUBNET_ID" >> $GITHUB_ENV
+          echo "SECURITY_GROUP_ID=$SECURITY_GROUP_ID" >> $GITHUB_ENV
+
+      # Step 8: Validate Resources with AWS CLI
+      - name: List Resources Created by Terraform
+        run: |
+          # List VPC
+          echo "Listing VPC with ID: $VPC_ID"
+          aws ec2 describe-vpcs --vpc-ids $VPC_ID || echo "Failed to list VPC with ID: $VPC_ID"
+
+          # List Public Subnet
+          echo "Listing Public Subnet with ID: $PUBLIC_SUBNET_ID"
+          aws ec2 describe-subnets --subnet-ids $PUBLIC_SUBNET_ID || echo "Failed to list Public Subnet with ID: $PUBLIC_SUBNET_ID"
+
+          # List Private Subnet
+          echo "Listing Private Subnet with ID: $PRIVATE_SUBNET_ID"
+          aws ec2 describe-subnets --subnet-ids $PRIVATE_SUBNET_ID || echo "Failed to list Private Subnet with ID: $PRIVATE_SUBNET_ID"
+
+          # List Security Group
+          echo "Listing Security Group with ID: $SECURITY_GROUP_ID"
+          aws ec2 describe-security-groups --group-ids $SECURITY_GROUP_ID || echo "Failed to list Security Group with ID: $SECURITY_GROUP_ID"
+
+      # Step 9: Destroy Infrastructure
+      - name: Destroy Infrastructure
+        run: |
+          cd terraform/terraform-modules/tf-ec2-module/
           terraform destroy -auto-approve
+
+      # Step 10: Verify Resources are Destroyed
+      - name: Verify Resources are Destroyed
+        run: |
+          # Verify that resources were destroyed by listing them again
+          echo "Verifying VPC Destruction..."
+          aws ec2 describe-vpcs --vpc-ids $VPC_ID || echo "VPC with ID $VPC_ID does not exist."
+          echo "Verifying Public Subnet Destruction..."
+          aws ec2 describe-subnets --subnet-ids $PUBLIC_SUBNET_ID || echo "Public Subnet with ID $PUBLIC_SUBNET_ID does not exist."
+          echo "Verifying Private Subnet Destruction..."
+          aws ec2 describe-subnets --subnet-ids $PRIVATE_SUBNET_ID || echo "Private Subnet with ID $PRIVATE_SUBNET_ID does not exist."
+          echo "Verifying Security Group Destruction..."
+          aws ec2 describe-security-groups --group-ids $SECURITY_GROUP_ID || echo "Security Group with ID $SECURITY_GROUP_ID does not exist."

terraform/terraform-modules/state-bucket/main.tf

@@ -0,0 +1,42 @@
+# main.tf
+provider "aws" {
+  region = "eu-central-1"
+}
+
+# Local backend for initial setup
+terraform {
+  backend "local" {
+    path = "terraform.tfstate"
+  }
+}
+
+resource "aws_s3_bucket" "terraform_state_bucket" {
+  bucket        = "terraform-state-${terraform.workspace}"
+  acl           = "private"
+  force_destroy = true # For simplicity in training scenarios; remove in production.
+
+  tags = {
+    Name = "Terraform State Bucket"
+  }
+}
+
+resource "aws_s3_bucket_versioning" "state_bucket_versioning" {
+  bucket = aws_s3_bucket.terraform_state_bucket.id
+
+  versioning_configuration {
+    status = "Enabled"
+  }
+}
+
+# Terraform backend configuration post-initialization
+output "backend_config" {
+  value = <<EOT
+  bucket = "${aws_s3_bucket.terraform_state_bucket.bucket}"
+  key    = "state/${terraform.workspace}/terraform.tfstate"
+  region = "${var.region}"
+  EOT
+}
+
+variable "region" {
+  default = "eu-central-1"
+}