GitHub Actions to deploy Terraform

I am trying to setup GitHub Actions for execute a terraform template.

My confusion is - how do I provide *.tfvars file which has aws credentials. (I can’t check-in these files).

What’s the best practice to share the variable’s values expected by terraform commands like plan or apply where they need aws_access_key and aws_secret_key.

Here is my GitHub project - [](GitHub Project)

Can anybody help here.

1 Like

I actually just setup my project today to do just that. I ended up having to slightly modify my but below is my current setup. I know it’s not using the shared creds file but hopefully this will help you and your project.

provider "aws" {
  region     = "us-east-1"
  access_key = var.AWS_ACCESS_KEY_ID
  secret_key = var.AWS_SECRET_ACCESS_KEY

---output omitted---
variable "AWS_ACCESS_KEY_ID" {}
---output omitted---

I use environment variables on my laptop which are both prepended with TF_VAR_ by Terraform standards when reading in variables.

Then I have my secrets prepended with TF_VAR_ on Github as well.

**github secrets**

Below is a snippet from my gitlab actions file using those secrets.

     - name: 'Terraform Init'
        uses: hashicorp/terraform-github-actions@master
          tf_actions_working_dir: prod
          tf_actions_version: 0.12.13
          tf_actions_subcommand: 'init'
          tf_actions_comment: true
          TF_VAR_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
1 Like

Hi @castironclay,

Thanks a ton.
Its resolved. I could successfully build now. :slight_smile:

1 Like