ref: add default values for required variables & fixed EC2 security g…

…roup name issue

.github/workflows/cd.yml

@@ -16,12 +16,20 @@ jobs:
         uses: hashicorp/setup-terraform@v1
 
       - name: Initialize Terraform
-        run: terraform init -upgrade
+        run: terraform init \
+          -backend-config="bucket=${{ secrets.TF_VAR_BUCKET }}" \
+          -backend-config="region=${{ secrets.AWS_DEFAULT_REGION }}" \
         working-directory: infra/provisioning
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
 
       - name: Terraform Plan
         run: terraform plan -lock-timeout=600s -compact-warnings -out=plan.tfplan
         working-directory: infra/provisioning
+        env:
+          TF_VAR_key_pair: ${{ secrets.TF_VAR_KEY_PAIR }}
 
       - name: Upload Terraform Plan Artifact
         uses: actions/upload-artifact@v3

infra/provisioning/00-inputs.tf

@@ -1,40 +1,42 @@
 variable "region" {
   description = "AWS region"
+  default     = "eu-north-1"
   type        = string
 }
 
 variable "bucket" {
   description = "S3 bucket name to store Terraform state"
-  type        = string
-}
-
-variable "key" {
-  description = "Path to store Terraform state within the S3 bucket"
+  default     = "gbfs-terraform-state"
   type        = string
 }
 
 variable "vpc_cidr_block" {
   description = "CIDR block for the VPC"
+  default     = "10.0.0.0/16"
   type        = string
 }
 
 variable "subnet_cidr_block" {
   description = "CIDR block for the subnet"
+  default     = "10.0.1.0/24"
   type        = string
 }
 
 variable "env_name" {
   description = "Environment name (e.g., dev, prod)"
+  default     = "dev"
   type        = string
 }
 
 variable "ami_id" {
   description = "AMI ID for EC2 instance"
+  default     = "ami-0c6da69dd16f45f72"
   type        = string
 }
 
 variable "instance_type" {
   description = "EC2 instance type"
+  default     = "t3.micro"
   type        = string
 }
 

infra/provisioning/02-providers.tf

@@ -5,7 +5,7 @@ provider "aws" {
 terraform {
   backend "s3" {
     bucket = var.bucket
-    key    = var.key
+    key    = "terraform.tfstate"
     region = var.region
   }
 }

infra/provisioning/03-modules.tf

@@ -16,7 +16,7 @@ module "ec2" {
   ami_id            = var.ami_id
   instance_type     = var.instance_type
   subnet_id         = module.network.subnet_id
-  security_group_id = module.security_group.security_group_id
+  security_group_name = module.security_group.security_group_name
   key_pair          = var.key_pair
   env_name          = var.env_name
   depends_on        = [

infra/provisioning/modules/ec2/01-inputs.tf

@@ -13,8 +13,8 @@ variable "subnet_id" {
   type        = string
 }
 
-variable "security_group_id" {
-  description = "ID of the security group"
+variable "security_group_name" {
+  description = "Name of the security group"
   type        = string
 }
 

infra/provisioning/modules/ec2/02-instance.tf

@@ -1,9 +1,14 @@
 resource "aws_instance" "gbfs_monitoring" {
+  lifecycle {
+    ignore_changes = [
+      security_groups
+    ]
+  }
   ami                         = var.ami_id
   instance_type               = var.instance_type
   subnet_id                   = var.subnet_id
   key_name                    = var.key_pair
-  security_groups             = [var.security_group_id]
+  security_groups             = [var.security_group_name]
   associate_public_ip_address = true
   tags = {
     Name = "${var.env_name}-gbfs-monitoring-instance"

infra/provisioning/modules/security_group/03-outputs.tf

@@ -1,3 +1,3 @@
-output "security_group_id" {
-  value = aws_security_group.main.id
+output "security_group_name" {
+  value = aws_security_group.main.name
 }