This example creates an Autonomous Database (JSON) exposed to the public Internet.
During this UseCase we're going to:
- Use OCI DevOps service.
- Configure a CI/CD pipeline.
- Use OCI S3 as a backed for terraform.
- Use OCI Vault for storing sensitive information.
- Deploy IaC using Terraform, in this case an ADB resource.
- Create an object storage bucket called "terraform-backend".
- We want to use a S3-Compatible Backend , read the documentation carefully.
- Create a "Customer Secret keys" also named as "Amazon S3 Compatibility API keys". A Customer Secret key consists of an Access Key/Secret key pair.
- Declare the below variables to OCI vault as secrets
Clone this repo in OraHub, GitLab or GitHub and create you own DevOps repository.
Fill the correct OCID values of secrets in file build_spec.yaml
Add your api_private_key to the file user.pem
Rename the file terraform.tfvars.template to terraform.tfvars and add the values of your tenancy_ocid and compartment_ocid
Define the values of your region and adb_password in the file
Define the values of your region and namespace in the file
Create a OCI DevOps Project
Review OCI documentation and add the required DG and policies.
Configure a code repository in DevOps to mirror the repository you have created in the previous step.
Run the build pipeline manually and review the implementation.
Check that now you can see the database provisioned in your compartment.
If you have arrived at this point with a successful outcome, you can add a trigger to lunch the pipeline automatically after any push action to your repository.
- Remove manually (using OCI Console) the ADB created previously.
- Change you repo code, for example change the ADB name, and push the changes.
- Review the outcome:
If you need help, ask us in the slack channel #iac-enablement
- RahulMR42
- OCI Devops -
- OCI Terraform references -
- OCI Terraform with S3 backend -
- OCI Object storage -