Creating a new environment per branch with Terraform CI/CD

Question

In one of my projects we are using GitHub flow. The branching model follows:

1. A ticket is created on Jira (OSCS-103)
2. A branch is created from master, called OSCS-103.
3. A PR is created on this branch as soon as it's created, with a custom environment where it can be tested, where the UI is located at oscs-103.x.com.
4. Once the PR is closed, the environmet is deleted (using Terraform).
5. Everything in master is considered int and is ready for release, this can be accessed via int.x.com.
6. Once a release is created, everything in master is pushed to the prod envronment, x.com

Currently, the process of creating different envs per brach is 'manual', we run the following command:

$ terraform init
$ terraform workspace new OSCS-103
$ terraform apply -var="source_branch=OSCS-203" -var="token=$GITHUB_TOKEN"

This spins up a new environment in Terraform where we use the source_branch to create a pipeline.

Once we are done with this environment, we perform:

$ terraform init
$ terraform workspace select OSCS-103
$ terraform destroy -var="source_branch=OSCS-203" -var="token=$GITHUB_TOKEN"

However, I would like to automate this process, so that whenever a PR is created, an env is automatically created (ideally using AWS CodePipeline or AWS CodeBuild), and when the PR is closed/merged, the env is destroyed.

Does anyone have any examples of them doing this?

Edit:

Just to clarify, the terraform commands above are creating a pipeline, this pipeline "listens" to changes on the source_branch and runs a script that checks for infra changes (with terraform and makes changes if necessary), rebuilds and deploys the UI, rebuilds and deploys the API, as well as running flyway to migrate DB changes.

Answer 1

As suggested by Adil B first of all you need to create a Webhook in your repository. Once you have that webhook set up, you need to create a CodeBuild project and set up an Github Event which will trigger the CodeBuild based on the filters that you have set: https://docs.aws.amazon.com/codebuild/latest/userguide/github-webhook.html

Within the CodeBuild buildspec you could potentially use the same commands that you currently have. You could make the deploy/apply an external var and use the same CodeBuild project for both, or have a dedicated ones for apply and destroy with different webhook events.

In case the available filters are not sufficient you can configure the webhook to trigger a Lambda with some custom logic which will then start the CodeBuild (and potentially even alter it's configuration based on the outcome of the Lambda execution). In this case you may need to front that Lambda with API Gateway or an Application Load Balancer which will make the whole thing a bit more complex.

Additional documentation:

• https://docs.aws.amazon.com/codebuild/latest/userguide/sample-github-pull-request.html
• https://aws-quickstart.s3.amazonaws.com/quickstart-git2s3/doc/git-to-amazon-s3-using-webhooks.pdf
• Terraform resource for codebuild webhook: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/codebuild_webhook