🚀 Cloud Portfolio: CI/CD with Terraform
This project demonstrates how to deploy a static website to Google Cloud Storage using
Infrastructure as Code (IaC) with Terraform and GitHub Actions for full Continuous Integration
& Continuous Deployment (CI/CD).
🔧 Tools Used: Terraform, Google Cloud Storage, GitHub Actions, VS Code
🌐 Hosted on: Google Cloud (GCS Bucket)
🛠️ Why I Built This
When I started learning cloud, I wasn’t sure where to begin. This project is the kind of starter
kit I wish I had — beginner-friendly but realistic. It also kicks off a personal series of
small, sharable, cloud projects for new professionals to showcase their skills.
📦 What's Included
- Infrastructure-as-Code with Terraform
- Service account creation and secret storage
- CI/CD via GitHub Actions
- Secure authentication with Google Cloud
- Static site hosted on GCS, auto-updated with every push to GitHub
✅ CI/CD Pipeline Summary
This site updates automatically when I commit changes to the main branch of my GitHub repo.
The pipeline uses a GitHub Actions workflow to authenticate into GCP, initialize Terraform, and apply
infrastructure changes.
🔒 Security Measures
This project follows industry best practices to ensure secure and reliable deployments:
- 🔑 Secrets Management: Google Cloud service account keys are stored securely as GitHub Actions secrets, avoiding hardcoding sensitive information in the codebase.
- 👤 Principle of Least Privilege: A dedicated service account with only the necessary roles is used to limit access scope within Google Cloud.
- 🛡️ Trusted Automation: The CI/CD pipeline uses official, verified GitHub Actions for authentication and Terraform execution.
- 🔍 Infrastructure as Code: Terraform ensures auditable, repeatable deployments and reduces manual misconfigurations.
- 🌐 Public Hosting Considerations: The static website is hosted on a public Google Cloud Storage bucket with no sensitive data exposed.
👤 Author: Chinonso Onyechi, MHSE