Skip to content

Commit

Permalink
Flatten TF module structure via .tfvars/.tfbackend, update to TF …
Browse files Browse the repository at this point in the history
…v1.5.3
  • Loading branch information
GaryGSC committed Jul 12, 2023
1 parent 3f8b6fb commit a8bdd8d
Show file tree
Hide file tree
Showing 32 changed files with 174 additions and 790 deletions.
18 changes: 7 additions & 11 deletions .github/workflows/ci-iac.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ on:
- '.github/workflows/ci-iac.yml'

env:
tf_version: "1.4.5" # must match value in terraform-iac/*/app/main.tf
tf_version: "1.5.3" # must match value in terraform-iac/app/main.tf

jobs:
env:
Expand All @@ -23,7 +23,6 @@ jobs:
"env":[
{
"environment_name":"dev",
"tf_working_dir":"./terraform-iac/dev/app",
"aws_account":"977306314792",
"aws_gha_role":"hw-fargate-api-dev-gha"
}
Expand All @@ -38,7 +37,6 @@ jobs:
"env":[
{
"environment_name":"stg",
"tf_working_dir":"./terraform-iac/stg/app",
"aws_account":"977306314792",
"aws_gha_role":"hw-fargate-api-stg-gha"
}
Expand All @@ -53,13 +51,11 @@ jobs:
"env":[
{
"environment_name":"prd",
"tf_working_dir":"./terraform-iac/prd/app",
"aws_account":"539738229445",
"aws_gha_role":"hw-fargate-api-prd-gha"
},
{
"environment_name":"cpy",
"tf_working_dir":"./terraform-iac/cpy/app",
"aws_account":"539738229445",
"aws_gha_role":"hw-fargate-api-cpy-gha"
}
Expand Down Expand Up @@ -113,26 +109,26 @@ jobs:
terraform_version: ${{ env.tf_version }}

- name: Terraform Init
working-directory: ${{ matrix.env.tf_working_dir }}
run: terraform init
working-directory: terraform-iac/app
run: terraform init -backend-config=${{ matrix.env.environment_name }}.s3.tfbackend

- name: Terraform Plan
working-directory: ${{ matrix.env.tf_working_dir }}
run: terraform plan -var 'image_tag=ci_test' -input=false -out plan -lock=false
working-directory: terraform-iac/app
run: terraform plan -varfile=${{ matrix.env.environment_name }}.tfvars -var 'image_tag=ci_test' -input=false -out plan -lock=false

- name: Comment Terraform Plan
uses: byu-oit/github-action-tf-plan-comment@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
working-directory: ${{ matrix.env.tf_working_dir }}
working-directory: terraform-iac/app
terraform-plan-file: plan

- name: Analyze Terraform Plan
uses: byu-oit/github-action-tf-plan-analyzer@v2
if: github.repository_owner == 'byu-oit'
# If you're at BYU, but outside the byu-oit GitHub org, you may be able to obtain credentials by contacting [email protected]
with:
working-directory: ${{ matrix.env.tf_working_dir }}
working-directory: terraform-iac/app
terraform-plan-file: plan
divvycloud-username: ${{ secrets.DIVVYCLOUD_USERNAME }}
divvycloud-password: ${{ secrets.DIVVYCLOUD_PASSWORD }}
Expand Down
20 changes: 8 additions & 12 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ on:
- '.gitignore'
env:
node_version: "18.x"
tf_version: "1.4.5" # must match value in terraform-iac/*/app/main.tf
tf_version: "1.5.3" # must match value in terraform-iac/app/main.tf
FORCE_COLOR: 3
concurrency: ${{ github.ref }}
jobs:
Expand All @@ -25,7 +25,6 @@ jobs:
{
"environment_name":"dev",
"ecr_repo_name":"hw-fargate-api-dev",
"tf_working_dir":"./terraform-iac/dev/app",
"aws_account":"977306314792",
"aws_gha_role":"hw-fargate-api-dev-gha",
"rfc_key_name":"standard_change_sandbox_client_key",
Expand All @@ -44,7 +43,6 @@ jobs:
{
"environment_name":"stg",
"ecr_repo_name":"hw-fargate-api-stg",
"tf_working_dir":"./terraform-iac/stg/app",
"aws_account":"977306314792",
"aws_gha_role":"hw-fargate-api-stg-gha",
"rfc_key_name":"standard_change_sandbox_client_key",
Expand All @@ -67,7 +65,6 @@ jobs:
{
"environment_name":"prd",
"ecr_repo_name":"hw-fargate-api-prd",
"tf_working_dir":"./terraform-iac/prd/app",
"aws_account":"539738229445",
"aws_gha_role":"hw-fargate-api-prd-gha",
"rfc_key_name":"standard_change_sandbox_client_key",
Expand All @@ -77,7 +74,6 @@ jobs:
{
"environment_name":"cpy",
"ecr_repo_name":"hw-fargate-api-cpy",
"tf_working_dir":"./terraform-iac/cpy/app",
"aws_account":"539738229445",
"aws_gha_role":"hw-fargate-api-cpy-gha",
"rfc_key_name":"standard_change_sandbox_client_key",
Expand Down Expand Up @@ -245,19 +241,19 @@ jobs:
terraform_wrapper: false

- name: Terraform Init
working-directory: ${{ matrix.env.tf_working_dir }}
run: terraform init
working-directory: terraform-iac/app
run: terraform init -backend-config=${{ matrix.env.environment_name }}.s3.tfbackend

- name: Terraform Plan
working-directory: ${{ matrix.env.tf_working_dir }}
run: terraform plan -var 'image_tag=${{ steps.date.outputs.timestamp }}' -input=false -out=plan
working-directory: terraform-iac/app
run: terraform plan -varfile=${{ matrix.env.environment_name }}.tfvars -var 'image_tag=${{ steps.date.outputs.timestamp }}' -input=false -out=plan

- name: Analyze Terraform Plan
uses: byu-oit/github-action-tf-plan-analyzer@v2
if: github.repository_owner == 'byu-oit'
# If you're at BYU, but outside the byu-oit GitHub org, you may be able to obtain credentials by contacting [email protected]
with:
working-directory: ${{ matrix.env.tf_working_dir }}
working-directory: terraform-iac/app
terraform-plan-file: plan
divvycloud-username: ${{ secrets.DIVVYCLOUD_USERNAME }}
divvycloud-password: ${{ secrets.DIVVYCLOUD_PASSWORD }}
Expand All @@ -271,12 +267,12 @@ jobs:
template-id: ${{ matrix.env.rfc_template_id }}

- name: Terraform Apply
working-directory: ${{ matrix.env.tf_working_dir }}
working-directory: terraform-iac/app
run: terraform apply plan

- name: Get Terraform Outputs
id: terraform-outputs
working-directory: ${{ matrix.env.tf_working_dir }}
working-directory: terraform-iac/app
run: |
echo "codedeploy_app_name=$(terraform output -raw codedeploy_app_name)" >> $GITHUB_OUTPUT
echo "codedeploy_deployment_group_name=$(terraform output -raw codedeploy_deployment_group_name)" >> $GITHUB_OUTPUT
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions terraform-iac/app/cpy.s3.tfbackend
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
bucket = "terraform-state-storage-539738229445"
dynamodb_table = "terraform-state-lock-539738229445"
key = "hw-fargate-api/cpy/app.tfstate"
7 changes: 7 additions & 0 deletions terraform-iac/app/cpy.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
env = "cpy"

# image_tag provided by pipeline (or user)
codedeploy_termination_wait_time = 0
deploy_test_postman_collection = "../../.postman/hw-fargate-api.postman_collection.json"
deploy_test_postman_environment = "../../.postman/cpy-tst.postman_environment.json"
log_retention_days = 7
3 changes: 3 additions & 0 deletions terraform-iac/app/dev.s3.tfbackend
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
bucket = "terraform-state-storage-977306314792"
dynamodb_table = "terraform-state-lock-977306314792"
key = "hw-fargate-api/dev/app.tfstate"
7 changes: 7 additions & 0 deletions terraform-iac/app/dev.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
env = "dev"

# image_tag provided by pipeline (or user)
codedeploy_termination_wait_time = 0
deploy_test_postman_collection = "../../.postman/hw-fargate-api.postman_collection.json"
deploy_test_postman_environment = "../../.postman/dev-tst.postman_environment.json"
log_retention_days = 1
38 changes: 36 additions & 2 deletions terraform-iac/modules/app/main.tf → terraform-iac/app/main.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,36 @@
terraform {
required_version = "1.5.3"
backend "s3" {
# The rest of the backend config is passed in
# https://developer.hashicorp.com/terraform/language/settings/backends/configuration#partial-configuration
region = "us-west-2"
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.65"
}
local = {
source = "hashicorp/local"
version = "~> 2.4"
}
}
}

provider "aws" {
region = "us-west-2"

default_tags {
tags = {
app = local.name
repo = "https://github.com/${local.gh_org}/${local.gh_repo}"
data-sensitivity = "public"
env = var.env
resource-creator-email = "GitHub-Actions"
}
}
}

variable "env" {
type = string
}
Expand All @@ -23,8 +56,9 @@ variable "log_retention_days" {
}

locals {
name = "hw-fargate-api"
env = var.env
name = "hw-fargate-api"
gh_org = "byu-oit"
gh_repo = "hw-fargate-api"
}

data "aws_ecr_repository" "my_ecr_repo" {
Expand Down
3 changes: 3 additions & 0 deletions terraform-iac/app/prd.s3.tfbackend
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
bucket = "terraform-state-storage-539738229445"
dynamodb_table = "terraform-state-lock-539738229445"
key = "hw-fargate-api/prd/app.tfstate"
7 changes: 7 additions & 0 deletions terraform-iac/app/prd.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
env = "prd"

# image_tag provided by pipeline (or user)
codedeploy_termination_wait_time = 0 # You probably want to change this to 15 when your service is really prd
deploy_test_postman_collection = "../../.postman/hw-fargate-api.postman_collection.json"
deploy_test_postman_environment = "../../.postman/prd-tst.postman_environment.json"
log_retention_days = 7
3 changes: 3 additions & 0 deletions terraform-iac/app/stg.s3.tfbackend
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
bucket = "terraform-state-storage-977306314792"
dynamodb_table = "terraform-state-lock-977306314792"
key = "hw-fargate-api/stg/app.tfstate"
7 changes: 7 additions & 0 deletions terraform-iac/app/stg.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
env = "stg"

# image_tag provided by pipeline (or user)
codedeploy_termination_wait_time = 0
deploy_test_postman_collection = "../../.postman/hw-fargate-api.postman_collection.json"
deploy_test_postman_environment = "../../.postman/stg-tst.postman_environment.json"
log_retention_days = 1
67 changes: 0 additions & 67 deletions terraform-iac/cpy/app/cpy-app.tf

This file was deleted.

Loading

0 comments on commit a8bdd8d

Please sign in to comment.