Bootstrap a terraform
This commit is contained in:
parent
931b3a52e9
commit
f3892b52ec
9 changed files with 66 additions and 4 deletions
2
.env.example
Normal file
2
.env.example
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
AWS_ACCESS_KEY_ID=
|
||||||
|
AWS_SECRET_ACCESS_KEY=
|
23
.gitea/workflows/ci.yml
Normal file
23
.gitea/workflows/ci.yml
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
terraform:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
env:
|
||||||
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||||
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
- name: Setup Terraform
|
||||||
|
uses: hashicorp/setup-terraform@v3
|
||||||
|
- uses: taiki-e/install-action@just
|
||||||
|
- name: Init
|
||||||
|
run: just terraform init
|
||||||
|
- name: Lint
|
||||||
|
run: just terraform-lint
|
||||||
|
- name: Plan
|
||||||
|
run: just terraform plan -out=tf.plan
|
||||||
|
- name: Apply
|
||||||
|
if: ${{ github.ref == 'refs/heads/master' }}
|
||||||
|
run: just terraform apply -auto-approve tf.plan
|
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -11,8 +11,8 @@ crash.log
|
||||||
crash.*.log
|
crash.*.log
|
||||||
|
|
||||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||||
# password, private keys, and other secrets. These should not be part of version
|
# password, private keys, and other secrets. These should not be part of version
|
||||||
# control as they are data points which are potentially sensitive and subject
|
# control as they are data points which are potentially sensitive and subject
|
||||||
# to change depending on the environment.
|
# to change depending on the environment.
|
||||||
*.tfvars
|
*.tfvars
|
||||||
*.tfvars.json
|
*.tfvars.json
|
||||||
|
@ -34,3 +34,4 @@ override.tf.json
|
||||||
.terraformrc
|
.terraformrc
|
||||||
terraform.rc
|
terraform.rc
|
||||||
|
|
||||||
|
.env
|
||||||
|
|
|
@ -1,2 +1 @@
|
||||||
# terraform-template
|
# Terraform Template
|
||||||
|
|
||||||
|
|
16
justfile
Normal file
16
justfile
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
# Run terraform with required environment
|
||||||
|
terraform +ARGS:
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# Load secrets from env file (if it exists)
|
||||||
|
set -a
|
||||||
|
source ./.env || true
|
||||||
|
set +a
|
||||||
|
|
||||||
|
cd src/
|
||||||
|
|
||||||
|
terraform {{ ARGS }}
|
||||||
|
|
||||||
|
terraform-lint:
|
||||||
|
just terraform validate
|
||||||
|
just terraform fmt -check -recursive
|
2
src/.terraform.lock.hcl
Normal file
2
src/.terraform.lock.hcl
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
0
src/providers.tf
Normal file
0
src/providers.tf
Normal file
19
src/terraform.tf
Normal file
19
src/terraform.tf
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
terraform {
|
||||||
|
backend "s3" {
|
||||||
|
bucket = "terraform-template"
|
||||||
|
key = "terraform.tfstate"
|
||||||
|
region = "main"
|
||||||
|
|
||||||
|
endpoints = {
|
||||||
|
s3 = "https://s3.jakehoward.tech"
|
||||||
|
}
|
||||||
|
|
||||||
|
skip_region_validation = true
|
||||||
|
skip_requesting_account_id = true
|
||||||
|
skip_credentials_validation = true
|
||||||
|
skip_metadata_api_check = true
|
||||||
|
use_path_style = true
|
||||||
|
}
|
||||||
|
|
||||||
|
required_providers {}
|
||||||
|
}
|
0
src/variables.tf
Normal file
0
src/variables.tf
Normal file
Loading…
Reference in a new issue