1
Fork 0

Bootstrap a terraform

This commit is contained in:
Jake Howard 2024-01-29 21:33:50 +00:00
parent 931b3a52e9
commit f3892b52ec
Signed by: jake
GPG key ID: 57AFB45680EDD477
9 changed files with 66 additions and 4 deletions

2
.env.example Normal file
View file

@ -0,0 +1,2 @@
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=

23
.gitea/workflows/ci.yml Normal file
View file

@ -0,0 +1,23 @@
on:
push:
jobs:
terraform:
runs-on: ubuntu-latest
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
- uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
- uses: taiki-e/install-action@just
- name: Init
run: just terraform init
- name: Lint
run: just terraform-lint
- name: Plan
run: just terraform plan -out=tf.plan
- name: Apply
if: ${{ github.ref == 'refs/heads/master' }}
run: just terraform apply -auto-approve tf.plan

5
.gitignore vendored
View file

@ -11,8 +11,8 @@ crash.log
crash.*.log crash.*.log
# Exclude all .tfvars files, which are likely to contain sensitive data, such as # Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version # password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject # control as they are data points which are potentially sensitive and subject
# to change depending on the environment. # to change depending on the environment.
*.tfvars *.tfvars
*.tfvars.json *.tfvars.json
@ -34,3 +34,4 @@ override.tf.json
.terraformrc .terraformrc
terraform.rc terraform.rc
.env

View file

@ -1,2 +1 @@
# terraform-template # Terraform Template

16
justfile Normal file
View file

@ -0,0 +1,16 @@
# Run terraform with required environment
terraform +ARGS:
#!/usr/bin/env bash
# Load secrets from env file (if it exists)
set -a
source ./.env || true
set +a
cd src/
terraform {{ ARGS }}
terraform-lint:
just terraform validate
just terraform fmt -check -recursive

2
src/.terraform.lock.hcl Normal file
View file

@ -0,0 +1,2 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.

0
src/providers.tf Normal file
View file

19
src/terraform.tf Normal file
View file

@ -0,0 +1,19 @@
terraform {
backend "s3" {
bucket = "terraform-template"
key = "terraform.tfstate"
region = "main"
endpoints = {
s3 = "https://s3.jakehoward.tech"
}
skip_region_validation = true
skip_requesting_account_id = true
skip_credentials_validation = true
skip_metadata_api_check = true
use_path_style = true
}
required_providers {}
}

0
src/variables.tf Normal file
View file