Bootstrap a terraform
This commit is contained in:
parent
931b3a52e9
commit
f3892b52ec
9 changed files with 66 additions and 4 deletions
2
.env.example
Normal file
2
.env.example
Normal file
|
@ -0,0 +1,2 @@
|
|||
AWS_ACCESS_KEY_ID=
|
||||
AWS_SECRET_ACCESS_KEY=
|
23
.gitea/workflows/ci.yml
Normal file
23
.gitea/workflows/ci.yml
Normal file
|
@ -0,0 +1,23 @@
|
|||
on:
|
||||
push:
|
||||
|
||||
jobs:
|
||||
terraform:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Setup Terraform
|
||||
uses: hashicorp/setup-terraform@v3
|
||||
- uses: taiki-e/install-action@just
|
||||
- name: Init
|
||||
run: just terraform init
|
||||
- name: Lint
|
||||
run: just terraform-lint
|
||||
- name: Plan
|
||||
run: just terraform plan -out=tf.plan
|
||||
- name: Apply
|
||||
if: ${{ github.ref == 'refs/heads/master' }}
|
||||
run: just terraform apply -auto-approve tf.plan
|
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -11,8 +11,8 @@ crash.log
|
|||
crash.*.log
|
||||
|
||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# to change depending on the environment.
|
||||
*.tfvars
|
||||
*.tfvars.json
|
||||
|
@ -34,3 +34,4 @@ override.tf.json
|
|||
.terraformrc
|
||||
terraform.rc
|
||||
|
||||
.env
|
||||
|
|
|
@ -1,2 +1 @@
|
|||
# terraform-template
|
||||
|
||||
# Terraform Template
|
||||
|
|
16
justfile
Normal file
16
justfile
Normal file
|
@ -0,0 +1,16 @@
|
|||
# Run terraform with required environment
|
||||
terraform +ARGS:
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Load secrets from env file (if it exists)
|
||||
set -a
|
||||
source ./.env || true
|
||||
set +a
|
||||
|
||||
cd src/
|
||||
|
||||
terraform {{ ARGS }}
|
||||
|
||||
terraform-lint:
|
||||
just terraform validate
|
||||
just terraform fmt -check -recursive
|
2
src/.terraform.lock.hcl
Normal file
2
src/.terraform.lock.hcl
Normal file
|
@ -0,0 +1,2 @@
|
|||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
0
src/providers.tf
Normal file
0
src/providers.tf
Normal file
19
src/terraform.tf
Normal file
19
src/terraform.tf
Normal file
|
@ -0,0 +1,19 @@
|
|||
terraform {
|
||||
backend "s3" {
|
||||
bucket = "terraform-template"
|
||||
key = "terraform.tfstate"
|
||||
region = "main"
|
||||
|
||||
endpoints = {
|
||||
s3 = "https://s3.jakehoward.tech"
|
||||
}
|
||||
|
||||
skip_region_validation = true
|
||||
skip_requesting_account_id = true
|
||||
skip_credentials_validation = true
|
||||
skip_metadata_api_check = true
|
||||
use_path_style = true
|
||||
}
|
||||
|
||||
required_providers {}
|
||||
}
|
0
src/variables.tf
Normal file
0
src/variables.tf
Normal file
Loading…
Reference in a new issue