From e65df77af56a5011a664d7473bdea278ed2aae29 Mon Sep 17 00:00:00 2001 From: SonOfLope Date: Wed, 7 Feb 2024 14:34:00 -0500 Subject: [PATCH 1/4] Issue #30: Revamp terraform folder structure --- .../workflows/{workflow.yml => workflow.yaml} | 6 +- .terraform.lock.hcl | 102 ------------------ apply-terraform.yml | 8 +- main.tf | 21 ---- providers.tf | 34 ------ .../gcp-kubernetes-cluster/accounts.tf | 0 .../gcp-kubernetes-cluster/cluster.tf | 0 .../gcp-kubernetes-cluster/networking.tf | 0 .../gcp-kubernetes-cluster/provider.tf | 2 +- .../gcp-kubernetes-cluster/variables.tf | 0 .../gcp-kubernetes-cluster/vault-csr.conf | 0 .../gcp-kubernetes-cluster/vault.tf | 0 terraform/prod/main.tf | 26 +++++ terraform/staging/main.tf | 58 ++++++++++ terraform/staging/variables.tf | 4 + variables.tf | 4 - 16 files changed, 98 insertions(+), 167 deletions(-) rename .github/workflows/{workflow.yml => workflow.yaml} (83%) delete mode 100644 .terraform.lock.hcl delete mode 100644 main.tf delete mode 100644 providers.tf rename terraform/{ => modules}/gcp-kubernetes-cluster/accounts.tf (100%) rename terraform/{ => modules}/gcp-kubernetes-cluster/cluster.tf (100%) rename terraform/{ => modules}/gcp-kubernetes-cluster/networking.tf (100%) rename terraform/{ => modules}/gcp-kubernetes-cluster/provider.tf (95%) rename terraform/{ => modules}/gcp-kubernetes-cluster/variables.tf (100%) rename terraform/{ => modules}/gcp-kubernetes-cluster/vault-csr.conf (100%) rename terraform/{ => modules}/gcp-kubernetes-cluster/vault.tf (100%) create mode 100644 terraform/prod/main.tf create mode 100644 terraform/staging/main.tf create mode 100644 terraform/staging/variables.tf delete mode 100644 variables.tf diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yaml similarity index 83% rename from .github/workflows/workflow.yml rename to .github/workflows/workflow.yaml index bd91776b..b4f7f8ab 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yaml @@ -1,4 +1,5 @@ -name: Infrastructure integration workflow +--- +name: Infra integration workflow on: pull_request: @@ -8,9 +9,10 @@ on: - synchronize jobs: + markdown-check: uses: - ai-cfia/github-workflows/.github/workflows/workflow-markdown-check.yml@76-as-a-devops-i-would-like-to-fix-the-markdown-lint-workflow + ai-cfia/github-workflows/.github/workflows/workflow-markdown-check.yml@main yaml-check: uses: diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl deleted file mode 100644 index 8e7f85cc..00000000 --- a/.terraform.lock.hcl +++ /dev/null @@ -1,102 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/external" { - version = "2.3.1" - constraints = "2.3.1" - hashes = [ - "h1:bROCw6g5D/3fFnWeJ01L4IrdnJl1ILU8DGDgXCtYzaY=", - "zh:001e2886dc81fc98cf17cf34c0d53cb2dae1e869464792576e11b0f34ee92f54", - "zh:2eeac58dd75b1abdf91945ac4284c9ccb2bfb17fa9bdb5f5d408148ff553b3ee", - "zh:2fc39079ba61411a737df2908942e6970cb67ed2f4fb19090cd44ce2082903dd", - "zh:472a71c624952cff7aa98a7b967f6c7bb53153dbd2b8f356ceb286e6743bb4e2", - "zh:4cff06d31272aac8bc35e9b7faec42cf4554cbcbae1092eaab6ab7f643c215d9", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7ed16ccd2049fa089616b98c0bd57219f407958f318f3c697843e2397ddf70df", - "zh:842696362c92bf2645eb85c739410fd51376be6c488733efae44f4ce688da50e", - "zh:8985129f2eccfd7f1841ce06f3bf2bbede6352ec9e9f926fbaa6b1a05313b326", - "zh:a5f0602d8ec991a5411ef42f872aa90f6347e93886ce67905c53cfea37278e05", - "zh:bf4ab82cbe5256dcef16949973bf6aa1a98c2c73a98d6a44ee7bc40809d002b8", - "zh:e70770be62aa70198fa899526d671643ff99eecf265bf1a50e798fc3480bd417", - ] -} - -provider "registry.terraform.io/hashicorp/google" { - version = "5.10.0" - constraints = "~> 5.0" - hashes = [ - "h1:3kD/GqYmZkA97ebToXu6qhhrwo+GQNmqq9xv30Qkhmw=", - "zh:0f6a1feb5b3a128be6ef5fe0400ed800310a67e799c18aec7442161bb6d3ba36", - "zh:13d591ba78e424c94ce5caaf176ab6b087b0e3af08a7b6bcd963673698cdefda", - "zh:3bef54a2b24b06eef99f3df02e0fe4ac97f018c89f83e0faeb4ade921962565b", - "zh:3f3755b8f5b9db1611d42a02c21f03c54577e4aad3cf93323792f131c671c050", - "zh:61516eec734714ac48b565bee93cc2532160d1b4bd0320753799b829083b7060", - "zh:9160848ad0b9becb522a0744dcb89474849906aa2436ed945c658fe201a724b0", - "zh:aa5e79b01949cfedd874bf52958f90cf8f7d202600126c872127a9a156a3c17b", - "zh:cef73a67031008b7d7ef3edfbcd5e1a9b04c0f2580d815401248025b741bc8e4", - "zh:d2ad21ff9e9d2ad04146591c1b5784075e6df73e2bd243efd8d227d764b80b6e", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:f58b145081d20bce52e14bee0de73f5c018bc39b8c4736e23e1329df32f8bd45", - "zh:fb82f6b5d1f992243ab8fe417659cdf9831202cf1e16fe7593d3967888b035cc", - ] -} - -provider "registry.terraform.io/hashicorp/kubernetes" { - version = "2.24.0" - constraints = "2.24.0" - hashes = [ - "h1:u9lRMCdNXcB5/WQTZVMvGhNliW2pKOzj3SOVbu9yPpg=", - "zh:0ed83ec390a7e75c4990ebce698f14234de2b6204ed9a01cd042bb7ea5f26564", - "zh:195150e4fdab259c70088528006f4604557a051e037ebe8de64e92840f27e40a", - "zh:1a334af55f7a74adf033eb871c9fe7e9e648b41ab84321114ef4ca0e7a34fba6", - "zh:1ef68c3832691de21a61bf1a4e268123f3e08850712eda0b893cac908a0d1bc1", - "zh:44a1c58e5a6646e62b0bad653319c245f3b635dd03554dea2707a38f553e4a52", - "zh:54b5b374c4386f7f05b3fe986f9cb57bde4beab3bdf6ee33444f2b9a81b8af64", - "zh:aa8c2687ab784b72f8cdad8d3c3673dea83b33561e7b3f2d287ef0d06ff2a9e5", - "zh:e6ecba0503052ef3ad49ad56e17b2a73d9b55e30fcb82b040189d281e25e1a3b", - "zh:f105393f6487d3eb1f1636ba42d10c82950ddfef852244c1bca8d526fa23a9a3", - "zh:f17a8f1914ec66d80ccacecd40123362cf093abee3d3aa1ff9f8f687d8736f85", - "zh:f394b12ef01fa0bdf666a43ad152eb3890134f35e635ea056b18771c292de46e", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - ] -} - -provider "registry.terraform.io/hashicorp/local" { - version = "2.4.0" - constraints = "2.4.0" - hashes = [ - "h1:R97FTYETo88sT2VHfMgkPU3lzCsZLunPftjSI5vfKe8=", - "zh:53604cd29cb92538668fe09565c739358dc53ca56f9f11312b9d7de81e48fab9", - "zh:66a46e9c508716a1c98efbf793092f03d50049fa4a83cd6b2251e9a06aca2acf", - "zh:70a6f6a852dd83768d0778ce9817d81d4b3f073fab8fa570bff92dcb0824f732", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:82a803f2f484c8b766e2e9c32343e9c89b91997b9f8d2697f9f3837f62926b35", - "zh:9708a4e40d6cc4b8afd1352e5186e6e1502f6ae599867c120967aebe9d90ed04", - "zh:973f65ce0d67c585f4ec250c1e634c9b22d9c4288b484ee2a871d7fa1e317406", - "zh:c8fa0f98f9316e4cfef082aa9b785ba16e36ff754d6aba8b456dab9500e671c6", - "zh:cfa5342a5f5188b20db246c73ac823918c189468e1382cb3c48a9c0c08fc5bf7", - "zh:e0e2b477c7e899c63b06b38cd8684a893d834d6d0b5e9b033cedc06dd7ffe9e2", - "zh:f62d7d05ea1ee566f732505200ab38d94315a4add27947a60afa29860822d3fc", - "zh:fa7ce69dde358e172bd719014ad637634bbdabc49363104f4fca759b4b73f2ce", - ] -} - -provider "registry.terraform.io/hashicorp/tls" { - version = "4.0.4" - constraints = "4.0.4" - hashes = [ - "h1:pe9vq86dZZKCm+8k1RhzARwENslF3SXb9ErHbQfgjXU=", - "zh:23671ed83e1fcf79745534841e10291bbf34046b27d6e68a5d0aab77206f4a55", - "zh:45292421211ffd9e8e3eb3655677700e3c5047f71d8f7650d2ce30242335f848", - "zh:59fedb519f4433c0fdb1d58b27c210b27415fddd0cd73c5312530b4309c088be", - "zh:5a8eec2409a9ff7cd0758a9d818c74bcba92a240e6c5e54b99df68fff312bbd5", - "zh:5e6a4b39f3171f53292ab88058a59e64825f2b842760a4869e64dc1dc093d1fe", - "zh:810547d0bf9311d21c81cc306126d3547e7bd3f194fc295836acf164b9f8424e", - "zh:824a5f3617624243bed0259d7dd37d76017097dc3193dac669be342b90b2ab48", - "zh:9361ccc7048be5dcbc2fafe2d8216939765b3160bd52734f7a9fd917a39ecbd8", - "zh:aa02ea625aaf672e649296bce7580f62d724268189fe9ad7c1b36bb0fa12fa60", - "zh:c71b4cd40d6ec7815dfeefd57d88bc592c0c42f5e5858dcc88245d371b4b8b1e", - "zh:dabcd52f36b43d250a3d71ad7abfa07b5622c69068d989e60b79b2bb4f220316", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - ] -} diff --git a/apply-terraform.yml b/apply-terraform.yml index 1431d1cb..59490b30 100644 --- a/apply-terraform.yml +++ b/apply-terraform.yml @@ -22,7 +22,8 @@ stages: inputs: provider: 'azurerm' command: 'init' - workingDirectory: '$(System.DefaultWorkingDirectory)/terraform' + workingDirectory: + '$(System.DefaultWorkingDirectory)/terraform/staging' backendServiceArm: '$(serviceConnectionName)' backendAzureRmResourceGroupName: '$(resourceGroupName)' backendAzureRmStorageAccountName: '$(storageAccountName)' @@ -34,7 +35,8 @@ stages: inputs: provider: 'azurerm' command: 'plan' - workingDirectory: '$(System.DefaultWorkingDirectory)/terraform' + workingDirectory: + '$(System.DefaultWorkingDirectory)/terraform/staging' environmentServiceNameAzureRM: '$(serviceConnectionName)' - stage: Apply @@ -57,5 +59,5 @@ stages: provider: 'azurerm' command: 'apply' workingDirectory: - '$(System.DefaultWorkingDirectory)/terraform' + '$(System.DefaultWorkingDirectory)/terraform/staging' environmentServiceNameAzureRM: '$(serviceConnectionName)' diff --git a/main.tf b/main.tf deleted file mode 100644 index 53f81a3f..00000000 --- a/main.tf +++ /dev/null @@ -1,21 +0,0 @@ -# module "gcp-kubernetes-cluster-0" { -# source = "./terraform/gcp-kubernetes-cluster" - -# cluster_name = "acia-cfia" -# project_id = "spartan-rhino-408115" - -# region = "northamerica-northeast1" -# location_1 = "northamerica-northeast1-a" -# location_2 = "northamerica-northeast1-b" -# } - -# module "namecheap" { -# source = "./terraform/dns" - -# cluster_name = "acia-cfia" -# project_id = "spartan-rhino-408115" - -# region = "northamerica-northeast1" -# location_1 = "northamerica-northeast1-a" -# location_2 = "northamerica-northeast1-b" -# } diff --git a/providers.tf b/providers.tf deleted file mode 100644 index 057ae116..00000000 --- a/providers.tf +++ /dev/null @@ -1,34 +0,0 @@ -terraform { - backend "gcs" { - bucket = "terraform-tfstate-gcp-storage" - prefix = "terraform/state" - } - required_providers { - google = { - source = "hashicorp/google" - version = "~> 5.0" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = "2.24.0" - } - # aws = { - # source = "hashicorp/aws" - # version = "~> 3.0" - # } - # azurerm = { - # source = "hashicorp/azurerm" - # version = "~> 2.0" - # } - } -} - -provider "google" { - project = "spartan-rhino-408115" - region = "northamerica-northeast1" -} - -provider "kubernetes" { - config_path = "~/.kube/config" - config_context = var.kube_ctx -} diff --git a/terraform/gcp-kubernetes-cluster/accounts.tf b/terraform/modules/gcp-kubernetes-cluster/accounts.tf similarity index 100% rename from terraform/gcp-kubernetes-cluster/accounts.tf rename to terraform/modules/gcp-kubernetes-cluster/accounts.tf diff --git a/terraform/gcp-kubernetes-cluster/cluster.tf b/terraform/modules/gcp-kubernetes-cluster/cluster.tf similarity index 100% rename from terraform/gcp-kubernetes-cluster/cluster.tf rename to terraform/modules/gcp-kubernetes-cluster/cluster.tf diff --git a/terraform/gcp-kubernetes-cluster/networking.tf b/terraform/modules/gcp-kubernetes-cluster/networking.tf similarity index 100% rename from terraform/gcp-kubernetes-cluster/networking.tf rename to terraform/modules/gcp-kubernetes-cluster/networking.tf diff --git a/terraform/gcp-kubernetes-cluster/provider.tf b/terraform/modules/gcp-kubernetes-cluster/provider.tf similarity index 95% rename from terraform/gcp-kubernetes-cluster/provider.tf rename to terraform/modules/gcp-kubernetes-cluster/provider.tf index 53874b86..e34c6fc7 100644 --- a/terraform/gcp-kubernetes-cluster/provider.tf +++ b/terraform/modules/gcp-kubernetes-cluster/provider.tf @@ -25,5 +25,5 @@ terraform { provider "google" { project = var.project_id - region = var.region + region = var.region } diff --git a/terraform/gcp-kubernetes-cluster/variables.tf b/terraform/modules/gcp-kubernetes-cluster/variables.tf similarity index 100% rename from terraform/gcp-kubernetes-cluster/variables.tf rename to terraform/modules/gcp-kubernetes-cluster/variables.tf diff --git a/terraform/gcp-kubernetes-cluster/vault-csr.conf b/terraform/modules/gcp-kubernetes-cluster/vault-csr.conf similarity index 100% rename from terraform/gcp-kubernetes-cluster/vault-csr.conf rename to terraform/modules/gcp-kubernetes-cluster/vault-csr.conf diff --git a/terraform/gcp-kubernetes-cluster/vault.tf b/terraform/modules/gcp-kubernetes-cluster/vault.tf similarity index 100% rename from terraform/gcp-kubernetes-cluster/vault.tf rename to terraform/modules/gcp-kubernetes-cluster/vault.tf diff --git a/terraform/prod/main.tf b/terraform/prod/main.tf new file mode 100644 index 00000000..22f15b3e --- /dev/null +++ b/terraform/prod/main.tf @@ -0,0 +1,26 @@ +# terraform { + +# required_version = ">= 1.1.0" + +# backend "azurerm" { +# resource_group_name = "rg-ai-cfia-terraform-state" +# storage_account_name = "tfcfiastate" +# container_name = "infra-terraform-state" +# key = "tf/terraform.tfstate" +# } + +# required_providers { +# azurerm = { +# source = "hashicorp/azurerm" +# version = "~> 3.25" +# } +# kubernetes = { +# source = "hashicorp/kubernetes" +# version = "2.24.0" +# } +# } +# } + +# provider "azurerm" { +# features {} +# } diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf new file mode 100644 index 00000000..96c5e5cd --- /dev/null +++ b/terraform/staging/main.tf @@ -0,0 +1,58 @@ +terraform { + + backend "azurerm" { + resource_group_name = "rg-ai-cfia-terraform-state" + storage_account_name = "tfcfiastate" + container_name = "infra-terraform-state" + key = "tf/terraform.tfstate" + } + + # backend "gcs" { + # bucket = "terraform-tfstate-gcp-storage" + # prefix = "terraform/state" + # } + + required_providers { + google = { + source = "hashicorp/google" + version = "~> 5.0" + } + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.25" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.24.0" + } + # aws = { + # source = "hashicorp/aws" + # version = "~> 3.0" + # } + } +} + +provider "azurerm" { + features {} +} + +# provider "google" { +# project = "spartan-rhino-408115" +# region = "northamerica-northeast1" +# } + +# provider "kubernetes" { +# config_path = "~/.kube/config" +# config_context = var.kube_ctx +# } + +# module "gcp-kubernetes-cluster-0" { +# source = "./terraform/gcp-kubernetes-cluster" + +# cluster_name = "acia-cfia" +# project_id = "spartan-rhino-408115" + +# region = "northamerica-northeast1" +# location_1 = "northamerica-northeast1-a" +# location_2 = "northamerica-northeast1-b" +# } diff --git a/terraform/staging/variables.tf b/terraform/staging/variables.tf new file mode 100644 index 00000000..84c7e399 --- /dev/null +++ b/terraform/staging/variables.tf @@ -0,0 +1,4 @@ +variable "kube_ctx" { + description = "The kubernetes cluster context." + type = string +} diff --git a/variables.tf b/variables.tf deleted file mode 100644 index b9f833d5..00000000 --- a/variables.tf +++ /dev/null @@ -1,4 +0,0 @@ -variable "kube_ctx" { - description = "The kubernetes cluster context." - type = string -} From 51979704502b663474c74ab3761160f758d22e7c Mon Sep 17 00:00:00 2001 From: SonOfLope Date: Wed, 7 Feb 2024 15:10:15 -0500 Subject: [PATCH 2/4] Issue #30: Fix terraform lint violations --- .../modules/gcp-kubernetes-cluster/cluster.tf | 2 +- .../gcp-kubernetes-cluster/provider.tf | 3 ++ terraform/prod/main.tf | 38 +++++++++---------- terraform/staging/main.tf | 2 + terraform/staging/variables.tf | 8 ++-- 5 files changed, 29 insertions(+), 24 deletions(-) diff --git a/terraform/modules/gcp-kubernetes-cluster/cluster.tf b/terraform/modules/gcp-kubernetes-cluster/cluster.tf index fb74b3f2..117e7b12 100644 --- a/terraform/modules/gcp-kubernetes-cluster/cluster.tf +++ b/terraform/modules/gcp-kubernetes-cluster/cluster.tf @@ -12,7 +12,7 @@ resource "google_container_cluster" "cluster" { # Optional, if you want multi-zonal cluster node_locations = [ - "${var.location_2}" + var.location_2 ] addons_config { diff --git a/terraform/modules/gcp-kubernetes-cluster/provider.tf b/terraform/modules/gcp-kubernetes-cluster/provider.tf index e34c6fc7..2430cac2 100644 --- a/terraform/modules/gcp-kubernetes-cluster/provider.tf +++ b/terraform/modules/gcp-kubernetes-cluster/provider.tf @@ -1,4 +1,7 @@ terraform { + + required_version = ">= 1.7.2" + required_providers { local = { source = "hashicorp/local" diff --git a/terraform/prod/main.tf b/terraform/prod/main.tf index 22f15b3e..ef0e483b 100644 --- a/terraform/prod/main.tf +++ b/terraform/prod/main.tf @@ -1,25 +1,25 @@ -# terraform { +terraform { -# required_version = ">= 1.1.0" + required_version = ">= 1.1.0" -# backend "azurerm" { -# resource_group_name = "rg-ai-cfia-terraform-state" -# storage_account_name = "tfcfiastate" -# container_name = "infra-terraform-state" -# key = "tf/terraform.tfstate" -# } + # backend "azurerm" { + # resource_group_name = "rg-ai-cfia-terraform-state" + # storage_account_name = "tfcfiastate" + # container_name = "infra-terraform-state" + # key = "tf/terraform.tfstate" + # } -# required_providers { -# azurerm = { -# source = "hashicorp/azurerm" -# version = "~> 3.25" -# } -# kubernetes = { -# source = "hashicorp/kubernetes" -# version = "2.24.0" -# } -# } -# } + # required_providers { + # azurerm = { + # source = "hashicorp/azurerm" + # version = "~> 3.25" + # } + # kubernetes = { + # source = "hashicorp/kubernetes" + # version = "2.24.0" + # } + # } +} # provider "azurerm" { # features {} diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf index 96c5e5cd..acfd31c7 100644 --- a/terraform/staging/main.tf +++ b/terraform/staging/main.tf @@ -1,5 +1,7 @@ terraform { + required_version = ">= 1.7.2" + backend "azurerm" { resource_group_name = "rg-ai-cfia-terraform-state" storage_account_name = "tfcfiastate" diff --git a/terraform/staging/variables.tf b/terraform/staging/variables.tf index 84c7e399..b069b2f4 100644 --- a/terraform/staging/variables.tf +++ b/terraform/staging/variables.tf @@ -1,4 +1,4 @@ -variable "kube_ctx" { - description = "The kubernetes cluster context." - type = string -} +# variable "kube_ctx" { +# description = "The kubernetes cluster context." +# type = string +# } From 40ca5106136da711f345f8c4ba97c7cfbf891ff2 Mon Sep 17 00:00:00 2001 From: SonOfLope Date: Wed, 7 Feb 2024 15:26:26 -0500 Subject: [PATCH 3/4] Issue #30: Modify pipeline trigger to only run on pushes to main --- apply-terraform.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/apply-terraform.yml b/apply-terraform.yml index 59490b30..596fc792 100644 --- a/apply-terraform.yml +++ b/apply-terraform.yml @@ -1,8 +1,6 @@ --- trigger: - branches: - include: - - main + - main pool: vmImage: 'ubuntu-latest' From 11b5ea78e82fec2add7f8b5a4ed4980e4021297c Mon Sep 17 00:00:00 2001 From: Jonathan Lopez Date: Thu, 8 Feb 2024 15:30:01 -0500 Subject: [PATCH 4/4] Issue #30: Update workflow.yaml with new project name --- .github/workflows/workflow.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml index b4f7f8ab..1a3eec4f 100644 --- a/.github/workflows/workflow.yaml +++ b/.github/workflows/workflow.yaml @@ -1,5 +1,5 @@ --- -name: Infra integration workflow +name: Howard integration workflow on: pull_request: