Merge branch 'main' into feature/forgebot-repos
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/plan Pipeline was successful

This commit is contained in:
2026-06-11 23:33:25 +10:00
6 changed files with 34 additions and 34 deletions
+1 -2
View File
@@ -9,8 +9,7 @@ steps:
VAULT_AUTH_METHOD: kubernetes VAULT_AUTH_METHOD: kubernetes
commands: commands:
- dnf install vault -y - dnf install vault -y
- make plan - make apply-if-changes
- make apply
backend_options: backend_options:
kubernetes: kubernetes:
serviceAccountName: terraform-git serviceAccountName: terraform-git
+17 -1
View File
@@ -1,4 +1,4 @@
.PHONY: init plan apply format .PHONY: init plan apply apply-if-changes format pre-commit
VAULT_AUTH_METHOD ?= approle VAULT_AUTH_METHOD ?= approle
VAULT_K8S_ROLE ?= woodpecker_terraform_git VAULT_K8S_ROLE ?= woodpecker_terraform_git
@@ -25,6 +25,19 @@ plan: init
@$(call vault_env) && \ @$(call vault_env) && \
terragrunt run --all --parallelism 4 --non-interactive plan terragrunt run --all --parallelism 4 --non-interactive plan
apply-if-changes: init
@$(call vault_env) && \
terragrunt run --all --parallelism 4 --non-interactive plan -- -detailed-exitcode -out=tfplan; \
EXIT_CODE=$$?; \
if [ $$EXIT_CODE -eq 2 ]; then \
$(call vault_env) && \
terragrunt run --all --parallelism 2 --non-interactive apply -- tfplan; \
elif [ $$EXIT_CODE -eq 0 ]; then \
echo "No changes detected, skipping apply."; \
else \
exit $$EXIT_CODE; \
fi
apply: init apply: init
@$(call vault_env) && \ @$(call vault_env) && \
terragrunt run --all --parallelism 2 --non-interactive apply terragrunt run --all --parallelism 2 --non-interactive apply
@@ -34,3 +47,6 @@ format:
@tofu fmt -recursive . @tofu fmt -recursive .
@echo "Formatting Terragrunt files..." @echo "Formatting Terragrunt files..."
@terragrunt hcl fmt @terragrunt hcl fmt
pre-commit:
@uvx pre-commit run --all-files
-1
View File
@@ -20,6 +20,5 @@ inputs = {
organisation = local.config.organisation organisation = local.config.organisation
repository = local.config.repository repository = local.config.repository
branch_protection = local.config.branch_protection branch_protection = local.config.branch_protection
deploy_key = local.config.deploy_key
team = local.config.team team = local.config.team
} }
-15
View File
@@ -19,21 +19,6 @@ terraform {
lock = true lock = true
ca_file = "/etc/pki/tls/certs/ca-bundle.crt" ca_file = "/etc/pki/tls/certs/ca-bundle.crt"
} }
required_version = ">= 1.10"
required_providers {
gitea = {
source = "go-gitea/gitea"
version = "0.7.0"
}
woodpecker = {
source = "Kichiyaki/woodpecker"
version = "0.5.0"
}
consul = {
source = "hashicorp/consul"
version = "2.23.0"
}
}
} }
EOF EOF
} }
+13
View File
@@ -0,0 +1,13 @@
terraform {
required_version = ">= 1.10"
required_providers {
gitea = {
source = "go-gitea/gitea"
version = "0.7.0"
}
woodpecker = {
source = "Kichiyaki/woodpecker"
version = "0.5.0"
}
}
}
-12
View File
@@ -64,18 +64,6 @@ variable "branch_protection" {
default = {} default = {}
} }
variable "deploy_key" {
description = "Map of deploy keys to create"
type = map(object({
repository = string
organisation = string
gitea_url = string
title = string
key = string
read_only = optional(bool, true)
}))
default = {}
}
variable "team" { variable "team" {
description = "Map of teams to create" description = "Map of teams to create"