diff --git a/.woodpecker/apply.yaml b/.woodpecker/apply.yaml index 36986f1..112d696 100644 --- a/.woodpecker/apply.yaml +++ b/.woodpecker/apply.yaml @@ -9,8 +9,7 @@ steps: VAULT_AUTH_METHOD: kubernetes commands: - dnf install vault -y - - make plan - - make apply + - make apply-if-changes backend_options: kubernetes: serviceAccountName: terraform-git diff --git a/Makefile b/Makefile index 640077e..53410c1 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -.PHONY: init plan apply format +.PHONY: init plan apply apply-if-changes format pre-commit VAULT_AUTH_METHOD ?= approle VAULT_K8S_ROLE ?= woodpecker_terraform_git @@ -25,6 +25,19 @@ plan: init @$(call vault_env) && \ terragrunt run --all --parallelism 4 --non-interactive plan +apply-if-changes: init + @$(call vault_env) && \ + terragrunt run --all --parallelism 4 --non-interactive plan -- -detailed-exitcode -out=tfplan; \ + EXIT_CODE=$$?; \ + if [ $$EXIT_CODE -eq 2 ]; then \ + $(call vault_env) && \ + terragrunt run --all --parallelism 2 --non-interactive apply -- tfplan; \ + elif [ $$EXIT_CODE -eq 0 ]; then \ + echo "No changes detected, skipping apply."; \ + else \ + exit $$EXIT_CODE; \ + fi + apply: init @$(call vault_env) && \ terragrunt run --all --parallelism 2 --non-interactive apply @@ -34,3 +47,6 @@ format: @tofu fmt -recursive . @echo "Formatting Terragrunt files..." @terragrunt hcl fmt + +pre-commit: + @uvx pre-commit run --all-files diff --git a/environments/au/syd1/terragrunt.hcl b/environments/au/syd1/terragrunt.hcl index 4c92627..73a4bdf 100644 --- a/environments/au/syd1/terragrunt.hcl +++ b/environments/au/syd1/terragrunt.hcl @@ -20,6 +20,5 @@ inputs = { organisation = local.config.organisation repository = local.config.repository branch_protection = local.config.branch_protection - deploy_key = local.config.deploy_key team = local.config.team } diff --git a/environments/root.hcl b/environments/root.hcl index 14abeb5..aa28cfd 100644 --- a/environments/root.hcl +++ b/environments/root.hcl @@ -19,21 +19,6 @@ terraform { lock = true ca_file = "/etc/pki/tls/certs/ca-bundle.crt" } - required_version = ">= 1.10" - required_providers { - gitea = { - source = "go-gitea/gitea" - version = "0.7.0" - } - woodpecker = { - source = "Kichiyaki/woodpecker" - version = "0.5.0" - } - consul = { - source = "hashicorp/consul" - version = "2.23.0" - } - } } EOF } diff --git a/modules/gitea_instance/terraform.tf b/modules/gitea_instance/terraform.tf new file mode 100644 index 0000000..4a11ea7 --- /dev/null +++ b/modules/gitea_instance/terraform.tf @@ -0,0 +1,13 @@ +terraform { + required_version = ">= 1.10" + required_providers { + gitea = { + source = "go-gitea/gitea" + version = "0.7.0" + } + woodpecker = { + source = "Kichiyaki/woodpecker" + version = "0.5.0" + } + } +} diff --git a/modules/gitea_instance/variables.tf b/modules/gitea_instance/variables.tf index 8e78559..a4b0324 100644 --- a/modules/gitea_instance/variables.tf +++ b/modules/gitea_instance/variables.tf @@ -15,8 +15,8 @@ variable "organisation" { variable "repository" { description = "Map of repositories to create" type = map(object({ - name = string - organisation = string + name = string + organisation = string description = optional(string) private = optional(bool) default_branch = optional(string) @@ -32,7 +32,7 @@ variable "repository" { repo_template = optional(bool) website = optional(string) autodetect_manual_merge = optional(bool) - woodpecker = optional(bool, false) + woodpecker = optional(bool, false) })) default = {} } @@ -64,18 +64,6 @@ variable "branch_protection" { default = {} } -variable "deploy_key" { - description = "Map of deploy keys to create" - type = map(object({ - repository = string - organisation = string - gitea_url = string - title = string - key = string - read_only = optional(bool, true) - })) - default = {} -} variable "team" { description = "Map of teams to create"