feat: add build job
Build / build (pull_request) Successful in 2m23s

- add build job that runs `make plan`
- add deploy job that runs `make apply`
- ensure make-plan also runs init target
- enable provider caching
- enable creating client.crt/client.key
- trap EXIT to cleanup temp directory
This commit is contained in:
2025-10-17 10:29:55 +11:00
parent 3f386b4e21
commit b6b01cb70d
129 changed files with 808 additions and 492 deletions
+10 -2
View File
@@ -11,7 +11,15 @@ define vault_env
export PUPPET_CERT_PUB=$$(vault kv get -field=public_key kv/service/puppet/certificates/terraform) && \
export PUPPET_CERT_PRIV=$$(vault kv get -field=private_key kv/service/puppet/certificates/terraform) && \
export TG_QUEUE_EXCLUDE_DIR="templates/base" && \
export $$(vault read -format=json kv/data/service/terraform/incus | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
export TG_PROVIDER_CACHE=1 && \
export TG_TF_PATH=terraform && \
eval "$$(vault read -format=json kv/data/service/terraform/incus \
| jq -r '.data.data | to_entries[] | "export \(.key)=\(.value|@sh)"')" && \
export INCUS_CONFIG_DIR=$$(mktemp -d) && \
trap "rm -rf $$INCUS_CONFIG_DIR" EXIT && \
mkdir -p $$INCUS_CONFIG_DIR && \
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONFIG_DIR/client.crt && \
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONFIG_DIR/client.key
endef
clean:
@@ -29,7 +37,7 @@ plan: init
@$(call vault_env) && \
terragrunt run --all --parallelism 8 --non-interactive plan
apply:
apply: init
@$(call vault_env) && \
terragrunt run --all --parallelism 5 --non-interactive apply