- add build job that runs `make plan` - add deploy job that runs `make apply` - ensure make-plan also runs init target - enable provider caching - enable creating client.crt/client.key - trap EXIT to cleanup temp directory
This commit is contained in:
@@ -11,7 +11,15 @@ define vault_env
|
||||
export PUPPET_CERT_PUB=$$(vault kv get -field=public_key kv/service/puppet/certificates/terraform) && \
|
||||
export PUPPET_CERT_PRIV=$$(vault kv get -field=private_key kv/service/puppet/certificates/terraform) && \
|
||||
export TG_QUEUE_EXCLUDE_DIR="templates/base" && \
|
||||
export $$(vault read -format=json kv/data/service/terraform/incus | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
|
||||
export TG_PROVIDER_CACHE=1 && \
|
||||
export TG_TF_PATH=terraform && \
|
||||
eval "$$(vault read -format=json kv/data/service/terraform/incus \
|
||||
| jq -r '.data.data | to_entries[] | "export \(.key)=\(.value|@sh)"')" && \
|
||||
export INCUS_CONFIG_DIR=$$(mktemp -d) && \
|
||||
trap "rm -rf $$INCUS_CONFIG_DIR" EXIT && \
|
||||
mkdir -p $$INCUS_CONFIG_DIR && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONFIG_DIR/client.crt && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONFIG_DIR/client.key
|
||||
endef
|
||||
|
||||
clean:
|
||||
@@ -29,7 +37,7 @@ plan: init
|
||||
@$(call vault_env) && \
|
||||
terragrunt run --all --parallelism 8 --non-interactive plan
|
||||
|
||||
apply:
|
||||
apply: init
|
||||
@$(call vault_env) && \
|
||||
terragrunt run --all --parallelism 5 --non-interactive apply
|
||||
|
||||
|
||||
Reference in New Issue
Block a user