feat: add build job
Build / build (pull_request) Failing after 1m22s

- add build job that runs `make plan`
- add deploy job that runs `make apply`
- ensure make-plan also runs init target
- enable provider caching
- enable creating client.crt/client.key
- trap EXIT to cleanup temp directory
This commit is contained in:
2025-10-17 10:29:55 +11:00
parent 3f386b4e21
commit c767506a01
129 changed files with 682 additions and 492 deletions
+10 -2
View File
@@ -11,7 +11,15 @@ define vault_env
export PUPPET_CERT_PUB=$$(vault kv get -field=public_key kv/service/puppet/certificates/terraform) && \
export PUPPET_CERT_PRIV=$$(vault kv get -field=private_key kv/service/puppet/certificates/terraform) && \
export TG_QUEUE_EXCLUDE_DIR="templates/base" && \
export $$(vault read -format=json kv/data/service/terraform/incus | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
export TG_PROVIDER_CACHE=1 && \
export TG_TF_PATH=terraform && \
eval "$$(vault read -format=json kv/data/service/terraform/incus \
| jq -r '.data.data | to_entries[] | "export \(.key)=\(.value|@sh)"')" && \
export INCUS_CONF=$$(mktemp -d) && \
trap "rm -rf $$INCUS_CONF" EXIT && \
mkdir -p $$INCUS_CONF && \
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONF/client.crt && \
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONF/client.key
endef
clean:
@@ -29,7 +37,7 @@ plan: init
@$(call vault_env) && \
terragrunt run --all --parallelism 8 --non-interactive plan
apply:
apply: init
@$(call vault_env) && \
terragrunt run --all --parallelism 5 --non-interactive apply