unkin/terraform-incus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
terraform-incus/Makefile
Ben Vincent d955d86808
All checks were successful
Build / build (pull_request) Successful in 1m47s
Details
fix: correct config.yaml to config.yml 
- ensure terraform can find the correct config.yml
2025-11-01 13:59:57 +11:00

83 lines
3.1 KiB
Makefile
Raw Permalink Blame History

SHELL := /bin/bash
ENVIRONMENT ?= au-syd1
ENV_DIR = environments/$(ENVIRONMENT)
.PHONY: clean init plan apply venv hiera output
define vault_env
@export VAULT_ADDR="https://vault.service.consul:8200" && \
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
export PUPPET_CERT_CA=$$(vault kv get -field=public_key kv/service/puppet/certificates/ca) && \
export PUPPET_CERT_PUB=$$(vault kv get -field=public_key kv/service/puppet/certificates/terraform) && \
export PUPPET_CERT_PRIV=$$(vault kv get -field=private_key kv/service/puppet/certificates/terraform) && \
export TG_QUEUE_EXCLUDE_DIR="templates/base" && \
export TG_PROVIDER_CACHE=1 && \
export TG_TF_PATH=terraform && \
eval "$$(vault read -format=json kv/data/service/terraform/incus \
| jq -r '.data.data | to_entries[] | "export \(.key)=\(.value|@sh)"')" && \
export INCUS_CONFIG_DIR=$$(mktemp -d) && \
trap "rm -rf $$INCUS_CONFIG_DIR" EXIT && \
mkdir -p $$INCUS_CONFIG_DIR && \
mkdir -p $$INCUS_CONFIG_DIR/servercerts && \
printf '%s\n' "$$INCUS_CONF_INCUSIMAGES_CERT" > $$INCUS_CONFIG_DIR/servercerts/incus-images.crt && \
printf '%s\n' "$$INCUS_CONF_CONFIG_YAML" > $$INCUS_CONFIG_DIR/config.yml && \
if [ -f /etc/pki/tls/vault/certificate.crt ] && [ -f /etc/pki/tls/vault/private.key ]; then \
cp /etc/pki/tls/vault/certificate.crt $$INCUS_CONFIG_DIR/client.crt && \
cp /etc/pki/tls/vault/private.key $$INCUS_CONFIG_DIR/client.key; \
elif [ -f $$HOME/.config/incus/client.crt ] && [ -f $$HOME/.config/incus/client.key ]; then \
cp $$HOME/.config/incus/client.crt $$INCUS_CONFIG_DIR/client.crt && \
cp $$HOME/.config/incus/client.key $$INCUS_CONFIG_DIR/client.key; \
else \
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONFIG_DIR/client.crt && \
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONFIG_DIR/client.key; \
fi
endef
clean:
@echo "Cleaning Terraform files..."
@find ./ -wholename '*.terragrunt-cache*' -delete
@find ./ -name 'terragrunt_rendered.json' -delete
@echo "Cleaning Python VENV..."
@rm -rf .venv
init:
@$(call vault_env) && \
terragrunt run --all --non-interactive init -- -upgrade
plan: init
@$(call vault_env) && \
terragrunt run --all --parallelism 4 --non-interactive plan
apply: init
@$(call vault_env) && \
terragrunt run --all --parallelism 2 --non-interactive apply
output:
@$(call vault_env) && \
rm -f tf_outputs.json && \
terragrunt run --all --parallelism 10 --non-interactive output -json >> tf_outputs.json
hiera:
@echo "Setting up virtual environment with uv..."
uv venv .venv && \
source .venv/bin/activate && \
uv pip install -r ci/autonode/requirements.txt
@echo "Running update_hiera"
.venv/bin/python ci/autonode/update_hiera.py \
--output-json tf_outputs.json \
--repo-url https://git.query.consul/unkinben/puppet-prod.git \
--clone-path $$(mktemp) \
--commit-template "Add Hiera config for {{ vmname }}" \
--file-template ci/autonode/templates/node.yaml.j2 \
--base-branch develop
venv:
uv venv --python 3.12 venv && \
source venv/bin/activate && \
uv pip install -r ci/requirements.txt
list:
source venv/bin/activate && \
python ci/review.py
Reference in New Issue View Git Blame Copy Permalink