feat: initial setup

- manage nomad jobs - create makefile - create gitignore - manage terragrunt environments - add build jobs
2024-12-28 22:06:36 +11:00
3 changed files with 15 additions and 5 deletions
--- a/.gitea/workflows/build.yaml
+++ b/.gitea/workflows/build.yaml
@ -16,9 +16,11 @@ jobs:

      - name: Install Terraform/Terragrunt
        run: |
-          dnf install terraform terragrunt -y
+          dnf install terraform terragrunt jq -y

      - name: Run Terraform Plan
+        env:
+          VAULT_ROLEID: ${{ secrets.TERRAFORM_NOMAD_VAULT_ROLEID }}
        run: |
          make plan

--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,5 @@
 .terraform.lock.hcl
 environments/*/*.tf
 plans
+.venv
+env
--- a/14
+++ b/14
@ -4,7 +4,14 @@ ENV_DIR = environments/$(ENVIRONMENT)
 PLAN_DIR = plans
 PLAN_FILE = ../../$(PLAN_DIR)/$(ENVIRONMENT).plan

-.PHONY: clean
+.PHONY: clean init plan apply
+
+define vault_env
+	@export VAULT_ADDR="https://vault.service.consul:8200" && \
+	export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
+	export $$(vault read -format=json kv/data/service/terraform/nomad | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
+endef
+
 clean:
 	@echo "Cleaning Terraform files..."
 	find environments -type f -name '*.tf' -exec rm -f "{}" \; && \
@ -12,15 +19,14 @@ clean:
  find environments -type d -name '.terraform' -exec rm -rf "{}" \; && \
 	rm -rf plans

-.PHONY: init
 init:
 	terragrunt --terragrunt-working-dir $(ENV_DIR) init

-.PHONY: plan
 plan: init
 	@mkdir -p $(PLAN_DIR)
+	$(call vault_env)
 	terragrunt --terragrunt-working-dir $(ENV_DIR) plan -out=$(PLAN_FILE)

-.PHONY: apply
 apply:
+	$(call vault_env)
 	terragrunt --terragrunt-working-dir $(ENV_DIR) apply $(PLAN_FILE)