feat: initial setup

- manage nomad jobs
- create makefile
- create gitignore
- manage terragrunt environments
- add build jobs

.gitea/workflows/build.yaml

@@ -16,9 +16,11 @@ jobs:
 
       - name: Install Terraform/Terragrunt
         run: |
-          dnf install terraform terragrunt -y
+          dnf install terraform terragrunt jq -y
 
       - name: Run Terraform Plan
+        env:
+          VAULT_ROLEID: ${{ secrets.TERRAFORM_NOMAD_VAULT_ROLEID }}
         run: |
           make plan
 

.gitignore

@@ -2,3 +2,5 @@
 .terraform.lock.hcl
 environments/*/*.tf
 plans
+.venv
+env

Makefile

@@ -4,7 +4,14 @@ ENV_DIR = environments/$(ENVIRONMENT)
 PLAN_DIR = plans
 PLAN_FILE = ../../$(PLAN_DIR)/$(ENVIRONMENT).plan
 
-.PHONY: clean
+.PHONY: clean init plan apply
+
+define vault_env
+	@export VAULT_ADDR="https://vault.service.consul:8200" && \
+	export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
+	export $$(vault read -format=json kv/data/service/terraform/nomad | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
+endef
+
 clean:
 	@echo "Cleaning Terraform files..."
 	find environments -type f -name '*.tf' -exec rm -f "{}" \; && \
@@ -12,15 +19,14 @@ clean:
   find environments -type d -name '.terraform' -exec rm -rf "{}" \; && \
 	rm -rf plans
 
-.PHONY: init
 init:
 	terragrunt --terragrunt-working-dir $(ENV_DIR) init
 
-.PHONY: plan
 plan: init
 	@mkdir -p $(PLAN_DIR)
+	$(call vault_env)
 	terragrunt --terragrunt-working-dir $(ENV_DIR) plan -out=$(PLAN_FILE)
 
-.PHONY: apply
 apply:
+	$(call vault_env)
 	terragrunt --terragrunt-working-dir $(ENV_DIR) apply $(PLAN_FILE)