Compare commits
12 Commits
b2041b244a
..
master
| Author | SHA1 | Date | |
|---|---|---|---|
| cbaa137eb6 | |||
| 33bd638c59 | |||
| 0b5e5fc1db | |||
| bb2cae29fd | |||
| 375fba6323 | |||
| 9cb07d9cef | |||
| 809d26349b | |||
| 63cc96d602 | |||
| 4db2abc990 | |||
| f7fa3bbd47 | |||
| 2a20398c87 | |||
| 3fe7ea4c36 |
@@ -14,11 +14,13 @@ jobs:
|
|||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
- name: Install Terraform/Terragrunt
|
- name: Install Packages
|
||||||
run: |
|
run: |
|
||||||
dnf install terraform terragrunt -y
|
dnf install terraform terragrunt vault jq -y
|
||||||
|
|
||||||
- name: Run Terraform Plan
|
- name: Run Terraform Plan
|
||||||
|
env:
|
||||||
|
VAULT_ROLEID: ${{ secrets.TERRAFORM_NOMAD_VAULT_ROLEID }}
|
||||||
run: |
|
run: |
|
||||||
make plan
|
make plan
|
||||||
|
|
||||||
@@ -26,9 +28,9 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
find /workspace -type f -name "*.plan"
|
find /workspace -type f -name "*.plan"
|
||||||
|
|
||||||
#- name: Upload Artifacts
|
- name: Upload Artifacts
|
||||||
# uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v3
|
||||||
# with:
|
with:
|
||||||
# name: plans
|
name: plans
|
||||||
# path: /workspace/unkin/rpmbuilder/dist/*/*.rpm
|
path: /workspace/unkin/terraform-nomad/plans/*.plan
|
||||||
|
|
||||||
|
|||||||
@@ -2,3 +2,5 @@
|
|||||||
.terraform.lock.hcl
|
.terraform.lock.hcl
|
||||||
environments/*/*.tf
|
environments/*/*.tf
|
||||||
plans
|
plans
|
||||||
|
.venv
|
||||||
|
env
|
||||||
|
|||||||
@@ -4,7 +4,14 @@ ENV_DIR = environments/$(ENVIRONMENT)
|
|||||||
PLAN_DIR = plans
|
PLAN_DIR = plans
|
||||||
PLAN_FILE = ../../$(PLAN_DIR)/$(ENVIRONMENT).plan
|
PLAN_FILE = ../../$(PLAN_DIR)/$(ENVIRONMENT).plan
|
||||||
|
|
||||||
.PHONY: clean
|
.PHONY: clean init plan apply
|
||||||
|
|
||||||
|
define vault_env
|
||||||
|
@export VAULT_ADDR="https://vault.service.consul:8200" && \
|
||||||
|
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
|
||||||
|
export $$(vault read -format=json kv/data/service/terraform/nomad | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
|
||||||
|
endef
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
@echo "Cleaning Terraform files..."
|
@echo "Cleaning Terraform files..."
|
||||||
find environments -type f -name '*.tf' -exec rm -f "{}" \; && \
|
find environments -type f -name '*.tf' -exec rm -f "{}" \; && \
|
||||||
@@ -12,15 +19,15 @@ clean:
|
|||||||
find environments -type d -name '.terraform' -exec rm -rf "{}" \; && \
|
find environments -type d -name '.terraform' -exec rm -rf "{}" \; && \
|
||||||
rm -rf plans
|
rm -rf plans
|
||||||
|
|
||||||
.PHONY: init
|
|
||||||
init:
|
init:
|
||||||
|
$(call vault_env) && \
|
||||||
terragrunt --terragrunt-working-dir $(ENV_DIR) init
|
terragrunt --terragrunt-working-dir $(ENV_DIR) init
|
||||||
|
|
||||||
.PHONY: plan
|
|
||||||
plan: init
|
plan: init
|
||||||
@mkdir -p $(PLAN_DIR)
|
@mkdir -p $(PLAN_DIR)
|
||||||
|
$(call vault_env) && \
|
||||||
terragrunt --terragrunt-working-dir $(ENV_DIR) plan -out=$(PLAN_FILE)
|
terragrunt --terragrunt-working-dir $(ENV_DIR) plan -out=$(PLAN_FILE)
|
||||||
|
|
||||||
.PHONY: apply
|
|
||||||
apply:
|
apply:
|
||||||
|
$(call vault_env) && \
|
||||||
terragrunt --terragrunt-working-dir $(ENV_DIR) apply $(PLAN_FILE)
|
terragrunt --terragrunt-working-dir $(ENV_DIR) apply $(PLAN_FILE)
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ inputs = {
|
|||||||
job_files = [
|
job_files = [
|
||||||
"testapp1",
|
"testapp1",
|
||||||
"testapp2",
|
"testapp2",
|
||||||
|
"app-sudaporn-research-normalised",
|
||||||
]
|
]
|
||||||
policy_files = []
|
policy_files = []
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,71 @@
|
|||||||
|
job "app-sudaporn-research-normalised" {
|
||||||
|
datacenters = ["au-syd1"]
|
||||||
|
type = "service"
|
||||||
|
|
||||||
|
group "app" {
|
||||||
|
count = 2
|
||||||
|
|
||||||
|
network {
|
||||||
|
port "http" {
|
||||||
|
to = 80
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
update {
|
||||||
|
max_parallel = 1
|
||||||
|
health_check = "checks"
|
||||||
|
min_healthy_time = "30s"
|
||||||
|
healthy_deadline = "5m"
|
||||||
|
progress_deadline = "10m"
|
||||||
|
auto_revert = true
|
||||||
|
auto_promote = true
|
||||||
|
canary = 1
|
||||||
|
stagger = "20s"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Ensure instances run on different agents
|
||||||
|
spread {
|
||||||
|
attribute = "${node.unique.id}"
|
||||||
|
weight = 100
|
||||||
|
}
|
||||||
|
|
||||||
|
# Application Task
|
||||||
|
task "webapp" {
|
||||||
|
driver = "docker"
|
||||||
|
|
||||||
|
config {
|
||||||
|
image = "git.query.consul/unkin/almalinux9-base:latest"
|
||||||
|
network_mode = "bridge"
|
||||||
|
ports = ["http"]
|
||||||
|
command = "sh"
|
||||||
|
args = [
|
||||||
|
"-c",
|
||||||
|
"rm -rf /app && git clone https://git.query.consul/unkin/app-sudaporn-research-normalised.git /app && cd /app && make run"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
env {
|
||||||
|
PORT = "80"
|
||||||
|
PYTHONUNBUFFERED = "1"
|
||||||
|
}
|
||||||
|
|
||||||
|
resources {
|
||||||
|
cpu = 500
|
||||||
|
memory = 350
|
||||||
|
}
|
||||||
|
|
||||||
|
service {
|
||||||
|
name = "app-sudaporn-research-normalised"
|
||||||
|
port = "http"
|
||||||
|
address_mode = "driver"
|
||||||
|
|
||||||
|
check {
|
||||||
|
type = "http"
|
||||||
|
path = "/"
|
||||||
|
interval = "10s"
|
||||||
|
timeout = "2s"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user