Compare commits
1 Commits
master
..
b2041b244a
| Author | SHA1 | Date | |
|---|---|---|---|
| b2041b244a |
@@ -14,13 +14,11 @@ jobs:
|
|||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
- name: Install Packages
|
- name: Install Terraform/Terragrunt
|
||||||
run: |
|
run: |
|
||||||
dnf install terraform terragrunt vault jq -y
|
dnf install terraform terragrunt -y
|
||||||
|
|
||||||
- name: Run Terraform Plan
|
- name: Run Terraform Plan
|
||||||
env:
|
|
||||||
VAULT_ROLEID: ${{ secrets.TERRAFORM_NOMAD_VAULT_ROLEID }}
|
|
||||||
run: |
|
run: |
|
||||||
make plan
|
make plan
|
||||||
|
|
||||||
@@ -28,9 +26,9 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
find /workspace -type f -name "*.plan"
|
find /workspace -type f -name "*.plan"
|
||||||
|
|
||||||
- name: Upload Artifacts
|
#- name: Upload Artifacts
|
||||||
uses: actions/upload-artifact@v3
|
# uses: actions/upload-artifact@v3
|
||||||
with:
|
# with:
|
||||||
name: plans
|
# name: plans
|
||||||
path: /workspace/unkin/terraform-nomad/plans/*.plan
|
# path: /workspace/unkin/rpmbuilder/dist/*/*.rpm
|
||||||
|
|
||||||
|
|||||||
@@ -2,5 +2,3 @@
|
|||||||
.terraform.lock.hcl
|
.terraform.lock.hcl
|
||||||
environments/*/*.tf
|
environments/*/*.tf
|
||||||
plans
|
plans
|
||||||
.venv
|
|
||||||
env
|
|
||||||
|
|||||||
@@ -4,14 +4,7 @@ ENV_DIR = environments/$(ENVIRONMENT)
|
|||||||
PLAN_DIR = plans
|
PLAN_DIR = plans
|
||||||
PLAN_FILE = ../../$(PLAN_DIR)/$(ENVIRONMENT).plan
|
PLAN_FILE = ../../$(PLAN_DIR)/$(ENVIRONMENT).plan
|
||||||
|
|
||||||
.PHONY: clean init plan apply
|
.PHONY: clean
|
||||||
|
|
||||||
define vault_env
|
|
||||||
@export VAULT_ADDR="https://vault.service.consul:8200" && \
|
|
||||||
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
|
|
||||||
export $$(vault read -format=json kv/data/service/terraform/nomad | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
|
|
||||||
endef
|
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
@echo "Cleaning Terraform files..."
|
@echo "Cleaning Terraform files..."
|
||||||
find environments -type f -name '*.tf' -exec rm -f "{}" \; && \
|
find environments -type f -name '*.tf' -exec rm -f "{}" \; && \
|
||||||
@@ -19,15 +12,15 @@ clean:
|
|||||||
find environments -type d -name '.terraform' -exec rm -rf "{}" \; && \
|
find environments -type d -name '.terraform' -exec rm -rf "{}" \; && \
|
||||||
rm -rf plans
|
rm -rf plans
|
||||||
|
|
||||||
|
.PHONY: init
|
||||||
init:
|
init:
|
||||||
$(call vault_env) && \
|
|
||||||
terragrunt --terragrunt-working-dir $(ENV_DIR) init
|
terragrunt --terragrunt-working-dir $(ENV_DIR) init
|
||||||
|
|
||||||
|
.PHONY: plan
|
||||||
plan: init
|
plan: init
|
||||||
@mkdir -p $(PLAN_DIR)
|
@mkdir -p $(PLAN_DIR)
|
||||||
$(call vault_env) && \
|
|
||||||
terragrunt --terragrunt-working-dir $(ENV_DIR) plan -out=$(PLAN_FILE)
|
terragrunt --terragrunt-working-dir $(ENV_DIR) plan -out=$(PLAN_FILE)
|
||||||
|
|
||||||
|
.PHONY: apply
|
||||||
apply:
|
apply:
|
||||||
$(call vault_env) && \
|
|
||||||
terragrunt --terragrunt-working-dir $(ENV_DIR) apply $(PLAN_FILE)
|
terragrunt --terragrunt-working-dir $(ENV_DIR) apply $(PLAN_FILE)
|
||||||
|
|||||||
@@ -6,7 +6,6 @@ inputs = {
|
|||||||
job_files = [
|
job_files = [
|
||||||
"testapp1",
|
"testapp1",
|
||||||
"testapp2",
|
"testapp2",
|
||||||
"app-sudaporn-research-normalised",
|
|
||||||
]
|
]
|
||||||
policy_files = []
|
policy_files = []
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,71 +0,0 @@
|
|||||||
job "app-sudaporn-research-normalised" {
|
|
||||||
datacenters = ["au-syd1"]
|
|
||||||
type = "service"
|
|
||||||
|
|
||||||
group "app" {
|
|
||||||
count = 2
|
|
||||||
|
|
||||||
network {
|
|
||||||
port "http" {
|
|
||||||
to = 80
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
update {
|
|
||||||
max_parallel = 1
|
|
||||||
health_check = "checks"
|
|
||||||
min_healthy_time = "30s"
|
|
||||||
healthy_deadline = "5m"
|
|
||||||
progress_deadline = "10m"
|
|
||||||
auto_revert = true
|
|
||||||
auto_promote = true
|
|
||||||
canary = 1
|
|
||||||
stagger = "20s"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Ensure instances run on different agents
|
|
||||||
spread {
|
|
||||||
attribute = "${node.unique.id}"
|
|
||||||
weight = 100
|
|
||||||
}
|
|
||||||
|
|
||||||
# Application Task
|
|
||||||
task "webapp" {
|
|
||||||
driver = "docker"
|
|
||||||
|
|
||||||
config {
|
|
||||||
image = "git.query.consul/unkin/almalinux9-base:latest"
|
|
||||||
network_mode = "bridge"
|
|
||||||
ports = ["http"]
|
|
||||||
command = "sh"
|
|
||||||
args = [
|
|
||||||
"-c",
|
|
||||||
"rm -rf /app && git clone https://git.query.consul/unkin/app-sudaporn-research-normalised.git /app && cd /app && make run"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
env {
|
|
||||||
PORT = "80"
|
|
||||||
PYTHONUNBUFFERED = "1"
|
|
||||||
}
|
|
||||||
|
|
||||||
resources {
|
|
||||||
cpu = 500
|
|
||||||
memory = 350
|
|
||||||
}
|
|
||||||
|
|
||||||
service {
|
|
||||||
name = "app-sudaporn-research-normalised"
|
|
||||||
port = "http"
|
|
||||||
address_mode = "driver"
|
|
||||||
|
|
||||||
check {
|
|
||||||
type = "http"
|
|
||||||
path = "/"
|
|
||||||
interval = "10s"
|
|
||||||
timeout = "2s"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Reference in New Issue
Block a user