1 Commits

Author SHA1 Message Date
unkinben 8b39ee38bf feat: initial setup
Build / build (pull_request) Failing after 0s
- manage nomad jobs
- create makefile
- create gitignore
- manage terragrunt environments
- add build jobs
2024-12-28 16:23:13 +11:00
4 changed files with 10 additions and 81 deletions
+6 -15
View File
@@ -2,28 +2,19 @@ name: Build
on:
pull_request:
push:
branches:
- master
jobs:
build:
runs-on: almalinux-8
container:
image: git.query.consul/unkin/almalinux8-runnerdnd:latest
image: git.query.consul/unkin/almalinux9-buildrunner:latest
options: --privileged
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install Packages
run: |
dnf install terraform terragrunt vault jq -y
- name: Run Terraform Plan
env:
VAULT_ROLEID: ${{ secrets.TERRAFORM_NOMAD_VAULT_ROLEID }}
run: |
make plan
@@ -31,9 +22,9 @@ jobs:
run: |
find /workspace -type f -name "*.plan"
- name: Upload Artifacts
uses: actions/upload-artifact@v3
with:
name: plans
path: /workspace/unkin/terraform-nomad/plans/*.plan
#- name: Upload Artifacts
# uses: actions/upload-artifact@v3
# with:
# name: plans
# path: /workspace/unkin/rpmbuilder/dist/*/*.rpm
-53
View File
@@ -1,53 +0,0 @@
name: Deploy
on:
push:
branches:
- master
jobs:
deploy:
runs-on: almalinux-8
container:
image: git.query.consul/unkin/almalinux8-runnerdnd:latest
options: --privileged
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download Artifacts
run: |
mkdir -p /workspace/unkin/terraform-nomad/plans
export RUN_ID=$((GITHUB_RUN_NUMBER - 1))
export PLANS_URL="https://git.query.consul/${GITHUB_REPOSITORY}/actions/runs/${RUN_ID}/artifacts/plans"
export MAX_RETRIES=5
export RETRY_COUNT=0
echo "Attempting to download plans from ${PLANS_URL}"
while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do
curl -L -o /workspace/plans.zip "${PLANS_URL}" && break || true
echo "Plans file not available yet. Retrying in 10 seconds... ($((RETRY_COUNT + 1))/$MAX_RETRIES)"
RETRY_COUNT=$((RETRY_COUNT + 1))
sleep 10
done
if [ ! -f /workspace/plans.zip ]; then
echo "Failed to download plans file after $MAX_RETRIES attempts."
exit 1
fi
echo "Plans file downloaded. Extracting..."
unzip /workspace/plans.zip -d /workspace/unkin/terraform-nomad/plans
echo "Plans file extracted successfully."
- name: Show Plans
run: |
find /workspace -type f -name "*.plan"
- name: Install Packages
run: |
dnf install terraform terragrunt vault jq -y
- name: Run Terraform Apply
env:
VAULT_ROLEID: ${{ secrets.TERRAFORM_NOMAD_VAULT_ROLEID }}
run: |
make apply
-2
View File
@@ -2,5 +2,3 @@
.terraform.lock.hcl
environments/*/*.tf
plans
.venv
env
+4 -11
View File
@@ -4,14 +4,7 @@ ENV_DIR = environments/$(ENVIRONMENT)
PLAN_DIR = plans
PLAN_FILE = ../../$(PLAN_DIR)/$(ENVIRONMENT).plan
.PHONY: clean init plan apply
define vault_env
@export VAULT_ADDR="https://vault.service.consul:8200" && \
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
export $$(vault read -format=json kv/data/service/terraform/nomad | jq -r '.data.data | to_entries[] | "\(.key)=\(.value)"')
endef
.PHONY: clean
clean:
@echo "Cleaning Terraform files..."
find environments -type f -name '*.tf' -exec rm -f "{}" \; && \
@@ -19,15 +12,15 @@ clean:
find environments -type d -name '.terraform' -exec rm -rf "{}" \; && \
rm -rf plans
.PHONY: init
init:
$(call vault_env) && \
terragrunt --terragrunt-working-dir $(ENV_DIR) init
.PHONY: plan
plan: init
@mkdir -p $(PLAN_DIR)
$(call vault_env) && \
terragrunt --terragrunt-working-dir $(ENV_DIR) plan -out=$(PLAN_FILE)
.PHONY: apply
apply:
$(call vault_env) && \
terragrunt --terragrunt-working-dir $(ENV_DIR) apply $(PLAN_FILE)