From 786da8a3587d3aad7c12997b783877c6cf0151cb Mon Sep 17 00:00:00 2001 From: cloudneutral Date: Wed, 24 Dec 2025 12:44:21 +0800 Subject: [PATCH] Support env override for bootstrap config path --- terraform-hcl-standard/aws-cloud/bootstrap/README.md | 2 +- .../aws-cloud/bootstrap/identity/terragrunt.hcl | 6 +++++- .../aws-cloud/bootstrap/lock/terragrunt.hcl | 6 +++++- .../aws-cloud/bootstrap/state/terragrunt.hcl | 6 +++++- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/terraform-hcl-standard/aws-cloud/bootstrap/README.md b/terraform-hcl-standard/aws-cloud/bootstrap/README.md index 65c31b2e..57f05fdd 100644 --- a/terraform-hcl-standard/aws-cloud/bootstrap/README.md +++ b/terraform-hcl-standard/aws-cloud/bootstrap/README.md @@ -21,7 +21,7 @@ Terragrunt `run-all` handles the ordering; no manual sequencing is required. - **Data plane**: S3 bucket enforces AES256 SSE, public access block, and versioning. DynamoDB enables server-side encryption and PITR for forensic recovery. - **Control plane**: IAM policies are externalized in `identity/policies/*.json` and rendered via `aws_iam_policy_document` to keep Terraform code lean and auditable. -- **Config source of truth**: The GitOps repo (`https://github.com/cloud-neutral-workshop/gitops.git`) stores `config/accounts/bootstrap.yaml`, defining canonical names, regions, and tags. Terragrunt reads it via `GITOPS_REPO_ROOT` (defaults to `../gitops` relative to this repo). +- **Config source of truth**: The GitOps repo (`https://github.com/cloud-neutral-workshop/gitops.git`) stores `config/accounts/bootstrap.yaml`, defining canonical names, regions, and tags. Terragrunt reads it via `GITOPS_REPO_ROOT` (defaults to `../gitops` relative to this repo). Clone that repository locally or set `GITOPS_REPO_ROOT` to your desired path to keep configuration and modules separated. You can also override the config file path with `GITOPS_BOOTSTRAP_CONFIG` (for example, `config/xzerolab/sit/aws-cloud/account/bootstrap.yaml` inside the GitOps repo). ## How to Run with Terragrunt diff --git a/terraform-hcl-standard/aws-cloud/bootstrap/identity/terragrunt.hcl b/terraform-hcl-standard/aws-cloud/bootstrap/identity/terragrunt.hcl index a2f98a5b..b6f1a1d6 100644 --- a/terraform-hcl-standard/aws-cloud/bootstrap/identity/terragrunt.hcl +++ b/terraform-hcl-standard/aws-cloud/bootstrap/identity/terragrunt.hcl @@ -16,9 +16,13 @@ locals { abspath("${get_parent_terragrunt_dir()}/../../../../../gitops") ) config_root = "${local.gitops_repo_root}/config" + bootstrap_config_path = get_env( + "GITOPS_BOOTSTRAP_CONFIG", + "${local.config_root}/accounts/bootstrap.yaml" + ) } inputs = { - bootstrap_config_path = "${local.config_root}/accounts/bootstrap.yaml" + bootstrap_config_path = local.bootstrap_config_path config_root = local.gitops_repo_root } diff --git a/terraform-hcl-standard/aws-cloud/bootstrap/lock/terragrunt.hcl b/terraform-hcl-standard/aws-cloud/bootstrap/lock/terragrunt.hcl index ecfc9d73..ecfd94d4 100644 --- a/terraform-hcl-standard/aws-cloud/bootstrap/lock/terragrunt.hcl +++ b/terraform-hcl-standard/aws-cloud/bootstrap/lock/terragrunt.hcl @@ -16,9 +16,13 @@ locals { abspath("${get_parent_terragrunt_dir()}/../../../../../gitops") ) config_root = "${local.gitops_repo_root}/config" + bootstrap_config_path = get_env( + "GITOPS_BOOTSTRAP_CONFIG", + "${local.config_root}/accounts/bootstrap.yaml" + ) } inputs = { - bootstrap_config_path = "${local.config_root}/accounts/bootstrap.yaml" + bootstrap_config_path = local.bootstrap_config_path config_root = local.gitops_repo_root } diff --git a/terraform-hcl-standard/aws-cloud/bootstrap/state/terragrunt.hcl b/terraform-hcl-standard/aws-cloud/bootstrap/state/terragrunt.hcl index cf486331..8697098a 100644 --- a/terraform-hcl-standard/aws-cloud/bootstrap/state/terragrunt.hcl +++ b/terraform-hcl-standard/aws-cloud/bootstrap/state/terragrunt.hcl @@ -12,9 +12,13 @@ locals { abspath("${get_parent_terragrunt_dir()}/../../../../../gitops") ) config_root = "${local.gitops_repo_root}/config" + bootstrap_config_path = get_env( + "GITOPS_BOOTSTRAP_CONFIG", + "${local.config_root}/accounts/bootstrap.yaml" + ) } inputs = { - bootstrap_config_path = "${local.config_root}/accounts/bootstrap.yaml" + bootstrap_config_path = local.bootstrap_config_path config_root = local.gitops_repo_root }