ai-workspace-infra/iac_modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix workflow paths for terraform-hcl-standard layout

Browse Source
This commit is contained in:
cloudneutral 2025-12-24 11:37:14 +08:00
parent d30672446a
commit e2a5cdd356
21 changed files with 70 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/iac-pipeline-aws-global-account-matrix.yaml vendored
View File

@ -5,8 +5,8 @@ on:
pull_request: pull_request:
paths: paths:
- '.github/workflows/iac-pipeline-aws-account-matrix.yaml' - '.github/workflows/iac-pipeline-aws-account-matrix.yaml'
- 'iac-template/terraform-hcl-standard/aws-cloud/component/vpc/**' - 'terraform-hcl-standard/aws-cloud/component/vpc/**'
- 'iac-template/terraform-hcl-standard/aws-cloud/component/role/**' - 'terraform-hcl-standard/aws-cloud/component/role/**'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
deploy_action: deploy_action:
@ -19,7 +19,7 @@ permissions:
contents: read contents: read
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/aws-cloud/component/ BASE_DIR: terraform-hcl-standard/aws-cloud/component/
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
CONFIG_FILES: | CONFIG_FILES: |
config/xzerolab/sit/aws-cloud/account/accounts.yaml config/xzerolab/sit/aws-cloud/account/accounts.yaml
@ -56,7 +56,7 @@ import os
import sys import sys
from pathlib import Path from pathlib import Path
utils_dir = Path("iac-template/terraform-hcl-standard/utils").resolve() utils_dir = Path("terraform-hcl-standard/utils").resolve()
sys.path.insert(0, str(utils_dir)) sys.path.insert(0, str(utils_dir))
from config_loader import load_account_credentials from config_loader import load_account_credentials

8
.github/workflows/iac-pipeline-aws-global-bootstrap.yaml vendored
View File

@ -9,7 +9,7 @@ on:
pull_request: pull_request:
paths: paths:
- '.github/workflows/iac-pipeline-aws-global-bootstrap.yaml' - '.github/workflows/iac-pipeline-aws-global-bootstrap.yaml'
- 'iac-template/terraform-hcl-standard/aws-cloud/bootstrap/**' - 'terraform-hcl-standard/aws-cloud/bootstrap/**'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
deploy_action: deploy_action:
@ -18,7 +18,7 @@ on:
default: plan default: plan
env: env:
TG_ROOT: iac-template/terraform-hcl-standard/aws-cloud/bootstrap TG_ROOT: terraform-hcl-standard/aws-cloud/bootstrap
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
TG_VERSION: 0.67.14 TG_VERSION: 0.67.14
@ -38,7 +38,7 @@ jobs:
- S3: create remote state bucket (versioned + SSE + public access block) - S3: create remote state bucket (versioned + SSE + public access block)
- DynamoDB: create state lock table with encryption + PITR - DynamoDB: create state lock table with encryption + PITR
Terragrunt orchestrates state → lock → identity. Resource names and regions follow iac-template/terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml. Terragrunt orchestrates state → lock → identity. Resource names and regions follow terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml.
SUMMARY SUMMARY
- uses: hashicorp/setup-terraform@v3 - uses: hashicorp/setup-terraform@v3
@ -60,7 +60,7 @@ jobs:
- name: Force Destroy Bootstrap Resources - name: Force Destroy Bootstrap Resources
if: env.DEPLOY_ACTION == 'destroy' if: env.DEPLOY_ACTION == 'destroy'
env: env:
CONFIG_PATH: iac-template/terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml CONFIG_PATH: terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml
run: | run: |
./scripts/aws-bootstrap-force-destroy.sh ./scripts/aws-bootstrap-force-destroy.sh

4
.github/workflows/iac-pipeline-aws-global-landingzone-baseline.yaml vendored
View File

@ -5,7 +5,7 @@ on:
pull_request: pull_request:
paths: paths:
paths: paths:
- 'iac-template/terraform-hcl-standard/aws-cloud/**' - 'terraform-hcl-standard/aws-cloud/**'
- '.github/workflows/iac-pipeline-aws-global-landingzone-baseline.yaml' - '.github/workflows/iac-pipeline-aws-global-landingzone-baseline.yaml'
pull_request: pull_request:
branches: [main] branches: [main]
@ -23,7 +23,7 @@ on:
default: 'true' default: 'true'
env: env:
TF_WORKDIR: iac-template/terraform-hcl-standard/aws-cloud TF_WORKDIR: terraform-hcl-standard/aws-cloud
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
AWS_REGION: ap-northeast-1 AWS_REGION: ap-northeast-1
AWS_ROLE_ARN: arn:aws:iam::950604983695:role/GithubAction_IAC_Deploy_Role AWS_ROLE_ARN: arn:aws:iam::950604983695:role/GithubAction_IAC_Deploy_Role

6
.github/workflows/iac-pipeline-aws-global-resources-matrix.yaml vendored
View File

@ -6,8 +6,8 @@ on:
paths: paths:
paths: paths:
- '.github/workflows/iac-pipeline-aws-resources-matrix.yaml' - '.github/workflows/iac-pipeline-aws-resources-matrix.yaml'
- 'iac-template/terraform-hcl-standard/aws-cloud/component/ec2/**' - 'terraform-hcl-standard/aws-cloud/component/ec2/**'
- 'iac-template/terraform-hcl-standard/aws-cloud/component/s3/**' - 'terraform-hcl-standard/aws-cloud/component/s3/**'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
deploy_action: deploy_action:
@ -20,7 +20,7 @@ permissions:
contents: read contents: read
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/aws-cloud/component BASE_DIR: terraform-hcl-standard/aws-cloud/component
AWS_REGION: ap-northeast-1 AWS_REGION: ap-northeast-1
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
AWS_ROLE_ARN: arn:aws:iam::950604983695:role/GithubAction_IAC_Deploy_Role AWS_ROLE_ARN: arn:aws:iam::950604983695:role/GithubAction_IAC_Deploy_Role

8
.github/workflows/terraform-standard-iac-pipeline-alicloud-account-matrix.yaml vendored
View File

@ -3,9 +3,9 @@ name: IAC Pipeline Alicloud Account/VPC Matrix
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/ali-cloud/modules/vpc/**' - 'terraform-hcl-standard/ali-cloud/modules/vpc/**'
- 'iac-template/terraform-hcl-standard/ali-cloud/modules/ram/**' - 'terraform-hcl-standard/ali-cloud/modules/ram/**'
- 'iac-template/terraform-hcl-standard/ali-cloud/envs/dev/**' - 'terraform-hcl-standard/ali-cloud/envs/dev/**'
- '.github/workflows/terraform-standard-iac-pipeline-alicloud-account-matrix.yaml' - '.github/workflows/terraform-standard-iac-pipeline-alicloud-account-matrix.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -15,7 +15,7 @@ on:
default: 'true' default: 'true'
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/ali-cloud/envs BASE_DIR: terraform-hcl-standard/ali-cloud/envs
DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }} DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }}
ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }} ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }}

8
.github/workflows/terraform-standard-iac-pipeline-alicloud-bootstrap.yaml vendored
View File

@ -7,7 +7,7 @@ concurrency:
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/ali-cloud/bootstrap/**' - 'terraform-hcl-standard/ali-cloud/bootstrap/**'
- '.github/workflows/terraform-standard-iac-pipeline-alicloud-bootstrap.yaml' - '.github/workflows/terraform-standard-iac-pipeline-alicloud-bootstrap.yaml'
pull_request: pull_request:
workflow_dispatch: workflow_dispatch:
@ -18,7 +18,7 @@ on:
default: plan default: plan
env: env:
TF_WORKDIR: iac-template/terraform-hcl-standard/ali-cloud/bootstrap TF_WORKDIR: terraform-hcl-standard/ali-cloud/bootstrap
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }} ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }}
@ -42,7 +42,7 @@ jobs:
- lock: create Table Store instance/table for Terraform state locking - lock: create Table Store instance/table for Terraform state locking
- identity: provision RAM role/user plus access keys for automation - identity: provision RAM role/user plus access keys for automation
Resource names and defaults follow iac-template/terraform-hcl-standard/ali-cloud/bootstrap. Resource names and defaults follow terraform-hcl-standard/ali-cloud/bootstrap.
SUMMARY SUMMARY
- uses: hashicorp/setup-terraform@v3 - uses: hashicorp/setup-terraform@v3
@ -80,7 +80,7 @@ jobs:
if: env.DEPLOY_ACTION == 'apply' if: env.DEPLOY_ACTION == 'apply'
with: with:
name: outputs-${{ matrix.target }} name: outputs-${{ matrix.target }}
path: iac-template/terraform-hcl-standard/ali-cloud/outputs_${{ matrix.target }}.json path: terraform-hcl-standard/ali-cloud/outputs_${{ matrix.target }}.json
retention-days: 30 retention-days: 30
aggregate: aggregate:

4
.github/workflows/terraform-standard-iac-pipeline-alicloud-landingzone-baseline.yaml vendored
View File

@ -3,7 +3,7 @@ name: Alicloud LandingZone Baseline
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/ali-cloud/**' - 'terraform-hcl-standard/ali-cloud/**'
- '.github/workflows/terraform-standard-iac-pipeline-alicloud-landingzone-baseline.yaml' - '.github/workflows/terraform-standard-iac-pipeline-alicloud-landingzone-baseline.yaml'
pull_request: pull_request:
branches: [main] branches: [main]
@ -21,7 +21,7 @@ on:
default: 'true' default: 'true'
env: env:
TF_WORKDIR: iac-template/terraform-hcl-standard/ali-cloud TF_WORKDIR: terraform-hcl-standard/ali-cloud
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }} ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }}

6
.github/workflows/terraform-standard-iac-pipeline-alicloud-resources-matrix.yaml vendored
View File

@ -3,8 +3,8 @@ name: IAC Pipeline Alicloud Resources Matrix
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/ali-cloud/modules/**' - 'terraform-hcl-standard/ali-cloud/modules/**'
- 'iac-template/terraform-hcl-standard/ali-cloud/envs/dev/**' - 'terraform-hcl-standard/ali-cloud/envs/dev/**'
- '.github/workflows/terraform-standard-iac-pipeline-alicloud-resources-matrix.yaml' - '.github/workflows/terraform-standard-iac-pipeline-alicloud-resources-matrix.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -14,7 +14,7 @@ on:
default: 'true' default: 'true'
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/ali-cloud/envs BASE_DIR: terraform-hcl-standard/ali-cloud/envs
DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }} DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }}
ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }} ALICLOUD_REGION: ${{ secrets.ALICLOUD_REGION }}

6
.github/workflows/terraform-standard-iac-pipeline-gcp-account-matrix.yaml vendored
View File

@ -3,8 +3,8 @@ name: IAC Pipeline GCP (Account/Project Matrix)
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/gcp-cloud/envs/dev-vpc/**' - 'terraform-hcl-standard/gcp-cloud/envs/dev-vpc/**'
- 'iac-template/terraform-hcl-standard/gcp-cloud/envs/dev-role/**' - 'terraform-hcl-standard/gcp-cloud/envs/dev-role/**'
- '.github/workflows/terraform-standard-iac-pipeline-gcp-account-matrix.yaml' - '.github/workflows/terraform-standard-iac-pipeline-gcp-account-matrix.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -14,7 +14,7 @@ on:
default: 'true' default: 'true'
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/gcp-cloud/envs BASE_DIR: terraform-hcl-standard/gcp-cloud/envs
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }} DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }}

12
.github/workflows/terraform-standard-iac-pipeline-gcp-global-bootstrap.yaml vendored
View File

@ -7,8 +7,8 @@ concurrency:
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/gcp-cloud/bootstrap-gcs/**' - 'terraform-hcl-standard/gcp-cloud/bootstrap-gcs/**'
- 'iac-template/terraform-hcl-standard/gcp-cloud/bootstrap-iam/**' - 'terraform-hcl-standard/gcp-cloud/bootstrap-iam/**'
- '.github/workflows/terraform-standard-iac-pipeline-gcp-global-bootstrap.yaml' - '.github/workflows/terraform-standard-iac-pipeline-gcp-global-bootstrap.yaml'
pull_request: pull_request:
workflow_dispatch: workflow_dispatch:
@ -19,7 +19,7 @@ on:
default: plan default: plan
env: env:
TF_WORKDIR: iac-template/terraform-hcl-standard/gcp-cloud TF_WORKDIR: terraform-hcl-standard/gcp-cloud
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
jobs: jobs:
@ -41,7 +41,7 @@ jobs:
- Cloud Storage: create remote state bucket (versioned + uniform access + generation-based locking) - Cloud Storage: create remote state bucket (versioned + uniform access + generation-based locking)
- IAM: create Terraform bootstrap service account and bind elevated roles - IAM: create Terraform bootstrap service account and bind elevated roles
Resource names and locations follow iac-template/terraform-hcl-standard/gcp-cloud/config/accounts/bootstrap.yaml. Resource names and locations follow terraform-hcl-standard/gcp-cloud/config/accounts/bootstrap.yaml.
SUMMARY SUMMARY
- uses: hashicorp/setup-terraform@v3 - uses: hashicorp/setup-terraform@v3
@ -64,7 +64,7 @@ jobs:
import os import os
from pathlib import Path from pathlib import Path
cfg_path = Path("iac-template/terraform-hcl-standard/gcp-cloud/config/accounts/bootstrap.yaml") cfg_path = Path("terraform-hcl-standard/gcp-cloud/config/accounts/bootstrap.yaml")
cfg = yaml.safe_load(cfg_path.read_text()) cfg = yaml.safe_load(cfg_path.read_text())
env_path = Path(os.environ["GITHUB_ENV"]) env_path = Path(os.environ["GITHUB_ENV"])
@ -159,7 +159,7 @@ jobs:
if: env.DEPLOY_ACTION == 'apply' if: env.DEPLOY_ACTION == 'apply'
with: with:
name: outputs-${{ matrix.target }} name: outputs-${{ matrix.target }}
path: iac-template/terraform-hcl-standard/gcp-cloud/outputs_${{ matrix.target }}.json path: terraform-hcl-standard/gcp-cloud/outputs_${{ matrix.target }}.json
retention-days: 30 retention-days: 30
aggregate: aggregate:

4
.github/workflows/terraform-standard-iac-pipeline-gcp-global-landingzone-baseline.yaml vendored
View File

@ -3,7 +3,7 @@ name: GCP Cloud LandingZone Baseline
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/gcp-cloud/**' - 'terraform-hcl-standard/gcp-cloud/**'
- '.github/workflows/terraform-standard-iac-pipeline-gcp-global-landingzone-baseline.yaml' - '.github/workflows/terraform-standard-iac-pipeline-gcp-global-landingzone-baseline.yaml'
pull_request: pull_request:
branches: [main] branches: [main]
@ -21,7 +21,7 @@ on:
default: 'true' default: 'true'
env: env:
TF_WORKDIR: iac-template/terraform-hcl-standard/gcp-cloud TF_WORKDIR: terraform-hcl-standard/gcp-cloud
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
# ------------------------------- # -------------------------------

6
.github/workflows/terraform-standard-iac-pipeline-gcp-resources-matrix.yaml vendored
View File

@ -3,8 +3,8 @@ name: IAC Pipeline GCP Resources Matrix
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/gcp-cloud/envs/dev-object/**' - 'terraform-hcl-standard/gcp-cloud/envs/dev-object/**'
- 'iac-template/terraform-hcl-standard/gcp-cloud/envs/dev-ec2/**' - 'terraform-hcl-standard/gcp-cloud/envs/dev-ec2/**'
- '.github/workflows/terraform-standard-iac-pipeline-gcp-resources-matrix.yaml' - '.github/workflows/terraform-standard-iac-pipeline-gcp-resources-matrix.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -14,7 +14,7 @@ on:
default: 'true' default: 'true'
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/gcp-cloud/envs BASE_DIR: terraform-hcl-standard/gcp-cloud/envs
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }} DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }}

8
.github/workflows/terraform-standard-iac-pipeline-vultr-account-matrix.yaml vendored
View File

@ -3,9 +3,9 @@ name: IAC Pipeline Vultr VPS Account/VPC Matrix
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/vpc/**' - 'terraform-hcl-standard/vultr-vps/modules/vpc/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/iam/**' - 'terraform-hcl-standard/vultr-vps/modules/iam/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/envs/dev/**' - 'terraform-hcl-standard/vultr-vps/envs/dev/**'
- '.github/workflows/terraform-standard-iac-pipeline-vultr-account-matrix.yaml' - '.github/workflows/terraform-standard-iac-pipeline-vultr-account-matrix.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -15,7 +15,7 @@ on:
default: 'true' default: 'true'
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/vultr-vps/envs BASE_DIR: terraform-hcl-standard/vultr-vps/envs
DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }} DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }}
jobs: jobs:

8
.github/workflows/terraform-standard-iac-pipeline-vultr-global-bootstrap.yaml vendored
View File

@ -7,9 +7,9 @@ concurrency:
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/vultr-vps/bootstrap-object-storage/**' - 'terraform-hcl-standard/vultr-vps/bootstrap-object-storage/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/bootstrap-iam/**' - 'terraform-hcl-standard/vultr-vps/bootstrap-iam/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/config/**' - 'terraform-hcl-standard/vultr-vps/config/**'
- '.github/workflows/terraform-standard-iac-pipeline-vultr-global-bootstrap.yaml' - '.github/workflows/terraform-standard-iac-pipeline-vultr-global-bootstrap.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -19,7 +19,7 @@ on:
default: plan default: plan
env: env:
TF_ROOT: iac-template/terraform-hcl-standard/vultr-vps TF_ROOT: terraform-hcl-standard/vultr-vps
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
jobs: jobs:

6
.github/workflows/terraform-standard-iac-pipeline-vultr-global-landingzone-baseline.yaml vendored
View File

@ -7,8 +7,8 @@ concurrency:
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/vpc/**' - 'terraform-hcl-standard/vultr-vps/modules/vpc/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/config/**' - 'terraform-hcl-standard/vultr-vps/config/**'
- '.github/workflows/terraform-standard-iac-pipeline-vultr-global-landingzone-baseline.yaml' - '.github/workflows/terraform-standard-iac-pipeline-vultr-global-landingzone-baseline.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -19,7 +19,7 @@ on:
default: plan default: plan
env: env:
TF_ROOT: iac-template/terraform-hcl-standard/vultr-vps/modules/vpc TF_ROOT: terraform-hcl-standard/vultr-vps/modules/vpc
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
jobs: jobs:

12
.github/workflows/terraform-standard-iac-pipeline-vultr-global-resources-matrix.yaml vendored
View File

@ -7,11 +7,11 @@ concurrency:
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/vultr-vps/envs/dev/**' - 'terraform-hcl-standard/vultr-vps/envs/dev/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/compute/**' - 'terraform-hcl-standard/vultr-vps/modules/compute/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/storage/**' - 'terraform-hcl-standard/vultr-vps/modules/storage/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/data_store/**' - 'terraform-hcl-standard/vultr-vps/modules/data_store/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/config/**' - 'terraform-hcl-standard/vultr-vps/config/**'
- '.github/workflows/terraform-standard-iac-pipeline-vultr-global-resources-matrix.yaml' - '.github/workflows/terraform-standard-iac-pipeline-vultr-global-resources-matrix.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -21,7 +21,7 @@ on:
default: plan default: plan
env: env:
TF_ROOT: iac-template/terraform-hcl-standard/vultr-vps/envs TF_ROOT: terraform-hcl-standard/vultr-vps/envs
DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }} DEPLOY_ACTION: ${{ github.event.inputs.deploy_action || 'plan' }}
jobs: jobs:

10
.github/workflows/terraform-standard-iac-pipeline-vultr-resources-matrix.yaml vendored
View File

@ -3,10 +3,10 @@ name: IAC Pipeline Vultr VPS Resources Matrix
on: on:
push: push:
paths: paths:
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/compute/**' - 'terraform-hcl-standard/vultr-vps/modules/compute/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/storage/**' - 'terraform-hcl-standard/vultr-vps/modules/storage/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/modules/data_store/**' - 'terraform-hcl-standard/vultr-vps/modules/data_store/**'
- 'iac-template/terraform-hcl-standard/vultr-vps/envs/dev/**' - 'terraform-hcl-standard/vultr-vps/envs/dev/**'
- '.github/workflows/terraform-standard-iac-pipeline-vultr-resources-matrix.yaml' - '.github/workflows/terraform-standard-iac-pipeline-vultr-resources-matrix.yaml'
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -16,7 +16,7 @@ on:
default: 'true' default: 'true'
env: env:
BASE_DIR: iac-template/terraform-hcl-standard/vultr-vps/envs BASE_DIR: terraform-hcl-standard/vultr-vps/envs
DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }} DRY_RUN: ${{ github.event.inputs.dry_run || 'true' }}
jobs: jobs:

8
.gitignore vendored
View File

@ -40,11 +40,11 @@ coverage.xml
*.tfstate *.tfstate
*.tfstate.* *.tfstate.*
# Generated Terraform provider/backend files for AWS cloud envs # Generated Terraform provider/backend files for AWS cloud envs
iac-template/terraform-hcl-standard/aws-cloud/envs/*/provider.tf terraform-hcl-standard/aws-cloud/envs/*/provider.tf
iac-template/terraform-hcl-standard/aws-cloud/envs/*/backend.tf terraform-hcl-standard/aws-cloud/envs/*/backend.tf
# Generated provider/backend files for component stacks # Generated provider/backend files for component stacks
iac-template/terraform-hcl-standard/aws-cloud/component/*/provider.tf terraform-hcl-standard/aws-cloud/component/*/provider.tf
iac-template/terraform-hcl-standard/aws-cloud/component/*/backend.tf terraform-hcl-standard/aws-cloud/component/*/backend.tf
# Ansible # Ansible
*.retry *.retry

4
scripts/aws-bootstrap-force-destroy.sh
View File

@ -1,13 +1,13 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
CONFIG_PATH=${CONFIG_PATH:-iac-template/terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml} CONFIG_PATH=${CONFIG_PATH:-terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml}
read TERRAFORM_USER ROLE_NAME STATE_BUCKET LOCK_TABLE AWS_REGION ACCOUNT_ID <<< "$(python - <<'PY' read TERRAFORM_USER ROLE_NAME STATE_BUCKET LOCK_TABLE AWS_REGION ACCOUNT_ID <<< "$(python - <<'PY'
import yaml import yaml
import os import os
config_path = os.environ.get('CONFIG_PATH', 'iac-template/terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml') config_path = os.environ.get('CONFIG_PATH', 'terraform-hcl-standard/aws-cloud/config/accounts/bootstrap.yaml')
with open(config_path, 'r') as f: with open(config_path, 'r') as f:
cfg = yaml.safe_load(f) cfg = yaml.safe_load(f)

2
scripts/notifications/notify-landingzone.sh
View File

@ -23,7 +23,7 @@ BODY_HTML=$(cat <<EOF
<h2>🚀 AWS LandingZone Baseline Rollout Completed</h2> <h2>🚀 AWS LandingZone Baseline Rollout Completed</h2>
<p>The baseline deployment for <b>LandingZone Minimal</b> has successfully finished.</p> <p>The baseline deployment for <b>LandingZone Minimal</b> has successfully finished.</p>
<p><b>Environment:</b> dev-landingzone<br/> <p><b>Environment:</b> dev-landingzone<br/>
<b>Workdir:</b> iac-template/terraform-standard</p> <b>Workdir:</b> terraform-hcl-standard/aws-cloud/envs/dev-landingzone</p>
<p>This includes:</p> <p>This includes:</p>
<ul> <ul>

2
terraform-hcl-standard/aws-cloud/bootstrap/README.md
View File

@ -26,7 +26,7 @@ Terragrunt `run-all` handles the ordering; no manual sequencing is required.
## How to Run with Terragrunt ## How to Run with Terragrunt
```bash ```bash
cd iac-template/terraform-hcl-standard/aws-cloud/bootstrap cd terraform-hcl-standard/aws-cloud/bootstrap
# Plan everything in dependency order # Plan everything in dependency order
terragrunt run-all plan terragrunt run-all plan