Merge pull request #1 from code0-tech/initial-setup

Create initial infrastructure setup

.github/workflows/ci.yml

@@ -0,0 +1,48 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+permissions:
+  pull-requests: write
+
+jobs:
+  pipeline:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: Taucher2003/[email protected]
+        name: Run pipeline
+        id: pipeline
+        with:
+          GL_SERVER_URL: https://gitlab.com
+          GL_PROJECT_ID: '54779398'
+          GL_RUNNER_TOKEN: ${{ secrets.GL_INFRA_RUNNER_TOKEN }}
+          GL_API_TOKEN: ${{ secrets.GL_API_TOKEN }}
+          SHOW_JOB_LOGS: none
+        env:
+          GLPA_C0_GH_REF: ${{ github.ref }}
+          GLPA_TF_VAR_cloudflare_api_token: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+          GLPA_TF_VAR_cloudflare_account_id: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+
+      - name: Find existing comment
+        uses: peter-evans/find-comment@v3
+        id: find-comment
+        if: ${{ !cancelled() && github.event_name == 'pull_request' }}
+        with:
+          issue-number: ${{ github.event.pull_request.number }}
+          comment-author: 'github-actions[bot]'
+          body-includes: <!-- glpa_comment:pipeline -->
+
+      - name: Create or update comment
+        uses: peter-evans/create-or-update-comment@v4
+        if: ${{ !cancelled() && github.event_name == 'pull_request' }}
+        with:
+          comment-id: ${{ steps.find-comment.outputs.comment-id }}
+          issue-number: ${{ github.event.pull_request.number }}
+          body: |
+            <!-- glpa_comment:pipeline -->
+            ${{ steps.pipeline.outputs.SUMMARY_TEXT }}
+          edit-mode: replace

.gitignore

@@ -127,5 +127,6 @@ terraform.rc
 
 # End of https://www.toptal.com/developers/gitignore/api/terraform,jetbrains+all
 
+.terraform.lock.hcl
 localTerraform.sh
 setLocalVariables.sh

.gitlab-ci.yml

@@ -0,0 +1,54 @@
+stages:
+  - terraform-plan
+  - terraform-apply
+
+default:
+  tags:
+    - infra
+
+.tf:
+  image: registry.gitlab.com/gitlab-org/terraform-images/stable:latest
+  before_script:
+    - cd $TF_ROOT
+
+tf-plan:main:
+  extends:
+    - .tf
+  stage: terraform-plan
+  script:
+    - gitlab-terraform plan -no-color | tee output
+    - gitlab-terraform plan-json
+    - |
+      echo -e "\e[0Ksection_start:`date +%s`:glpa_summary\r\e[0KHeader of the summary"
+      grep -E "Plan:|No changes" output
+      echo -e "\e[0Ksection_end:`date +%s`:glpa_summary\r\e[0K"
+  artifacts:
+    expire_in: 7 days
+    paths:
+      - $TF_ROOT/plan.cache
+    reports:
+      terraform: $TF_ROOT/plan.json
+  variables:
+    TF_STATE_NAME: main
+    TF_ROOT: '.'
+
+tf-apply:main:
+  extends:
+    - .tf
+  stage: terraform-apply
+  needs:
+    - tf-plan:main
+  script:
+    - gitlab-terraform apply -no-color | tee output
+    - |
+      echo -e "\e[0Ksection_start:`date +%s`:glpa_summary\r\e[0KHeader of the summary"
+      grep "Apply complete!" output
+      echo -e "\e[0Ksection_end:`date +%s`:glpa_summary\r\e[0K"
+  environment:
+    name: main
+    deployment_tier: production
+  variables: !reference ["tf-plan:main", variables]
+  rules:
+    - if: $C0_GH_REF == "refs/heads/main"
+      when: delayed
+      start_in: 2 min

domain/main.tf

@@ -0,0 +1,13 @@
+terraform {
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "4.12.0"
+    }
+  }
+}
+
+data "cloudflare_zone" "main_domain" {
+  account_id = var.cloudflare_account_id
+  name       = "code0.tech"
+}

domain/variables.tf

@@ -0,0 +1,9 @@
+variable "cloudflare_api_token" {
+  type      = string
+  sensitive = true
+}
+
+variable "cloudflare_account_id" {
+  type      = string
+  sensitive = true
+}

main.tf

@@ -0,0 +1,20 @@
+terraform {
+  backend "http" {}
+
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "4.12.0"
+    }
+  }
+}
+
+provider "cloudflare" {
+  api_token = var.cloudflare_api_token
+}
+
+module "domain" {
+  source = "./domain"
+  cloudflare_account_id = var.cloudflare_account_id
+  cloudflare_api_token = var.cloudflare_api_token
+}

variables.tf

@@ -0,0 +1,9 @@
+variable "cloudflare_api_token" {
+  type      = string
+  sensitive = true
+}
+
+variable "cloudflare_account_id" {
+  type      = string
+  sensitive = true
+}