From 95bbed96e1490816372d288d523ef578d4944749 Mon Sep 17 00:00:00 2001 From: Niklas van Schrick Date: Fri, 9 Feb 2024 20:09:28 +0100 Subject: [PATCH] Create initial infrastructure setup --- .github/workflows/ci.yml | 48 +++++++++++++++++++++++++++++++++++ .gitignore | 1 + .gitlab-ci.yml | 54 ++++++++++++++++++++++++++++++++++++++++ domain/main.tf | 13 ++++++++++ domain/variables.tf | 9 +++++++ main.tf | 20 +++++++++++++++ variables.tf | 9 +++++++ 7 files changed, 154 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 .gitlab-ci.yml create mode 100644 domain/main.tf create mode 100644 domain/variables.tf create mode 100644 main.tf create mode 100644 variables.tf diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..d714656 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,48 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + +permissions: + pull-requests: write + +jobs: + pipeline: + runs-on: ubuntu-latest + steps: + - uses: Taucher2003/GitLab-Pipeline-Action@1.6.2 + name: Run pipeline + id: pipeline + with: + GL_SERVER_URL: https://gitlab.com + GL_PROJECT_ID: '54779398' + GL_RUNNER_TOKEN: ${{ secrets.GL_INFRA_RUNNER_TOKEN }} + GL_API_TOKEN: ${{ secrets.GL_API_TOKEN }} + SHOW_JOB_LOGS: none + env: + GLPA_C0_GH_REF: ${{ github.ref }} + GLPA_TF_VAR_cloudflare_api_token: ${{ secrets.CLOUDFLARE_API_TOKEN }} + GLPA_TF_VAR_cloudflare_account_id: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} + + - name: Find existing comment + uses: peter-evans/find-comment@v3 + id: find-comment + if: ${{ !cancelled() && github.event_name == 'pull_request' }} + with: + issue-number: ${{ github.event.pull_request.number }} + comment-author: 'github-actions[bot]' + body-includes: + + - name: Create or update comment + uses: peter-evans/create-or-update-comment@v4 + if: ${{ !cancelled() && github.event_name == 'pull_request' }} + with: + comment-id: ${{ steps.find-comment.outputs.comment-id }} + issue-number: ${{ github.event.pull_request.number }} + body: | + + ${{ steps.pipeline.outputs.SUMMARY_TEXT }} + edit-mode: replace diff --git a/.gitignore b/.gitignore index 05bd37c..8d21c5e 100644 --- a/.gitignore +++ b/.gitignore @@ -127,5 +127,6 @@ terraform.rc # End of https://www.toptal.com/developers/gitignore/api/terraform,jetbrains+all +.terraform.lock.hcl localTerraform.sh setLocalVariables.sh diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..cfea84b --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,54 @@ +stages: + - terraform-plan + - terraform-apply + +default: + tags: + - infra + +.tf: + image: registry.gitlab.com/gitlab-org/terraform-images/stable:latest + before_script: + - cd $TF_ROOT + +tf-plan:main: + extends: + - .tf + stage: terraform-plan + script: + - gitlab-terraform plan -no-color | tee output + - gitlab-terraform plan-json + - | + echo -e "\e[0Ksection_start:`date +%s`:glpa_summary\r\e[0KHeader of the summary" + grep -E "Plan:|No changes" output + echo -e "\e[0Ksection_end:`date +%s`:glpa_summary\r\e[0K" + artifacts: + expire_in: 7 days + paths: + - $TF_ROOT/plan.cache + reports: + terraform: $TF_ROOT/plan.json + variables: + TF_STATE_NAME: main + TF_ROOT: '.' + +tf-apply:main: + extends: + - .tf + stage: terraform-apply + needs: + - tf-plan:main + script: + - gitlab-terraform apply -no-color | tee output + - | + echo -e "\e[0Ksection_start:`date +%s`:glpa_summary\r\e[0KHeader of the summary" + grep "Apply complete!" output + echo -e "\e[0Ksection_end:`date +%s`:glpa_summary\r\e[0K" + environment: + name: main + deployment_tier: production + variables: !reference ["tf-plan:main", variables] + rules: + - if: $C0_GH_REF == "refs/heads/main" + when: delayed + start_in: 2 min diff --git a/domain/main.tf b/domain/main.tf new file mode 100644 index 0000000..ef30b7f --- /dev/null +++ b/domain/main.tf @@ -0,0 +1,13 @@ +terraform { + required_providers { + cloudflare = { + source = "cloudflare/cloudflare" + version = "4.12.0" + } + } +} + +data "cloudflare_zone" "main_domain" { + account_id = var.cloudflare_account_id + name = "code0.tech" +} diff --git a/domain/variables.tf b/domain/variables.tf new file mode 100644 index 0000000..44e72bd --- /dev/null +++ b/domain/variables.tf @@ -0,0 +1,9 @@ +variable "cloudflare_api_token" { + type = string + sensitive = true +} + +variable "cloudflare_account_id" { + type = string + sensitive = true +} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..b60962b --- /dev/null +++ b/main.tf @@ -0,0 +1,20 @@ +terraform { + backend "http" {} + + required_providers { + cloudflare = { + source = "cloudflare/cloudflare" + version = "4.12.0" + } + } +} + +provider "cloudflare" { + api_token = var.cloudflare_api_token +} + +module "domain" { + source = "./domain" + cloudflare_account_id = var.cloudflare_account_id + cloudflare_api_token = var.cloudflare_api_token +} diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..44e72bd --- /dev/null +++ b/variables.tf @@ -0,0 +1,9 @@ +variable "cloudflare_api_token" { + type = string + sensitive = true +} + +variable "cloudflare_account_id" { + type = string + sensitive = true +}