From 2b5052f65375aae920ccb5c10c9e294398a89676 Mon Sep 17 00:00:00 2001 From: ale210 Date: Sat, 29 Jun 2024 21:30:31 -0700 Subject: [PATCH 1/4] preview contrubuting updates --- CONTRIBUTING.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ad6fb49..bbc3fde 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -24,6 +24,7 @@ Below are guidelines for contributing to the devops-security repository hosted o - [**Generating Access Keys for AWS CLI**](#generating-access-keys-for-aws-cli) - [**Installing Terraform**](#installing-terraform) - [**Creating Backend State**](#creating-backend-state) + - [**Creating Local tfvars file**](#creating-local-tfvars-file) - [**Installing Terraform docs**](#installing-terraform-docs) - [**Clone (Create) a copy on your computer**](#clone-create-a-copy-on-your-computer) - [**Create a new branch where you will work on your issue**](#create-a-new-branch-where-you-will-work-on-your-issue) @@ -153,6 +154,22 @@ To facilitate AWS IAM changes using Terraform, it's essential to establish backe [Back to Table of Contents](#table-of-contents) *** +### **Creating Local tfvars file** + +Atfer creating a backend state, create a ```backend.tfvars``` file. It should have content of this format: + +```bucket = "{developer_specific}-hfla-ops-terraform-state" +key = "devops-security/terraform.tfstate" +region = "us-east-2" +dynamodb_table = "{developer_specific}_hfla_ops_terraform_table" +encrypt = true +``` + +Remeber to match these values to the ones in your backend state + +[Back to Table of Contents](#table-of-contents) +*** + ### **Installing Terraform docs** Follow the Terraform docs [installation guide](https://terraform-docs.io/user-guide/installation/) From 37707609371664307411b6ecbd78eac0d33a484f Mon Sep 17 00:00:00 2001 From: ale210 Date: Sat, 29 Jun 2024 21:37:54 -0700 Subject: [PATCH 2/4] fix contributing formatting --- CONTRIBUTING.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index bbc3fde..cbe740c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -158,7 +158,8 @@ To facilitate AWS IAM changes using Terraform, it's essential to establish backe Atfer creating a backend state, create a ```backend.tfvars``` file. It should have content of this format: -```bucket = "{developer_specific}-hfla-ops-terraform-state" +``` +bucket = "{developer_specific}-hfla-ops-terraform-state" key = "devops-security/terraform.tfstate" region = "us-east-2" dynamodb_table = "{developer_specific}_hfla_ops_terraform_table" From c29d43705c3a1e3c062e99a98b6c199136cd8082 Mon Sep 17 00:00:00 2001 From: ale210 Date: Sat, 29 Jun 2024 21:38:11 -0700 Subject: [PATCH 3/4] fix formatting --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index cbe740c..c00f328 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -166,7 +166,7 @@ dynamodb_table = "{developer_specific}_hfla_ops_terraform_table" encrypt = true ``` -Remeber to match these values to the ones in your backend state +Remeber to match these values to the ones in your backend state (and replace {developer-specific} with your actual name) [Back to Table of Contents](#table-of-contents) *** From 74056cc08fca6ba93499194be93dcb5d6f743a72 Mon Sep 17 00:00:00 2001 From: ale210 Date: Sat, 29 Jun 2024 21:50:42 -0700 Subject: [PATCH 4/4] create backend local tf files --- .github/workflows/terraform-apply.yaml | 1 + .github/workflows/terraform-plan.yaml | 1 + .gitignore | 3 +++ CONTRIBUTING.md | 2 +- terraform/backend.tf | 7 +------ terraform/prod.backend.tfvars | 5 +++++ 6 files changed, 12 insertions(+), 7 deletions(-) create mode 100644 terraform/prod.backend.tfvars diff --git a/.github/workflows/terraform-apply.yaml b/.github/workflows/terraform-apply.yaml index b059069..589871e 100644 --- a/.github/workflows/terraform-apply.yaml +++ b/.github/workflows/terraform-apply.yaml @@ -32,3 +32,4 @@ jobs: uses: dflook/terraform-apply@v1 with: path: terraform + backend_config_file: prod.backend.tfvars diff --git a/.github/workflows/terraform-plan.yaml b/.github/workflows/terraform-plan.yaml index 0210fe6..d07aa0c 100644 --- a/.github/workflows/terraform-plan.yaml +++ b/.github/workflows/terraform-plan.yaml @@ -32,3 +32,4 @@ jobs: uses: dflook/terraform-plan@v1 with: path: terraform + backend_config_file: prod.backend.tfvars diff --git a/.gitignore b/.gitignore index 0d16693..e09d516 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,9 @@ # Ignore variables files *.auto.tfvars +# Ignore local development variable file +backend.tfvars + # Ignore override files *.tfoverride diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c00f328..cccc632 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -242,7 +242,7 @@ cd terraform - Next initilize the terraform configuration ```bash -terraform init +terraform init --backend-config=backend.tfvars ``` - Then generate and run an execution plan diff --git a/terraform/backend.tf b/terraform/backend.tf index 84c8d63..b1bfb95 100644 --- a/terraform/backend.tf +++ b/terraform/backend.tf @@ -1,9 +1,4 @@ terraform { backend "s3" { - bucket = "hfla-ops-terraform-state" - key = "devops-security/terraform.tfstate" - region = "us-west-2" - dynamodb_table = "hfla_ops_terraform_table" - encrypt = true } -} +} \ No newline at end of file diff --git a/terraform/prod.backend.tfvars b/terraform/prod.backend.tfvars new file mode 100644 index 0000000..995edf6 --- /dev/null +++ b/terraform/prod.backend.tfvars @@ -0,0 +1,5 @@ +bucket = "hfla-ops-terraform-state" +key = "devops-security/terraform.tfstate" +region = "us-west-2" +dynamodb_table = "hfla_ops_terraform_table" +encrypt = true \ No newline at end of file