-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(deployment): provision scaleway with tf
- Loading branch information
Showing
14 changed files
with
316 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,6 +12,9 @@ | |
{ | ||
"path": "../siretisation" | ||
}, | ||
{ | ||
"path": "../deployment" | ||
}, | ||
{ | ||
"path": ".." | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# https://github.com/github/gitignore/blob/main/Terraform.gitignore | ||
|
||
# Local .terraform directories | ||
**/.terraform/* | ||
|
||
# .tfstate files | ||
*.tfstate | ||
*.tfstate.* | ||
|
||
# Crash log files | ||
crash.log | ||
crash.*.log | ||
|
||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as | ||
# password, private keys, and other secrets. These should not be part of version | ||
# control as they are data points which are potentially sensitive and subject | ||
# to change depending on the environment. | ||
*.tfvars | ||
*.tfvars.json | ||
|
||
# Ignore override files as they are usually used to override resources locally and so | ||
# are not checked in | ||
override.tf | ||
override.tf.json | ||
*_override.tf | ||
*_override.tf.json | ||
|
||
# Ignore CLI configuration files | ||
.terraformrc | ||
terraform.rc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
# deployment | ||
|
||
## prerequisites | ||
|
||
An API key needs to be generated on the scaleway [console](https://console.scaleway.com/project/settings). | ||
|
||
## targeting an environment | ||
|
||
Use the `-chdir=` option to target a specific environment: | ||
|
||
```bash | ||
docker-compose run tf -chdir=environments/staging plan | ||
``` | ||
|
||
## initializing the state backend | ||
|
||
```bash | ||
docker-compose run tf -chdir=environments/<ENVIRONMENT>/ init \ | ||
-backend-config "bucket=data-inclusion-terraform" \ | ||
-backend-config "key=stack_data/<ENVIRONMENT>" \ | ||
-backend-config "region=fr-par" \ | ||
-backend-config "endpoint=https://s3.fr-par.scw.cloud" \ | ||
-backend-config "access_key=<ACCESS_KEY>" \ | ||
-backend-config "secret_key=<SECRET_KEY>" | ||
``` | ||
|
||
## configuring the deployment | ||
|
||
The deployment is configured through variables. The set of variables will be different for each environment. | ||
|
||
To generate a configuration file for a specific environment: | ||
|
||
```bash | ||
USER_ID=$(id -u) docker-compose run tf-vars environments/<ENVIRONMENT> | ||
``` | ||
|
||
The generated `terraform.tfvars.json` file can be filled with the appropriate values for that environment. | ||
|
||
⚠️⚠️ `terraform.tfvars.json` FILES SHOULD NOT BE COMMITTED ⚠️⚠️ | ||
|
||
## deployment | ||
|
||
```bash | ||
# review changes | ||
docker-compose run tf -chdir=environments/staging plan | ||
|
||
# apply | ||
docker-compose run tf -chdir=environments/staging apply | ||
``` | ||
|
||
## updating auto generated documentation | ||
|
||
```bash | ||
USER_ID=$(id -u) docker-compose run tf-docs | ||
``` | ||
|
||
## formatting `.tf` files | ||
|
||
```bash | ||
docker-compose run tf-fmt | ||
``` | ||
|
||
## references | ||
|
||
* [Scaleway Terraform Provider documentation](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs) | ||
* [Google's Best practices for using Terraform](https://cloud.google.com/docs/terraform/best-practices-for-terraform) | ||
* [How To Create Reusable Infrastructure with Terraform Modules and Templates by Savic](https://www.digitalocean.com/community/tutorials/how-to-create-reusable-infrastructure-with-terraform-modules-and-templates) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
# This file is meant for local development | ||
|
||
version: "3.9" | ||
|
||
services: | ||
tf: | ||
image: hashicorp/terraform:1.4.0 | ||
working_dir: /deployment | ||
volumes: | ||
- .:/deployment | ||
|
||
scw: | ||
image: scaleway/cli:v2.12.0 | ||
|
||
tf-docs: | ||
image: quay.io/terraform-docs/terraform-docs:0.16.0 | ||
user: "${USER_UID:-1000}:0" | ||
working_dir: /deployment | ||
entrypoint: terraform-docs markdown --recursive --recursive-path ../../modules --output-file README.md | ||
command: environments/staging | ||
volumes: | ||
- .:/deployment | ||
|
||
tf-fmt: | ||
image: hashicorp/terraform:1.4.0 | ||
working_dir: /deployment | ||
command: fmt -recursive | ||
volumes: | ||
- .:/deployment | ||
|
||
tf-vars: | ||
image: quay.io/terraform-docs/terraform-docs:0.16.0 | ||
user: "${USER_UID:-1000}:0" | ||
working_dir: /deployment | ||
entrypoint: terraform-docs tfvars --output-file "terraform.tfvars.json" json | ||
volumes: | ||
- .:/deployment |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
<!-- BEGIN_TF_DOCS --> | ||
## Requirements | ||
|
||
No requirements. | ||
|
||
## Providers | ||
|
||
No providers. | ||
|
||
## Modules | ||
|
||
| Name | Source | Version | | ||
|------|--------|---------| | ||
| <a name="module_stack_data"></a> [stack\_data](#module\_stack\_data) | ../../modules/stack_data | n/a | | ||
|
||
## Resources | ||
|
||
No resources. | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|------|---------|:--------:| | ||
| <a name="input_scaleway_access_key"></a> [scaleway\_access\_key](#input\_scaleway\_access\_key) | Scaleway access key (https://console.scaleway.com/iam/api-keys) | `string` | n/a | yes | | ||
| <a name="input_scaleway_project_id"></a> [scaleway\_project\_id](#input\_scaleway\_project\_id) | Scaleway project id (https://console.scaleway.com/project/settings) | `string` | n/a | yes | | ||
| <a name="input_scaleway_secret_key"></a> [scaleway\_secret\_key](#input\_scaleway\_secret\_key) | Scaleway secret key (https://console.scaleway.com/iam/api-keys) | `string` | n/a | yes | | ||
|
||
## Outputs | ||
|
||
No outputs. | ||
<!-- END_TF_DOCS --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
terraform { | ||
backend "s3" { | ||
skip_credentials_validation = true | ||
skip_metadata_api_check = true | ||
skip_region_validation = true | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
variable "scaleway_access_key" { | ||
description = "Scaleway access key (https://console.scaleway.com/iam/api-keys)" | ||
type = string | ||
} | ||
|
||
variable "scaleway_secret_key" { | ||
description = "Scaleway secret key (https://console.scaleway.com/iam/api-keys)" | ||
type = string | ||
sensitive = true | ||
} | ||
|
||
variable "scaleway_project_id" { | ||
description = "Scaleway project id (https://console.scaleway.com/project/settings)" | ||
type = string | ||
} | ||
|
||
module "stack_data" { | ||
source = "../../modules/stack_data" | ||
|
||
scaleway_access_key = var.scaleway_access_key | ||
scaleway_secret_key = var.scaleway_secret_key | ||
scaleway_project_id = var.scaleway_project_id | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
# `stack_data` | ||
|
||
Provision a compute instance with docker in the given scaleway project. | ||
|
||
<!-- BEGIN_TF_DOCS --> | ||
## Requirements | ||
|
||
| Name | Version | | ||
|------|---------| | ||
| <a name="requirement_scaleway"></a> [scaleway](#requirement\_scaleway) | 2.13.1 | | ||
|
||
## Providers | ||
|
||
| Name | Version | | ||
|------|---------| | ||
| <a name="provider_scaleway"></a> [scaleway](#provider\_scaleway) | 2.13.1 | | ||
|
||
## Modules | ||
|
||
No modules. | ||
|
||
## Resources | ||
|
||
| Name | Type | | ||
|------|------| | ||
| [scaleway_instance_ip.main](https://registry.terraform.io/providers/scaleway/scaleway/2.13.1/docs/resources/instance_ip) | resource | | ||
| [scaleway_instance_server.main](https://registry.terraform.io/providers/scaleway/scaleway/2.13.1/docs/resources/instance_server) | resource | | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|------|---------|:--------:| | ||
| <a name="input_scaleway_access_key"></a> [scaleway\_access\_key](#input\_scaleway\_access\_key) | Scaleway access key (https://console.scaleway.com/iam/api-keys) | `string` | n/a | yes | | ||
| <a name="input_scaleway_project_id"></a> [scaleway\_project\_id](#input\_scaleway\_project\_id) | Scaleway project id (https://console.scaleway.com/project/settings) | `string` | n/a | yes | | ||
| <a name="input_scaleway_secret_key"></a> [scaleway\_secret\_key](#input\_scaleway\_secret\_key) | Scaleway secret key (https://console.scaleway.com/iam/api-keys) | `string` | n/a | yes | | ||
|
||
## Outputs | ||
|
||
| Name | Description | | ||
|------|-------------| | ||
| <a name="output_public_ip"></a> [public\_ip](#output\_public\_ip) | Publicly reachable IP (with `ssh root@<public_ip>`) | | ||
<!-- END_TF_DOCS --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
resource "scaleway_instance_ip" "main" {} | ||
|
||
resource "scaleway_instance_server" "main" { | ||
type = "DEV1-L" | ||
image = "docker" | ||
ip_id = scaleway_instance_ip.main.id | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
output "public_ip" { | ||
description = "Publicly reachable IP (with `ssh root@<public_ip>`)" | ||
value = scaleway_instance_server.main.public_ip | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
terraform { | ||
required_providers { | ||
scaleway = { | ||
source = "scaleway/scaleway" | ||
version = "2.13.1" | ||
} | ||
} | ||
} | ||
|
||
provider "scaleway" { | ||
access_key = var.scaleway_access_key | ||
secret_key = var.scaleway_secret_key | ||
project_id = var.scaleway_project_id | ||
zone = "fr-par-1" | ||
region = "fr-par" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
variable "scaleway_access_key" { | ||
description = "Scaleway access key (https://console.scaleway.com/iam/api-keys)" | ||
type = string | ||
} | ||
|
||
variable "scaleway_secret_key" { | ||
description = "Scaleway secret key (https://console.scaleway.com/iam/api-keys)" | ||
type = string | ||
sensitive = true | ||
} | ||
|
||
variable "scaleway_project_id" { | ||
description = "Scaleway project id (https://console.scaleway.com/project/settings)" | ||
type = string | ||
} |