feat: tile worker

.github/workflows/terragrunt.yaml

@@ -0,0 +1,109 @@
+name: 'Terragrunt'
+on:
+  pull_request:
+    branches: [ "main" ]
+    paths:
+      - "deployment/**"
+      - ".github/workflows/terragrunt.yaml"
+  push:
+    branches: [ "main" ]
+    paths:
+      - "deployment/**"
+      - ".github/workflows/terragrunt.yaml"
+
+concurrency:
+  group: ${{ github.workflow }}
+  cancel-in-progress: false
+
+env:
+  tofu_version: '1.7.1'
+  tg_version: '0.58.12'
+  working_dir: 'deployment'
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@main
+
+      - name: Check Formatting
+        uses: gruntwork-io/terragrunt-action@v2
+        with:
+          tofu_version: ${{ env.tofu_version }}
+          tg_version: ${{ env.tg_version }}
+          tg_dir: ${{ env.working_dir }}
+          tg_command: 'hclfmt --terragrunt-check --terragrunt-diff'
+
+      - name: Check terraform fmt
+        uses: gruntwork-io/terragrunt-action@v2
+        env:
+          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
+        with:
+          tofu_version: ${{ env.tofu_version }}
+          tg_version: ${{ env.tg_version }}
+          tg_dir: ${{ env.working_dir }}
+          tg_command: 'run-all fmt -diff -check'
+  plan:
+    runs-on: ubuntu-latest
+    if: github.ref != 'refs/heads/main'
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@main
+
+      - name: Install Terragrunt
+        uses: eLco/setup-terragrunt@v1
+        with:
+          terragrunt_version: ${{ env.tg_version }}
+
+      - name: 'Install OpenTofu'
+        uses: opentofu/setup-opentofu@v1
+        with:
+          tofu_version: ${{ env.tofu_version }}
+          tofu_wrapper: false
+
+      - name: Plan All
+        working-directory: ${{ env.working_dir }}
+        env:
+          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
+        run: terragrunt run-all plan -no-color 2>&1 | tee "${{github.workspace}}/plan_output.txt";
+
+#      - name: 'List files'
+#        run: 'ls -la ${{ github.workspace }}'
+
+#      - name: Comment Terraform Plan on PR
+#        uses: blinqas/tf-plan-pr-comment@v1
+#        with:
+#          output_file: "${{ github.workspace }}/plan_output.txt"
+#        env:
+#          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  deploy:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main'
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@main
+
+      - name: Install Terragrunt
+        uses: eLco/setup-terragrunt@v1
+        with:
+          terragrunt_version: ${{ env.tg_version }}
+
+      - name: 'Install OpenTofu'
+        uses: opentofu/setup-opentofu@v1
+        with:
+          tofu_version: ${{ env.tofu_version }}
+          tofu_wrapper: false
+
+      - name: Deploy All
+        working-directory: ${{ env.working_dir }}
+        env:
+          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
+        run: terragrunt run-all apply --terragrunt-non-interactive

deployment/.gitignore

@@ -0,0 +1,38 @@
+# OpenTofu
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# Terragrunt
+
+# terragrunt cache directories
+**/.terragrunt-cache/*
+
+# Terragrunt debug output file (when using `--terragrunt-debug` option)
+# See: https://terragrunt.gruntwork.io/docs/reference/cli-options/#terragrunt-debug
+terragrunt-debug.tfvars.json

deployment/modules/cloudflare/cloudflare.hcl

@@ -0,0 +1,9 @@
+locals {
+  cloudflare_account_id = get_env("CLOUDFLARE_ACCOUNT_ID")
+  cloudflare_api_token  = get_env("CLOUDFLARE_API_TOKEN")
+}
+
+inputs = {
+  cloudflare_account_id = local.cloudflare_account_id
+  cloudflare_api_token  = local.cloudflare_api_token
+}

deployment/modules/cloudflare/tiles/config.tf

@@ -0,0 +1,13 @@
+terraform {
+  backend "pg" {
+    schema_name = "prod_cloudflare_tiles"
+  }
+  required_version = "~> 1.7"
+
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "4.38.0"
+    }
+  }
+}