Merge pull request #211 from liquibase/DAT-16244-spacectl

DAT-16244 DevOps :: Spacelift replacement of Terraform Cloud
liquibase · Jan 9, 2024 · ae5bd41 · ae5bd41
2 parents a015256 + 548b595
commit ae5bd41
Show file tree

Hide file tree

Showing 9 changed files with 1,019 additions and 56 deletions.
diff --git a/.github/workflows/promote-enterprisedocs-staging-to-production.yml b/.github/workflows/promote-enterprisedocs-staging-to-production.yml
@@ -27,6 +27,9 @@ jobs:
     runs-on: ubuntu-20.04
     env:
       TF_VAR_env: "prod"
+      SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }}
+      SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }}
+      SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }}
     defaults:
       run:
         working-directory: scripts/redirect_creation
@@ -45,10 +48,8 @@ jobs:
           aws-secret-access-key: ${{ secrets.DOCS_AWS_KEY }}
           aws-region: us-east-1
 
-      - name: Terraform Init
-        id: init
-        run: terraform init -backend-config=$TF_VAR_env.remote.tfbackend 
-
-      - name: Terraform Apply
-        run: terraform apply -target=aws_s3_object.enterprise_redirects -auto-approve
+      - name: Deploy infrastructure
+        run: |
+          spacectl stack set-current-commit --id liquibase-docs-prod --sha ${{ github.sha }}
+          spacectl stack deploy --id liquibase-docs-prod --auto-confirm 
      
diff --git a/.github/workflows/promote-staging-to-production.yml b/.github/workflows/promote-staging-to-production.yml
@@ -28,16 +28,19 @@ jobs:
     runs-on: ubuntu-20.04
     env:
       TF_VAR_env: "prod"
+      SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }}
+      SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }}
+      SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }}
     defaults:
       run:
         working-directory: scripts/redirect_creation
     steps:
       - uses: actions/checkout@v3
 
-      - name: Setup Terraform
-        uses: hashicorp/setup-terraform@v2
-        with:
-          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
+      - name: Install spacectl
+        uses: spacelift-io/setup-spacectl@main
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v2
@@ -46,9 +49,7 @@ jobs:
           aws-secret-access-key: ${{ secrets.DOCS_AWS_KEY }}
           aws-region: us-east-1
 
-      - name: Terraform Init
-        id: init
-        run: terraform init -backend-config=$TF_VAR_env.remote.tfbackend 
-
-      - name: Terraform Apply
-        run: terraform apply -auto-approve
+      - name: Deploy infrastructure
+        run: |
+          spacectl stack set-current-commit --id liquibase-docs-prod --sha ${{ github.sha }}
+          spacectl stack deploy --id liquibase-docs-prod --auto-confirm 
diff --git a/.github/workflows/send-docs-redirects-to-staging.yml b/.github/workflows/send-docs-redirects-to-staging.yml
@@ -17,6 +17,9 @@ jobs:
     runs-on: ubuntu-20.04
     env:
       TF_VAR_env: "staging"
+      SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }}
+      SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }}
+      SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }}
     defaults:
       run:
         working-directory: scripts/redirect_creation
@@ -26,10 +29,10 @@ jobs:
         with:
           ref: ${{ github.event.inputs.branch }}
 
-      - name: Setup Terraform
-        uses: hashicorp/setup-terraform@v2
-        with:
-          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
+      - name: Install spacectl
+        uses: spacelift-io/setup-spacectl@main
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v2
@@ -45,20 +48,15 @@ jobs:
 
       - name: Terraform Init
         id: init
-        run: terraform init -backend-config=$TF_VAR_env.remote.tfbackend 
+        run: terraform init
 
       - name: Terraform Validate
         if: ${{ github.event_name == 'pull_request' }}
         id: validate
         run: terraform validate -no-color
 
-      - name: Terraform Plan
-        if: ${{ github.event_name == 'pull_request' }}
-        id: plan
-        run: |
-          terraform plan -out=plan.tmp
-          terraform show -no-color plan.tmp >${GITHUB_WORKSPACE}/plan.out
-        continue-on-error: false
+      - name: Preview infrastructure
+        run: spacectl stack local-preview --id liquibase-docs-staging > ${GITHUB_WORKSPACE}/plan.out
 
       - name: Terraform Show Plan in PR
         uses: actions/github-script@v6
@@ -103,6 +101,8 @@ jobs:
               body: output
             })
 
-      - name: Terraform Apply
+      - name: Deploy infrastructure
         if: ${{ github.event_name == 'push' }}
-        run: terraform apply -auto-approve
+        run: |
+          spacectl stack set-current-commit --id liquibase-docs-staging --sha ${{ github.sha }}
+          spacectl stack deploy --id liquibase-docs-staging --auto-confirm 
diff --git a/.github/workflows/send-enterprise-redirects-to-staging.yml b/.github/workflows/send-enterprise-redirects-to-staging.yml
@@ -14,6 +14,9 @@ jobs:
     runs-on: ubuntu-20.04
     env:
       TF_VAR_env: "staging"
+      SPACELIFT_API_KEY_ENDPOINT: ${{ secrets.SPACELIFT_API_KEY_ENDPOINT }}
+      SPACELIFT_API_KEY_ID: ${{ secrets.SPACELIFT_API_KEY_ID }}
+      SPACELIFT_API_KEY_SECRET: ${{ secrets.SPACELIFT_API_KEY_SECRET }}
     defaults:
       run:
         working-directory: scripts/redirect_creation
@@ -23,10 +26,10 @@ jobs:
         with:
           ref: ${{ github.event.inputs.branch }}
 
-      - name: Setup Terraform
-        uses: hashicorp/setup-terraform@v2
-        with:
-          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
+      - name: Install spacectl
+        uses: spacelift-io/setup-spacectl@main
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v2
@@ -42,20 +45,15 @@ jobs:
 
       - name: Terraform Init
         id: init
-        run: terraform init -backend-config=$TF_VAR_env.remote.tfbackend 
+        run: terraform init
 
       - name: Terraform Validate
         if: ${{ github.event_name == 'pull_request' }}
         id: validate
         run: terraform validate -no-color
 
-      - name: Terraform Plan
-        if: ${{ github.event_name == 'pull_request' }}
-        id: plan
-        run: |
-          terraform plan -out=plan.tmp
-          terraform show -no-color plan.tmp >${GITHUB_WORKSPACE}/plan.out
-        continue-on-error: false
+      - name: Preview infrastructure
+        run: spacectl stack local-preview --id liquibase-docs-staging >${GITHUB_WORKSPACE}/plan.out
 
       - name: Terraform Show Plan in PR
         uses: actions/github-script@v6
@@ -100,6 +98,8 @@ jobs:
               body: output
             })
 
-      - name: Terraform Apply
+      - name: Deploy infrastructure
         if: ${{ github.event_name == 'push' }}
-        run: terraform apply -target=aws_s3_object.enterprise_redirects -auto-approve
+        run: |
+          spacectl stack set-current-commit --id liquibase-docs-staging --sha ${{ github.sha }}
+          spacectl stack deploy --id liquibase-docs-staging --auto-confirm 
diff --git a/scripts/redirect_creation/main.tf b/scripts/redirect_creation/main.tf
@@ -1,13 +1,9 @@
-
-terraform {
-  backend "remote" {}
-}
-
 # use Terraform Remote State Data stanza to read state from environment-based workspace
 data "terraform_remote_state" "state" {
   backend = "remote"
   config = {
     organization = "liquibase"
+    hostname     = "spacelift.io"
     workspaces = {
       name = "liquibase-${var.env}"
     }