Skip to content
Snippets Groups Projects
Commit 60e6ba18 authored by nimrod's avatar nimrod
Browse files

Scaffolding.

parent 16a6fc3a
Branches
No related tags found
No related merge requests found
......@@ -48,5 +48,8 @@ dist/
.bundle/
!Pipfile.lock
.terraform
.terraform.*
tfplan
*.tfstate*
payload/*
payload.zip
---
include:
- project: shore/ci-templates
file: templates/pre-commit.yml
variables:
TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/default
stages:
- test
- build
- plan
- apply
Generate payload:
stage: build
image: registry.shore.co.il/ci-images:python3
variables:
XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache"
before_script:
- apt-get update
- apt-get install -y zip
script:
make payload.zip
artifacts:
paths:
- payload.zip
cache:
paths:
- .cache/
Terraform plan:
stage: plan
image: &tf_image registry.gitlab.com/gitlab-org/terraform-images/stable:latest
script:
- gitlab-terraform plan
- gitlab-terraform plan-json
dependencies:
- Generate payload
artifacts:
name: plan
paths:
- plan.cache
reports:
terraform: plan.json
Terraform apply:
stage: apply
image: *tf_image
script:
- gitlab-terraform apply
dependencies: &tf_apply_dependecies
- Generate payload
- Terraform plan
when: manual
needs: *tf_apply_dependecies
---
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.4.0
hooks:
- id: check-merge-conflict
- id: trailing-whitespace
- repo: https://github.com/Yelp/detect-secrets
rev: v1.1.0
hooks:
- id: detect-secrets
- repo: https://github.com/adrienverge/yamllint
rev: v1.26.1
hooks:
- id: yamllint
- repo: https://github.com/executablebooks/mdformat.git
rev: 0.7.4
hooks:
- id: mdformat
- repo: https://github.com/amperser/proselint/
rev: 0.10.2
hooks:
- id: proselint
types: [plain-text]
exclude: LICENSE
- repo: https://github.com/ambv/black
rev: 20.8b1
hooks:
- id: black
args:
- |
--line-length=79
- repo: https://github.com/PyCQA/prospector
rev: 1.3.1
hooks:
- id: prospector
args:
- |-
--max-line-length=79
- |-
--with-tool=pyroma
- |-
--with-tool=bandit
- |-
--without-tool=pep257
- |-
--doc-warnings
- |-
--test-warnings
- |-
--full-pep8
- |-
--strictness=high
- |-
--no-autodetect
additional_dependencies:
- bandit
- pyroma
- repo: https://gitlab.com/pycqa/flake8.git
rev: 3.9.1
hooks:
- id: flake8
args:
- |-
--doctests
additional_dependencies:
- flake8-bugbear
- repo: https://gitlab.com/devopshq/gitlab-ci-linter
rev: v1.0.3
hooks:
- id: gitlab-ci-linter
args:
- "--server"
- https://git.shore.co.il
- repo: https://git.shore.co.il/nimrod/terraform-pre-commit.git
rev: v0.1.0
hooks:
- id: tf-fmt
- id: tf-validate
Makefile 0 → 100644
src != find src/ -type f -name '*.py'
payload.zip: clean requirements.txt $(src)
-rm -r payload.zip payload/*
mkdir -p payload
cp -a src/* payload/
python3 -m pip install -r requirements.txt -t payload
cd payload && zip -X --exclude __pycache__ --exclude "*.pyc" --exclude test --exclude bin -r ../payload.zip ./
.PHONY = clean
clean:
-rm -r payload.zip payload
main.tf 0 → 100644
terraform {
backend "http" {}
}
locals {
env = terraform.workspace == "default" ? "prod" : terraform.workspace
module = basename(abspath(path.root))
common_tags = {
Environment = local.env
Module = local.module
}
Name = "${local.module}-${local.env}"
}
provider "aws" {
region = var.region
}
provider "template" {}
output "env" {
description = "Environment (prod/dev etc.)."
value = local.env
}
output "module" {
description = "The name of the Terraform module, used to tagging resources."
value = local.module
}
output "region" {
description = "AWS region."
value = var.region
}
def handler(event, context): # pylint: disable=unused-argument
"""Lambda event handler."""
pass # pylint: disable=unnecessary-pass
variable "region" {
default = "us-east-1"
description = "AWS region."
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment