Loading .gitignore +3 −0 Original line number Diff line number Diff line Loading @@ -48,5 +48,8 @@ dist/ .bundle/ !Pipfile.lock .terraform .terraform.* tfplan *.tfstate* payload/* payload.zip .gitlab-ci.yml 0 → 100644 +56 −0 Original line number Diff line number Diff line --- include: - project: shore/ci-templates file: templates/pre-commit.yml variables: TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/default stages: - test - build - plan - apply Generate payload: stage: build image: registry.shore.co.il/ci-images:python3 variables: XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache" before_script: - apt-get update - apt-get install -y zip script: make payload.zip artifacts: paths: - payload.zip cache: paths: - .cache/ Terraform plan: stage: plan image: &tf_image registry.gitlab.com/gitlab-org/terraform-images/stable:latest script: - gitlab-terraform plan - gitlab-terraform plan-json dependencies: - Generate payload artifacts: name: plan paths: - plan.cache reports: terraform: plan.json Terraform apply: stage: apply image: *tf_image script: - gitlab-terraform apply dependencies: &tf_apply_dependecies - Generate payload - Terraform plan when: manual needs: *tf_apply_dependecies .pre-commit-config.yaml 0 → 100644 +88 −0 Original line number Diff line number Diff line --- repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v3.4.0 hooks: - id: check-merge-conflict - id: trailing-whitespace - repo: https://github.com/Yelp/detect-secrets rev: v1.1.0 hooks: - id: detect-secrets - repo: https://github.com/adrienverge/yamllint rev: v1.26.1 hooks: - id: yamllint - repo: https://github.com/executablebooks/mdformat.git rev: 0.7.4 hooks: - id: mdformat - repo: https://github.com/amperser/proselint/ rev: 0.10.2 hooks: - id: proselint types: [plain-text] exclude: LICENSE - repo: https://github.com/ambv/black rev: 20.8b1 hooks: - id: black args: - | --line-length=79 - repo: https://github.com/PyCQA/prospector rev: 1.3.1 hooks: - id: prospector args: - |- --max-line-length=79 - |- --with-tool=pyroma - |- --with-tool=bandit - |- --without-tool=pep257 - |- --doc-warnings - |- --test-warnings - |- --full-pep8 - |- --strictness=high - |- --no-autodetect additional_dependencies: - bandit - pyroma - repo: https://gitlab.com/pycqa/flake8.git rev: 3.9.1 hooks: - id: flake8 args: - |- --doctests additional_dependencies: - flake8-bugbear - repo: https://gitlab.com/devopshq/gitlab-ci-linter rev: v1.0.3 hooks: - id: gitlab-ci-linter args: - "--server" - https://git.shore.co.il - repo: https://git.shore.co.il/nimrod/terraform-pre-commit.git rev: v0.1.0 hooks: - id: tf-fmt - id: tf-validate Makefile 0 → 100644 +12 −0 Original line number Diff line number Diff line src != find src/ -type f -name '*.py' payload.zip: clean requirements.txt $(src) -rm -r payload.zip payload/* mkdir -p payload cp -a src/* payload/ python3 -m pip install -r requirements.txt -t payload cd payload && zip -X --exclude __pycache__ --exclude "*.pyc" --exclude test --exclude bin -r ../payload.zip ./ .PHONY = clean clean: -rm -r payload.zip payload main.tf 0 → 100644 +19 −0 Original line number Diff line number Diff line terraform { backend "http" {} } locals { env = terraform.workspace == "default" ? "prod" : terraform.workspace module = basename(abspath(path.root)) common_tags = { Environment = local.env Module = local.module } Name = "${local.module}-${local.env}" } provider "aws" { region = var.region } provider "template" {} Loading
.gitignore +3 −0 Original line number Diff line number Diff line Loading @@ -48,5 +48,8 @@ dist/ .bundle/ !Pipfile.lock .terraform .terraform.* tfplan *.tfstate* payload/* payload.zip
.gitlab-ci.yml 0 → 100644 +56 −0 Original line number Diff line number Diff line --- include: - project: shore/ci-templates file: templates/pre-commit.yml variables: TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/default stages: - test - build - plan - apply Generate payload: stage: build image: registry.shore.co.il/ci-images:python3 variables: XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache" before_script: - apt-get update - apt-get install -y zip script: make payload.zip artifacts: paths: - payload.zip cache: paths: - .cache/ Terraform plan: stage: plan image: &tf_image registry.gitlab.com/gitlab-org/terraform-images/stable:latest script: - gitlab-terraform plan - gitlab-terraform plan-json dependencies: - Generate payload artifacts: name: plan paths: - plan.cache reports: terraform: plan.json Terraform apply: stage: apply image: *tf_image script: - gitlab-terraform apply dependencies: &tf_apply_dependecies - Generate payload - Terraform plan when: manual needs: *tf_apply_dependecies
.pre-commit-config.yaml 0 → 100644 +88 −0 Original line number Diff line number Diff line --- repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v3.4.0 hooks: - id: check-merge-conflict - id: trailing-whitespace - repo: https://github.com/Yelp/detect-secrets rev: v1.1.0 hooks: - id: detect-secrets - repo: https://github.com/adrienverge/yamllint rev: v1.26.1 hooks: - id: yamllint - repo: https://github.com/executablebooks/mdformat.git rev: 0.7.4 hooks: - id: mdformat - repo: https://github.com/amperser/proselint/ rev: 0.10.2 hooks: - id: proselint types: [plain-text] exclude: LICENSE - repo: https://github.com/ambv/black rev: 20.8b1 hooks: - id: black args: - | --line-length=79 - repo: https://github.com/PyCQA/prospector rev: 1.3.1 hooks: - id: prospector args: - |- --max-line-length=79 - |- --with-tool=pyroma - |- --with-tool=bandit - |- --without-tool=pep257 - |- --doc-warnings - |- --test-warnings - |- --full-pep8 - |- --strictness=high - |- --no-autodetect additional_dependencies: - bandit - pyroma - repo: https://gitlab.com/pycqa/flake8.git rev: 3.9.1 hooks: - id: flake8 args: - |- --doctests additional_dependencies: - flake8-bugbear - repo: https://gitlab.com/devopshq/gitlab-ci-linter rev: v1.0.3 hooks: - id: gitlab-ci-linter args: - "--server" - https://git.shore.co.il - repo: https://git.shore.co.il/nimrod/terraform-pre-commit.git rev: v0.1.0 hooks: - id: tf-fmt - id: tf-validate
Makefile 0 → 100644 +12 −0 Original line number Diff line number Diff line src != find src/ -type f -name '*.py' payload.zip: clean requirements.txt $(src) -rm -r payload.zip payload/* mkdir -p payload cp -a src/* payload/ python3 -m pip install -r requirements.txt -t payload cd payload && zip -X --exclude __pycache__ --exclude "*.pyc" --exclude test --exclude bin -r ../payload.zip ./ .PHONY = clean clean: -rm -r payload.zip payload
main.tf 0 → 100644 +19 −0 Original line number Diff line number Diff line terraform { backend "http" {} } locals { env = terraform.workspace == "default" ? "prod" : terraform.workspace module = basename(abspath(path.root)) common_tags = { Environment = local.env Module = local.module } Name = "${local.module}-${local.env}" } provider "aws" { region = var.region } provider "template" {}