-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from BCDevOps/cpf-1068
First Pass: Deployment to LZ0 using GitHub actions
- Loading branch information
Showing
35 changed files
with
2,474 additions
and
1,550 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,144 @@ | ||
--- | ||
name: "Deploy Dev (LZ0) Resources" | ||
|
||
on: | ||
push: | ||
branches: [dev] | ||
|
||
# permission can be added at job level or workflow level | ||
permissions: | ||
id-token: write | ||
contents: read # This is required for actions/checkout@v2 | ||
|
||
jobs: | ||
DeployMgmtAccountResources: | ||
runs-on: ubuntu-latest | ||
environment: dev | ||
|
||
env: | ||
AWS_REGION: "ca-central-1" | ||
TF_VAR_ops_account_id: ${{ secrets.TF_VAR_OPS_ACCOUNT_ID }} | ||
TF_VAR_mgmt_account_phase1_bucket_suffix: ${{ secrets.TF_VAR_MGMT_ACCOUNT_PHASE1_BUCKET_SUFFIX }} | ||
|
||
steps: | ||
- name: Git clone the repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v1 | ||
with: | ||
role-to-assume: ${{ secrets.MGMT_TFRB_ROLE_TO_ASSUME }} | ||
role-session-name: GitHubOidcBillingUtilitySession | ||
aws-region: ${{ env.AWS_REGION }} | ||
|
||
# Ref for Teffaform Versions: https://releases.hashicorp.com/terraform/ | ||
- uses: hashicorp/setup-terraform@v2 | ||
with: | ||
terraform_version: 1.0.11 | ||
|
||
- name: Terraform Init | ||
id: init | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform init -input=false -force-copy \ | ||
-backend-config="bucket=${{ secrets.MGMT_TFRB_S3_BUCKET_NAME }}" \ | ||
-backend-config="key=terraform-octk-aws-sea-billing-reports/management-account-terraform-resources.tfstate" \ | ||
-backend-config="dynamodb_table=${{ secrets.MGMT_TFRB_DYNAMODB_TABLE_NAME }}" \ | ||
-backend-config="region=${{ env.AWS_REGION }}" | ||
- name: Terraform Fmt | ||
id: fmt | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform fmt | ||
continue-on-error: true | ||
|
||
- name: Terraform Validate | ||
id: validate | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform validate | ||
# | ||
- name: Terraform Plan | ||
id: plan | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform plan | ||
- name: Terraform Apply | ||
id: apply | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform apply -auto-approve | ||
# | ||
# - name: Terraform Destroy | ||
# id: destroy | ||
# run: | | ||
# cd ./management-account-terraform-resources | ||
# terraform destroy -auto-approve | ||
|
||
DeployOpsAccountResources: | ||
needs: [DeployMgmtAccountResources] | ||
runs-on: ubuntu-latest | ||
environment: dev | ||
|
||
env: | ||
AWS_REGION: "ca-central-1" | ||
TF_VAR_lz_mgmt_account_id: ${{ secrets.TF_VAR_MGMT_ACCOUNT_ID }} | ||
|
||
steps: | ||
- name: Git clone the repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v1 | ||
with: | ||
role-to-assume: ${{ secrets.OPS_TFRB_ROLE_TO_ASSUME }} | ||
role-session-name: GitHubOidcBillingUtilitySession | ||
aws-region: ${{ env.AWS_REGION }} | ||
|
||
# Ref for Teffaform Versions: https://releases.hashicorp.com/terraform/ | ||
- uses: hashicorp/setup-terraform@v1 | ||
with: | ||
terraform_version: 1.0.11 | ||
|
||
- name: Terraform Init | ||
id: init | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform init -input=false -force-copy \ | ||
-backend-config="bucket=${{ secrets.OPS_TFRB_S3_BUCKET_NAME }}" \ | ||
-backend-config="key=terraform-octk-aws-sea-billing-reports/operations-account-terraform-resources.tfstate" \ | ||
-backend-config="dynamodb_table=${{ secrets.OPS_TFRB_DYNAMODB_TABLE_NAME }}" \ | ||
-backend-config="region=${{ env.AWS_REGION }}" | ||
- name: Terraform Fmt | ||
id: fmt | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform fmt | ||
continue-on-error: true | ||
|
||
- name: Terraform Validate | ||
id: validate | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform validate | ||
- name: Terraform Plan | ||
id: plan | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform plan | ||
- name: Terraform Apply | ||
id: apply | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform apply -auto-approve | ||
# | ||
# - name: Terraform Destroy | ||
# id: destroy | ||
# run: | | ||
# cd ./operations-account-terraform-resources | ||
# terraform destroy -auto-approve |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
--- | ||
name: "Destroy Dev (LZ0) Resources" | ||
|
||
on: | ||
workflow_dispatch: | ||
|
||
# permission can be added at job level or workflow level | ||
permissions: | ||
id-token: write | ||
contents: read # This is required for actions/checkout@v2 | ||
|
||
jobs: | ||
DestroyOpsAccountResources: | ||
runs-on: ubuntu-latest | ||
environment: dev | ||
|
||
env: | ||
AWS_REGION: "ca-central-1" | ||
TF_VAR_lz_mgmt_account_id: ${{ secrets.TF_VAR_MGMT_ACCOUNT_ID }} | ||
|
||
steps: | ||
- name: Git clone the repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v1 | ||
with: | ||
role-to-assume: ${{ secrets.OPS_TFRB_ROLE_TO_ASSUME }} | ||
role-session-name: GitHubOidcBillingUtilitySession | ||
aws-region: ${{ env.AWS_REGION }} | ||
|
||
# Ref for Teffaform Versions: https://releases.hashicorp.com/terraform/ | ||
- uses: hashicorp/setup-terraform@v1 | ||
with: | ||
terraform_version: 1.0.11 | ||
|
||
- name: Terraform Init | ||
id: init | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform init -input=false -force-copy \ | ||
-backend-config="bucket=${{ secrets.OPS_TFRB_S3_BUCKET_NAME }}" \ | ||
-backend-config="key=terraform-octk-aws-sea-billing-reports/operations-account-terraform-resources.tfstate" \ | ||
-backend-config="dynamodb_table=${{ secrets.OPS_TFRB_DYNAMODB_TABLE_NAME }}" \ | ||
-backend-config="region=${{ env.AWS_REGION }}" | ||
- name: Terraform Fmt | ||
id: fmt | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform fmt | ||
continue-on-error: true | ||
|
||
- name: Terraform Validate | ||
id: validate | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform validate | ||
- name: Terraform Plan | ||
id: plan | ||
run: | | ||
cd ./operations-account-terraform-resources | ||
terraform plan | ||
# | ||
# - name: Terraform Destroy | ||
# id: destroy | ||
# run: | | ||
# cd ./operations-account-terraform-resources | ||
# terraform destroy -auto-approve | ||
|
||
DestroyMgmtAccountResources: | ||
needs: [DestroyOpsAccountResources] | ||
runs-on: ubuntu-latest | ||
environment: dev | ||
|
||
env: | ||
AWS_REGION: "ca-central-1" | ||
TF_VAR_ops_account_id: ${{ secrets.TF_VAR_OPS_ACCOUNT_ID }} | ||
TF_VAR_mgmt_account_phase1_bucket_suffix: ${{ secrets.TF_VAR_MGMT_ACCOUNT_PHASE1_BUCKET_SUFFIX }} | ||
|
||
steps: | ||
- name: Git clone the repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v1 | ||
with: | ||
role-to-assume: ${{ secrets.MGMT_TFRB_ROLE_TO_ASSUME }} | ||
role-session-name: GitHubOidcBillingUtilitySession | ||
aws-region: ${{ env.AWS_REGION }} | ||
|
||
# Ref for Teffaform Versions: https://releases.hashicorp.com/terraform/ | ||
- uses: hashicorp/setup-terraform@v2 | ||
with: | ||
terraform_version: 1.0.11 | ||
|
||
- name: Terraform Init | ||
id: init | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform init -input=false -force-copy \ | ||
-backend-config="bucket=${{ secrets.MGMT_TFRB_S3_BUCKET_NAME }}" \ | ||
-backend-config="key=terraform-octk-aws-sea-billing-reports/management-account-terraform-resources.tfstate" \ | ||
-backend-config="dynamodb_table=${{ secrets.MGMT_TFRB_DYNAMODB_TABLE_NAME }}" \ | ||
-backend-config="region=${{ env.AWS_REGION }}" | ||
- name: Terraform Fmt | ||
id: fmt | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform fmt | ||
continue-on-error: true | ||
|
||
- name: Terraform Validate | ||
id: validate | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform validate | ||
# | ||
- name: Terraform Plan | ||
id: plan | ||
run: | | ||
cd ./management-account-terraform-resources | ||
terraform plan | ||
# - name: Terraform Destroy | ||
# id: destroy | ||
# run: | | ||
# cd ./management-account-terraform-resources | ||
# terraform destroy -auto-approve |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,7 @@ | ||
|
||
FROM ubuntu:20.04 | ||
RUN apt-get update && apt-get install -y python3 python3-pip | ||
COPY ./billing-report-utility . | ||
RUN pip3 install -r requirements.txt | ||
ENTRYPOINT python3 billing.py $ARGS | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
ENV TZ=America/Vancouver | ||
RUN apt-get update && apt-get install -y python3 python3-pip awscli | ||
WORKDIR /app | ||
COPY ./billing-report-utility/ ./ | ||
RUN pip3 install -r requirements.txt |
Oops, something went wrong.