Skip to content

feat: add AWS infrastructure automation with Terragrunt and modular Terraform#65

Merged
l50 merged 3 commits into
mainfrom
feat/infra-modules-cli
Apr 2, 2026
Merged

feat: add AWS infrastructure automation with Terragrunt and modular Terraform#65
l50 merged 3 commits into
mainfrom
feat/infra-modules-cli

Conversation

@l50
Copy link
Copy Markdown
Contributor

@l50 l50 commented Apr 2, 2026

Key Changes:

  • Introduced modular AWS infrastructure as code for GOAD via Terragrunt and Terraform
  • Added a reusable instance factory and network Terraform modules for flexible lab deployments
  • Migrated provider extension layouts to a unified extensions/ directory structure
  • Enhanced CLI with infra commands and lab discovery/listing features

Added:

  • Modular Terraform for infrastructure:
    • Created modules/terraform-aws-instance-factory for flexible EC2/ASG/LB deployments
    • Created modules/terraform-aws-net for multi-AZ VPC, subnets, NAT, and VPC endpoints
    • Added comprehensive documentation for both modules
  • Terragrunt scaffolding for GOAD lab deployments:
    • Added infra/goad-deployment with host registry, environment, region, and host definitions
    • Provided ready-to-use Terragrunt configs for DC01, DC02, DC03, SRV02, SRV03, and networking
    • Included Windows user data scripts/templates for rapid, repeatable provisioning
  • CLI enhancements:
    • Added cli/cmd/infra_cmd.go for dreadgoad infra commands (init, plan, apply, destroy, output, validate)
    • Added cli/cmd/lab_list.go for listing available labs and their providers/hosts
    • Exposed new per-VM lifecycle actions (start-vm, stop-vm, restart-vm, destroy-vm)
    • Added internal/terragrunt package for orchestration and environment validation
    • Added internal/lab/discovery.go for lab and playbook enumeration
  • Warpgate templates for rapid Windows server AMI builds:
    • Added warpgate-templates/goad-dc-base, goad-dc-base-2016, goad-member-base-2016, goad-mssql-base with provisioning scripts and docs

Changed:

  • CLI config:
    • Added InfraConfig struct for deployment, terragrunt/terraform binary paths, and default region
    • Updated extension provider path logic to use new extensions/ directory
    • Applied new infrastructure config defaults (infra.deployment, binaries) in defaults.go
  • Pre-commit and CI:
    • Integrated Terraform and TFLint pre-commit hooks for infra and modules
    • Updated .gitignore to exclude Terraform state, plans, and lock files
    • Extended doctor checks for Terragrunt and Terraform/Tofu binaries
    • Added TFLint config and GitHub workflow setup for infra linting

Removed:

  • Deprecated providers/ directory for extensions; all are now under extensions/ for consistency

This PR introduces a modular, automated AWS infrastructure-as-code approach for GOAD labs, supporting full lifecycle management via Terragrunt and a modernized CLI. It enables rapid, repeatable lab deployments, strict infra validation, and seamless future extensibility.

l50 added 2 commits April 2, 2026 14:52
@l50
feat: add goad infra/terraform/warpgate automation, templates, and pr…
b2a3ad7 
…e-commit hooks

**Added:**

- Introduced `infra/` directory with Terragrunt-based GOAD deployment structure,
  including staging environment, network, and GOAD host modules (dc01, dc02, dc03,
  srv02, srv03) and associated PowerShell user data templates for Windows hosts
- Added `infra/goad-deployment/host-registry.yaml` as authoritative host metadata
  registry for GOAD infrastructure modules
- Implemented generic `infra/root.hcl` and per-environment Terragrunt configs to
  manage S3 remote state, AWS provider, and variable inheritance
- Added reusable Terraform modules:
  - `modules/terraform-aws-instance-factory` for flexible EC2/ASG deployments
  - `modules/terraform-aws-net` for VPC/subnet/network infrastructure
- Added comprehensive module READMEs with usage examples and terraform-docs output
- Introduced warpgate image build templates for GOAD DC/member base images and
  MSSQL base images, including scripts for Windows feature/role pre-installation,
  updates, and cleanup
- Added `.hooks/linters/.tflint.hcl` to enforce Terraform linting standards
- Registered pre-commit-terraform hooks for `terraform_fmt`, `terraform_validate`,
  and `terraform_tflint` in `.pre-commit-config.yaml`
- Added Terraform patterns to `.gitignore` to prevent state/plans from being
  committed
- Implemented new `infra` CLI command (`cli/cmd/infra_cmd.go`) to manage
  Terragrunt-based infra lifecycle (init, plan, apply, destroy, output, validate)
- Exposed infra/terragrunt config sections and path helpers in internal config
- Added Terragrunt runner and environment validation helpers under
  `cli/internal/terragrunt/`

**Changed:**

- Enhanced `.github/workflows/pre-commit.yaml` to install and initialize Terraform,
  TFLint, and Terragrunt as part of CI for pre-commit checks
- Extended `.gitignore` for Terraform state, plan, and lock files
- Registered pre-commit-terraform repo and hooks in `.pre-commit-config.yaml`
- Updated internal config (`cli/internal/config/config.go`) to support infra
  deployment/terragrunt path resolution and environment defaults
- Added Terragrunt and Terraform/Tofu checks to `cli/internal/doctor/checks.go`
  for `doctor` command to validate prerequisites
- Set default infra config values in `cli/internal/config/defaults.go`

**Removed:**

- None (all additions are new functionality and structure)
@l50
feat: add lab discovery utilities and granular VM control; move provi…
03aaa4f 
…ders to extensions

**Added:**

- Implemented lab discovery and listing utilities, including a new `lab list`
  command for enumerating labs, providers, and hosts
- Added the ability to control (start, stop, restart, destroy) individual lab VMs
  by hostname via new subcommands (`start-vm`, `stop-vm`, etc.)
- Introduced new AWS client methods for discovering all instances (including
  stopped), finding by hostname in any state, and terminating VMs
- Added functions to resolve playbooks for a lab, resume provisioning from a
  specific playbook, and ensure variant generation during provisioning

**Changed:**

- Refactored provisioning logic to support the `--from` flag for resuming from a
  specified playbook and to use lab-specific playbook resolution
- Updated the extensions provider path logic to use `extensions/` directory
  instead of `providers/` for extension provider configs
- Updated the logic for generating variants to be more robust and reusable

**Removed:**

- Removed the `providers/` directory and migrated all extension resources to
  `extensions/`, updating all references accordingly
- Removed indirect dependency on `go.yaml.in/yaml/v3` from `go.mod` (now direct)
@dreadnode-renovate-bot dreadnode-renovate-bot Bot added area/github Changes made to github actions area/pre-commit Changes made to pre-commit hooks labels Apr 2, 2026
@l50
fix: handle file close error in output writer cleanup function
1cf5846 
**Changed:**

- Suppress potential error from file close operation in the output writer's
  cleanup function by assigning the result to the blank identifier. This
  prevents unhandled error warnings and aligns with idiomatic Go practices
  when the error is not actionable.
@l50 l50 merged commit 9cbab3b into main Apr 2, 2026
6 checks passed
@l50 l50 deleted the feat/infra-modules-cli branch April 2, 2026 22:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/github Changes made to github actions area/pre-commit Changes made to pre-commit hooks

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@l50