/platform-infra

Primary LanguageHCL

platform-infra

initialize

make tool

platform-manifest

initialize project

  1. generate key 
    make key
  2. set public key to key in script/encrypt.sh 
    key=${public key}
  3. set secret key as name SOPS_AGE_KEY to Settings > Secrets in Octeto

create app

  1. create helm charts
helm create <app-name>

platform-terraform

Terraform Cloud Workspaces Initialize

  1. https://app.terraform.io/app
  2. Create a workspace
  3. choose API-driven workflow
  4. Workspace Name: platform-$ENV (prev or prod)
  5. Settings > General > Execution Mode -> select Local -> Save settings

Setup Local PC

brew tap hashicorp/tap
brew install hashicorp/tap/terraform
brew install gettext

Update .terraform.lock.hcl

.secret.env

TF_TOKEN_app_terraform_io=*********

make tfinit

Initialize SOPS (Secrets)

  1. generate key 
    make tfkey
  2. set public key to key in script/tfencrypt.sh
  3. set private key to SOPS_AGE_KEY in Settings > Secrets and variables > Actions > New repository secret in GitHub

Add new secret

  1. execute make tfsecret secret=${secret}
    ex) 
    make tfsecret secret=password
  2. set in the secret value in terraform/sops/${secret}.in.txt
  3. execute make tfencrypt secret=${secret}
    ex) 
    make tfencrypt secret=password

Change secret

  1. change terraform/sops/${secret}.in.txt
  2. execute make tfencrypt secret=${secret}
    ex) 
    make tfencrypt secret=password

Confirm secret value

  1. execute make tfdecrypt secret=${secret}
    ex) 
    make tfdecrypt secret=password
  2. confirm terraform/sops/${secret}.out.txt

Q&A

Q. What if you want to delete the resource for each provider?

A. If the provider is deleted, the resource cannot be deleted. Let's remove the resource first. and merge. Then remove the provider.