Skip to content

Commit

Permalink
Merge branch 'main' into add-dept-s3-paths
Browse files Browse the repository at this point in the history
  • Loading branch information
@timburke-hackit
timburke-hackit committed Oct 24, 2023
2 parents a8d86a7 + 7eab078 commit feba49e
Show file tree
Hide file tree
Showing 18 changed files with 522 additions and 10 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/cd-terraform-core.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ jobs:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
pre-production:
needs: ["test", "validate"]
uses: ./.github/workflows/deploy_terraform.yml
Expand Down Expand Up @@ -79,6 +80,7 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
production:
needs: [ "pre-production" ]
uses: ./.github/workflows/deploy_terraform.yml
Expand Down Expand Up @@ -110,3 +112,5 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}

3 changes: 3 additions & 0 deletions .github/workflows/cd-terraform-etl.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ jobs:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
pre-production:
needs: ["test", "validate"]
uses: ./.github/workflows/deploy_terraform.yml
Expand Down Expand Up @@ -79,6 +80,7 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
production:
needs: [ "pre-production" ]
uses: ./.github/workflows/deploy_terraform.yml
Expand Down Expand Up @@ -110,3 +112,4 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
3 changes: 3 additions & 0 deletions .github/workflows/cd-terraform-networking.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ jobs:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
pre-production:
needs: ["validate"]
uses: ./.github/workflows/deploy_terraform_networking.yml
Expand Down Expand Up @@ -80,6 +81,7 @@ jobs:
AWS_MOSAIC_VPC_ID: ${{ secrets.AWS_MOSAIC_VPC_ID }}
AWS_DP_VPC_ID: ${{ secrets.AWS_DP_DEV_VPC_ID }}
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
production:
needs: [ "pre-production" ]
uses: ./.github/workflows/deploy_terraform_networking.yml
Expand Down Expand Up @@ -108,3 +110,4 @@ jobs:
AWS_MOSAIC_VPC_ID: ${{ secrets.AWS_MOSAIC_VPC_ID }}
AWS_DP_VPC_ID: ${{ secrets.AWS_DP_STG_VPC_ID }}
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_PROD }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
1 change: 1 addition & 0 deletions .github/workflows/ci-terraform-backend-setup.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,3 +42,4 @@ jobs:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
4 changes: 4 additions & 0 deletions .github/workflows/ci-terraform-core.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}

CI-Production-Plan:
name: "Production"
Expand Down Expand Up @@ -71,6 +72,8 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}

CI-Staging-lint:
name: "Lint"
uses: ./.github/workflows/lint-terraform.yml
Expand Down Expand Up @@ -99,3 +102,4 @@ jobs:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
5 changes: 5 additions & 0 deletions .github/workflows/ci-terraform-etl.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}

ETL-Plan-Production:
name: "Production"
uses: ./.github/workflows/plan-terraform.yml
Expand Down Expand Up @@ -70,6 +72,8 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}

ETL-Lint:
name: "Lint"
uses: ./.github/workflows/lint-terraform.yml
Expand Down Expand Up @@ -98,3 +102,4 @@ jobs:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
5 changes: 5 additions & 0 deletions .github/workflows/ci-terraform-networking.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}

CI-Production-Plan:
name: "Production"
uses: ./.github/workflows/plan-terraform.yml
Expand Down Expand Up @@ -71,6 +73,8 @@ jobs:
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
PRODUCTION_FIREWALL_IP: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}

CI-Staging-Lint:
name: "Lint"
uses: ./.github/workflows/lint-terraform.yml
Expand Down Expand Up @@ -99,3 +103,4 @@ jobs:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS_STG }}
COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
6 changes: 6 additions & 0 deletions .github/workflows/deploy_terraform.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,8 @@ on:
required: true
PRODUCTION_FIREWALL_IP:
required: true
TERRAFORM_SECRET_TOKEN:
required: true
jobs:
deploy:
name: Terraform Apply
Expand All @@ -81,6 +83,10 @@ jobs:
- name: Checkout Source
uses: actions/checkout@v3

- name: Set Github Auth
run: git config --global url."https://oauth2:${{ secrets.TERRAFORM_SECRET_TOKEN}}@github.com".insteadOf https://github.com
shell: bash

- name: Install Terraform
uses: hashicorp/[email protected]
with:
Expand Down
6 changes: 6 additions & 0 deletions .github/workflows/deploy_terraform_networking.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,8 @@ on:
required: true
GOOGLE_CREDENTIALS:
required: true
TERRAFORM_SECRET_TOKEN:
required: true


jobs:
Expand All @@ -77,6 +79,10 @@ jobs:
- name: Checkout Source
uses: actions/checkout@v3

- name: Set Github Auth
run: git config --global url."https://oauth2:${{ secrets.TERRAFORM_SECRET_TOKEN}}@github.com".insteadOf https://github.com
shell: bash

- name: Install Terraform
uses: hashicorp/[email protected]
with:
Expand Down
6 changes: 6 additions & 0 deletions .github/workflows/lint-terraform.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,8 @@ on:
required: true
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN:
required: true
TERRAFORM_SECRET_TOKEN:
required: true

jobs:
lint:
Expand All @@ -69,6 +71,10 @@ jobs:
- name: Checkout
uses: actions/checkout@v3

- name: Set Github Auth
run: git config --global url."https://oauth2:${{ secrets.TERRAFORM_SECRET_TOKEN}}@github.com".insteadOf https://github.com
shell: bash

- name: Install Terraform
uses: hashicorp/[email protected]
with:
Expand Down
9 changes: 8 additions & 1 deletion .github/workflows/plan-terraform.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,8 @@ on:
required: true
PRODUCTION_FIREWALL_IP:
required: true
TERRAFORM_SECRET_TOKEN:
required: true

jobs:
plan:
Expand All @@ -70,7 +72,11 @@ jobs:

- name: Checkout
uses: actions/checkout@v3


- name: Set Github Auth
run: git config --global url."https://oauth2:${{ secrets.TERRAFORM_SECRET_TOKEN}}@github.com".insteadOf https://github.com
shell: bash

- name: Install Terraform
uses: hashicorp/[email protected]
with:
Expand Down Expand Up @@ -123,6 +129,7 @@ jobs:
copy_liberator_to_pre_prod_lambda_execution_role: ${{ secrets.COPY_LIBERATOR_TO_PRE_PROD_LAMBDA_EXECUTION_ROLE }}
pre_production_liberator_data_storage_kms_key_arn: ${{ secrets.PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN }}
production_firewall_ip: ${{ secrets.PRODUCTION_FIREWALL_IP }}
TERRAFORM_SECRET_TOKEN: ${{ secrets.TERRAFORM_SECRET_TOKEN }}
- name: Terraform Compliance
if: ${{ (success()) && (inputs.build_path != './terraform/etl') }}
id: terraform-compliance
Expand Down
10 changes: 10 additions & 0 deletions .github/workflows/validate-and-lint-terraform.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,8 @@ on:
required: true
PRE_PRODUCTION_LIBERATOR_DATA_STORAGE_KMS_KEY_ARN:
required: true
TERRAFORM_SECRET_TOKEN:
required: true

jobs:
validate:
Expand All @@ -69,6 +71,10 @@ jobs:
- name: Checkout
uses: actions/checkout@v3

- name: Set Github Auth
run: git config --global url."https://oauth2:${{ secrets.TERRAFORM_SECRET_TOKEN}}@github.com".insteadOf https://github.com
shell: bash

- name: Install Terraform
uses: hashicorp/[email protected]
with:
Expand Down Expand Up @@ -107,6 +113,10 @@ jobs:
- name: Checkout
uses: actions/checkout@v3

- name: Set Github Auth
run: git config --global url."https://oauth2:${{ secrets.TERRAFORM_SECRET_TOKEN}}@github.com".insteadOf https://github.com
shell: bash

- name: Install Terraform
uses: hashicorp/[email protected]
with:
Expand Down
Loading

0 comments on commit feba49e

Please sign in to comment.