feat: added organization management by terraform

romain-cambonie · romain-cambonie · commit 610187f2bdd6 · 2023-04-03T09:18:07.000+02:00
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
@@ -0,0 +1,35 @@
+name: 'Apply the configuration'
+
+# Attention this workflow can update or even delete repositories it is NOT RECOMMENDED to set it on push.
+on:
+  workflow_dispatch:
+
+jobs:
+  terraform:
+    name: 'Terraform'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
+
+      - name: Terraform Format
+        id: fmt
+        run: terraform fmt -check
+
+      - name: Terraform Init
+        id: init
+        run: terraform init
+
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+
+      - name: Terraform Apply
+        if: github.ref == 'refs/heads/main'
+        run: |
+          terraform apply -auto-approve -input=false
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,113 @@
+### JetBrains template
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# JetBrains settings
+.idea/
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# Generated files
+.idea/**/contentModel.xml
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/artifacts
+# .idea/compiler.xml
+# .idea/jarRepositories.xml
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+# *.iml
+# *.ipr
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+# Created by .ignore support plugin (hsz.mobi)
+### Terraform template
+# Local .terraform directories
+.terraform/
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.terraform.lock.hcl
diff --git a/.terraformignore b/.terraformignore
@@ -0,0 +1,5 @@
+.git/
+.github/
+.gitignore
+.terraformrc
+profile/
diff --git a/README.md b/README.md
@@ -1,5 +1,86 @@
 # dotgithub template
 
-Ce dépôt a pour vocation de décrire votre projet sur la page d'accueil de l'organisation GitHub.
+Ce dépôt a pour vocation de décrire votre projet sur la page d'accueil de l'organization GitHub.
 
 Le contenu affiché est rédigé dans le fichier [README.md du dossier profile](./profile/README.md).
+
+# Développement avec Terraform
+
+## Installation
+
+La commande suivante permet d'utiliser la ligne de commande terraform via Docker :
+```shell
+docker run --rm -it --name terraform -v ~/:/root/ -v $(pwd):/workspace -w /workspace hashicorp/terraform:light
+```
+
+Pour une utilisation simplifiée, il est possible de créer un alias :
+```shell
+alias terraform='docker run --rm -it --name terraform -v ~/:/root/ -v $(pwd):/workspace -w /workspace hashicorp/terraform:light'
+```
+
+Avec cet alias, il n'y a plus de différence entre une commande terraform exécutée avec Docker ou avec Terraform CLI.
+
+## Utilisation
+
+### Vérifier et corriger la syntaxe des fichiers `.tf`
+
+```shell
+terraform fmt
+```
+
+### Vérifier la cohérence de l'infrastructure
+
+```shell
+terraform validate
+```
+
+### Récupérer un jeton d'authentification à Terraform Cloud en local
+
+```shell
+terraform login
+```
+
+### Initialiser l'état et les plugins en local
+
+```shell
+terraform init
+```
+
+### Planifier une exécution pour voir les différences avec l'état précédent de l'infrastructure
+
+```shell
+terraform plan
+```
+
+## Contribution
+
+### Appliquer la mise à jour de l'infrastructure
+
+Pour que les modifications de la description de l'infrastructure soient appliquées en production, il suffit de publier les changements sur la branche `main`.
+
+## Construit avec
+
+### Langages & Frameworks
+
+- [Terraform](https://www.terraform.io/) est un outil de description d'infrastructure par le code qui permet de créer et de maintenir une infrastructure de manière sûre et prévisible
+
+### Outils
+
+#### CI
+
+- [Github Actions](https://docs.github.com/en/actions) est l'outil d'intégration et de déploiement continu intégré à GitHub
+    - L'historique des déploiements est disponible [sous l'onglet Actions](https://github.com/romain-cambonie/taxi-network-infrastructure/actions/)
+- Secrets du dépôt :
+    - `TF_API_TOKEN` : Le token d'api Terraform Cloud qui permet à la CI d'opérer des actions sur Terraform Cloud
+
+#### Déploiement
+
+- [Terraform Cloud](https://app.terraform.io/) est la plateforme proposée par HashiCorp pour administrer les modifications d'infrastructure
+    - Organization : [YourOrgName](https://app.terraform.io/app/YourOrgName/workspaces)
+    - Workspaces : `organization`
+        - [organization](https://app.terraform.io/app/YourOrgName/workspaces/organization)
+
+
+## Licence
+
+Voir le fichier [LICENSE.md](./LICENSE.md) du dépôt.
diff --git a/global.tf b/global.tf
@@ -0,0 +1,25 @@
+locals {
+  product_information = {
+    context : {
+      product    = var.organization_name
+      service    = "organization"
+      start_date = "2023-04-02"
+      end_date   = "unknown"
+    }
+    purpose : {
+      disaster_recovery = "medium"
+      service_class     = "bronze"
+    }
+    organization : {
+      client = var.organization_name
+    }
+    stakeholders : {
+      business_owner  = "romain-cambonie@gmail.com"
+      technical_owner = "romain-cambonie@gmail.com"
+      approver        = "romain-cambonie@gmail.com"
+      creator         = "terraform"
+      team            = "romain-cambonie"
+    }
+    repository : ".github"
+  }
+}
diff --git a/main.tf b/main.tf
@@ -0,0 +1,24 @@
+terraform {
+  backend "remote" {
+    hostname     = "app.terraform.io"
+    organization = "$ORGANIZATION"
+
+    workspaces {
+      name = "organization"
+    }
+  }
+
+  required_providers {
+    github = {
+      source  = "integrations/github"
+      version = "~> 4.0"
+    }
+  }
+}
+
+provider "github" {
+  token = var.github_token
+  owner = var.organization_name
+}
+
+
diff --git a/profile/README.md b/profile/README.md
@@ -1,4 +1,4 @@
-# My awesome github organisation !
+# My awesome github organization !
 
 A brief description of your project would do wonders here !
 
diff --git a/repositories.tf b/repositories.tf
@@ -0,0 +1,7 @@
+resource "github_repository" "test_repository" {
+  name        = "test"
+  description = "Bla bla bla"
+  visibility  = "public"
+
+  delete_branch_on_merge = true
+}
diff --git a/variables.tf b/variables.tf
@@ -0,0 +1,11 @@
+variable "github_token" {
+  description = "Your GitHub Personal Access Token"
+  nullable    = false
+  default     = false
+}
+
+variable "organization_name" {
+  description = "Your Organization Name"
+  nullable    = false
+  default     = false
+}

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-# My awesome github organisation !`
	`1`	`+# My awesome github organization !`
`2`	`2`
`3`	`3`	`A brief description of your project would do wonders here !`
`4`	`4`