From 52ebef0541aa8bac0dc9fab41e4e4be4a0ebbbbe Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 6 Apr 2026 13:55:27 -0400 Subject: [PATCH] =?UTF-8?q?chore:=20tf=20apply=20=E2=80=94=20add=20eks-ter?= =?UTF-8?q?ragrunt-repo-creator=20CodeBuild=20project=20+=20Lambda=20CODEB?= =?UTF-8?q?UILD=5FPROJECT=5FNAME=20env=20var?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- deploy/terraform.tfstate | 151 +++++++++++++++++++++++++++++--- deploy/terraform.tfstate.backup | 55 ++---------- 2 files changed, 146 insertions(+), 60 deletions(-) diff --git a/deploy/terraform.tfstate b/deploy/terraform.tfstate index 293633d..bd967a4 100644 --- a/deploy/terraform.tfstate +++ b/deploy/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.9.1", - "serial": 188, + "serial": 191, "lineage": "637f189b-ce2c-766c-35d1-8b43eb7ae216", "outputs": { "api_endpoint": { @@ -92,6 +92,128 @@ } ] }, + { + "mode": "managed", + "type": "aws_codebuild_project", + "name": "eks_repo_creator", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws-us-gov:codebuild:us-gov-west-1:229685449397:project/eks-terragrunt-repo-creator", + "artifacts": [ + { + "artifact_identifier": "", + "bucket_owner_access": "", + "encryption_disabled": false, + "location": "", + "name": "", + "namespace_type": "", + "override_artifact_name": false, + "packaging": "", + "path": "", + "type": "NO_ARTIFACTS" + } + ], + "badge_enabled": false, + "badge_url": "", + "build_batch_config": [], + "build_timeout": 15, + "cache": [ + { + "location": "", + "modes": [], + "type": "NO_CACHE" + } + ], + "concurrent_build_limit": 0, + "description": "Runs terraform-eks-deployment to create EKS cluster repos on GitHub Enterprise", + "encryption_key": "arn:aws-us-gov:kms:us-gov-west-1:229685449397:alias/aws/s3", + "environment": [ + { + "certificate": "", + "compute_type": "BUILD_GENERAL1_SMALL", + "environment_variable": [], + "fleet": [], + "image": "aws/codebuild/amazonlinux2-x86_64-standard:3.0", + "image_pull_credentials_type": "CODEBUILD", + "privileged_mode": false, + "registry_credential": [], + "type": "LINUX_CONTAINER" + } + ], + "file_system_locations": [], + "id": "arn:aws-us-gov:codebuild:us-gov-west-1:229685449397:project/eks-terragrunt-repo-creator", + "logs_config": [ + { + "cloudwatch_logs": [ + { + "group_name": "", + "status": "ENABLED", + "stream_name": "" + } + ], + "s3_logs": [ + { + "bucket_owner_access": "", + "encryption_disabled": false, + "location": "", + "status": "DISABLED" + } + ] + } + ], + "name": "eks-terragrunt-repo-creator", + "project_visibility": "PRIVATE", + "public_project_alias": "", + "queued_timeout": 480, + "resource_access_role": "", + "secondary_artifacts": [], + "secondary_source_version": [], + "secondary_sources": [], + "service_role": "arn:aws-us-gov:iam::229685449397:role/CodeBuildPackerRole-eks-terragrunt-repo-generator-builder", + "source": [ + { + "auth": [], + "build_status_config": [], + "buildspec": "version: 0.2\n# buildspec.yml — terraform-eks-deployment / eks-terragrunt-repo-creator\n#\n# This buildspec is used by the CodeBuild project that is triggered by the\n# Lambda function (eks-terragrunt-repo-gen-template-automation) to create an\n# EKS cluster GitHub repository.\n#\n# Required environment variables (injected by the Lambda as overrides):\n# TF_VAR_name — cluster / repo name\n# TF_VAR_environment — environment (dev / nonprod / prod)\n# TF_VAR_region — AWS region (e.g. us-gov-west-1)\n# TF_VAR_cluster_config — JSON object with account_name, aws_account_id, etc.\n# TF_VAR_finops — JSON object with finops project_name / project_number\n# GITHUB_TOKEN — GitHub PAT (passed from Lambda's Secrets Manager read)\n# GITHUB_OWNER — GitHub org (default: SCT-Engineering)\n# GITHUB_BASE_URL — GHE base URL (e.g. https://github.e.it.census.gov)\n\nenv:\n variables:\n TF_VERSION: \"1.9.0\"\n ASSETS_BUCKET: \"csvd-packer-pipeline-assets\"\n REPO_HOST: \"github.e.it.census.gov\"\n REPO_ORG: \"CSVD\"\n REPO_NAME: \"terraform-eks-deployment\"\n # Disable TLS verification for Census GHE (Census CA cert not trusted by default)\n GIT_SSL_NO_VERIFY: \"true\"\n TF_CLI_ARGS: \"-no-color\"\n\nphases:\n install:\n commands:\n # ── Install Terraform ─────────────────────────────────────────────────\n - |\n if ! command -v terraform \u0026\u003e/dev/null; then\n TF_ZIP=\"terraform_${TF_VERSION}_linux_amd64.zip\"\n echo \"Installing Terraform ${TF_VERSION}...\"\n aws s3 cp \"s3://${ASSETS_BUCKET}/terraform/${TF_ZIP}\" /tmp/${TF_ZIP} 2\u003e/dev/null \\\n || curl -fsSL \"https://releases.hashicorp.com/terraform/${TF_VERSION}/${TF_ZIP}\" -o /tmp/${TF_ZIP}\n unzip -oq /tmp/${TF_ZIP} -d /usr/local/bin/\n chmod +x /usr/local/bin/terraform\n rm /tmp/${TF_ZIP}\n fi\n - terraform version\n\n # ── Clone terraform-eks-deployment ───────────────────────────────────\n - |\n git config --global credential.helper \\\n \"!f() { echo username=x-access-token; echo password=${GITHUB_TOKEN}; }; f\"\n git clone --depth 1 \\\n \"https://${REPO_HOST}/${REPO_ORG}/${REPO_NAME}.git\" \\\n /tmp/eks-deploy\n - echo \"Cloned ${REPO_ORG}/${REPO_NAME} @ $(git -C /tmp/eks-deploy rev-parse --short HEAD)\"\n\n build:\n commands:\n - cd /tmp/eks-deploy\n - echo \"=== terraform init ===\"\n - terraform init -no-color\n - echo \"=== terraform apply ===\"\n - terraform apply -auto-approve -no-color\n\n post_build:\n commands:\n - |\n if [ \"${CODEBUILD_BUILD_SUCCEEDING}\" = \"0\" ]; then\n echo \"Build FAILED — check logs above\"\n else\n echo \"Build SUCCEEDED — repository created\"\n fi\n", + "git_clone_depth": 0, + "git_submodules_config": [], + "insecure_ssl": false, + "location": "", + "report_build_status": false, + "type": "NO_SOURCE" + } + ], + "source_version": "", + "tags": { + "Environment": "production", + "ManagedBy": "Terraform", + "Purpose": "EKSTerragruntRepoGenerator" + }, + "tags_all": { + "Environment": "production", + "ManagedBy": "Terraform", + "Purpose": "EKSTerragruntRepoGenerator" + }, + "vpc_config": [ + { + "security_group_ids": [ + "sg-0641c697588b9aa6b" + ], + "subnets": [ + "subnet-0b1992a84536c581b" + ], + "vpc_id": "vpc-00576a396ec570b94" + } + ] + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, { "mode": "managed", "type": "aws_iam_role", @@ -921,13 +1043,14 @@ "x86_64" ], "arn": "arn:aws-us-gov:lambda:us-gov-west-1:229685449397:function:eks-terragrunt-repo-gen-template-automation", - "code_sha256": "b662e55783c01b6770306fd151ca27f39428666abf8970f9687b50340c8ec6c6", + "code_sha256": "af0b5eedce3615cd1411857c54c548ae89c8dbd0593fb6e71716bf81812049b1", "code_signing_config_arn": null, "dead_letter_config": [], "description": "", "environment": [ { "variables": { + "CODEBUILD_PROJECT_NAME": "eks-terragrunt-repo-creator", "GITHUB_API": "https://github.e.it.census.gov", "GITHUB_ORG_NAME": "SCT-Engineering", "GITHUB_TOKEN_SECRET_NAME": "/eks-cluster-deployment/github_token", @@ -952,7 +1075,7 @@ "image_uri": "229685449397.dkr.ecr.us-gov-west-1.amazonaws.com/eks-terragrunt-repo-generator/lambda:latest", "invoke_arn": "arn:aws-us-gov:apigateway:us-gov-west-1:lambda:path/2015-03-31/functions/arn:aws-us-gov:lambda:us-gov-west-1:229685449397:function:eks-terragrunt-repo-gen-template-automation/invocations", "kms_key_arn": "", - "last_modified": "2026-04-02T19:48:24.000+0000", + "last_modified": "2026-04-06T17:55:08.000+0000", "layers": [], "logging_config": [ { @@ -965,8 +1088,8 @@ "memory_size": 512, "package_type": "Image", "publish": true, - "qualified_arn": "arn:aws-us-gov:lambda:us-gov-west-1:229685449397:function:eks-terragrunt-repo-gen-template-automation:3", - "qualified_invoke_arn": "arn:aws-us-gov:apigateway:us-gov-west-1:lambda:path/2015-03-31/functions/arn:aws-us-gov:lambda:us-gov-west-1:229685449397:function:eks-terragrunt-repo-gen-template-automation:3/invocations", + "qualified_arn": "arn:aws-us-gov:lambda:us-gov-west-1:229685449397:function:eks-terragrunt-repo-gen-template-automation:4", + "qualified_invoke_arn": "arn:aws-us-gov:apigateway:us-gov-west-1:lambda:path/2015-03-31/functions/arn:aws-us-gov:lambda:us-gov-west-1:229685449397:function:eks-terragrunt-repo-gen-template-automation:4/invocations", "replace_security_groups_on_destroy": null, "replacement_security_group_ids": null, "reserved_concurrent_executions": -1, @@ -998,7 +1121,7 @@ "mode": "PassThrough" } ], - "version": "3", + "version": "4", "vpc_config": [ { "ipv6_allowed_for_dual_stack": false, @@ -1168,13 +1291,13 @@ [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ], [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ] ], @@ -1215,13 +1338,13 @@ [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ], [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ] ], @@ -1309,13 +1432,13 @@ [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ], [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ] ], @@ -1403,13 +1526,13 @@ [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ], [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ] ], diff --git a/deploy/terraform.tfstate.backup b/deploy/terraform.tfstate.backup index aceef67..293633d 100644 --- a/deploy/terraform.tfstate.backup +++ b/deploy/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.9.1", - "serial": 186, + "serial": 188, "lineage": "637f189b-ce2c-766c-35d1-8b43eb7ae216", "outputs": { "api_endpoint": { @@ -262,43 +262,6 @@ } ] }, - { - "mode": "managed", - "type": "aws_servicecatalog_constraint", - "name": "template", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "accept_language": "en", - "description": "Template constraint - locks the Lambda ARN to the deployed function", - "id": "cons-mylfkxudrtotc", - "owner": "229685449397", - "parameters": "{\"Rules\":{\"LockLambdaArn\":{\"Assertions\":[{\"Assert\":{\"Fn::Equals\":[{\"Ref\":\"LambdaFunctionArn\"},\"arn:aws-us-gov:lambda:us-gov-west-1:229685449397:function:eks-terragrunt-repo-gen-template-automation\"]},\"AssertDescription\":\"The Lambda function ARN cannot be changed\"}]}}}", - "portfolio_id": "port-h5qd63hw5yagq", - "product_id": "prod-lmua4oknugafg", - "status": "AVAILABLE", - "timeouts": null, - "type": "TEMPLATE" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAsImRlbGV0ZSI6MTgwMDAwMDAwMDAwLCJyZWFkIjo2MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwfX0=", - "dependencies": [ - "aws_servicecatalog_portfolio.this", - "aws_servicecatalog_product.github_repository", - "data.aws_caller_identity.current", - "data.aws_region.current", - "module.eks_terragrunt_repo_generator.aws_cloudwatch_log_group.lambda", - "module.eks_terragrunt_repo_generator.aws_iam_role.lambda", - "module.eks_terragrunt_repo_generator.aws_iam_role_policy_attachment.lambda_logs", - "module.eks_terragrunt_repo_generator.aws_lambda_function.this", - "module.eks_terragrunt_repo_generator.data.aws_partition.current" - ] - } - ] - }, { "mode": "managed", "type": "aws_servicecatalog_portfolio", @@ -1252,13 +1215,13 @@ [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ], [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ] ], @@ -1393,13 +1356,13 @@ [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ], [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ] ], @@ -1440,13 +1403,13 @@ [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ], [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ] ], @@ -1487,13 +1450,13 @@ [ { "type": "get_attr", - "value": "value_wo" + "value": "value" } ], [ { "type": "get_attr", - "value": "value" + "value": "value_wo" } ] ],