add Makefile for common actions

SCT-Engineering · Feb 13, 2025 · 3327a11 · 3327a11
1 parent ec43ede
commit 3327a11
Show file tree

Hide file tree

Showing 14 changed files with 287 additions and 173 deletions.
diff --git a/.github/platform-tg-infra.code-workspace b/.github/platform-tg-infra.code-workspace
@@ -73,6 +73,9 @@
 		},
 		{
 			"path": "../../karpenter-provider-aws"
+		},
+		{
+			"path": "../../terragrunt"
 		}
 	]
 }
diff --git a/Makefile b/Makefile
@@ -0,0 +1,35 @@
+.PHONY: help init validate plan fmt check clean
+
+help:
+	@echo "Available targets:"
+	@echo "  init      - Initialize Terragrunt configurations"
+	@echo "  validate  - Validate all Terragrunt configurations"
+	@echo "  plan      - Run plan in dry-run mode across all configurations"
+	@echo "  fmt       - Format HCL files"
+	@echo "  check     - Run all checks (format, validate, plan)"
+	@echo "  clean     - Clean up Terragrunt cache and temporary files"
+
+init:
+	@echo "Initializing Terragrunt configurations..."
+	terragrunt run-all init
+
+validate:
+	@echo "Validating Terragrunt configurations..."
+	terragrunt run-all validate
+
+plan:
+	@echo "Running plan in dry-run mode..."
+	terragrunt run-all plan --terragrunt-non-interactive
+
+fmt:
+	@echo "Formatting HCL files..."
+	find . -type f -name "*.hcl" -exec terragrunt hclfmt {} \;
+
+check: fmt validate plan
+	@echo "All checks completed"
+
+clean:
+	@echo "Cleaning Terragrunt cache..."
+	find . -type d -name ".terragrunt-cache" -exec rm -rf {} +
+	find . -type f -name ".terraform.lock.hcl" -delete
+	find . -type f -name "terragrunt-debug.tfvars.json" -delete
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
@@ -1,8 +1,5 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
-
-# Set cluster specific variables. These are automatically pulled in to configure the remote state bucket in the root
-# terragrunt.hcl configuration.
 locals {
+  # Cluster specific configuration
   cluster_endpoint_public_access           = true
   cluster_name                             = "platform-eng-eks-mcm"
   cluster_mailing_list                     = "matthew.c.morgan@census.gov"
@@ -15,4 +12,17 @@ locals {
     "slim:schedule" = "8:00-17:00"
     "cluster:size"  = "min:${local.eks_ng_min_size}-max:${local.eks_ng_max_size}-desired:${local.eks_ng_desired_size}"
   }
+
+  # Common configuration
+  common_retry_args = {
+    commands  = get_terraform_commands_that_need_locking()
+    arguments = ["-lock-timeout=20m"]
+  }
+
+  common_dependencies = ["../eks", "../eks-config"]
+
+  common_mock_eks = {
+    cluster_name      = "mock-cluster"
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
+  }
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl
@@ -4,37 +4,48 @@ include "root" {
   expose         = true
 }
 
-terraform {
-  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-cert-mgr.git?ref=${include.root.inputs.release_version}"
-  extra_arguments "retry_lock" {
-    commands  = get_terraform_commands_that_need_locking()
-    arguments = ["-lock-timeout=20m"]
-  }
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-config",
+    "../eks-karpenter"
+  ]
 }
 
 dependency "eks" {
   config_path                             = "../eks"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
+
   mock_outputs = {
-    cluster_name      = "a-cluster-name"
-    oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
+    cluster_name      = "mock-cluster"
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
+    cluster_endpoint  = "https://mock-endpoint.eks.amazonaws.com"
+    cluster_version   = "1.27"
   }
 }
 
-dependencies {
-  paths = ["../eks-config", "../eks-karpenter"]
+terraform {
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-cert-mgr.git?ref=${include.root.inputs.release_version}"
+
+  extra_arguments "retry_lock" {
+    commands  = get_terraform_commands_that_need_locking()
+    arguments = ["-lock-timeout=20m"]
+  }
 }
 
 inputs = {
-  cert_manager_cainjector_tag      = dependency.eks.inputs.cert_manager_cainjector_tag
-  cert_manager_controller_tag      = dependency.eks.inputs.cert_manager_controller_tag
-  cert_manager_helm_chart          = dependency.eks.inputs.cert_manager_helm_chart
-  cert_manager_startupapicheck_tag = dependency.eks.inputs.cert_manager_startupapicheck_tag
-  cert_manager_webhook_tag         = dependency.eks.inputs.cert_manager_webhook_tag
-  cluster_issuer_name              = dependency.eks.inputs.cluster_issuer_name
-  cluster_mailing_list             = dependency.eks.inputs.cluster_mailing_list
-  cluster_name                     = dependency.eks.outputs.cluster_name
-  oidc_provider_arn                = dependency.eks.outputs.oidc_provider_arn
-  profile                          = dependency.eks.inputs.aws_profile
-  region                           = dependency.eks.inputs.aws_region
+  # Core configuration
+  cluster_name         = dependency.eks.outputs.cluster_name
+  oidc_provider_arn    = dependency.eks.outputs.oidc_provider_arn
+  cluster_mailing_list = include.root.inputs.cluster_mailing_list
+
+  # Cert-manager configuration
+  cert_manager_helm_chart = include.root.inputs.cert_manager_helm_chart
+  cluster_issuer_name     = include.root.inputs.cluster_issuer_name
+
+  # Version tags
+  cert_manager_cainjector_tag      = include.root.inputs.cert_manager_cainjector_tag
+  cert_manager_controller_tag      = include.root.inputs.cert_manager_controller_tag
+  cert_manager_startupapicheck_tag = include.root.inputs.cert_manager_startupapicheck_tag
+  cert_manager_webhook_tag         = include.root.inputs.cert_manager_webhook_tag
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl
@@ -1,12 +1,19 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl
 include "root" {
   path           = find_in_parent_folders("root.hcl")
   merge_strategy = "deep"
   expose         = true
 }
 
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-karpenter"
+  ]
+}
+
 terraform {
   source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-configuration.git?ref=${include.root.inputs.release_version}"
+
   extra_arguments "retry_lock" {
     commands  = get_terraform_commands_that_need_locking()
     arguments = ["-lock-timeout=20m"]
@@ -16,26 +23,32 @@ terraform {
 dependency "eks" {
   config_path                             = "../eks"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
+
   mock_outputs = {
-    cluster_certificate_authority_data              = [{ data = "THISISAVERYLONGCERTSTRINGTHATGOESHEREFORSURENODYEP" }]
-    cluster_endpoint                                = "https://12345ABCDEE42BF9C24D4C362D1DC.sk1.us-gov-east-1.eks.amazonaws.com"
-    cluster_name                                    = "a-cluster-name"
-    eks_managed_node_groups_autoscaling_group_names = ["eks-eks-a-cluster-name-node_group-0000000000000000000000000-5ac8a5e3-14dd-c043-2cc9-f4b6ffb36d32"]
-    oidc_provider_arn                               = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
-    security_group_all_worker_mgmt_id               = "sg-00b0000000000000"
-    subnets                                         = ["subnet-00000000000000001", "subnet-00000000000000002", "subnet-00000000000000003"]
-    vpc_id                                          = "a-vpc-id"
+    cluster_name                                    = "mock-cluster"
+    cluster_endpoint                                = "https://mock-endpoint.eks.amazonaws.com"
+    cluster_certificate_authority_data              = [{ data = "mock-cert-data" }]
+    eks_managed_node_groups_autoscaling_group_names = ["mock-asg-name"]
+    oidc_provider_arn                               = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
+    security_group_all_worker_mgmt_id               = "sg-mock"
+    subnets                                         = ["subnet-mock1", "subnet-mock2"]
+    vpc_id                                          = "vpc-mock"
   }
 }
 
-dependencies {
-  paths = ["../eks-karpenter"]
-}
-
 inputs = {
-  cluster_name                      = dependency.eks.outputs.cluster_name
-  region                            = dependency.eks.inputs.aws_region
-  security_group_all_worker_mgmt_id = dependency.eks.outputs.security_group_all_worker_mgmt_id
-  subnets                           = dependency.eks.outputs.subnets
-  vpc_id                            = dependency.eks.outputs.vpc_id
+  # Core cluster configuration
+  cluster_name                                    = dependency.eks.outputs.cluster_name
+  vpc_id                                          = dependency.eks.outputs.vpc_id
+  subnets                                         = dependency.eks.outputs.subnets
+  security_group_all_worker_mgmt_id               = dependency.eks.outputs.security_group_all_worker_mgmt_id
+  eks_managed_node_groups_autoscaling_group_names = dependency.eks.outputs.eks_managed_node_groups_autoscaling_group_names
+
+  # AWS configuration
+  profile = include.root.inputs.aws_profile
+  region  = include.root.inputs.aws_region
+
+  # Additional configurations
+  oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
+  kubectl_image_tag = include.root.inputs.kubectl_image_tag
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl
@@ -16,7 +16,9 @@ dependency "eks" {
   config_path                             = "../eks"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    cluster_name = "a-cluster-name"
+    cluster_name      = "mock-cluster"
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
+    cluster_version   = "1.27"
   }
 }
 
@@ -29,18 +31,33 @@ dependency "eks-loki" {
 }
 
 dependencies {
-  paths = ["../eks-config", "../eks-karpenter", "../eks-dns"]
+  paths = [
+    "../eks",
+    "../eks-config",
+    "../eks-dns",
+    "../eks-karpenter"
+  ]
 }
 
 inputs = {
-  profile                       = dependency.eks.inputs.aws_profile
-  region                        = dependency.eks.inputs.aws_region
-  cluster_name                  = dependency.eks.outputs.cluster_name
-  cluster_domain                = dependency.eks.inputs.vpc_domain_name
-  public_hostname               = dependency.eks.inputs.grafana_hostname
-  rwo_storage_class             = dependency.eks-loki.outputs.rwo_storage_class
-  grafana_chart_version         = dependency.eks.inputs.grafana_chart_version
-  grafana_tag                   = dependency.eks.inputs.grafana_tag
-  download_dashboards_image_tag = dependency.eks.inputs.download_dashboards_image_tag
-  init_chown_data_image_tag     = dependency.eks.inputs.init_chown_data_image_tag
+  # AWS Configuration
+  account_id = include.root.inputs.aws_account_id
+  profile    = include.root.inputs.aws_profile
+  region     = include.root.inputs.aws_region
+
+  # Cluster Configuration
+  cluster_name      = dependency.eks.outputs.cluster_name
+  cluster_domain    = include.root.inputs.vpc_domain_name
+  oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
+  public_hostname   = include.root.inputs.grafana_hostname
+
+  # Storage Configuration
+  rwo_storage_class = dependency.eks-loki.outputs.rwo_storage_class
+
+  # Grafana Configuration
+  grafana_chart_version         = include.root.inputs.grafana_chart_version
+  grafana_tag                   = include.root.inputs.grafana_tag
+  grafana_version               = include.root.inputs.grafana_version
+  download_dashboards_image_tag = include.root.inputs.download_dashboards_image_tag
+  init_chown_data_image_tag     = include.root.inputs.init_chown_data_image_tag
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl
@@ -4,30 +4,30 @@ include "root" {
   expose         = true
 }
 
-terraform {
-  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-istio.git?ref=${include.root.inputs.release_version}"
-  extra_arguments "retry_lock" {
-    commands  = get_terraform_commands_that_need_locking()
-    arguments = ["-lock-timeout=20m"]
-  }
+dependencies {
+  paths = ["../eks", "../eks-config"]
 }
 
 dependency "eks" {
   config_path                             = "../eks"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    cluster_name = "a-cluster-name"
+    cluster_name      = "mock-cluster"
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
   }
 }
 
-dependencies {
-  paths = ["../eks-karpenter", "../eks-config", "../eks-cert-manager"]
+terraform {
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-istio.git?ref=${include.root.inputs.release_version}"
+  extra_arguments "retry_lock" {
+    commands  = get_terraform_commands_that_need_locking()
+    arguments = ["-lock-timeout=20m"]
+  }
 }
 
 inputs = {
-  cluster_name        = dependency.eks.outputs.cluster_name
-  istio_chart_version = dependency.eks.inputs.istio_version
-  istio_version       = dependency.eks.inputs.istio_version
-  profile             = dependency.eks.inputs.aws_profile
-  region              = dependency.eks.inputs.aws_region
+  cluster_name      = dependency.eks.outputs.cluster_name
+  oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
+  istio_version     = include.root.inputs.istio_version
+  istio_namespace   = include.root.inputs.istio_namespace
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl
@@ -4,33 +4,28 @@ include "root" {
   expose         = true
 }
 
-terraform {
-  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-k8s-dashboard.git?ref=${include.root.inputs.release_version}"
-  extra_arguments "retry_lock" {
-    commands  = get_terraform_commands_that_need_locking()
-    arguments = ["-lock-timeout=20m"]
-  }
+dependencies {
+  paths = ["../eks", "../eks-config"]
 }
 
 dependency "eks" {
   config_path                             = "../eks"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    cluster_name    = "a-cluster-name"
-    vpc_domain_name = "example.com"
+    cluster_name      = "mock-cluster"
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
   }
 }
 
-dependencies {
-  paths = ["../eks-config", "../eks-karpenter", "../eks-dns"]
+terraform {
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-k8s-dashboard.git?ref=${include.root.inputs.release_version}"
+  extra_arguments "retry_lock" {
+    commands  = get_terraform_commands_that_need_locking()
+    arguments = ["-lock-timeout=20m"]
+  }
 }
 
 inputs = {
-  profile               = dependency.eks.inputs.aws_profile
-  region                = dependency.eks.inputs.aws_region
   cluster_name          = dependency.eks.outputs.cluster_name
-  cluster_domain        = dependency.eks.inputs.vpc_domain_name
-  public_hostname       = dependency.eks.inputs.dashboard_hostname
-  k8s_dashboard_version = dependency.eks.inputs.k8s_dashboard_version
-  # datasources        = dependency.eks-loki.outputs.gateway_internal_endpoint
+  k8s_dashboard_version = include.root.inputs.k8s_dashboard_version
 }