Merge pull request #8 from SCT-Engineering/gen-backup-config

Gen backup config
SCT-Engineering · Sep 12, 2024 · 8f1dd5c · 8f1dd5c
2 parents 1b3b7c1 + 4ce55d3
commit 8f1dd5c
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 38 deletions.
diff --git a/lab/us-gov-east-1/vpc/_mcmCluster/eks/terragrunt.hcl b/lab/us-gov-east-1/vpc/_mcmCluster/eks/terragrunt.hcl
@@ -9,7 +9,7 @@ locals {
   # In which AWS region are operations being performed
   account_id                               = local.account_vars.locals.aws_account_id
   vpc_name                                 = "vpc3-lab-dev"
-  cluster_name                             = "platform-eng-eks-mcm"
+  cluster_name                             = "platform-eng-ci-cd"
   cluster_version                          = "1.30"
   vpc_domain_name                          = "dev.lab.csp2.census.gov"
   eks_instance_disk_size                   = 100
@@ -22,7 +22,7 @@ locals {
   cluster_endpoint_public_access           = true
   profile                                  = "224384469011-lab-dev-gov"
   region                                   = local.region_vars.locals.aws_region
-  cluster_mailing_list                     = "matthew.c.morgan@census.gov"
+  cluster_mailing_list                     = "ahmed.m.youssef@census.gov"
 
   # Tags applied to AWS objects created
   tags = {

diff --git a/lab/us-gov-east-1/vpc/_mcmCluster/terragrunt.hcl b/lab/us-gov-east-1/vpc/_mcmCluster/terragrunt.hcl
@@ -16,50 +16,52 @@ locals {
   # Extract the variables we need for easy access
   account_id     = local.account_vars.locals.aws_account_id
   account_name   = local.account_vars.locals.account_name
-  creator        = "matthew.c.morgan@census.gov"
+  creator        = "ahmed.m.youssef@census.gov"
   organization   = "census:ocio:csvd"
   profile        = "224384469011-lab-dev-gov"
   project_name   = "csvd_platformbaseline"
   project_number = "fs0000000078"
-  project_role   = "csvd_platformbaseline_mcm"
+  project_role   = "csvd_platformbaseline_cicd"
   region         = local.region_vars.locals.aws_region
+  state_bucket_prefix = "inf-tfstate"
+  state_table_name = "tf_remote_state"
 }
 
 generate "provider" {
   path      = "provider.tf"
   if_exists = "overwrite_terragrunt"
   contents  = <<EOF
-terraform {
-  required_version = ">= 1.5.0"
-}
-provider "aws" {
-  region = "${local.region}"
-  profile = "${local.profile}"
-  default_tags {
-    tags = {
-      ProjectNumber = "${local.project_number}"
-      "Project Name" = "${local.project_name}"
-      "Project Role" = "${local.project_role}"
-      "Project Identifier" = "${local.project_number}:${local.project_name}"
-      Organization = "${local.organization}"
-      created_by = "${local.creator}"
-      created_for = "${local.creator}"
-      created_reason = "Exploration of Terragrunt and Demonstration of CICD for Infrastructure"
-      Terraform = "true"
-      Terragrunt = "true"
+  terraform {
+    required_version = ">= 1.5.0"
+  }
+  provider "aws" {
+    region = "${local.region}"
+    profile = "${local.profile}"
+    default_tags {
+      tags = {
+        ProjectNumber = "${local.project_number}"
+        "Project Name" = "${local.project_name}"
+        "Project Role" = "${local.project_role}"
+        "Project Identifier" = "${local.project_number}:${local.project_name}"
+        Organization = "${local.organization}"
+        created_by = "${local.creator}"
+        created_for = "${local.creator}"
+        created_reason = "Exploration of Terragrunt and Demonstration of CICD for Infrastructure"
+        Terraform = "true"
+        Terragrunt = "true"
+      }
     }
+    # Only these AWS Account IDs may be operated on by this template
+    allowed_account_ids = ["${local.account_id}"]
   }
-  # Only these AWS Account IDs may be operated on by this template
-  allowed_account_ids = ["${local.account_id}"]
-}
 
-provider "kubernetes" {
-  config_path    = "~/.kube/config"
-}
- 
-provider "helm" {
-  kubernetes {
-      config_path = "~/.kube/config"
+  provider "kubernetes" {
+    config_path    = "~/.kube/config"
+  }
+  
+  provider "helm" {
+    kubernetes {
+        config_path = "~/.kube/config"
     }
 }
 
@@ -69,18 +71,25 @@ EOF
 remote_state {
   backend = "s3"
   generate = {
-    path      = "backend.tf"
+    path = "remote_state.backend.tf"
     if_exists = "overwrite_terragrunt"
   }
   config = {
-    bucket         = "v-s3-tg-tf-state-${local.account_name}-${local.region}"
-    key            = "${local.project_number}/${local.project_name}/${local.project_role}/${path_relative_to_include()}/terraform.tfstate"
-    region         = local.region
-    encrypt        = true
-    dynamodb_table = "tf_remote_state"
+  #---
+  # "${local.account_name}": "${get_path_from_repo_root()}"
+  #---
+      bucket = "${local.state_bucket_prefix}-${local.account_id}"
+      profile        = "${local.profile}"
+      key            = "${trimprefix(replace(run_cmd("realpath",get_original_terragrunt_dir()),dirname(get_repo_root()),""),"/")}"
+      region         = "${local.region}"
+      dynamodb_table = "${local.state_table_name}"
+      skip_bucket_root_access = true
+      skip_bucket_ssencryption = true
+      skip_bucket_enforced_tls = true
   }
 }
 
+
 inputs = merge(
   local.account_vars.locals,
   # local.common_vars.locals,