Skip to content

Commit

Permalink
more wip
Browse files Browse the repository at this point in the history
  • Loading branch information
@morga471
morga471 committed May 8, 2025
1 parent 2ec3413 commit cde4cda
Show file tree
Hide file tree
Showing 5 changed files with 78 additions and 297 deletions.
267 changes: 0 additions & 267 deletions buildspecs/census-pki.bundle.crt
View file

This file was deleted.

37 changes: 10 additions & 27 deletions buildspecs/terragrunt.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,13 @@ version: 0.2
env:
variables:
BASE_DIR: "lab"
TF_VERSION: "1.5.5"
TG_VERSION: "0.72.0"
TOOLS_DIR: "/tmp/build-tools"
CERT_DIR: "/tmp/certs"
exported-variables:
- TERRAGRUNT_PATH

cache:
paths:
- '/tmp/build-tools/**/*'
- '/tmp/certs/**/*'

phases:
install:
Expand All @@ -24,37 +20,24 @@ phases:
- export http_proxy=$PROXY_CONFIG
- export https_proxy=$PROXY_CONFIG
- export NO_PROXY=.census.gov,169.254.169.254,148.129.0.0/16,10.0.0.0/8,172.16.0/12,.eks.amazonaws.com,.s3.amazonaws.com,.amazonaws.com,.gcr.io,.pkg.dev

# Set up certificate for proxy access
- mkdir -p $CERT_DIR
- cp buildspecs/census-pki.bundle.crt $CERT_DIR/
- export SSL_CERT_FILE=$CERT_DIR/census-pki.bundle.crt
- export REQUESTS_CA_BUNDLE=$CERT_DIR/census-pki.bundle.crt
- export NODE_EXTRA_CA_CERTS=$CERT_DIR/census-pki.bundle.crt
- export CURL_CA_BUNDLE=$CERT_DIR/census-pki.bundle.crt
- export AWS_CA_BUNDLE=$CERT_DIR/census-pki.bundle.crt

# Create tools directory if it doesn't exist
- mkdir -p $TOOLS_DIR/bin

# Check if cached Terraform exists and matches required version
# Get tools from S3 artifacts bucket instead of downloading from internet
- |
if [ -f "$TOOLS_DIR/bin/terraform" ] && [ "$($TOOLS_DIR/bin/terraform version | head -n1 | grep -o "v$TF_VERSION")" = "v$TF_VERSION" ]; then
echo "Using cached Terraform v$TF_VERSION"
else
echo "Downloading Terraform v$TF_VERSION"
curl -fsSLo /tmp/terraform.zip "https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip"
unzip -o /tmp/terraform.zip -d $TOOLS_DIR/bin/
# Terraform
if [ ! -f "$TOOLS_DIR/bin/terraform" ]; then
echo "Copying Terraform from S3 artifacts bucket"
aws s3 cp s3://${ARTIFACTS_BUCKET}/tools/terraform/terraform.zip $TOOLS_DIR/
unzip -o $TOOLS_DIR/terraform.zip -d $TOOLS_DIR/bin/
chmod +x $TOOLS_DIR/bin/terraform
fi
# Check if cached Terragrunt exists and matches required version
- |
if [ -f "$TOOLS_DIR/bin/terragrunt" ] && [ "$($TOOLS_DIR/bin/terragrunt --version | grep -o "v$TG_VERSION")" = "v$TG_VERSION" ]; then
echo "Using cached Terragrunt v$TG_VERSION"
else
echo "Downloading Terragrunt v$TG_VERSION"
curl -fsSLo $TOOLS_DIR/bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v${TG_VERSION}/terragrunt_linux_amd64"
# Terragrunt
if [ ! -f "$TOOLS_DIR/bin/terragrunt" ]; then
echo "Copying Terragrunt from S3 artifacts bucket"
aws s3 cp s3://${ARTIFACTS_BUCKET}/tools/terragrunt/terragrunt $TOOLS_DIR/bin/
chmod +x $TOOLS_DIR/bin/terragrunt
fi
Expand Down

0 comments on commit cde4cda

Please sign in to comment.