From 23715daf3a2f1422b8610580244f294c96041f15 Mon Sep 17 00:00:00 2001
From: Srini Nangunuri <srinivasa.nangunuri@census.gov>
Date: Thu, 16 May 2024 11:30:24 -0400
Subject: [PATCH] new terragrunt structure

---
 lab/account.hcl                               |   7 +
 lab/us-gov-east-1/region.hcl                  |   3 +
 .../vpc/cluster/eks/.terraform.lock.hcl       | 125 ++++++++++++++++++
 .../vpc/cluster/eks/terragrunt.hcl            |  70 ++++++++++
 terragrunt.hcl                                |  71 ++++++++++
 5 files changed, 276 insertions(+)
 create mode 100644 lab/account.hcl
 create mode 100644 lab/us-gov-east-1/region.hcl
 create mode 100644 lab/us-gov-east-1/vpc/cluster/eks/.terraform.lock.hcl
 create mode 100644 lab/us-gov-east-1/vpc/cluster/eks/terragrunt.hcl
 create mode 100644 terragrunt.hcl

diff --git a/lab/account.hcl b/lab/account.hcl
new file mode 100644
index 0000000..ef53a17
--- /dev/null
+++ b/lab/account.hcl
@@ -0,0 +1,7 @@
+locals {
+  account_name   = "lab-dev-ew"
+  aws_account_id = "224384469011"
+  environment    = "development"
+  aws_profile    = "224384469011-lab-dev-gov.inf-admin-t3"
+  domain_name    = "dev.lab.csp2.census.gov"
+}
\ No newline at end of file
diff --git a/lab/us-gov-east-1/region.hcl b/lab/us-gov-east-1/region.hcl
new file mode 100644
index 0000000..f974d39
--- /dev/null
+++ b/lab/us-gov-east-1/region.hcl
@@ -0,0 +1,3 @@
+locals {
+  aws_region = "us-gov-east-1"
+}
\ No newline at end of file
diff --git a/lab/us-gov-east-1/vpc/cluster/eks/.terraform.lock.hcl b/lab/us-gov-east-1/vpc/cluster/eks/.terraform.lock.hcl
new file mode 100644
index 0000000..d54d639
--- /dev/null
+++ b/lab/us-gov-east-1/vpc/cluster/eks/.terraform.lock.hcl
@@ -0,0 +1,125 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "5.45.0"
+  constraints = ">= 4.0.0, >= 4.33.0, >= 5.14.0, >= 5.40.0"
+  hashes = [
+    "h1:4Vgk51R7iTY1oczaTQDG+DkA9nE8TmjlUtecqXX6qDU=",
+    "zh:1379bcf45aef3d486ee18b4f767bfecd40a0056510d26107f388be3d7994c368",
+    "zh:1615a6f5495acfb3a0cb72324587261dd4d72711a3cc51aff13167b14531501e",
+    "zh:18b69a0f33f8b1862fbd3f200756b7e83e087b73687085f2cf9c7da4c318e3e6",
+    "zh:2c5e7aecd197bc3d3b19290bad8cf4c390c2c6a77bb165da4e11f53f2dfe2e54",
+    "zh:3794da9bef97596e3bc60e12cdd915bda5ec2ed62cd1cd93723d58b4981905fe",
+    "zh:40a5e45ed91801f83db76dffd467dcf425ea2ca8642327cf01119601cb86021c",
+    "zh:4abfc3f53d0256a7d5d1fa5e931e4601b02db3d1da28f452341d3823d0518f1a",
+    "zh:4eb0e98078f79aeb06b5ff6115286dc2135d12a80287885698d04036425494a2",
+    "zh:75470efbadea4a8d783642497acaeec5077fc4a7f3df3340defeaa1c7de29bf7",
+    "zh:8861a0b4891d5fa2fa7142f236ae613cea966c45b5472e3915a4ac3abcbaf487",
+    "zh:8bf6f21cd9390b742ca0b4393fde92616ca9e6553fb75003a0999006ad233d35",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:ad73008a044e75d337acda910fb54d8b81a366873c8a413fec1291034899a814",
+    "zh:bf261713b0b8bebfe8c199291365b87d9043849f28a2dc764bafdde73ae43693",
+    "zh:da3bafa1fd830be418dfcc730e85085fe67c0d415c066716f2ac350a2306f40a",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/cloudinit" {
+  version     = "2.3.3"
+  constraints = ">= 2.0.0, >= 2.3.2"
+  hashes = [
+    "h1:U6EC4/cJJ6Df3LztUQ/I4YuljGQQeQ+LdLndAwSSiTs=",
+    "zh:0bd6ee14ca5cf0f0c83d3bb965346b1225ccd06a6247e80774aaaf54c729daa7",
+    "zh:3055ad0dcc98de1d4e45b72c5889ae91b62f4ae4e54dbc56c4821be0fdfbed91",
+    "zh:32764cfcff0d7379ca8b7dde376ac5551854d454c5881945f1952b785a312fa2",
+    "zh:55c2a4dc3ebdeaa1dec3a36db96dab253c7fa10b9fe1209862e1ee77a01e0aa1",
+    "zh:5c71f260ba5674d656d12f67cde3bb494498e6b6b6e66945ef85688f185dcf63",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:9617280a853ec7caedb8beb7864e4b29faf9c850a453283980c28fccef2c493d",
+    "zh:ac8bda21950f8dddade3e9bc15f7bcfdee743738483be5724169943cafa611f5",
+    "zh:ba9ab567bbe63dee9197a763b3104ea9217ba27449ed54d3afa6657f412e3496",
+    "zh:effd1a7e34bae3879c02f03ed3afa979433a518e11de1f8afd35a8710231ac14",
+    "zh:f021538c86d0ac250d75e59efde6d869bbfff711eb744c8bddce79d2475bf46d",
+    "zh:f1e3984597948a2103391a26600e177b19f16a5a4c66acee27a4343fb141571f",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/http" {
+  version     = "3.4.2"
+  constraints = ">= 3.4.0"
+  hashes = [
+    "h1:eqo0hkFNrixeaT93PC5NiU893s7rUwwOMeqnCjjj3u0=",
+    "zh:0ba051c9c8659ce0fec94a3d50926745f11759509c4d6de0ad5f5eb289f0edd9",
+    "zh:23e6760e8406fef645913bf47bfab1ca984c1c5805d2bb0ef8310b16913d29cd",
+    "zh:3c69fde4548bfe65b968534c4df8d699648c921d6a065b97fec5faece73a442b",
+    "zh:41c7f9a8c117704b7a8fa96a57ebfb92b72129d9625128eeb0dee7d5a09d1110",
+    "zh:59d09d2e00727df10565cc82a33250b44201fcd353eb2b1579507a5a0adcce18",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:c95b2f63d4357b3068531b90d9dca62a32551d7693defb7ab14b650b5d139c57",
+    "zh:cc0a3bbd3026191b35f417d3a8f26bdfad376d15be9e8d99a8803487ca5b0105",
+    "zh:d1185c6abb3ba25123fb7df1ad7dbe2b9cd8f43962628da551040fbe1934656f",
+    "zh:dfb26fccab7ecdc150f67415e6cfe19d699dc43e8bf5722f36032b17b46a0fbe",
+    "zh:eb1fcc00073bc0463f64e49600a73d925b1a0c0ae5b94dd7b67d3ebac248a113",
+    "zh:ec9b9ad69cf790cb0603a1036d758063bbbc35c0c75f72dd04a1eddaf46ad010",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/null" {
+  version     = "3.2.2"
+  constraints = ">= 3.0.0, >= 3.2.1"
+  hashes = [
+    "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=",
+    "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7",
+    "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a",
+    "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3",
+    "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606",
+    "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546",
+    "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539",
+    "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422",
+    "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae",
+    "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1",
+    "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/time" {
+  version     = "0.11.1"
+  constraints = ">= 0.9.0, >= 0.9.1"
+  hashes = [
+    "h1:IkDriv5C9G+kQQ+mP+8QGIahwKgbQcw1/mzh9U6q+ZI=",
+    "zh:19a393db736ec4fd024d098d55aefaef07056c37a448ece3b55b3f5f4c2c7e4a",
+    "zh:227fa1e221de2907f37be78d40c06ca6a6f7b243a1ec33ade014dfaf6d92cd9c",
+    "zh:29970fecbf4a3ca23bacbb05d6b90cdd33dd379f90059fe39e08289951502d9f",
+    "zh:65024596f22f10e7dcb5e0e4a75277f275b529daa0bc0daf34ca7901c678ab88",
+    "zh:694d080cb5e3bf5ef08c7409208d061c135a4f5f4cdc93ea8607860995264b2e",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:b29d15d13e1b3412e6a4e1627d378dbd102659132f7488f64017dd6b6d5216d3",
+    "zh:bb79f4cae9f8c17c73998edc54aa16c2130a03227f7f4e71fc6ac87e230575ec",
+    "zh:ceccf80e95929d97f62dcf1bb3c7c7553d5757b2d9e7d222518722fc934f7ad5",
+    "zh:f40e638336527490e294d9c938ae55919069e6987e85a80506784ba90348792a",
+    "zh:f99ef33b1629a3b2278201142a3011a8489e66d92da832a5b99e442204de18fb",
+    "zh:fded14754ea46fdecc62a52cd970126420d4cd190e598cb61190b4724a727edb",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/tls" {
+  version     = "4.0.5"
+  constraints = ">= 3.0.0, >= 4.0.4"
+  hashes = [
+    "h1:e4LBdJoZJNOQXPWgOAG0UuPBVhCStu98PieNlqJTmeU=",
+    "zh:01cfb11cb74654c003f6d4e32bbef8f5969ee2856394a96d127da4949c65153e",
+    "zh:0472ea1574026aa1e8ca82bb6df2c40cd0478e9336b7a8a64e652119a2fa4f32",
+    "zh:1a8ddba2b1550c5d02003ea5d6cdda2eef6870ece86c5619f33edd699c9dc14b",
+    "zh:1e3bb505c000adb12cdf60af5b08f0ed68bc3955b0d4d4a126db5ca4d429eb4a",
+    "zh:6636401b2463c25e03e68a6b786acf91a311c78444b1dc4f97c539f9f78de22a",
+    "zh:76858f9d8b460e7b2a338c477671d07286b0d287fd2d2e3214030ae8f61dd56e",
+    "zh:a13b69fb43cb8746793b3069c4d897bb18f454290b496f19d03c3387d1c9a2dc",
+    "zh:a90ca81bb9bb509063b736842250ecff0f886a91baae8de65c8430168001dad9",
+    "zh:c4de401395936e41234f1956ebadbd2ed9f414e6908f27d578614aaa529870d4",
+    "zh:c657e121af8fde19964482997f0de2d5173217274f6997e16389e7707ed8ece8",
+    "zh:d68b07a67fbd604c38ec9733069fbf23441436fecf554de6c75c032f82e1ef19",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
diff --git a/lab/us-gov-east-1/vpc/cluster/eks/terragrunt.hcl b/lab/us-gov-east-1/vpc/cluster/eks/terragrunt.hcl
new file mode 100644
index 0000000..7bda758
--- /dev/null
+++ b/lab/us-gov-east-1/vpc/cluster/eks/terragrunt.hcl
@@ -0,0 +1,70 @@
+include "root" {
+  path   = find_in_parent_folders()
+  expose = true
+}
+
+locals {
+  # In which AWS region are operations being performed
+  vpc_name               = "vpc3-lab-dev"
+  cluster_name           = "platform-eng-eks-test"
+  cluster_version        = 1.29
+  domain                 = "dev.lab.csp2.census.gov"
+  eks_instance_disk_size = 40
+  eks_vpc_name           = "vpc3-lab-dev"
+  eks_ng_desired_size    = 1
+  eks_ng_max_size        = 5
+  eks_ng_min_size        = 1
+  operators_ns           = "operators"
+  enable_cluster_creator_admin_permissions = true
+  cluster_endpoint_public_access  = true
+  profile                = "224384469011-lab-dev-gov.inf-admin-t3"
+  
+  # Tags applied to AWS objects created
+  tags = {
+      "Environment"           = "dev"
+      "slim:schedule"         = "0800-1700"
+      "test"                  = "test"
+  }
+
+  aws_auth_roles = [
+    {
+      rolearn : "arn:aws-us-gov:iam::224384469011:role/AWSReservedSSO_inf-admin-t3_b200ae7af469cdc8"
+      aws_rolename : ""
+      username : "admin"
+      groups = ["system:masters"]
+    },
+    {
+      rolearn : "arn:aws-us-gov:iam::224384469011:role/AWSReservedSSO_inf-admin-t2_f3912d726991bbfa"
+      aws_rolename : ""
+      username : "admin"
+      groups = ["system:masters"]
+    }
+  ]
+}
+
+terraform {
+  source      = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks.git"
+  extra_arguments "retry_lock" {
+    commands  = get_terraform_commands_that_need_locking()
+    arguments = ["-lock-timeout=20m"]
+  }
+}
+
+inputs = {
+  profile                = local.profile
+  vpc_name               = local.eks_vpc_name
+  cluster_name           = local.cluster_name
+  cluster_version        = local.cluster_version
+  eks_instance_disk_size = local.eks_instance_disk_size
+  eks_vpc_name           = local.eks_vpc_name
+  #eks_instance_types     = local.eks_instance_types
+  eks_ng_desired_size    = local.eks_ng_desired_size
+  eks_ng_max_size        = local.eks_ng_max_size
+  eks_ng_min_size        = local.eks_ng_min_size
+  operators_ns           = local.operators_ns
+  enable_cluster_creator_admin_permissions = local.enable_cluster_creator_admin_permissions
+  cluster_endpoint_public_access  = local.cluster_endpoint_public_access 
+  tags                   = local.tags
+  aws_auth_roles         = local.aws_auth_roles
+  domain                 = local.domain
+}
\ No newline at end of file
diff --git a/terragrunt.hcl b/terragrunt.hcl
new file mode 100644
index 0000000..4aca107
--- /dev/null
+++ b/terragrunt.hcl
@@ -0,0 +1,71 @@
+locals {
+  # Automatically load _envcommon, cross account and environment common variables
+  # common_vars = read_terragrunt_config("${dirname(find_in_parent_folders())}/_envcommon/common-variables.hcl", "skip-account-if-does-not-exist")
+  // "${get_tfvars_dir()}/${find_in_parent_folders("account.tfvars", "skip-account-if-does-not-exist")}",
+ 
+  # Automatically load account-level variables (NOTE: In our environment account = environment so there is not separate environment layer)
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+ 
+  # Automatically load region-level variables
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+ 
+  # Automatically load vpc-level variables
+  # Not applicable in this demo, but including for reference, would be next level of variables and configurations
+  # vpc_vars = read_terragrunt_config(find_in_parent_folders("vpc.hcl", "skip-account-if-does-not-exist"))
+ 
+  # Extract the variables we need for easy access
+  account_name   = local.account_vars.locals.account_name
+  account_id     = local.account_vars.locals.aws_account_id
+  organization   = "census:ocio:csvd"
+  project_number = "fs0000000078"
+  project_name   = "csvd_platformbaseline"
+  project_role   = "csvd_platformbaseline_app"
+}
+
+generate "provider" {
+  path      = "provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<EOF
+provider "aws" {
+  region = "us-gov-east-1"
+  default_tags {
+    tags = {
+      project_number = "${local.project_number}"
+      project_name = "${local.project_name}"
+      project_role = "${local.project_role}"
+      organization = "${local.organization}"
+      created_by = "luther.coleman.mcginty@census.gov"
+      created_for = "luther.coleman.mcginty@census.gov"
+      created_reason = "Exploration of Terragrunt and Demonstration of CICD for Infrastructure"
+      Terraform = "true"
+      Terragrunt = "true"
+    }
+  }
+ 
+  # Only these AWS Account IDs may be operated on by this template
+  allowed_account_ids = ["${local.account_id}"]
+}
+EOF
+}
+
+remote_state {
+  backend     = "s3"
+  generate = {
+    path      = "backend.tf"
+    if_exists = "overwrite_terragrunt"
+  }
+  config = {
+    bucket         = "tg-infrastructure-tf-state-lab-dev-ew-us-gov-east-1"
+    key            = "platform-eks-test/terraform.tfstate"
+    region         = "us-gov-east-1"
+    encrypt        = true
+    #dynamodb_table = "my-lock-table"
+  }
+}
+
+inputs = merge(
+  # local.common_vars.locals,
+  local.account_vars.locals,
+  local.region_vars.locals,
+  #  local.vpc_vars.locals,
+)
\ No newline at end of file