diff --git a/concourse/parameters/ci/ci.yml b/concourse/parameters/ci/ci.yml index 98ef37322..24bbaebfa 100644 --- a/concourse/parameters/ci/ci.yml +++ b/concourse/parameters/ci/ci.yml @@ -1,2 +1,3 @@ -govuk_infrastructure_branch: main +aws_region: eu-west-1 concourse_ci_role_arn: arn:aws:iam::430354129336:role/govuk-ci-concourse +govuk_infrastructure_branch: main diff --git a/concourse/pipelines/ci.yml b/concourse/pipelines/ci.yml index c3eab94e1..d75cfd746 100644 --- a/concourse/pipelines/ci.yml +++ b/concourse/pipelines/ci.yml @@ -35,48 +35,66 @@ jobs: var_files: - govuk-infrastructure/concourse/parameters/ci/ci.yml - - name: terraform-plan-govuk-deployment + - name: terraform-cluster-infrastructure plan: - get: govuk-infrastructure-commit trigger: true - put: govuk-infrastructure-commit - params: {status: pending, context: terraform-plan-govuk-deployment} - - task: terraform-plan - file: govuk-infrastructure-commit/repo/concourse/tasks/terraform-plan-govuk-deployment.yml - params: - ASSUME_ROLE_ARN: ((concourse_ci_role_arn)) + params: {status: pending, context: terraform-plan-cluster-infrastructure} + - task: terraform-cluster + config: &terraform-cluster-config + inputs: + - name: govuk-infrastructure-commit + params: &terraform-cluster-params + ASSUME_ROLE_ARN: ((concourse_ci_role_arn)) + AWS_REGION: ((aws_region)) + DEPLOYMENT_PATH: govuk-infrastructure-commit/repo/terraform/deployments/cluster-infrastructure + ENVIRONMENT: ((govuk_environment)) + platform: linux + image_resource: + type: docker-image + source: + repository: digiticketsgroup/terraforming + tag: tf-1.0.1-aws-2.2.18-jq-1.5-git-2.32.0 #TODO: build our own image instead. + username: ((docker_hub_username)) + password: ((docker_hub_authtoken)) + run: + path: govuk-infrastructure-commit/repo/concourse/tasks/terraform.sh + args: ["plan", "-lock=false", "-refresh=false"] on_success: put: govuk-infrastructure-commit - params: {status: success, context: terraform-plan-govuk-deployment} + params: {status: success, context: terraform-plan-cluster-infrastructure} on_failure: put: govuk-infrastructure-commit - params: {status: failure, context: terraform-plan-govuk-deployment} + params: {status: failure, context: terraform-plan-cluster-infrastructure} on_abort: put: govuk-infrastructure-commit - params: {status: error, context: terraform-plan-govuk-deployment} + params: {status: error, context: terraform-plan-cluster-infrastructure} on_error: put: govuk-infrastructure-commit - params: {status: error, context: terraform-plan-govuk-deployment} + params: {status: error, context: terraform-plan-cluster-infrastructure} - - name: terraform-plan-monitoring + - name: terraform-cluster-services plan: - get: govuk-infrastructure-commit trigger: true - put: govuk-infrastructure-commit - params: {status: pending, context: terraform-plan-govuk-deployment} - - task: terraform-plan - file: govuk-infrastructure-commit/repo/concourse/tasks/terraform-plan-monitoring.yml - params: - ASSUME_ROLE_ARN: ((concourse_ci_role_arn)) + params: {status: pending, context: terraform-plan-cluster-services} + - task: terraform-cluster-addons + config: + <<: *terraform-cluster-config + params: + <<: *terraform-cluster-params + DEPLOYMENT_PATH: govuk-infrastructure-commit/repo/terraform/deployments/cluster-services on_success: put: govuk-infrastructure-commit - params: {status: success, context: terraform-plan-monitoring} + params: {status: success, context: terraform-plan-cluster-services} on_failure: put: govuk-infrastructure-commit - params: {status: failure, context: terraform-plan-monitoring} + params: {status: failure, context: terraform-plan-cluster-services} on_abort: put: govuk-infrastructure-commit - params: {status: error, context: terraform-plan-monitoring} + params: {status: error, context: terraform-plan-cluster-services} on_error: put: govuk-infrastructure-commit - params: {status: error, context: terraform-plan-monitoring} + params: {status: error, context: terraform-plan-cluster-services} diff --git a/concourse/tasks/terraform-plan-govuk-deployment.yml b/concourse/tasks/terraform-plan-govuk-deployment.yml deleted file mode 100644 index 1a71318de..000000000 --- a/concourse/tasks/terraform-plan-govuk-deployment.yml +++ /dev/null @@ -1,29 +0,0 @@ -platform: linux -image_resource: - type: docker-image - source: - repository: hashicorp/terraform - tag: 1.0.0 - username: ((docker_hub_username)) - password: ((docker_hub_authtoken)) -inputs: - - name: govuk-infrastructure-commit -params: - ASSUME_ROLE_ARN: - AWS_REGION: eu-west-1 - TF_IN_AUTOMATION: true -run: - dir: govuk-infrastructure-commit/repo/terraform/deployments/govuk-publishing-platform - path: sh - args: - - '-c' - - | - set -eu - terraform init -backend-config=./test.backend -backend-config "role_arn=$ASSUME_ROLE_ARN" - terraform plan \ - -var "assume_role_arn=$ASSUME_ROLE_ARN" \ - -var-file ../variables/common.tfvars \ - -var-file ../variables/test/common.tfvars \ - -var-file ../variables/test/infrastructure.tfvars \ - -lock=false \ - -refresh=false diff --git a/concourse/tasks/terraform-plan-monitoring.yml b/concourse/tasks/terraform-plan-monitoring.yml deleted file mode 100644 index f9190c89e..000000000 --- a/concourse/tasks/terraform-plan-monitoring.yml +++ /dev/null @@ -1,26 +0,0 @@ -platform: linux -image_resource: - type: docker-image - source: - repository: hashicorp/terraform - tag: 1.0.0 - username: ((docker_hub_username)) - password: ((docker_hub_authtoken)) -inputs: - - name: govuk-infrastructure-commit -params: - ASSUME_ROLE_ARN: - AWS_REGION: eu-west-1 - TF_IN_AUTOMATION: true -run: - dir: govuk-infrastructure-commit/repo/terraform/deployments/monitoring/infra - path: sh - args: - - '-c' - - | - set -eu - terraform init -backend-config=./test.backend -backend-config "role_arn=$ASSUME_ROLE_ARN" - terraform plan \ - -var "assume_role_arn=$ASSUME_ROLE_ARN" \ - -var-file ../../variables/common.tfvars \ - -var-file ../../variables/test/common.tfvars