Created
February 8, 2021 20:09
-
-
Save ITBlogger/7772734ccf1f2947327c67fc21f904ae to your computer and use it in GitHub Desktop.
Terraform Cloud Workflow Creation Using Terraform
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| terraform { | |
| required_providers { | |
| tfe = { | |
| source = "hashicorp/tfe" | |
| } | |
| } | |
| } | |
| provider "tfe" { | |
| alias = "default" | |
| } | |
| provider "tfe" { | |
| alias = "team_creds" | |
| token = var.terraform_cloud_team_creds | |
| } | |
| module "terraform_cloud_workspaces" { | |
| for_each = local.workspaces | |
| source = "./modules/terraform_cloud_workspaces" | |
| providers = { | |
| tfe.default = tfe.default | |
| tfe.team_creds = tfe.team_creds | |
| } | |
| terraform_cloud_workspace_name = each.key | |
| terraform_cloud_organization = var.terraform_cloud_organization | |
| terraform_cloud_workspace_working_directory = try(each.value.tc_workspace_working_directory, "default-projects") | |
| terraform_vcs_repo_id = var.terraform_vcs_repo_id | |
| terraform_vcs_repo_oauth_token_id = var.terraform_vcs_repo_oauth_token_id | |
| google_region = each.value.google_region | |
| google_org_id = var.google_org_id | |
| google_terraform_project = var.google_terraform_project | |
| google_billing_account_id = var.google_billing_account_id | |
| google_credentials = var.google_credentials | |
| google_project_name = each.value.google_project_name | |
| google_project_id = each.value.google_project_id | |
| slack_notification_name = "${each.key}-to-it-devops-workflows" | |
| slack_notification_url = var.slack_notification_url | |
| slack_notification_triggers = var.slack_notification_triggers | |
| is_slack_notification_enabled = var.is_slack_notification_enabled | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # All locals except for workspaces are set here. Workspaces local is set in workspaces.tf | |
| locals { | |
| tfe_variables = { | |
| google_region = { | |
| value = var.google_region | |
| category = "terraform" | |
| sensitive = false | |
| description = "Default region used by Google provider" | |
| } | |
| google_org_id = { | |
| value = var.google_org_id | |
| category = "terraform" | |
| sensitive = false | |
| description = "Strada Education Network Google Cloud Org ID" | |
| } | |
| google_terraform_project = { | |
| value = var.google_terraform_project | |
| category = "terraform" | |
| sensitive = false | |
| description = "Google Cloud Project used to manage objects in Google Cloud" | |
| } | |
| google_billing_account_id = { | |
| value = var.google_billing_account_id | |
| category = "terraform" | |
| sensitive = true | |
| description = "Google Billing Account ID used for projects to pay for objects" | |
| } | |
| GOOGLE_CREDENTIALS = { | |
| value = var.google_credentials | |
| category = "env" | |
| sensitive = true | |
| description = "Credentials used by Terraform for managing Google Cloud objects" | |
| } | |
| GOOGLE_APPLICATION_CREDENTIALS = { | |
| value = var.google_credentials | |
| category = "env" | |
| sensitive = true | |
| description = "Credentials used by Terraform for managing Google Cloud objects" | |
| } | |
| google_project_name = { | |
| value = var.google_project_name | |
| category = "terraform" | |
| sensitive = false | |
| description = "Name of Google Project to be managed by Terraform" | |
| } | |
| google_project_id = { | |
| value = var.google_project_id | |
| category = "terraform" | |
| sensitive = false | |
| description = "ID of Google Project to be managed by Terraform" | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "tfe" { | |
| alias = "default" | |
| } | |
| provider "tfe" { | |
| alias = "team_creds" | |
| } | |
| resource "tfe_workspace" "workspace" { | |
| provider = tfe.default | |
| name = var.terraform_cloud_workspace_name | |
| organization = var.terraform_cloud_organization | |
| working_directory = var.terraform_cloud_workspace_working_directory | |
| vcs_repo { | |
| identifier = var.terraform_vcs_repo_id | |
| branch = var.terraform_vcs_repo_branch | |
| oauth_token_id = var.terraform_vcs_repo_oauth_token_id | |
| } | |
| } | |
| resource "tfe_variable" "variable" { | |
| provider = tfe.default | |
| for_each = local.tfe_variables | |
| key = each.key | |
| value = each.value.value | |
| category = each.value.category | |
| sensitive = each.value.sensitive | |
| description = each.value.description | |
| workspace_id = tfe_workspace.workspace.id | |
| } | |
| resource "tfe_notification_configuration" "workspace" { | |
| provider = tfe.team_creds | |
| name = var.slack_notification_name | |
| enabled = var.is_slack_notification_enabled | |
| destination_type = "slack" | |
| triggers = var.slack_notification_triggers | |
| url = var.slack_notification_url | |
| workspace_id = tfe_workspace.workspace.id | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # --------------------------------------------------------------------------------------------------------------------- | |
| # REQUIRED PARAMETERS | |
| # You must provide a value for each of these parameters. | |
| # --------------------------------------------------------------------------------------------------------------------- | |
| variable "terraform_cloud_workspace_name" { | |
| description = "The name to use for the Terraform Cloud Workspace" | |
| type = string | |
| } | |
| variable "terraform_cloud_organization" { | |
| description = "The Terraform Cloud organization where the Terraform Cloud Workspace will live" | |
| type = string | |
| } | |
| variable "terraform_cloud_workspace_working_directory" { | |
| description = "The working directory for the Terraform Cloud Workspace, must be a path in the git repo" | |
| type = string | |
| } | |
| variable "terraform_vcs_repo_id" { | |
| description = "The identifier of the VCS repo the workspace will use in format <organization>/<repository>" | |
| type = string | |
| } | |
| variable "terraform_vcs_repo_oauth_token_id" { | |
| description = "The token ID of the VCS repo that workspace will run from" | |
| type = string | |
| } | |
| variable "google_region" { | |
| description = "Default region used by Google provider" | |
| type = string | |
| } | |
| variable "google_org_id" { | |
| description = "Strada Education Network Google Cloud Org ID" | |
| type = string | |
| } | |
| variable "google_terraform_project" { | |
| description = "Google Cloud Project used to manage objects in Google Cloud" | |
| type = string | |
| } | |
| variable "google_billing_account_id" { | |
| description = "Google Billing Account ID used for projects to pay for objects" | |
| type = string | |
| } | |
| variable "google_credentials" { | |
| description = "Credentials used by Terraform for managing Google Cloud objects" | |
| type = string | |
| } | |
| variable "google_project_name" { | |
| description = "Name of Google Cloud Project name to be created by the workspace" | |
| type = string | |
| } | |
| variable "google_project_id" { | |
| description = "ID of Google Cloud Project name to be created by the workspace (all lowercase with dashes only)" | |
| type = string | |
| } | |
| variable "slack_notification_name" { | |
| description = "Name of Slack notification" | |
| type = string | |
| } | |
| variable "slack_notification_url" { | |
| description = "URL for slack notification channel" | |
| type = string | |
| } | |
| # --------------------------------------------------------------------------------------------------------------------- | |
| # OPTIONAL PARAMETERS | |
| # The following parameters all have defaults | |
| # --------------------------------------------------------------------------------------------------------------------- | |
| variable "terraform_vcs_repo_branch" { | |
| description = "The branch of the VCS repo that workspace will run from, defaults to master" | |
| type = string | |
| default = "master" | |
| } | |
| variable "slack_notification_triggers" { | |
| description = "Triggers set for the Slack notification. Defaults to all" | |
| type = list(string) | |
| default = ["run:created", "run:planning", "run:errored", "run:needs_attention", "run:applying", "run:completed"] | |
| } | |
| variable "is_slack_notification_enabled" { | |
| description = "Boolean for whether Slack notification is enabled, must be true or false, defaults to true" | |
| type = string | |
| default = true | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # --------------------------------------------------------------------------------------------------------------------- | |
| # REQUIRED PARAMETERS | |
| # You must provide a value for each of these parameters. | |
| # --------------------------------------------------------------------------------------------------------------------- | |
| variable "terraform_cloud_organization" { | |
| description = "The Terraform Cloud organization where the Terraform Cloud Workspace will live" | |
| type = string | |
| } | |
| variable "terraform_cloud_team_creds" { | |
| description = "Credentials used by Terraform for managing team specific Terraform Cloud objects like slack notifications" | |
| type = string | |
| } | |
| variable "terraform_vcs_repo_id" { | |
| description = "The identifier of the VCS repo the workspace will use in format <organization>/<repository>" | |
| type = string | |
| } | |
| variable "terraform_vcs_repo_oauth_token_id" { | |
| description = "The token ID of the VCS repo that workspace will run from" | |
| type = string | |
| sensitive = true | |
| } | |
| variable "google_region" { | |
| description = "Default region used by Google provider" | |
| type = string | |
| } | |
| variable "google_org_id" { | |
| description = "Strada Education Network Google Cloud Org ID" | |
| type = string | |
| } | |
| variable "google_terraform_project" { | |
| description = "Google Cloud Project used to manage objects in Google Cloud" | |
| type = string | |
| } | |
| variable "google_billing_account_id" { | |
| description = "Google Billing Account ID used for projects to pay for objects" | |
| type = string | |
| sensitive = true | |
| } | |
| variable "google_credentials" { | |
| description = "Credentials used by Terraform for managing Google Cloud objects" | |
| type = string | |
| sensitive = true | |
| } | |
| variable "slack_notification_url" { | |
| description = "URL for slack notification channel" | |
| type = string | |
| sensitive = true | |
| } | |
| # --------------------------------------------------------------------------------------------------------------------- | |
| # OPTIONAL PARAMETERS | |
| # The following parameters all have defaults | |
| # --------------------------------------------------------------------------------------------------------------------- | |
| variable "terraform_vcs_repo_branch" { | |
| description = "The branch of the VCS repo that workspace will run from, defaults to master" | |
| type = string | |
| default = "master" | |
| } | |
| variable "slack_notification_triggers" { | |
| description = "Triggers set for the Slack notification. Defaults to all" | |
| type = list(string) | |
| default = ["run:created", "run:planning", "run:errored", "run:needs_attention", "run:applying", "run:completed"] | |
| } | |
| variable "is_slack_notification_enabled" { | |
| description = "Boolean for whether Slack notification is enabled, must be true or false, defaults to true" | |
| type = string | |
| default = true | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Edit the below workspaces block to add or remove workspaces to be managed in Terraform Cloud | |
| locals { | |
| workspaces = { | |
| test-workspace-1 = { | |
| google_project_name = "Test Workspace 1" | |
| google_project_id = "test-workspace-1" | |
| tc_workspace_working_directory = "test-workspace-1" | |
| google_region = "us-west1" | |
| } | |
| test-workspace-2 = { | |
| google_project_name = "Test Workspace 2" | |
| google_project_id = "test-workspace-2" | |
| google_region = var.google_region | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment