Compare commits
13 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
b61d7bb9f3 | ||
|
98df0dd8b3 | ||
|
f57fdb2f93 | ||
|
368a45fde8 | ||
|
c733196acf | ||
|
|
1957d56ac2 | ||
|
|
eb0066e3e3 | ||
|
|
7063a9a3b8 | ||
|
|
da28f2e7be | ||
|
|
7567643a39 | ||
|
|
85abda77f0 | ||
|
|
6dc2cf234a | ||
|
|
fb150bb9b0 |
6 changed files with 25 additions and 17 deletions
2
.gitattributes
vendored
2
.gitattributes
vendored
|
|
@ -1,5 +1,5 @@
|
|||
terraform/ export-ignore
|
||||
LICENSE/ export-ignore
|
||||
LICENSE export-ignore
|
||||
README.md export-ignore
|
||||
.gitattributes export-ignore
|
||||
config.yaml export-ignore
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# Source: https://github.com/github/gitignore/blob/main/Terraform.gitignore
|
||||
# Local .terraform directories
|
||||
**/.terraform/*
|
||||
**/Docs/*
|
||||
|
||||
# .tfstate files
|
||||
*.tfstate
|
||||
|
|
|
|||
|
|
@ -36,6 +36,10 @@ CICD_RUNNER_TAGS={{ CICD_RUNNER_TAGS | join(',') }}
|
|||
{% if CICD_ROLE_NAME %}
|
||||
CICD_ROLE_NAME={{ CICD_ROLE_NAME }}
|
||||
|
||||
{% endif %}
|
||||
{% if CICD_ACCOUNT_ID %}
|
||||
CICD_ACCOUNT_ID={{ CICD_ACCOUNT_ID }}
|
||||
|
||||
{% endif %}
|
||||
########################################################################################################################
|
||||
# Docker Compose image tags to use
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ stages:
|
|||
script: |
|
||||
#!/usr/bin/env bash
|
||||
echo "Getting temporary credentials associated to assume role"
|
||||
STS_CREDS=$(aws sts assume-role --role-arn arn:aws:iam::903534291474:role/Vocalcom-CiCd-CrossAccountRole --role-session-name ${CI_COMMIT_SHA})
|
||||
STS_CREDS=$(aws sts assume-role --role-arn arn:aws:iam::{{ environ('CICD_ACCOUNT_ID') }}:role/{{ environ('CICD_ROLE_NAME') }} --role-session-name ${CI_COMMIT_SHA})
|
||||
AWS_ACCESS_KEY_ID=$(echo $STS_CREDS | jq -r '.Credentials.AccessKeyId')
|
||||
AWS_SECRET_ACCESS_KEY=$(echo $STS_CREDS | jq -r '.Credentials.SecretAccessKey')
|
||||
AWS_SESSION_TOKEN=$(echo $STS_CREDS | jq -r '.Credentials.SessionToken')
|
||||
|
|
|
|||
|
|
@ -57,7 +57,8 @@ GITLAB_JOBS:
|
|||
apply_all: True
|
||||
delete_all: True
|
||||
|
||||
CICD_ROLE_NAME: Vocalcom-CiCd-CrossAccountRole
|
||||
CICD_ROLE_NAME: XXXXXX-CiCd-CrossAccountRole
|
||||
CICD_ACCOUNT_ID: 123546789123
|
||||
|
||||
# Run Terraform apply only on main branch
|
||||
TF_APPLY_ONLY_MAIN: True
|
||||
|
|
|
|||
|
|
@ -14,13 +14,15 @@
|
|||
set -o errexit -o nounset -o pipefail
|
||||
|
||||
# Set Starterkit version
|
||||
STARTER_KIT_VERSION="v0.0.1"
|
||||
STARTER_KIT_VERSION="${1:-latest}"
|
||||
STARTER_KIT_PROJECT="${2:-Orange-OpenSource/AWSTerraformStarterKit}"
|
||||
|
||||
curl -L\
|
||||
"https://github.com/Orange-OpenSource/AWSTerraformStarterKit/archive/refs/tags/${STARTER_KIT_VERSION}.zip" \
|
||||
-o /tmp/archive.zip
|
||||
STARTER_KIT_FORMAT="tar"
|
||||
STARTER_KIT_URL="https://api.github.com/repos/${STARTER_KIT_PROJECT}"
|
||||
STARTER_KIT_LOCATION="${STARTER_KIT_URL}/${STARTER_KIT_FORMAT}ball/${STARTER_KIT_VERSION}"
|
||||
|
||||
unzip /tmp/archive.zip -d .
|
||||
cp -r AWSTerraformStarterKit-*/. .
|
||||
rm -rf AWSTerraformStarterKit-*
|
||||
rm /tmp/archive.zip
|
||||
if [ "$STARTER_KIT_VERSION" == "latest" ]; then
|
||||
STARTER_KIT_LOCATION=$(curl -s ${STARTER_KIT_URL}/releases/latest | jq -r ".${STARTER_KIT_FORMAT}ball_url")
|
||||
fi
|
||||
|
||||
curl --fail -L "${STARTER_KIT_LOCATION}" | tar -xz --strip-components 1
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue