Skip to content

Commit

Permalink
Merge branch 'master' into renovate/go-and-dev-tools
Browse files Browse the repository at this point in the history
  • Loading branch information
apeabody authored Dec 15, 2023
2 parents 9d7d2ff + 62e8c23 commit 2748374
Show file tree
Hide file tree
Showing 22 changed files with 81 additions and 78 deletions.
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,6 @@ helpers/foundation-deployer/.steps.json

# File to populate env vars used by Docker test runs
.envrc

# Handle files generated on sed command by old (2013-) MacOS versions
*.tf-e
18 changes: 9 additions & 9 deletions 0-bootstrap/README-GitHub.md
Original file line number Diff line number Diff line change
Expand Up @@ -212,8 +212,8 @@ export the GitHub fine grained access token as an environment variable:
cp backend.tf.example backend.tf
cd ../../../

for i in `find -name 'backend.tf'`; do sed -i "s/UPDATE_ME/${backend_bucket}/" $i; done
for i in `find -name 'backend.tf'`; do sed -i "s/UPDATE_PROJECTS_BACKEND/${backend_bucket}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_ME/${backend_bucket}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_PROJECTS_BACKEND/${backend_bucket}/" $i; done

cd gcp-bootstrap/envs/shared
```
Expand Down Expand Up @@ -307,7 +307,7 @@ See the shared folder [README.md](../1-org/envs/shared/README.md#inputs) for add

echo "access_context_manager_policy_id = ${ACCESS_CONTEXT_MANAGER_ID}"

if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i'' -e "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
```

1. Update the `remote_state_bucket` variable with the backend bucket from step Bootstrap.
Expand All @@ -317,7 +317,7 @@ See the shared folder [README.md](../1-org/envs/shared/README.md#inputs) for add
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars
```

1. Check if a Security Command Center Notification with the default name, **scc-notify**, already exists in your organization.
Expand Down Expand Up @@ -427,7 +427,7 @@ See any of the envs folder [README.md](../2-environments/envs/production/README.
export backend_bucket=$(terraform -chdir="../gcp-bootstrap/envs/shared" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" terraform.tfvars
```

1. Commit changes.
Expand Down Expand Up @@ -536,7 +536,7 @@ or go to [Deploying step 3-networks-hub-and-spoke](#deploying-step-3-networks-hu
echo "access_context_manager_policy_id = ${ACCESS_CONTEXT_MANAGER_ID}"
sed -i "s/ACCESS_CONTEXT_MANAGER_ID/${ACCESS_CONTEXT_MANAGER_ID}/" ./access_context.auto.tfvars
sed -i'' -e "s/ACCESS_CONTEXT_MANAGER_ID/${ACCESS_CONTEXT_MANAGER_ID}/" ./access_context.auto.tfvars
```
1. Update `common.auto.tfvars` file with values from your GCP environment.
Expand All @@ -549,7 +549,7 @@ See any of the envs folder [README.md](../3-networks-dual-svpc/envs/production/R
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
```
1. Commit changes
Expand Down Expand Up @@ -699,7 +699,7 @@ See any of the envs folder [README.md](../3-networks-hub-and-spoke/envs/producti
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
```
1. Commit changes
Expand Down Expand Up @@ -852,7 +852,7 @@ An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set with th
export remote_state_bucket=$(terraform -chdir="../gcp-bootstrap/envs/shared/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${remote_state_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${remote_state_bucket}/" ./common.auto.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${remote_state_bucket}/" ./common.auto.tfvars
```
1. Commit changes.
Expand Down
54 changes: 27 additions & 27 deletions 0-bootstrap/README-Jenkins.md
Original file line number Diff line number Diff line change
Expand Up @@ -227,7 +227,7 @@ You arrived to these instructions because you are using the `jenkins_bootstrap`

```bash
mv backend.tf.example backend.tf
for i in `find -name 'backend.tf'`; do sed -i "s/UPDATE_ME/${backend_bucket}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_ME/${backend_bucket}/" $i; done
```

1. Re-run `terraform init` and agree to copy state to gcs when prompted
Expand Down Expand Up @@ -333,15 +333,15 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
```bash
BACKEND_STATE_BUCKET_NAME=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "_STATE_BUCKET_NAME = ${BACKEND_STATE_BUCKET_NAME}"
sed -i "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile
sed -i'' -e "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile

TERRAFORM_SA_EMAIL=$(terraform -chdir="../0-bootstrap/" output -raw organization_step_terraform_service_account_email)
echo "_TF_SA_EMAIL = ${TERRAFORM_SA_EMAIL}"
sed -i "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile
sed -i'' -e "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile

CICD_PROJECT_ID=$(terraform -chdir="../0-bootstrap/" output -raw cicd_project_id)
echo "_PROJECT_ID = ${CICD_PROJECT_ID}"
sed -i "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
sed -i'' -e "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
```

1. Rename `./envs/shared/terraform.example.tfvars` to `./envs/shared/terraform.tfvars`
Expand Down Expand Up @@ -370,9 +370,9 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
export backend_bucket=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"

sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars

if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i'' -e "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
```

1. Commit changes.
Expand Down Expand Up @@ -439,15 +439,15 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
```bash
BACKEND_STATE_BUCKET_NAME=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "_STATE_BUCKET_NAME = ${BACKEND_STATE_BUCKET_NAME}"
sed -i "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile
sed -i'' -e "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile

TERRAFORM_SA_EMAIL=$(terraform -chdir="../0-bootstrap/" output -raw environment_step_terraform_service_account_email)
echo "_TF_SA_EMAIL = ${TERRAFORM_SA_EMAIL}"
sed -i "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile
sed -i'' -e "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile

CICD_PROJECT_ID=$(terraform -chdir="../0-bootstrap/" output -raw cicd_project_id)
echo "_PROJECT_ID = ${CICD_PROJECT_ID}"
sed -i "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
sed -i'' -e "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
```

1. Rename `terraform.example.tfvars` to `terraform.tfvars` and update the file with values from your environment and 0-bootstrap.
Expand All @@ -461,7 +461,7 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
```bash
export backend_bucket=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./terraform.tfvars
```

1. Commit changes.
Expand Down Expand Up @@ -545,15 +545,15 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
```bash
BACKEND_STATE_BUCKET_NAME=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "_STATE_BUCKET_NAME = ${BACKEND_STATE_BUCKET_NAME}"
sed -i "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile
sed -i'' -e "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile

TERRAFORM_SA_EMAIL=$(terraform -chdir="../0-bootstrap/" output -raw networks_step_terraform_service_account_email)
echo "_TF_SA_EMAIL = ${TERRAFORM_SA_EMAIL}"
sed -i "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile
sed -i'' -e "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile

CICD_PROJECT_ID=$(terraform -chdir="../0-bootstrap/" output -raw cicd_project_id)
echo "_PROJECT_ID = ${CICD_PROJECT_ID}"
sed -i "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
sed -i'' -e "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
```

1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
Expand All @@ -573,11 +573,11 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
export ORGANIZATION_ID=$(terraform -chdir="../0-bootstrap/" output -json common_config | jq '.org_id' --raw-output)
export ACCESS_CONTEXT_MANAGER_ID=$(gcloud access-context-manager policies list --organization ${ORGANIZATION_ID} --format="value(name)")
echo "access_context_manager_policy_id = ${ACCESS_CONTEXT_MANAGER_ID}"
sed -i "s/ACCESS_CONTEXT_MANAGER_ID/${ACCESS_CONTEXT_MANAGER_ID}/" ./access_context.auto.tfvars
sed -i'' -e "s/ACCESS_CONTEXT_MANAGER_ID/${ACCESS_CONTEXT_MANAGER_ID}/" ./access_context.auto.tfvars

export backend_bucket=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
```

1. Commit changes.
Expand All @@ -592,7 +592,7 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
1. Also update `backend.tf` with your backend bucket from 0-bootstrap output.

```bash
for i in `find -name 'backend.tf'`; do sed -i "s/UPDATE_ME/${backend_bucket}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_ME/${backend_bucket}/" $i; done
```

1. Use `terraform output` to get the Cloud Build project ID and the networks step Terraform Service Account from 0-bootstrap output. An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set using the Terraform Service Account to enable impersonation.
Expand Down Expand Up @@ -698,15 +698,15 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
```bash
BACKEND_STATE_BUCKET_NAME=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "_STATE_BUCKET_NAME = ${BACKEND_STATE_BUCKET_NAME}"
sed -i "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile
sed -i'' -e "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile

TERRAFORM_SA_EMAIL=$(terraform -chdir="../0-bootstrap/" output -raw networks_step_terraform_service_account_email)
echo "_TF_SA_EMAIL = ${TERRAFORM_SA_EMAIL}"
sed -i "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile
sed -i'' -e "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile

CICD_PROJECT_ID=$(terraform -chdir="../0-bootstrap/" output -raw cicd_project_id)
echo "_PROJECT_ID = ${CICD_PROJECT_ID}"
sed -i "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
sed -i'' -e "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
```

1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
Expand All @@ -726,11 +726,11 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
export ORGANIZATION_ID=$(terraform -chdir="../0-bootstrap/" output -json common_config | jq '.org_id' --raw-output)
export ACCESS_CONTEXT_MANAGER_ID=$(gcloud access-context-manager policies list --organization ${ORGANIZATION_ID} --format="value(name)")
echo "access_context_manager_policy_id = ${ACCESS_CONTEXT_MANAGER_ID}"
sed -i "s/ACCESS_CONTEXT_MANAGER_ID/${ACCESS_CONTEXT_MANAGER_ID}/" ./access_context.auto.tfvars
sed -i'' -e "s/ACCESS_CONTEXT_MANAGER_ID/${ACCESS_CONTEXT_MANAGER_ID}/" ./access_context.auto.tfvars

export backend_bucket=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
```

1. Commit changes.
Expand All @@ -745,7 +745,7 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
1. Also update `backend.tf` with your backend bucket from 0-bootstrap output.

```bash
for i in `find -name 'backend.tf'`; do sed -i "s/UPDATE_ME/${backend_bucket}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_ME/${backend_bucket}/" $i; done
```

1. Use `terraform output` to get the Cloud Build project ID and the networks step Terraform Service Account from 0-bootstrap output. An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set using the Terraform Service Account to enable impersonation.
Expand Down Expand Up @@ -851,15 +851,15 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
```bash
BACKEND_STATE_BUCKET_NAME=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "_STATE_BUCKET_NAME = ${BACKEND_STATE_BUCKET_NAME}"
sed -i "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile
sed -i'' -e "s/BACKEND_STATE_BUCKET_NAME/${BACKEND_STATE_BUCKET_NAME}/" ./Jenkinsfile

TERRAFORM_SA_EMAIL=$(terraform -chdir="../0-bootstrap/" output -raw projects_step_terraform_service_account_email)
echo "_TF_SA_EMAIL = ${TERRAFORM_SA_EMAIL}"
sed -i "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile
sed -i'' -e "s/TERRAFORM_SA_EMAIL/${TERRAFORM_SA_EMAIL}/" ./Jenkinsfile

CICD_PROJECT_ID=$(terraform -chdir="../0-bootstrap/" output -raw cicd_project_id)
echo "_PROJECT_ID = ${CICD_PROJECT_ID}"
sed -i "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
sed -i'' -e "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
```

1. Rename `auto.example.tfvars` files to `auto.tfvars`.
Expand All @@ -879,7 +879,7 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
```bash
export backend_bucket=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"
sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars
```

1. Commit changes.
Expand All @@ -892,7 +892,7 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
1. Also update `backend.tf` with your backend bucket from 0-bootstrap output.

```bash
for i in `find -name 'backend.tf'`; do sed -r -i "s/UPDATE_ME|UPDATE_PROJECTS_BACKEND/${backend_bucket}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -r -i "s/UPDATE_ME|UPDATE_PROJECTS_BACKEND/${backend_bucket}/" $i; done
```

1. You need to manually plan and apply only once the `shared` environments since `development`, `non-production`, and `production` depend on it.
Expand Down
4 changes: 2 additions & 2 deletions 0-bootstrap/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -208,8 +208,8 @@ Using GitHub Actions requires manual creation of the GitHub repositories used in
cp backend.tf.example backend.tf
cd ..

for i in `find -name 'backend.tf'`; do sed -i "s/UPDATE_ME/${backend_bucket}/" $i; done
for i in `find -name 'backend.tf'`; do sed -i "s/UPDATE_PROJECTS_BACKEND/${backend_bucket_projects}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_ME/${backend_bucket}/" $i; done
for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_PROJECTS_BACKEND/${backend_bucket_projects}/" $i; done

cd 0-bootstrap
```
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ echo "**** Startup Step 8/8: Add public SSH key to the list of authorized keys.
SSHD_CONFIG_DIR="/etc/ssh"

# Setting up the sshd_config file
sed -i $SSHD_CONFIG_DIR/sshd_config \
sed -i'' -e $SSHD_CONFIG_DIR/sshd_config \
-e 's/#PubkeyAuthentication.*/PubkeyAuthentication yes/' \
-e 's/#AuthorizedKeysFile.*/AuthorizedKeysFile \/etc\/ssh\/authorized_keys/'

Expand Down
8 changes: 4 additions & 4 deletions 1-org/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -166,9 +166,9 @@ If required, run `terraform output cloudbuild_project_id` in the `0-bootstrap` f
export backend_bucket=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"

sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars

if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i'' -e "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
```

1. Commit changes.
Expand Down Expand Up @@ -248,9 +248,9 @@ Change into the `1-org` folder, copy the Terraform wrapper script, and ensure it
export backend_bucket=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"

sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars

if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
if [ ! -z "${ACCESS_CONTEXT_MANAGER_ID}" ]; then sed -i'' -e "s=//create_access_context_manager_access_policy=create_access_context_manager_access_policy=" ./envs/shared/terraform.tfvars; fi
```

You can now deploy your environment (production) using this script.
Expand Down
4 changes: 2 additions & 2 deletions 2-environments/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get
export backend_bucket=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"

sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" terraform.tfvars
```

1. Commit changes.
Expand Down Expand Up @@ -203,7 +203,7 @@ See `0-bootstrap` [README-GitHub.md](../0-bootstrap/README-GitHub.md#deploying-s
export backend_bucket=$(terraform -chdir="../0-bootstrap/" output -raw gcs_bucket_tfstate)
echo "remote_state_bucket = ${backend_bucket}"

sed -i "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./terraform.tfvars
sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./terraform.tfvars
```

We will now deploy each of our environments(development/production/non-production) using this script.
Expand Down
Loading

0 comments on commit 2748374

Please sign in to comment.