From d6ced24039135f8b09d8b0093b032cb851a15aec Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sat, 30 Mar 2024 10:57:28 -0400 Subject: [PATCH] Alignment across repositories (#23) --- .coderabbit.yaml | 13 -- .github/workflows/non-production.yml | 16 +- .github/workflows/production.yml | 16 +- .github/workflows/sandbox.yml | 16 +- .pre-commit-config.yaml | 16 +- README.md | 4 +- global/{infra => }/.terraform.lock.hcl | 0 global/{infra => }/README.md | 2 +- global/backend.tf | 1 + global/infra/backend.tf | 1 - global/infra/infracost/non-production.yml | 15 -- global/infra/infracost/production.yml | 59 -------- global/infra/infracost/sandbox.yml | 15 -- global/infra/tfvars/sandbox.tfvars | 2 - global/locals.tf | 12 ++ global/{infra => }/main.tf | 23 +-- global/{infra => }/outputs.tf | 0 .../{infra => }/tfvars/non-production.tfvars | 0 global/{infra => }/tfvars/production.tfvars | 0 global/tfvars/sandbox.tfvars | 4 + global/{infra => }/variables.tf | 0 infracost.yml | 41 ------ infracost.yml.tmpl | 22 --- regional/{infra => }/.terraform.lock.hcl | 0 regional/{infra => }/README.md | 2 +- regional/backend.tf | 1 + regional/infra/backend.tf | 1 - .../infracost/us-east1-non-production.yml | 7 - .../infra/infracost/us-east1-production.yml | 139 ------------------ regional/infra/infracost/us-east1-sandbox.yml | 139 ------------------ .../infracost/us-east4-non-production.yml | 7 - .../infra/infracost/us-east4-production.yml | 7 - regional/infra/infracost/us-east4-sandbox.yml | 7 - regional/infra/locals.tf | 6 - regional/locals.tf | 14 ++ regional/{infra => }/main.tf | 3 + .../tfvars/us-east1-non-production.tfvars | 0 .../tfvars/us-east1-production.tfvars | 0 .../tfvars/us-east1-sandbox.tfvars | 0 regional/{infra => }/variables.tf | 0 40 files changed, 69 insertions(+), 542 deletions(-) delete mode 100644 .coderabbit.yaml rename global/{infra => }/.terraform.lock.hcl (100%) rename global/{infra => }/README.md (99%) create mode 120000 global/backend.tf delete mode 120000 global/infra/backend.tf delete mode 100644 global/infra/infracost/non-production.yml delete mode 100644 global/infra/infracost/production.yml delete mode 100644 global/infra/infracost/sandbox.yml delete mode 100644 global/infra/tfvars/sandbox.tfvars create mode 100644 global/locals.tf rename global/{infra => }/main.tf (81%) rename global/{infra => }/outputs.tf (100%) rename global/{infra => }/tfvars/non-production.tfvars (100%) rename global/{infra => }/tfvars/production.tfvars (100%) create mode 100644 global/tfvars/sandbox.tfvars rename global/{infra => }/variables.tf (100%) delete mode 100644 infracost.yml delete mode 100644 infracost.yml.tmpl rename regional/{infra => }/.terraform.lock.hcl (100%) rename regional/{infra => }/README.md (99%) create mode 120000 regional/backend.tf delete mode 120000 regional/infra/backend.tf delete mode 100644 regional/infra/infracost/us-east1-non-production.yml delete mode 100644 regional/infra/infracost/us-east1-production.yml delete mode 100644 regional/infra/infracost/us-east1-sandbox.yml delete mode 100644 regional/infra/infracost/us-east4-non-production.yml delete mode 100644 regional/infra/infracost/us-east4-production.yml delete mode 100644 regional/infra/infracost/us-east4-sandbox.yml delete mode 100755 regional/infra/locals.tf create mode 100755 regional/locals.tf rename regional/{infra => }/main.tf (97%) rename regional/{infra => }/tfvars/us-east1-non-production.tfvars (100%) rename regional/{infra => }/tfvars/us-east1-production.tfvars (100%) rename regional/{infra => }/tfvars/us-east1-sandbox.tfvars (100%) rename regional/{infra => }/variables.tf (100%) diff --git a/.coderabbit.yaml b/.coderabbit.yaml deleted file mode 100644 index 4fdb225..0000000 --- a/.coderabbit.yaml +++ /dev/null @@ -1,13 +0,0 @@ -# CodeRabbit Configuration File -# https://coderabbit.ai/docs/get-started/customize-coderabbit - -# yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json - -early_access: true -reviews: - request_changes_workflow: true - auto_review: - enabled: true - poem: false -chat: - auto_reply: true diff --git a/.github/workflows/non-production.yml b/.github/workflows/non-production.yml index f32d875..9145f28 100644 --- a/.github/workflows/non-production.yml +++ b/.github/workflows/non-production.yml @@ -15,20 +15,20 @@ permissions: id-token: write jobs: - global_infra: + global: name: "Global" uses: osinfra-io/github-terraform-called-workflows/.github/workflows/plan-and-apply.yml@v0.2.1 if: github.actor != 'osinfra-sa' with: checkout_ref: ${{ github.ref }} environment: non-production - github_environment: "Non-Production Infrastructure: Global" + github_environment: "Non-Production: Global" service_account: plt-lz-services-github@ptl-lz-terraform-tf05-nonprod.iam.gserviceaccount.com terraform_plan_args: -var-file=tfvars/non-production.tfvars terraform_state_bucket: plt-lz-services-3bfe-nonprod terraform_version: ${{ vars.TERRAFORM_VERSION }} terraform_workspace: global-non-production - working_directory: global/infra + working_directory: global workload_identity_provider: projects/992372365053/locations/global/workloadIdentityPools/github-actions/providers/github-actions-oidc secrets: gpg_passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -38,21 +38,21 @@ jobs: -var=datadog_api_key=${{ secrets.DATADOG_API_KEY }} -var=datadog_app_key=${{ secrets.DATADOG_APP_KEY }} - us_east1_infra: - name: "Infra: us-east1" + us_east1: + name: "Regional: us-east1" uses: osinfra-io/github-terraform-called-workflows/.github/workflows/plan-and-apply.yml@v0.2.1 if: github.actor != 'dependabot[bot]' - needs: global_infra + needs: global with: checkout_ref: ${{ github.ref }} environment: us-east1-non-production - github_environment: "Non-Production Infrastructure: Regional - us-east1" + github_environment: "Non-Production: Regional - us-east1" service_account: plt-lz-services-github@ptl-lz-terraform-tf05-nonprod.iam.gserviceaccount.com terraform_plan_args: -var-file=tfvars/us-east1-non-production.tfvars terraform_state_bucket: plt-lz-services-3bfe-nonprod terraform_version: ${{ vars.TERRAFORM_VERSION }} terraform_workspace: us-east1-non-production - working_directory: regional/infra + working_directory: regional workload_identity_provider: projects/992372365053/locations/global/workloadIdentityPools/github-actions/providers/github-actions-oidc secrets: gpg_passphrase: ${{ secrets.GPG_PASSPHRASE }} diff --git a/.github/workflows/production.yml b/.github/workflows/production.yml index d34dc31..343e32a 100644 --- a/.github/workflows/production.yml +++ b/.github/workflows/production.yml @@ -15,20 +15,20 @@ permissions: id-token: write jobs: - global_infra: + global: name: "Global" uses: osinfra-io/github-terraform-called-workflows/.github/workflows/plan-and-apply.yml@v0.2.1 if: github.event.workflow_run.conclusion == 'success' with: checkout_ref: ${{ github.ref }} environment: production - github_environment: "Production Infrastructure: Global" + github_environment: "Production: Global" service_account: plt-lz-services-github@ptl-lz-terraform-tf62-prod.iam.gserviceaccount.com terraform_plan_args: -var-file=tfvars/production.tfvars terraform_state_bucket: plt-lz-services-e194-prod terraform_version: ${{ vars.TERRAFORM_VERSION }} terraform_workspace: global-production - working_directory: global/infra + working_directory: global workload_identity_provider: projects/134040294660/locations/global/workloadIdentityPools/github-actions/providers/github-actions-oidc secrets: gpg_passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -38,21 +38,21 @@ jobs: -var=datadog_api_key=${{ secrets.DATADOG_API_KEY }} -var=datadog_app_key=${{ secrets.DATADOG_APP_KEY }} - us_east1_infra: - name: "Infra: us-east1" + us_east1: + name: "Regional: us-east1" uses: osinfra-io/github-terraform-called-workflows/.github/workflows/plan-and-apply.yml@v0.2.1 if: github.actor != 'dependabot[bot]' - needs: global_infra + needs: global with: checkout_ref: ${{ github.ref }} environment: us-east1-production - github_environment: "Production Infrastructure: Regional - us-east1" + github_environment: "Production: Regional - us-east1" service_account: plt-lz-services-github@ptl-lz-terraform-tf62-prod.iam.gserviceaccount.com terraform_plan_args: -var-file=tfvars/us-east1-production.tfvars terraform_state_bucket: plt-lz-services-e194-prod terraform_version: ${{ vars.TERRAFORM_VERSION }} terraform_workspace: us-east1-production - working_directory: regional/infra + working_directory: regional workload_identity_provider: projects/134040294660/locations/global/workloadIdentityPools/github-actions/providers/github-actions-oidc secrets: gpg_passphrase: ${{ secrets.GPG_PASSPHRASE }} diff --git a/.github/workflows/sandbox.yml b/.github/workflows/sandbox.yml index ad2ecca..4e2664b 100644 --- a/.github/workflows/sandbox.yml +++ b/.github/workflows/sandbox.yml @@ -16,20 +16,20 @@ permissions: id-token: write jobs: - global_infra: + global: name: "Global" uses: osinfra-io/github-terraform-called-workflows/.github/workflows/plan-and-apply.yml@v0.2.1 if: github.actor != 'dependabot[bot]' with: checkout_ref: ${{ github.ref }} environment: sandbox - github_environment: "Sandbox Infrastructure: Global" + github_environment: "Sandbox: Global" service_account: plt-lz-services-github@ptl-lz-terraform-tf91-sb.iam.gserviceaccount.com terraform_plan_args: -var-file=tfvars/sandbox.tfvars terraform_state_bucket: plt-lz-services-2c8b-sb terraform_version: ${{ vars.TERRAFORM_VERSION }} terraform_workspace: global-sandbox - working_directory: global/infra + working_directory: global workload_identity_provider: projects/746490462722/locations/global/workloadIdentityPools/github-actions/providers/github-actions-oidc secrets: gpg_passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -39,21 +39,21 @@ jobs: -var=datadog_api_key=${{ secrets.DATADOG_API_KEY }} -var=datadog_app_key=${{ secrets.DATADOG_APP_KEY }} - us_east1_infra: - name: "Infra: us-east1" + us_east1: + name: "Regional: us-east1" uses: osinfra-io/github-terraform-called-workflows/.github/workflows/plan-and-apply.yml@v0.2.1 if: github.actor != 'dependabot[bot]' - needs: global_infra + needs: global with: checkout_ref: ${{ github.ref }} environment: us-east1-sandbox - github_environment: "Sandbox Infrastructure: Regional - us-east1" + github_environment: "Sandbox: Regional - us-east1" service_account: plt-lz-services-github@ptl-lz-terraform-tf91-sb.iam.gserviceaccount.com terraform_plan_args: -var-file=tfvars/us-east1-sandbox.tfvars terraform_state_bucket: plt-lz-services-2c8b-sb terraform_version: ${{ vars.TERRAFORM_VERSION }} terraform_workspace: us-east1-sandbox - working_directory: regional/infra + working_directory: regional workload_identity_provider: projects/746490462722/locations/global/workloadIdentityPools/github-actions/providers/github-actions-oidc secrets: gpg_passphrase: ${{ secrets.GPG_PASSPHRASE }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 34610b0..73071a4 100755 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -10,17 +10,8 @@ repos: - id: trailing-whitespace - id: check-symlinks - - repo: local - hooks: - - id: infracost_generate_config - name: Infracost generate config - entry: bash -c 'infracost generate config --repo-path=. --template-path=infracost.yml.tmpl --out-file=infracost.yml' - language: system - files: ^infracost\.yml\.tmpl$ - verbose: false - - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.88.0 + rev: v1.88.4 hooks: - id: terraform_fmt @@ -37,8 +28,3 @@ repos: - --hook-config=--path-to-file=README.md - --hook-config=--add-to-exiting-file=true - --hook-config=--create-file-if-not-exist=false - - - id: infracost_breakdown - args: - - --args=--config-file=infracost.yml - - --args=--sync-usage-file diff --git a/README.md b/README.md index df84a9f..6b30303 100755 --- a/README.md +++ b/README.md @@ -6,7 +6,9 @@ **[Infracost](https://www.infracost.io):** -[![infracost](https://img.shields.io/endpoint?url=https://dashboard.api.infracost.io/shields/json/cbeecfe3-576f-4553-984c-e451a575ee47/repos/cdfd3281-bb1c-425b-aad0-1a80a1512502/branch/62383c83-9bf4-4fa9-8b48-7b96987f6fc1)](https://dashboard.infracost.io/org/osinfra-io/repos/cdfd3281-bb1c-425b-aad0-1a80a1512502?tab=settings) +[![infracost](https://img.shields.io/endpoint?url=https://dashboard.api.infracost.io/shields/json/cbeecfe3-576f-4553-984c-e451a575ee47/repos/a97cbc40-a50a-4371-9365-a89a1e4bb09a/branch/c27aeced-0f9b-4942-b28e-b03f70d107d6)](https://dashboard.infracost.io/org/osinfra-io/repos/a97cbc40-a50a-4371-9365-a89a1e4bb09a?tab=settings) + +💵 Monthly estimates based on Infracost baseline costs. ## Repository Description diff --git a/global/infra/.terraform.lock.hcl b/global/.terraform.lock.hcl similarity index 100% rename from global/infra/.terraform.lock.hcl rename to global/.terraform.lock.hcl diff --git a/global/infra/README.md b/global/README.md similarity index 99% rename from global/infra/README.md rename to global/README.md index c7fdf00..6e0ee78 100644 --- a/global/infra/README.md +++ b/global/README.md @@ -13,7 +13,7 @@ No providers. | Name | Source | Version | |------|--------|---------| -| [datadog](#module\_datadog) | github.com/osinfra-io/terraform-datadog-google-integration//global | v0.1.3 | +| [datadog](#module\_datadog) | github.com/osinfra-io/terraform-datadog-google-integration//global | v0.1.4 | | [project](#module\_project) | github.com/osinfra-io/terraform-google-project//global | v0.1.9 | ## Resources diff --git a/global/backend.tf b/global/backend.tf new file mode 120000 index 0000000..441bbf6 --- /dev/null +++ b/global/backend.tf @@ -0,0 +1 @@ +../shared/backend.tf \ No newline at end of file diff --git a/global/infra/backend.tf b/global/infra/backend.tf deleted file mode 120000 index f3c74de..0000000 --- a/global/infra/backend.tf +++ /dev/null @@ -1 +0,0 @@ -../../shared/backend.tf \ No newline at end of file diff --git a/global/infra/infracost/non-production.yml b/global/infra/infracost/non-production.yml deleted file mode 100644 index 1ecf15d..0000000 --- a/global/infra/infracost/non-production.yml +++ /dev/null @@ -1,15 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -resource_type_default_usage: - google_logging_project_sink: - monthly_logging_data_gb: 15.0 # Monthly logging data in GB. -# resource_usage: - ## - ## The following usage values apply to individual resources and override any value defined in the resource_type_default_usage section. - ## All values are commented-out, you can uncomment resources and customize as needed. - ## - # module.project.google_logging_project_sink.cis_2_2_logging_sink: - # monthly_logging_data_gb: 0.0 # Monthly logging data in GB. diff --git a/global/infra/infracost/production.yml b/global/infra/infracost/production.yml deleted file mode 100644 index 476a0fe..0000000 --- a/global/infra/infracost/production.yml +++ /dev/null @@ -1,59 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -resource_type_default_usage: - google_logging_project_sink: - monthly_logging_data_gb: 10.0 # Monthly logging data in GB. - ## - ## The following usage values apply to each resource of the given type, which is useful when you want to define defaults. - ## All values are commented-out, you can uncomment resource types and customize as needed. - ## - # google_bigquery_dataset: - # monthly_queries_tb: 0.0 # Monthly number of bytes processed (also referred to as bytes read) in TB. - # google_pubsub_subscription: - # monthly_message_data_tb: 0.0 # Monthly amount of message data pulled by the subscription in TB. - # storage_gb: 0.0 # Storage for retaining acknowledged messages in GB. - # snapshot_storage_gb: 0.0 # Snapshot storage for unacknowledged messages in GB. - # google_pubsub_topic: - # monthly_message_data_tb: 0.0 # Monthly amount of message data published to the topic in TB. - # google_storage_bucket: - # storage_gb: 0.0 # Total size of bucket in GB. - # monthly_class_a_operations: 0 # Monthly number of class A operations (object adds, bucket/object list). - # monthly_class_b_operations: 0 # Monthly number of class B operations (object gets, retrieve bucket/object metadata). - # monthly_data_retrieval_gb: 0.0 # Monthly amount of data retrieved in GB. - # monthly_egress_data_transfer_gb: - # same_continent: 0.0 # Same continent. - # worldwide: 0.0 # Worldwide excluding Asia, Australia. - # asia: 0.0 # Asia excluding China, but including Hong Kong. - # china: 0.0 # China excluding Hong Kong. - # australia: 0.0 # Australia. -# resource_usage: - ## - ## The following usage values apply to individual resources and override any value defined in the resource_type_default_usage section. - ## All values are commented-out, you can uncomment resources and customize as needed. - ## - # module.datadog[0].google_bigquery_dataset.billing_export[0]: - # monthly_queries_tb: 0.0 # Monthly number of bytes processed (also referred to as bytes read) in TB. - # module.datadog[0].google_storage_bucket.cloud_cost_management[0]: - # storage_gb: 0.0 # Total size of bucket in GB. - # monthly_class_a_operations: 0 # Monthly number of class A operations (object adds, bucket/object list). - # monthly_class_b_operations: 0 # Monthly number of class B operations (object gets, retrieve bucket/object metadata). - # monthly_data_retrieval_gb: 0.0 # Monthly amount of data retrieved in GB. - # monthly_egress_data_transfer_gb: - # same_continent: 0.0 # Same continent. - # worldwide: 0.0 # Worldwide excluding Asia, Australia. - # asia: 0.0 # Asia excluding China, but including Hong Kong. - # china: 0.0 # China excluding Hong Kong. - # australia: 0.0 # Australia. - # module.datadog[0].google_logging_project_sink.this: - # monthly_logging_data_gb: 0.0 # Monthly logging data in GB. - # module.datadog[0].google_pubsub_subscription.this: - # monthly_message_data_tb: 0.0 # Monthly amount of message data pulled by the subscription in TB. - # storage_gb: 0.0 # Storage for retaining acknowledged messages in GB. - # snapshot_storage_gb: 0.0 # Snapshot storage for unacknowledged messages in GB. - # module.datadog[0].google_pubsub_topic.this: - # monthly_message_data_tb: 0.0 # Monthly amount of message data published to the topic in TB. - # module.project.google_logging_project_sink.cis_2_2_logging_sink: - # monthly_logging_data_gb: 0.0 # Monthly logging data in GB. diff --git a/global/infra/infracost/sandbox.yml b/global/infra/infracost/sandbox.yml deleted file mode 100644 index b5c00cf..0000000 --- a/global/infra/infracost/sandbox.yml +++ /dev/null @@ -1,15 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -resource_type_default_usage: - google_logging_project_sink: - monthly_logging_data_gb: 5.0 # Monthly logging data in GB. -# resource_usage: - ## - ## The following usage values apply to individual resources and override any value defined in the resource_type_default_usage section. - ## All values are commented-out, you can uncomment resources and customize as needed. - ## - # module.project.google_logging_project_sink.cis_2_2_logging_sink: - # monthly_logging_data_gb: 0.0 # Monthly logging data in GB. diff --git a/global/infra/tfvars/sandbox.tfvars b/global/infra/tfvars/sandbox.tfvars deleted file mode 100644 index 8244352..0000000 --- a/global/infra/tfvars/sandbox.tfvars +++ /dev/null @@ -1,2 +0,0 @@ -cis_2_2_logging_sink_project_id = "plt-lz-audit01-tf92-sb" -folder_id = "44679921766" diff --git a/global/locals.tf b/global/locals.tf new file mode 100644 index 0000000..66ba8ca --- /dev/null +++ b/global/locals.tf @@ -0,0 +1,12 @@ +# Local Values +# https://www.terraform.io/docs/language/values/locals.html + +locals { + labels = { + cost-center = "x001" + env = var.environment + repository = "google-cloud-services" + platform = "google-cloud-landing-zone" + team = "platform-google-cloud-landing-zone" + } +} diff --git a/global/infra/main.tf b/global/main.tf similarity index 81% rename from global/infra/main.tf rename to global/main.tf index 5963abd..47b84e3 100644 --- a/global/infra/main.tf +++ b/global/main.tf @@ -37,16 +37,8 @@ module "datadog" { cost_center = "x001" enable_cloud_cost_management = var.enable_datadog_cloud_cost_management is_cspm_enabled = true - - - labels = { - env = var.environment - repository = "google-cloud-services" - platform = "google-cloud-landing-zone" - team = "platform-google-cloud-landing-zone" - } - - project = module.project.project_id + labels = local.labels + project = module.project.project_id } # Google Project Module (osinfra.io) @@ -61,15 +53,8 @@ module "project" { description = "services" environment = var.environment folder_id = var.folder_id - - labels = { - env = var.environment - repository = "google-cloud-services" - platform = "google-cloud-landing-zone" - team = "platform-google-cloud-landing-zone" - } - - prefix = "plt-lz" + labels = local.labels + prefix = "plt-lz" services = [ "artifactregistry.googleapis.com", diff --git a/global/infra/outputs.tf b/global/outputs.tf similarity index 100% rename from global/infra/outputs.tf rename to global/outputs.tf diff --git a/global/infra/tfvars/non-production.tfvars b/global/tfvars/non-production.tfvars similarity index 100% rename from global/infra/tfvars/non-production.tfvars rename to global/tfvars/non-production.tfvars diff --git a/global/infra/tfvars/production.tfvars b/global/tfvars/production.tfvars similarity index 100% rename from global/infra/tfvars/production.tfvars rename to global/tfvars/production.tfvars diff --git a/global/tfvars/sandbox.tfvars b/global/tfvars/sandbox.tfvars new file mode 100644 index 0000000..ceaba44 --- /dev/null +++ b/global/tfvars/sandbox.tfvars @@ -0,0 +1,4 @@ +cis_2_2_logging_sink_project_id = "plt-lz-audit01-tf92-sb" +enable_datadog = true +enable_datadog_cloud_cost_management = false +folder_id = "44679921766" diff --git a/global/infra/variables.tf b/global/variables.tf similarity index 100% rename from global/infra/variables.tf rename to global/variables.tf diff --git a/infracost.yml b/infracost.yml deleted file mode 100644 index 907ea57..0000000 --- a/infracost.yml +++ /dev/null @@ -1,41 +0,0 @@ - -# Infracost Configuration -# https://www.infracost.io/docs/config_file - -# Do not edit the infracost.yml file directly, it is generated by the infracost.yml.tmpl file. -# Edit the infracost.yml.tmpl file and run the following command from the root of the repository to generate the infracost.yml file: - -# infracost generate config --repo-path=. --template-path=infracost.yml.tmpl --out-file=infracost.yml - -version: 0.1 -projects: - - path: global/infra - name: "global/infra: non-production" - usage_file: global/infra/infracost/non-production.yml - terraform_var_files: - - tfvars/non-production.tfvars - - path: global/infra - name: "global/infra: production" - usage_file: global/infra/infracost/production.yml - terraform_var_files: - - tfvars/production.tfvars - - path: global/infra - name: "global/infra: sandbox" - usage_file: global/infra/infracost/sandbox.yml - terraform_var_files: - - tfvars/sandbox.tfvars - - path: regional/infra - name: "regional/infra: us-east1-non-production" - usage_file: regional/infra/infracost/us-east1-non-production.yml - terraform_var_files: - - tfvars/us-east1-non-production.tfvars - - path: regional/infra - name: "regional/infra: us-east1-production" - usage_file: regional/infra/infracost/us-east1-production.yml - terraform_var_files: - - tfvars/us-east1-production.tfvars - - path: regional/infra - name: "regional/infra: us-east1-sandbox" - usage_file: regional/infra/infracost/us-east1-sandbox.yml - terraform_var_files: - - tfvars/us-east1-sandbox.tfvars diff --git a/infracost.yml.tmpl b/infracost.yml.tmpl deleted file mode 100644 index 95070d0..0000000 --- a/infracost.yml.tmpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Infracost Template: https://www.infracost.io/docs/features/config_file/#template-syntax */}} -# Infracost Configuration -# https://www.infracost.io/docs/config_file - -# Do not edit the infracost.yml file directly, it is generated by the infracost.yml.tmpl file. -# Edit the infracost.yml.tmpl file and run the following command from the root of the repository to generate the infracost.yml file: - -# infracost generate config --repo-path=. --template-path=infracost.yml.tmpl --out-file=infracost.yml - -version: 0.1 -projects: -{{- range $match := matchPaths ":location(global|regional)/:type(app|infra)/:app?/tfvars/:env.tfvars" }} - {{- $appDir := ""}} - {{- if $match.app }} - {{- $appDir = print "/" $match.app }} - {{- end }} - - path: {{ $match.location }}/{{ $match.type }}{{ $appDir }} - name: "{{ $match.location }}/{{ $match.type }}{{ $appDir }}: {{ $match.env }}" - usage_file: {{ $match.location }}/{{ $match.type }}{{ $appDir }}/infracost/{{ $match.env }}.yml - terraform_var_files: - - tfvars/{{ $match.env }}.tfvars -{{- end }} diff --git a/regional/infra/.terraform.lock.hcl b/regional/.terraform.lock.hcl similarity index 100% rename from regional/infra/.terraform.lock.hcl rename to regional/.terraform.lock.hcl diff --git a/regional/infra/README.md b/regional/README.md similarity index 99% rename from regional/infra/README.md rename to regional/README.md index cecb2bf..4bbcf4b 100644 --- a/regional/infra/README.md +++ b/regional/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 5.18.0 | +| [google](#provider\_google) | 5.22.0 | | [terraform](#provider\_terraform) | n/a | ## Modules diff --git a/regional/backend.tf b/regional/backend.tf new file mode 120000 index 0000000..441bbf6 --- /dev/null +++ b/regional/backend.tf @@ -0,0 +1 @@ +../shared/backend.tf \ No newline at end of file diff --git a/regional/infra/backend.tf b/regional/infra/backend.tf deleted file mode 120000 index f3c74de..0000000 --- a/regional/infra/backend.tf +++ /dev/null @@ -1 +0,0 @@ -../../shared/backend.tf \ No newline at end of file diff --git a/regional/infra/infracost/us-east1-non-production.yml b/regional/infra/infracost/us-east1-non-production.yml deleted file mode 100644 index 888123b..0000000 --- a/regional/infra/infracost/us-east1-non-production.yml +++ /dev/null @@ -1,7 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -# resource_type_default_usage: {} -# resource_usage: {} diff --git a/regional/infra/infracost/us-east1-production.yml b/regional/infra/infracost/us-east1-production.yml deleted file mode 100644 index 35f5912..0000000 --- a/regional/infra/infracost/us-east1-production.yml +++ /dev/null @@ -1,139 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -resource_type_default_usage: - google_artifact_registry_repository: - storage_gb: 10.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 -# resource_usage: - ## - ## The following usage values apply to individual resources and override any value defined in the resource_type_default_usage section. - ## All values are commented-out, you can uncomment resources and customize as needed. - ## - # google_artifact_registry_repository.docker_remote[0]: - # storage_gb: 0.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 - # google_artifact_registry_repository.docker_standard["platform-docker"]: - # storage_gb: 0.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 - # google_artifact_registry_repository.docker_virtual["platform-docker"]: - # storage_gb: 0.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 diff --git a/regional/infra/infracost/us-east1-sandbox.yml b/regional/infra/infracost/us-east1-sandbox.yml deleted file mode 100644 index 024781d..0000000 --- a/regional/infra/infracost/us-east1-sandbox.yml +++ /dev/null @@ -1,139 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -resource_type_default_usage: - google_artifact_registry_repository: - storage_gb: 0.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 -# resource_usage: - ## - ## The following usage values apply to individual resources and override any value defined in the resource_type_default_usage section. - ## All values are commented-out, you can uncomment resources and customize as needed. - ## - # google_artifact_registry_repository.docker_remote[0]: - # storage_gb: 0.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 - # google_artifact_registry_repository.docker_standard["platform-docker"]: - # storage_gb: 0.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 - # google_artifact_registry_repository.docker_virtual["platform-docker"]: - # storage_gb: 0.0 # Total data stored in the repository in GB - # monthly_egress_data_transfer_gb: - # europe_north1: 0.0 # GB of data delivered from the artifact registry to europe-north1. - # australia_southeast1: 0.0 # GB of data delivered from the artifact registry to australia-southeast1. - # asia_east1: 0.0 - # asia_east2: 0.0 - # asia_northeast1: 0.0 - # asia_northeast2: 0.0 - # asia_northeast3: 0.0 - # asia_south1: 0.0 - # asia_south2: 0.0 - # asia_southeast1: 0.0 - # asia_southeast2: 0.0 - # australia_southeast2: 0.0 - # europe_central2: 0.0 - # europe_west1: 0.0 - # europe_west2: 0.0 - # europe_west3: 0.0 - # europe_west4: 0.0 - # europe_west6: 0.0 - # northamerica_northeast1: 0.0 - # northamerica_northeast2: 0.0 - # southamerica_east1: 0.0 - # southamerica_west1: 0.0 - # us_central1: 0.0 - # us_east1: 0.0 - # us_east4: 0.0 - # us_west1: 0.0 - # us_west2: 0.0 - # us_west3: 0.0 - # us_west4: 0.0 diff --git a/regional/infra/infracost/us-east4-non-production.yml b/regional/infra/infracost/us-east4-non-production.yml deleted file mode 100644 index 888123b..0000000 --- a/regional/infra/infracost/us-east4-non-production.yml +++ /dev/null @@ -1,7 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -# resource_type_default_usage: {} -# resource_usage: {} diff --git a/regional/infra/infracost/us-east4-production.yml b/regional/infra/infracost/us-east4-production.yml deleted file mode 100644 index 888123b..0000000 --- a/regional/infra/infracost/us-east4-production.yml +++ /dev/null @@ -1,7 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -# resource_type_default_usage: {} -# resource_usage: {} diff --git a/regional/infra/infracost/us-east4-sandbox.yml b/regional/infra/infracost/us-east4-sandbox.yml deleted file mode 100644 index 888123b..0000000 --- a/regional/infra/infracost/us-east4-sandbox.yml +++ /dev/null @@ -1,7 +0,0 @@ -# You can use this file to define resource usage estimates for Infracost to use when calculating -# the cost of usage-based resource, such as AWS S3 or Lambda. -# `infracost breakdown --usage-file infracost-usage.yml [other flags]` -# See https://infracost.io/usage-file/ for docs -version: 0.1 -# resource_type_default_usage: {} -# resource_usage: {} diff --git a/regional/infra/locals.tf b/regional/infra/locals.tf deleted file mode 100755 index 90ca869..0000000 --- a/regional/infra/locals.tf +++ /dev/null @@ -1,6 +0,0 @@ -# Local Values -# https://www.terraform.io/docs/language/values/locals.html - -locals { - global = data.terraform_remote_state.global.outputs -} diff --git a/regional/locals.tf b/regional/locals.tf new file mode 100755 index 0000000..1326bd5 --- /dev/null +++ b/regional/locals.tf @@ -0,0 +1,14 @@ +# Local Values +# https://www.terraform.io/docs/language/values/locals.html + +locals { + global = data.terraform_remote_state.global.outputs + + labels = { + cost-center = "x001" + env = var.environment + repository = "google-cloud-services" + platform = "google-cloud-landing-zone" + team = "platform-google-cloud-landing-zone" + } +} diff --git a/regional/infra/main.tf b/regional/main.tf similarity index 97% rename from regional/infra/main.tf rename to regional/main.tf index f6e938c..6452a9d 100644 --- a/regional/infra/main.tf +++ b/regional/main.tf @@ -35,6 +35,7 @@ resource "google_artifact_registry_repository" "docker_standard" { description = "Registry for multi-region - US Standard : ${each.key}" format = "DOCKER" + labels = local.labels location = "us" project = local.global.project_id repository_id = "${each.key}-standard" @@ -45,6 +46,7 @@ resource "google_artifact_registry_repository" "docker_remote" { description = "Registry for multi-region - US Docker Hub" format = "DOCKER" + labels = local.labels location = "us" mode = "REMOTE_REPOSITORY" project = local.global.project_id @@ -64,6 +66,7 @@ resource "google_artifact_registry_repository" "docker_virtual" { description = "Registry for multi-region - US Virtual : ${each.key}" format = "DOCKER" + labels = local.labels location = "us" mode = "VIRTUAL_REPOSITORY" project = local.global.project_id diff --git a/regional/infra/tfvars/us-east1-non-production.tfvars b/regional/tfvars/us-east1-non-production.tfvars similarity index 100% rename from regional/infra/tfvars/us-east1-non-production.tfvars rename to regional/tfvars/us-east1-non-production.tfvars diff --git a/regional/infra/tfvars/us-east1-production.tfvars b/regional/tfvars/us-east1-production.tfvars similarity index 100% rename from regional/infra/tfvars/us-east1-production.tfvars rename to regional/tfvars/us-east1-production.tfvars diff --git a/regional/infra/tfvars/us-east1-sandbox.tfvars b/regional/tfvars/us-east1-sandbox.tfvars similarity index 100% rename from regional/infra/tfvars/us-east1-sandbox.tfvars rename to regional/tfvars/us-east1-sandbox.tfvars diff --git a/regional/infra/variables.tf b/regional/variables.tf similarity index 100% rename from regional/infra/variables.tf rename to regional/variables.tf