Multi ENV deploy working on dev and prod

2024-05-25 15:03:17 +02:00
parent 5eda24ef8f
commit 499a4f8480
12 changed files with 4707 additions and 33 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -165,8 +165,8 @@ cython_debug/
 **/.terraform/*

 # .tfstate files
-*.tfstate
-*.tfstate.*
+#*.tfstate
+#*.tfstate.*

 # Crash log files
 crash.log
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -21,24 +21,24 @@ provider "registry.terraform.io/hashicorp/archive" {
 }

 provider "registry.terraform.io/hashicorp/aws" {
-  version     = "5.45.0"
+  version     = "5.51.1"
  constraints = "~> 5.0"
  hashes = [
-    "h1:4Vgk51R7iTY1oczaTQDG+DkA9nE8TmjlUtecqXX6qDU=",
-    "zh:1379bcf45aef3d486ee18b4f767bfecd40a0056510d26107f388be3d7994c368",
-    "zh:1615a6f5495acfb3a0cb72324587261dd4d72711a3cc51aff13167b14531501e",
-    "zh:18b69a0f33f8b1862fbd3f200756b7e83e087b73687085f2cf9c7da4c318e3e6",
-    "zh:2c5e7aecd197bc3d3b19290bad8cf4c390c2c6a77bb165da4e11f53f2dfe2e54",
-    "zh:3794da9bef97596e3bc60e12cdd915bda5ec2ed62cd1cd93723d58b4981905fe",
-    "zh:40a5e45ed91801f83db76dffd467dcf425ea2ca8642327cf01119601cb86021c",
-    "zh:4abfc3f53d0256a7d5d1fa5e931e4601b02db3d1da28f452341d3823d0518f1a",
-    "zh:4eb0e98078f79aeb06b5ff6115286dc2135d12a80287885698d04036425494a2",
-    "zh:75470efbadea4a8d783642497acaeec5077fc4a7f3df3340defeaa1c7de29bf7",
-    "zh:8861a0b4891d5fa2fa7142f236ae613cea966c45b5472e3915a4ac3abcbaf487",
-    "zh:8bf6f21cd9390b742ca0b4393fde92616ca9e6553fb75003a0999006ad233d35",
+    "h1:ESfxP2tCO6IZldSQnepXmIm+x+VtaQt/bKgGjYE+0BY=",
+    "zh:03d524b70ab300d90dc4dccad0c28b18d797b8986722b7a93e40a41500450eaa",
+    "zh:04dbcb7ab52181a784877c409f6c882df34bda686d8c884d511ebd4abf493f0c",
+    "zh:2b068f7838e0f3677829258df05d8b9d73fe6434a1a809f8710956cc1c01ea03",
+    "zh:41a4b1e4adbf7c90015ebff17a719fc08133b8a2c4dcefd2fa281552126e59a8",
+    "zh:48b1adf57f695a72c88c598f99912171ef7067638fd63fb0c6ad3fa397b3f7c3",
+    "zh:5c2fb26ecb83adac90d06dcf5f97edbc944824c2821816b1653e1a2b9d37b3c4",
+    "zh:93df05f53702df829d9b9335e559ad8b313808dbd2fad8b2ff14f176732e693d",
    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:ad73008a044e75d337acda910fb54d8b81a366873c8a413fec1291034899a814",
-    "zh:bf261713b0b8bebfe8c199291365b87d9043849f28a2dc764bafdde73ae43693",
-    "zh:da3bafa1fd830be418dfcc730e85085fe67c0d415c066716f2ac350a2306f40a",
+    "zh:b5da39898602e44551b56e2803a42d92ea7115e35b1792efbf6649da37ef597b",
+    "zh:b7ab7f743f864ed8d479a7cb04fd3ce00c376f867ee5b53c4c1acaef6e286c54",
+    "zh:e7e7b2d8ee486415481a25ac7bdded20bd2897d5dd0790741798f31935b9528d",
+    "zh:e8008e3f5ef560fd9004d1ed1738f0f53e99b0ce961d967e95fc7c02e5954e4e",
+    "zh:f1296f648b8608ffa930b52519b00ed01eebedde9fdaf94205b365536e6c3916",
+    "zh:f8539960fd978a54990740ee984c6f7f743c9c32c7734e2601e92abfe54367e9",
+    "zh:fd182e6e20bb52982752a5d8c4b16887565f413a9d50d9d394d2c06eea8a195e",
  ]
 }
--- a/deploy-dev.sh
+++ b/deploy-dev.sh
@@ -0,0 +1,8 @@
+# Select Development workspace
+terraform workspace select dev
+
+# Plan the current execution with variables and verify
+terraform plan -var-file dev.tfvars -out plans/dev.plan
+
+# Apply Configuration
+terraform apply plans/dev.plan
--- a/deploy-prod.sh
+++ b/deploy-prod.sh
@@ -0,0 +1,8 @@
+# Select Development workspace
+terraform workspace select prod
+
+# Plan the current execution with variables and verify
+terraform plan -var-file prod.tfvars -out plans/prod.plan
+
+# Apply Configuration
+terraform apply plans/prod.plan
--- a/master.tf
+++ b/master.tf
@@ -9,24 +9,24 @@ terraform {

 # Configure the AWS Provider
 provider "aws" {
-  region = "eu-west-1"
+  region = var.region
  profile = "StandOut_Terraform"
 }

 # Create a VPC
 resource "aws_vpc" "vpc_standout" {
-  cidr_block = "10.0.0.0/16"
+  cidr_block = var.env == "dev" ? "10.0.0.0/16" : "10.10.0.0/16"
 }

 # create an s3 bucket for config
 resource "aws_s3_bucket" "s3_standout_config" {
-  bucket = "standout-config"
+  bucket = "standout-config-${var.env}"
  force_destroy = false
 }

 # create an s3 bucket for data
 resource "aws_s3_bucket" "s3_standout" {
-  bucket = "standout-data"
+  bucket = "standout-data-${var.env}"
  force_destroy = true
 }

@@ -135,30 +135,35 @@ data "aws_iam_policy_document" "lambda_role" {
 }

 resource "aws_iam_role" "iam_for_lambda" {
-  name               = "iam_for_lambda"
+  name               = "iam_for_lambda-${var.env}"
  assume_role_policy = data.aws_iam_policy_document.lambda_role.json
 }

+resource "aws_iam_role_policy_attachment" "iam_for_lambda_allow_logs" {
+  role       = aws_iam_role.iam_for_lambda.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+}
+
 data "archive_file" "lambda_standout_code" {
  type        = "zip"
  source_dir = "./lambda_redirect"
-  output_path = "./lambda_zip/standout_lambda_redirect.zip"
+  output_path = "./lambda_zip/standout_lambda_redirect-${var.env}.zip"
 }

 data "archive_file" "lambda_standout_config_code" {
  type        = "zip"
  source_dir = "./lambda_config"
-  output_path = "./lambda_zip/standout_lambda_config.zip"
+  output_path = "./lambda_zip/standout_lambda_config-${var.env}.zip"
 }

 data "archive_file" "lambda_layer_deps" {
  type        = "zip"
  source_dir = "./lambda_layer"
-  output_path = "./lambda_zip/lambda_layer.zip"
+  output_path = "./lambda_zip/lambda_layer-${var.env}.zip"
 }

 resource "aws_lambda_layer_version" "lambda_layer" {
-  filename   = "./lambda_zip/lambda_layer.zip"
+  filename   = "./lambda_zip/lambda_layer-${var.env}.zip"
  layer_name = "lambda_deps"
  compatible_runtimes = ["python3.12"]
 }
@@ -166,8 +171,8 @@ resource "aws_lambda_layer_version" "lambda_layer" {
 resource "aws_lambda_function" "lambda_standout_redirect" {
  # If the file is not in the current working directory you will need to include a
  # path.module in the filename.
-  filename      = "./lambda_zip/standout_lambda_redirect.zip"
-  function_name = "standout-redirect"
+  filename      = "./lambda_zip/standout_lambda_redirect-${var.env}.zip"
+  function_name = "standout-redirect-${var.env}"
  role          = aws_iam_role.iam_for_lambda.arn
  handler       = "lambda_redirect.lambda_handler"

@@ -190,8 +195,8 @@ resource "aws_lambda_function" "lambda_standout_redirect" {
 resource "aws_lambda_function" "lambda_standout_config" {
  # If the file is not in the current working directory you will need to include a
  # path.module in the filename.
-  filename      = "./lambda_zip/standout_lambda_config.zip"
-  function_name = "standout-config"
+  filename      = "./lambda_zip/standout_lambda_config-${var.env}.zip"
+  function_name = "standout-config-${var.env}"
  role          = aws_iam_role.iam_for_lambda.arn
  handler       = "lambda_config.lambda_handler"

@@ -233,7 +238,7 @@ resource "aws_s3_bucket_notification" "bucket_notification" {

 # create API gateway for lambda triger and connect
 resource "aws_apigatewayv2_api" "api_standout_gateway" {
-  name          = "standout-api"
+  name          = "standout-api-${var.env}"
  protocol_type = "HTTP"
 }

@@ -251,7 +256,7 @@ resource "aws_apigatewayv2_integration" "api_standout_integration" {
 resource "aws_apigatewayv2_stage" "api_standout_lambda_stage" {
  api_id = aws_apigatewayv2_api.api_standout_gateway.id

-  name        = "dev"
+  name        = var.env
  auto_deploy = true
 }

--- a/plans/dev.plan
+++ b/plans/dev.plan
--- a/plans/prod.plan
+++ b/plans/prod.plan
--- a/terraform.tfstate.d/dev/terraform.tfstate
+++ b/terraform.tfstate.d/dev/terraform.tfstate
--- a/terraform.tfstate.d/dev/terraform.tfstate.backup
+++ b/terraform.tfstate.d/dev/terraform.tfstate.backup
--- a/terraform.tfstate.d/prod/terraform.tfstate
+++ b/terraform.tfstate.d/prod/terraform.tfstate
--- a/terraform.tfstate.d/prod/terraform.tfstate.backup
+++ b/terraform.tfstate.d/prod/terraform.tfstate.backup
--- a/variable.tf
+++ b/variable.tf
@@ -0,0 +1,9 @@
+variable "region" {
+  type = string
+  default = "eu-west-1"
+}
+
+variable "env" {
+    type = string
+    default = "dev"
+}