From 23c33ddb131481f406843975b04c0d2cbeeea2a3 Mon Sep 17 00:00:00 2001 From: stvnrlly Date: Thu, 8 Dec 2022 09:24:58 -0500 Subject: [PATCH] more terraform nuance --- terraform/README.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/terraform/README.md b/terraform/README.md index e33cbbab2..efab933fa 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -6,7 +6,6 @@ Prerequisite: install the `jq` JSON processor: `brew install jq` ## Initial setup -1. Get on the GSA VPN (required for reaching cloud.gov API) 1. Manually run the bootstrap module following instructions under `Terraform State Credentials` 1. Setup CI/CD Pipeline to run Terraform 1. Copy bootstrap credentials to your CI/CD secrets using the instructions in the base README @@ -29,6 +28,10 @@ The bootstrap module is used to create an s3 bucket for later terraform runs to 1. Ensure that `import.sh` includes a line and correct IDs for any resources created 1. Run `./teardown_creds.sh` to remove the space deployer account used to create the s3 bucket +Notes: +- The `run.sh` commands will move your `cf target` to the `notify-management` space, so make sure to re-target afterwards. +- If you have trouble with `./run.sh plan`, try getting on the GSA VPN. It may be necessary to connect to the cloud.gov API. + ### To make changes to the bootstrap module *This should not be necessary in most cases* @@ -40,20 +43,15 @@ The bootstrap module is used to create an s3 bucket for later terraform runs to 1. Make your changes 1. Continue from step 2 of the boostrapping instructions -### Retrieving existing bucket credentials - -1. Run `./run.sh show` -1. Follow instructions under `Use bootstrap credentials` - -#### Use bootstrap credentials +### Use bootstrap credentials +1. Run `./run.sh show` if you need to retrieve the credentials 1. Add the following to `~/.aws/credentials` ``` [notify-terraform-backend] aws_access_key_id = aws_secret_access_key = ``` - 1. Copy `bucket` from `bucket_credentials` output to the backend block of `staging/providers.tf` and `production/providers.tf` ## SpaceDeployers