Switch terraform over to cloud.gov org

terraform/bootstrap/import.sh

@@ -4,8 +4,8 @@ read -p "Are you sure you want to import terraform state (y/n)? " verify
 
 if [[ $verify == "y" ]]; then
   echo "Importing bootstrap state"
-  ./run.sh import module.s3.cloudfoundry_service_instance.bucket 31204bcc-aae3-4cd3-8b59-5055a338d44f
-  ./run.sh import cloudfoundry_service_key.bucket_creds 483a6ac5-4ba0-48ad-9850-ef87b51aaa08
+  ./run.sh import module.s3.cloudfoundry_service_instance.bucket 6b759c13-6253-4a64-9bda-dd1f620185b0
+  ./run.sh import cloudfoundry_service_key.bucket_creds a8e40295-68b7-42ba-8955-d82ba262e948
   ./run.sh plan
 else
   echo "Not importing bootstrap state"

terraform/bootstrap/main.tf

@@ -9,8 +9,8 @@ module "s3" {
   cf_api_url      = local.cf_api_url
   cf_user         = var.cf_user
   cf_password     = var.cf_password
-  cf_org_name     = "gsa-10x-prototyping"
-  cf_space_name   = "10x-notifications"
+  cf_org_name     = "gsa-tts-benefits-studio-prototyping"
+  cf_space_name   = "notify-management"
   s3_service_name = local.s3_service_name
 }
 

terraform/bootstrap/run.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 if [[ ! -f "secrets.auto.tfvars" ]]; then
-  ../create_service_account.sh -s 10x-notifications -u config-bootstrap-deployer > secrets.auto.tfvars
+  ../create_service_account.sh -s notify-management -u config-bootstrap-deployer > secrets.auto.tfvars
 fi
 
 if [[ $# -gt 0 ]]; then

terraform/bootstrap/teardown_creds.sh

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
 
-../destroy_service_account.sh -s 10x-notifications -u config-bootstrap-deployer
+../destroy_service_account.sh -s notify-management -u config-bootstrap-deployer
 
 rm secrets.auto.tfvars

terraform/bootstrap/variables.tf

@@ -1,2 +1,4 @@
-variable "cf_password" {}
+variable "cf_password" {
+  sensitive = true
+}
 variable "cf_user" {}

terraform/create_service_account.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-org="gsa-10x-prototyping"
+org="gsa-tts-benefits-studio-prototyping"
 
 usage="
 $0: Create a Service User Account for a given space

terraform/demo/main.tf

@@ -0,0 +1,48 @@
+locals {
+  cf_org_name      = "gsa-tts-benefits-studio-prototyping"
+  cf_space_name    = "notify-demo"
+  env              = "demo"
+  app_name         = "notify-admin"
+  recursive_delete = false
+}
+
+module "redis" {
+  source = "github.com/18f/terraform-cloudgov//redis"
+
+  cf_user          = var.cf_user
+  cf_password      = var.cf_password
+  cf_org_name      = local.cf_org_name
+  cf_space_name    = local.cf_space_name
+  env              = local.env
+  app_name         = local.app_name
+  recursive_delete = local.recursive_delete
+  redis_plan_name  = "redis-dev"
+}
+
+module "logo_upload_bucket" {
+  source = "github.com/18f/terraform-cloudgov//s3"
+
+  cf_user          = var.cf_user
+  cf_password      = var.cf_password
+  cf_org_name      = local.cf_org_name
+  cf_space_name    = local.cf_space_name
+  recursive_delete = local.recursive_delete
+  s3_service_name  = "${local.app_name}-logo-upload-bucket-${local.env}"
+}
+
+# ##########################################################################
+# The following lines need to be commented out for the initial `terraform apply`
+# It can be re-enabled after:
+# 1) the api app has first been deployed
+# 2) the admin app has first been deployed
+###########################################################################
+# module "api_network_route" {
+#   source = "../shared/container_networking"
+
+#   cf_user              = var.cf_user
+#   cf_password          = var.cf_password
+#   cf_org_name          = local.cf_org_name
+#   cf_space_name        = local.cf_space_name
+#   source_app_name      = "${local.app_name}-${local.env}"
+#   destination_app_name = "notify-api-${local.env}"
+# }

terraform/demo/providers.tf

@@ -0,0 +1,17 @@
+terraform {
+  required_version = "~> 1.0"
+  required_providers {
+    cloudfoundry = {
+      source  = "cloudfoundry-community/cloudfoundry"
+      version = "0.15.5"
+    }
+  }
+
+  backend "s3" {
+    bucket  = "cg-6b759c13-6253-4a64-9bda-dd1f620185b0"
+    key     = "admin.tfstate.demo"
+    encrypt = "true"
+    region  = "us-gov-west-1"
+    profile = "notify-terraform-backend"
+  }
+}

terraform/demo/variables.tf

@@ -0,0 +1,5 @@
+variable "cf_password" {
+  type      = string
+  sensitive = true
+}
+variable "cf_user" {}

terraform/destroy_service_account.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-org="gsa-10x-prototyping"
+org="gsa-tts-benefits-studio-prototyping"
 
 usage="
 $0: Destroy a Service User Account in a given space

terraform/production/main.tf

@@ -1,8 +1,8 @@
 locals {
-  cf_org_name      = "TKTK"
-  cf_space_name    = "TKTK"
+  cf_org_name      = "gsa-tts-benefits-studio-prototyping"
+  cf_space_name    = "notify-prod"
   env              = "production"
-  app_name         = "notifications-admin"
+  app_name         = "notify-admin"
   recursive_delete = false
 }
 
@@ -44,7 +44,7 @@ module "logo_upload_bucket" {
 #   cf_org_name          = local.cf_org_name
 #   cf_space_name        = local.cf_space_name
 #   source_app_name      = "${local.app_name}-${local.env}"
-#   destination_app_name = "notifications-api-${local.env}"
+#   destination_app_name = "notify-api-${local.env}"
 # }
 
 # ##########################################################################

terraform/production/providers.tf

@@ -8,7 +8,7 @@ terraform {
   }
 
   backend "s3" {
-    bucket  = "cg-31204bcc-aae3-4cd3-8b59-5055a338d44f"
+    bucket  = "cg-6b759c13-6253-4a64-9bda-dd1f620185b0"
     key     = "admin.tfstate.prod"
     encrypt = "true"
     region  = "us-gov-west-1"

terraform/set_space_egress.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-org="gsa-10x-prototyping"
+org="gsa-tts-benefits-studio-prototyping"
 
 usage="
 $0: Set egress rules for given space

terraform/staging/main.tf

@@ -1,8 +1,8 @@
 locals {
-  cf_org_name      = "gsa-10x-prototyping"
-  cf_space_name    = "10x-notifications"
+  cf_org_name      = "gsa-tts-benefits-studio-prototyping"
+  cf_space_name    = "notify-staging"
   env              = "staging"
-  app_name         = "notifications-admin"
+  app_name         = "notify-admin"
   recursive_delete = true
 }
 
@@ -30,13 +30,19 @@ module "logo_upload_bucket" {
   s3_service_name  = "${local.app_name}-logo-upload-bucket-${local.env}"
 }
 
-module "api_network_route" {
-  source = "../shared/container_networking"
+# ##########################################################################
+# The following lines need to be commented out for the initial `terraform apply`
+# It can be re-enabled after:
+# 1) the api app has first been deployed
+# 2) the admin app has first been deployed
+###########################################################################
+# module "api_network_route" {
+#   source = "../shared/container_networking"
 
-  cf_user              = var.cf_user
-  cf_password          = var.cf_password
-  cf_org_name          = local.cf_org_name
-  cf_space_name        = local.cf_space_name
-  source_app_name      = "${local.app_name}-${local.env}"
-  destination_app_name = "notifications-api-${local.env}"
-}
+#   cf_user              = var.cf_user
+#   cf_password          = var.cf_password
+#   cf_org_name          = local.cf_org_name
+#   cf_space_name        = local.cf_space_name
+#   source_app_name      = "${local.app_name}-${local.env}"
+#   destination_app_name = "notify-api-${local.env}"
+# }

terraform/staging/providers.tf

@@ -8,7 +8,7 @@ terraform {
   }
 
   backend "s3" {
-    bucket  = "cg-31204bcc-aae3-4cd3-8b59-5055a338d44f"
+    bucket  = "cg-6b759c13-6253-4a64-9bda-dd1f620185b0"
     key     = "admin.tfstate.stage"
     encrypt = "true"
     region  = "us-gov-west-1"