From 3c141ef82359c732dc8fd0f2951172740d45348a Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Thu, 11 Apr 2024 15:52:21 -0700 Subject: [PATCH] Does the Caution markdown not work? --- terraform/README.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/terraform/README.md b/terraform/README.md index 6ce0cee6e..0220c215b 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -22,7 +22,7 @@ Assuming [initial setup](#initial-setup) is complete — which it should be aws_access_key_id = aws_secret_access_key = ``` -1. Check which AWS profile you are using with `aws configure list`. If needed, use `export AWS_PROFILE=notify-terraform-backend` to change to profile and credentials you just added. +1. Check which AWS profile you are using with `aws configure list`. If needed, use `export AWS_PROFILE=notify-terraform-backend` to change to the profile and credentials you just added. These credentials will allow Terraform to access the AWS/Cloud.gov bucket in which developers share Terraform state files. Now you are ready to develop Terraform using the [Workflow for deployed environments](#workflow-for-deployed-environments). @@ -85,12 +85,15 @@ These steps assume shared [Terraform state credentials](#terraform-state-credent 1. Next you will set up a SpaceDeployer. Prepare to fill in these values: * `` will be the string you copied from the prior step * `` can be anything, although we recommend something that communicates the purpose of the deployer. For example: "circleci-deployer" for the credentials CircleCI uses to deploy the application, or "sandbox-" for credentials to run terraform manually. + Put those two values into this command: ```bash ./create_service_account.sh -s -u > secrets.auto.tfvars ``` - The script will output the `username` (as `cf_user`) and `password` (as `cf_password`) for your ``. Read more in the [cloud.gov service account documentation](https://cloud.gov/docs/services/cloud-gov-service-account/). Then, the command uses the redirection operator (`>`) to write that output to the `secrets.auto.tfvars` file. Terraform will find the username and password there, and use them as input variables. + The script will output the `username` (as `cf_user`) and `password` (as `cf_password`) for your ``. The [cloud.gov service account documentation](https://cloud.gov/docs/services/cloud-gov-service-account/) has more information. + + The command uses the redirection operator (`>`) to write that output to the `secrets.auto.tfvars` file. Terraform will find the username and password there, and use them as input variables. 1. While still in an environment directory, initialize Terraform: ```bash @@ -104,11 +107,13 @@ These steps assume shared [Terraform state credentials](#terraform-state-credent terraform plan ``` - This will show you any pending changes that Terraform is ready to make. Now is the time to write any HCL code you are planning to write, re-running `terraform plan` to confirm that the code works as you develop. + This will show you any pending changes that Terraform is ready to make. + + :pencil: Now is the time to write any HCL code you are planning to write, re-running `terraform plan` to confirm that the code works as you develop. Keep in mind that any changes to the codebase that you commit will be run by the CI/CD pipeline. 1. **Only if it is safe to do so**, apply your changes. - > [!CAUTION] + > [!WARNING] > Applying changes in the wrong directory can mess up a deployed environment that people are relying on Double-check what directory you are in, like with the `pwd` command. You should probably only apply while in the `sandbox` directory / environment.