From 7d63d3b9d3448bc181afac8d89439cace965a956 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Thu, 23 Oct 2025 12:53:51 -0700 Subject: [PATCH] try again --- .github/workflows/deploy.yml | 37 ------------------------- .github/workflows/terraform-staging.yml | 1 + terraform/staging/main.tf | 19 +++++++++++-- 3 files changed, 17 insertions(+), 40 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 629166faa..7f2ac124f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -37,43 +37,6 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} run: terraform init - - # Some excitement for later. When we have a module we cannot just delete - # (db, csv_bucket) we need to modify the state in the tfstate file. - # - # Once both providers are defined in the providers.tf, the order of operations should be - # - # 1. Uncomment this command and let it run as part of CI/CD. This alters the state, - # but the module will be temporarily unusable - # 2. Go back to main.tf and update the module syntax and parameters for the new provider - # 3. Go through the CI/CD again, at this point it should work. - # - - name: Terraform change provider - working-directory: terraform/staging - env: - AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} - TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }} - TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} - run: | - set -euo pipefail - echo "Finding all resources in module.csv_upload_bucket..." - resources=$(terraform state list | grep '^module.csv_upload_bucket' || true) - if [ -z "$resources" ]; then - echo "No resources found under module.csv_upload_bucket -- skipping migration." - exit 0 - fi - echo "Migrating provider for these resources:" - echo "$resources" - terraform state replace-provider \ - 'registry.terraform.io/cloudfoundry-community/cloudfoundry' \ - 'registry.terraform.io/cloudfoundry/cloudfoundry' \ - $resources - - echo "Provider migration complete." - echo "Verifying..." - terraform state show $(echo "$resources" | head -n 1) | grep 'provider' - - name: Terraform apply working-directory: terraform/staging env: diff --git a/.github/workflows/terraform-staging.yml b/.github/workflows/terraform-staging.yml index 9fe174ee8..c50a36946 100644 --- a/.github/workflows/terraform-staging.yml +++ b/.github/workflows/terraform-staging.yml @@ -41,6 +41,7 @@ jobs: id: validation run: terraform validate -no-color + - name: Terraform plan id: plan env: diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf index 506d6ace2..1beebb7cd 100644 --- a/terraform/staging/main.tf +++ b/terraform/staging/main.tf @@ -45,7 +45,7 @@ module "redis-v70" { ) } -module "csv_upload_bucket" { +module "csv_upload_bucket_old" { source = "github.com/GSA-TTS/terraform-cloudgov//s3?ref=v1.0.0" cf_org_name = local.cf_org_name @@ -75,15 +75,28 @@ module "egress-space" { module "ses_email" { source = "../shared/ses" + providers = { + cloudfoundry = cloudfoundry.official + } + cf_space_id = data.cloudfoundry_space.space.id - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name name = "${local.app_name}-ses-${local.env}" aws_region = "us-west-2" mail_from_subdomain = "mail" email_receipt_error = "notify-support@gsa.gov" } +# module "ses_email_old" { +# source = "../shared/ses" + +# cf_org_name = local.cf_org_name +# cf_space_name = local.cf_space_name +# name = "${local.app_name}-ses-${local.env}" +# aws_region = "us-west-2" +# mail_from_subdomain = "mail" +# email_receipt_error = "notify-support@gsa.gov" +# } + module "sns_sms" { source = "../shared/sns"