diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 7e3211679..35c289f43 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -36,6 +36,35 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} run: terraform init + + + # Some excitement for later. When we have a module we cannot just delete + # (db, csv_bucket) we need to modify the state in the tfstate file. + # + # Once both providers are defined in the providers.tf, the order of operations should be + # + # 1. Uncomment this command and let it run as part of CI/CD. This alters the state, + # but the module will be temporarily unusable + # 2. Go back to main.tf and update the module syntax and parameters for the new provider + # 3. Go through the CI/CD again, at this point it should work. + # + # - name: Terraform change provider + # working-directory: terraform/staging + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} + # TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }} + # TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} + # run: | + # terraform state pull | jq ' + # .resources |= map(select(.module == "module.csv_upload_bucket")) + # ' > module-csv_upload_bucket.tfstate + # terraform state replace-provider \ + # -state=module-csv_upload_bucket.tfstate \ + # 'registry.terraform.io/cloudfoundry-community/cloudfoundry' \ + # 'registry.terraform.io/cloudfoundry/cloudfoundry' + # terraform state push module-csv_upload_bucket.tfstate + - name: Terraform apply working-directory: terraform/staging env: diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf index bc6def6d5..e5e8a997c 100644 --- a/terraform/staging/main.tf +++ b/terraform/staging/main.tf @@ -21,19 +21,21 @@ module "database" { rds_plan_name = "small-psql" } -module "redis-v70" { - source = "github.com/GSA-TTS/terraform-cloudgov//redis?ref=v1.0.0" - - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${local.app_name}-redis-v70-${local.env}" - redis_plan_name = "redis-dev" - json_params = jsonencode( - { - "engineVersion" : "7.0", - } - ) -} +# module "redis-v70" { +# source = "github.com/GSA-TTS/terraform-cloudgov//redis?ref=v2.4.0" +# Right now the default is cfcommunity, remove this when default is cloudfoundry +# providers = { +# cloudfoundry = cloudfoundry.official +# } +# cf_space_id = data.cloudfoundry_space.space.id +# name = "${local.app_name}-redis-v70-${local.env}" +# redis_plan_name = "redis-dev" +# json_params = jsonencode( +# { +# "engineVersion" : "7.0", +# } +# ) +# } module "csv_upload_bucket" { source = "github.com/GSA-TTS/terraform-cloudgov//s3?ref=v1.0.0" diff --git a/terraform/staging/providers.tf b/terraform/staging/providers.tf index b5a1ed547..49d72348d 100644 --- a/terraform/staging/providers.tf +++ b/terraform/staging/providers.tf @@ -2,6 +2,10 @@ terraform { required_version = "~> 1.7" required_providers { cloudfoundry = { + source = "cloudfoundry/cloudfoundry" + version = "1.9.0" + } + cfcommunity = { source = "cloudfoundry-community/cloudfoundry" version = "0.53.1" } @@ -16,7 +20,16 @@ terraform { } } +# Official provider (should be default but aliased for now) provider "cloudfoundry" { + alias = "official" + api_url = "https://api.fr.cloud.gov" + user = var.cf_user + password = var.cf_password +} + +# Community provider (should be aliased but default for now) +provider "cfcommunity" { api_url = "https://api.fr.cloud.gov" user = var.cf_user password = var.cf_password