From ce942eefa4f55290ccfa9435988c3984ffc51c4f Mon Sep 17 00:00:00 2001 From: hcornet Date: Wed, 22 Jan 2025 19:12:49 +0100 Subject: [PATCH] first sync --- .gitea/workflows/validate.yml | 19 ++++++- databasas.tf | 0 folder.tf | 96 +++++++++++++++++++++++++++++++++++ instances.tf | 0 networks.tf | 0 project.tf | 8 +++ provider.tf | 23 +++++++++ variables.tf | 17 +++++++ 8 files changed, 162 insertions(+), 1 deletion(-) delete mode 100644 databasas.tf create mode 100644 folder.tf delete mode 100644 instances.tf delete mode 100644 networks.tf create mode 100644 project.tf diff --git a/.gitea/workflows/validate.yml b/.gitea/workflows/validate.yml index b73148a..8d49e64 100644 --- a/.gitea/workflows/validate.yml +++ b/.gitea/workflows/validate.yml @@ -15,10 +15,27 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v3 + - name: Set up Terraform + uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.7.5 + - name: Set up GCloud SDK + uses: google-github-actions/setup-gcloud@v2 + with: + project_id: ${{ secrets.GCP_PROJECT_ID }} + service_account_key: ${{ secrets.GCP_SA_KEY }} + export_default_credentials: true + version: '>= 506.0.0' + + - name: 'Use GCloud CLI' + run: 'gcloud info' + + - name: Authenticate with Google Cloud Platform + uses: google-github-actions/auth@v2 + with: + credentials_json: ${{ secrets.GCP_CREDENTIALS }} + - name: Terraform fmt id: fmt run: terraform fmt -check -diff -recursive diff --git a/databasas.tf b/databasas.tf deleted file mode 100644 index e69de29..0000000 diff --git a/folder.tf b/folder.tf new file mode 100644 index 0000000..f88becc --- /dev/null +++ b/folder.tf @@ -0,0 +1,96 @@ +# Dossier de premier niveau de notre organisation. +resource "google_folder" "HPROD" { + display_name = "HPROD" + parent = "organizations/113433426282" +} + +resource "google_folder" "PREPROD" { + display_name = "PREPROD" + parent = "organizations/113433426282" +} + +resource "google_folder" "PROD" { + display_name = "PROD" + parent = "organizations/113433426282" +} + +resource "google_folder" "SANDBOX" { + display_name = "SANDBOX" + parent = "organizations/113433426282" +} + +# Dossier imbriqué dans un autre dossier. +# Périmètre DATA +resource "google_folder" "DATA_HPROD" { + display_name = "DATA" + parent = google_folder.HPROD.name +} + +resource "google_folder" "DATA_PREPROD" { + display_name = "DATA" + parent = google_folder.PREPROD.name +} + +resource "google_folder" "DATA_PROD" { + display_name = "DATA" + parent = google_folder.PROD.name +} + +resource "google_folder" "DATA_SANDBOX" { + display_name = "DATA" + parent = google_folder.SANDBOX.name +} + +# Périmètre INFRA +resource "google_folder" "INFRA_HPROD" { + display_name = "INFRA" + parent = google_folder.HPROD.name +} + +resource "google_folder" "INFRA_PREPROD" { + display_name = "INFRA" + parent = google_folder.PREPROD.name +} + +resource "google_folder" "INFRA_PROD" { + display_name = "INFRA" + parent = google_folder.PROD.name +} + +# Périmètre PUBLIC +resource "google_folder" "PUBLIC_HPROD" { + display_name = "PUBLIC" + parent = google_folder.HPROD.name +} + +resource "google_folder" "PUBLIC_PREPROD" { + display_name = "PUBLIC" + parent = google_folder.PREPROD.name +} + +resource "google_folder" "PUBLIC_PROD" { + display_name = "PUBLIC" + parent = google_folder.PROD.name +} + +# Périmètre SECURITY +resource "google_folder" "SECURITY_HPROD" { + display_name = "SECURITY" + parent = google_folder.HPROD.name +} + +resource "google_folder" "SECURITY_PREPROD" { + display_name = "SECURITY" + parent = google_folder.PREPROD.name +} + +resource "google_folder" "SECURITY_PROD" { + display_name = "SECURITY" + parent = google_folder.PROD.name +} + +# Périmètre OPS +resource "google_folder" "OPS_PROD" { + display_name = "OPS" + parent = google_folder.PROD.name +} \ No newline at end of file diff --git a/instances.tf b/instances.tf deleted file mode 100644 index e69de29..0000000 diff --git a/networks.tf b/networks.tf deleted file mode 100644 index e69de29..0000000 diff --git a/project.tf b/project.tf new file mode 100644 index 0000000..a282240 --- /dev/null +++ b/project.tf @@ -0,0 +1,8 @@ +# Structure de démarrage Ok à voir si le numéro d'organisation ne devrait pas être dans le Vault ? + +resource "google_project" "my_project" { + name = "My Project" + project_id = "your-project-id" + org_id = "113433426282" + folder_id = google_folder.DATA_SANDBOX.name +} \ No newline at end of file diff --git a/provider.tf b/provider.tf index e69de29..ddf62b2 100644 --- a/provider.tf +++ b/provider.tf @@ -0,0 +1,23 @@ +terraform { + required_providers { + google = { + version = "~> 6.16.0" + } + } + required_version = ">= 1.7.5" +} + +provider "google" { + project = var.project + region = var.region +# credentials = var.file +} + +data "google_client_config" "default" {} + +provider "vault" { + address = "https://vault.saint-maclou.com" +} + + +# manque la partie du vault pour récupérer l'authentification GCP afin d'obtenir les droits \ No newline at end of file diff --git a/variables.tf b/variables.tf index e69de29..13d0a35 100644 --- a/variables.tf +++ b/variables.tf @@ -0,0 +1,17 @@ +# Ne doit pas être ici, on va fonctionner en mode liste qui se trouvera dans le fichier project.tf +variable "project" { + description = "GCP project ID" + type = string +} + +variable "region" { + description = "GCP region" + type = string + default = "europe-west1" +} + +#variable "file" { +# description = "GCP credential" +# type = string +# default = "creds/service-account-key.json" +#}