first sync

2025-01-22 19:12:49 +01:00 · 2025-01-22 19:12:49 +01:00 · ce942eefa4
commit ce942eefa4
parent bb16277876
8 changed files with 162 additions and 1 deletions
--- a/.gitea/workflows/validate.yml
+++ b/.gitea/workflows/validate.yml
@ -15,10 +15,27 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v4
-      - uses: hashicorp/setup-terraform@v3
+      - name: Set up Terraform
        uses: hashicorp/setup-terraform@v3
        with:
          terraform_version: 1.7.5
      - name: Set up GCloud SDK
        uses: google-github-actions/setup-gcloud@v2
        with:
          project_id: ${{ secrets.GCP_PROJECT_ID }}
          service_account_key: ${{ secrets.GCP_SA_KEY }}
          export_default_credentials: true
          version: '>= 506.0.0'
      - name: 'Use GCloud CLI'
        run: 'gcloud info'
      - name: Authenticate with Google Cloud Platform
        uses: google-github-actions/auth@v2
        with:
          credentials_json: ${{ secrets.GCP_CREDENTIALS }}
      - name: Terraform fmt
        id: fmt
        run: terraform fmt -check -diff -recursive
--- a/databasas.tf
+++ b/databasas.tf
--- a/folder.tf
+++ b/folder.tf
@ -0,0 +1,96 @@
 # Dossier de premier niveau de notre organisation.
 resource "google_folder" "HPROD" {
  display_name = "HPROD"
  parent       = "organizations/113433426282"
 }
 resource "google_folder" "PREPROD" {
  display_name = "PREPROD"
  parent       = "organizations/113433426282"
 }
 resource "google_folder" "PROD" {
  display_name = "PROD"
  parent       = "organizations/113433426282"
 }
 resource "google_folder" "SANDBOX" {
  display_name = "SANDBOX"
  parent       = "organizations/113433426282"
 }
 # Dossier imbriqué dans un autre dossier.
 # Périmètre DATA
 resource "google_folder" "DATA_HPROD" {
  display_name = "DATA"
  parent       = google_folder.HPROD.name
 }
 resource "google_folder" "DATA_PREPROD" {
  display_name = "DATA"
  parent       = google_folder.PREPROD.name
 }
 resource "google_folder" "DATA_PROD" {
  display_name = "DATA"
  parent       = google_folder.PROD.name
 }
 resource "google_folder" "DATA_SANDBOX" {
  display_name = "DATA"
  parent       = google_folder.SANDBOX.name
 }
 # Périmètre INFRA
 resource "google_folder" "INFRA_HPROD" {
  display_name = "INFRA"
  parent       = google_folder.HPROD.name
 }
 resource "google_folder" "INFRA_PREPROD" {
  display_name = "INFRA"
  parent       = google_folder.PREPROD.name
 }
 resource "google_folder" "INFRA_PROD" {
  display_name = "INFRA"
  parent       = google_folder.PROD.name
 }
 # Périmètre PUBLIC
 resource "google_folder" "PUBLIC_HPROD" {
  display_name = "PUBLIC"
  parent       = google_folder.HPROD.name
 }
 resource "google_folder" "PUBLIC_PREPROD" {
  display_name = "PUBLIC"
  parent       = google_folder.PREPROD.name
 }
 resource "google_folder" "PUBLIC_PROD" {
  display_name = "PUBLIC"
  parent       = google_folder.PROD.name
 }
 # Périmètre SECURITY
 resource "google_folder" "SECURITY_HPROD" {
  display_name = "SECURITY"
  parent       = google_folder.HPROD.name
 }
 resource "google_folder" "SECURITY_PREPROD" {
  display_name = "SECURITY"
  parent       = google_folder.PREPROD.name
 }
 resource "google_folder" "SECURITY_PROD" {
  display_name = "SECURITY"
  parent       = google_folder.PROD.name
 }
 # Périmètre OPS
 resource "google_folder" "OPS_PROD" {
  display_name = "OPS"
  parent       = google_folder.PROD.name
 }
--- a/instances.tf
+++ b/instances.tf
--- a/networks.tf
+++ b/networks.tf
--- a/project.tf
+++ b/project.tf
@ -0,0 +1,8 @@
 # Structure de démarrage Ok à voir si le numéro d'organisation ne devrait pas être dans le Vault ?
 resource "google_project" "my_project" {
  name       = "My Project"
  project_id = "your-project-id"
  org_id     = "113433426282"
  folder_id  = google_folder.DATA_SANDBOX.name
 }
--- a/provider.tf
+++ b/provider.tf
@ -0,0 +1,23 @@
 terraform {
  required_providers {
    google = {
      version = "~> 6.16.0"
    }
  }
  required_version = ">= 1.7.5"
 }
 provider "google" {
  project     = var.project
  region      = var.region
 #  credentials = var.file
 }
 data "google_client_config" "default" {}
 provider "vault" {
  address = "https://vault.saint-maclou.com"
 }
 # manque la partie du vault pour récupérer l'authentification GCP afin d'obtenir les droits
--- a/variables.tf
+++ b/variables.tf
@ -0,0 +1,17 @@
 # Ne doit pas être ici, on va fonctionner en mode liste qui se trouvera dans le fichier project.tf
 variable "project" {
  description = "GCP project ID"
  type        = string
 }
 variable "region" {
  description = "GCP region"
  type        = string
  default     = "europe-west1"
 }
 #variable "file" {
 #  description = "GCP credential"
 #  type        = string
 #  default     = "creds/service-account-key.json"
 #}