From c58cc1e6901f5ed4103654404e3a1ae0902bcc13 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Fri, 3 Jun 2022 22:40:40 +0000 Subject: feat(ops/buildkite): Bootstrap Buildkite Terraform configuration In order to run this the secrets needs to be sourced, e.g.: eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-buildkite.age) Change-Id: I9f6a02c0dac22f584181635861ddbb06cf849f14 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5838 Tested-by: BuildkiteCI Reviewed-by: sterni Reviewed-by: tazjin --- ops/buildkite/.gitignore | 2 ++ ops/buildkite/default.nix | 7 +++++++ ops/buildkite/tvl.tf | 24 ++++++++++++++++++++++++ 3 files changed, 33 insertions(+) create mode 100644 ops/buildkite/.gitignore create mode 100644 ops/buildkite/default.nix create mode 100644 ops/buildkite/tvl.tf (limited to 'ops') diff --git a/ops/buildkite/.gitignore b/ops/buildkite/.gitignore new file mode 100644 index 000000000000..41c1b3346260 --- /dev/null +++ b/ops/buildkite/.gitignore @@ -0,0 +1,2 @@ +.envrc +.terraform* diff --git a/ops/buildkite/default.nix b/ops/buildkite/default.nix new file mode 100644 index 000000000000..f085bc6d9780 --- /dev/null +++ b/ops/buildkite/default.nix @@ -0,0 +1,7 @@ +{ depot, pkgs, ... }: + +depot.nix.readTree.drvTargets { + terraform = pkgs.terraform.withPlugins (p: [ + p.buildkite + ]); +} diff --git a/ops/buildkite/tvl.tf b/ops/buildkite/tvl.tf new file mode 100644 index 000000000000..752a33b09233 --- /dev/null +++ b/ops/buildkite/tvl.tf @@ -0,0 +1,24 @@ +# Buildkite configuration for TVL. + +terraform { + required_providers { + buildkite = { + source = "buildkite/buildkite" + } + } + + backend "s3" { + endpoint = "https://objects.dc-sto1.glesys.net" + bucket = "tvl-state" + key = "terraform/tvl-buildkite" + region = "glesys" + + skip_credentials_validation = true + skip_region_validation = true + skip_metadata_api_check = true + } +} + +provider "buildkite" { + organization = "tvl" +} -- cgit 1.4.1