fix: Add backend configuration to all pipeline terraform init steps
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 18s
Code Quality & Security Scan / Terraform Destroy (push) Has been skipped
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 29s
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 39s
Code Quality & Security Scan / Terraform Validate (push) Successful in 34s
Code Quality & Security Scan / SonarQube Trigger (push) Successful in 37s
Code Quality & Security Scan / Terraform Plan (push) Failing after 32s
Code Quality & Security Scan / Terraform Apply (push) Has been skipped
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 18s
Code Quality & Security Scan / Terraform Destroy (push) Has been skipped
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 29s
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 39s
Code Quality & Security Scan / Terraform Validate (push) Successful in 34s
Code Quality & Security Scan / SonarQube Trigger (push) Successful in 37s
Code Quality & Security Scan / Terraform Plan (push) Failing after 32s
Code Quality & Security Scan / Terraform Apply (push) Has been skipped
Updated all terraform init commands in the pipeline to include backend configuration: - terraform-plan job: Added backend-config flags - terraform-apply job: Added backend-config flags - terraform-destroy job: Added backend-config flags Backend Configuration: - Uses secrets for all values (MINIO_ENDPOINT, MINIO_BUCKET) - State file key: docker/renovate/terraform.tfstate - Credentials from AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY env vars - Region: main - S3-compatible settings for MinIO Required Secrets (should already be available): - MINIO_ACCESS_KEY, MINIO_SECRET_KEY - MINIO_ENDPOINT, MINIO_BUCKET - VAULT_ROLE_ID, VAULT_SECRET_ID, VAULT_ADDR - RENOVATE_ENDPOINT, RENOVATE_TOKEN - SONARQUBE_HOST, SONARQUBE_TOKEN Fixes pipeline error: Missing Required Value for bucket, key, and region
This commit is contained in:
parent
696bffd023
commit
2a5fb1ebd0
GPG Key ID:
5EBA7F21CF583321
@ -132,14 +132,22 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
AWS_ACCESS_KEY_ID: ${{ secrets.MINIO_ACCESS_KEY }}
|
AWS_ACCESS_KEY_ID: ${{ secrets.MINIO_ACCESS_KEY }}
|
||||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.MINIO_SECRET_KEY }}
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.MINIO_SECRET_KEY }}
|
||||||
TF_BACKEND_ENDPOINT: ${{ secrets.MINIO_ENDPOINT }}
|
|
||||||
TF_VAR_role_id: ${{ secrets.VAULT_ROLE_ID }}
|
TF_VAR_role_id: ${{ secrets.VAULT_ROLE_ID }}
|
||||||
TF_VAR_secret_id: ${{ secrets.VAULT_SECRET_ID }}
|
TF_VAR_secret_id: ${{ secrets.VAULT_SECRET_ID }}
|
||||||
TF_VAR_renovate_endpoint: ${{ secrets.RENOVATE_ENDPOINT }}
|
TF_VAR_renovate_endpoint: ${{ secrets.RENOVATE_ENDPOINT }}
|
||||||
TF_VAR_renovate_token: ${{ secrets.RENOVATE_TOKEN }}
|
TF_VAR_renovate_token: ${{ secrets.RENOVATE_TOKEN }}
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
||||||
run: |
|
run: |
|
||||||
terraform init -input=false
|
terraform init -input=false \
|
||||||
|
-backend-config="endpoints={s3=\"${{ secrets.MINIO_ENDPOINT }}\"}" \
|
||||||
|
-backend-config="bucket=${{ secrets.MINIO_BUCKET }}" \
|
||||||
|
-backend-config="key=docker/renovate/terraform.tfstate" \
|
||||||
|
-backend-config="region=main" \
|
||||||
|
-backend-config="skip_credentials_validation=true" \
|
||||||
|
-backend-config="skip_metadata_api_check=true" \
|
||||||
|
-backend-config="skip_requesting_account_id=true" \
|
||||||
|
-backend-config="skip_region_validation=true" \
|
||||||
|
-backend-config="use_path_style=true"
|
||||||
|
|
||||||
- name: Terraform Plan
|
- name: Terraform Plan
|
||||||
env:
|
env:
|
||||||
@ -208,7 +216,17 @@ jobs:
|
|||||||
TF_VAR_renovate_endpoint: ${{ secrets.RENOVATE_ENDPOINT }}
|
TF_VAR_renovate_endpoint: ${{ secrets.RENOVATE_ENDPOINT }}
|
||||||
TF_VAR_renovate_token: ${{ secrets.RENOVATE_TOKEN }}
|
TF_VAR_renovate_token: ${{ secrets.RENOVATE_TOKEN }}
|
||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
||||||
run: terraform init
|
run: |
|
||||||
|
terraform init \
|
||||||
|
-backend-config="endpoints={s3=\"${{ secrets.MINIO_ENDPOINT }}\"}" \
|
||||||
|
-backend-config="bucket=${{ secrets.MINIO_BUCKET }}" \
|
||||||
|
-backend-config="key=docker/renovate/terraform.tfstate" \
|
||||||
|
-backend-config="region=main" \
|
||||||
|
-backend-config="skip_credentials_validation=true" \
|
||||||
|
-backend-config="skip_metadata_api_check=true" \
|
||||||
|
-backend-config="skip_requesting_account_id=true" \
|
||||||
|
-backend-config="skip_region_validation=true" \
|
||||||
|
-backend-config="use_path_style=true"
|
||||||
|
|
||||||
- name: Download Terraform Plan from MinIO
|
- name: Download Terraform Plan from MinIO
|
||||||
env:
|
env:
|
||||||
@ -276,7 +294,16 @@ jobs:
|
|||||||
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
||||||
run: |
|
run: |
|
||||||
echo "Performing fresh terraform init (no cache for safety)..."
|
echo "Performing fresh terraform init (no cache for safety)..."
|
||||||
terraform init
|
terraform init \
|
||||||
|
-backend-config="endpoints={s3=\"${{ secrets.MINIO_ENDPOINT }}\"}" \
|
||||||
|
-backend-config="bucket=${{ secrets.MINIO_BUCKET }}" \
|
||||||
|
-backend-config="key=docker/renovate/terraform.tfstate" \
|
||||||
|
-backend-config="region=main" \
|
||||||
|
-backend-config="skip_credentials_validation=true" \
|
||||||
|
-backend-config="skip_metadata_api_check=true" \
|
||||||
|
-backend-config="skip_requesting_account_id=true" \
|
||||||
|
-backend-config="skip_region_validation=true" \
|
||||||
|
-backend-config="use_path_style=true"
|
||||||
|
|
||||||
- name: Terraform Destroy Plan
|
- name: Terraform Destroy Plan
|
||||||
env:
|
env:
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user