Patrick de Ruiter
c88fb4c15e
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 20s
Code Quality & Security Scan / Terraform Destroy (push) Has been skipped
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 48s
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 36s
Code Quality & Security Scan / Terraform Validate (push) Successful in 48s
Code Quality & Security Scan / SonarQube Scan (push) Successful in 43s
Code Quality & Security Scan / Terraform Plan (push) Failing after 1m6s
Code Quality & Security Scan / Terraform Apply (push) Has been skipped
53 lines
1.3 KiB
HCL
53 lines
1.3 KiB
HCL
terraform {
|
|
required_version = ">= 1.5.0"
|
|
|
|
required_providers {
|
|
docker = {
|
|
source = "kreuzwerker/docker"
|
|
version = "~> 3.0"
|
|
}
|
|
vault = {
|
|
source = "hashicorp/vault"
|
|
version = "~> 3.25"
|
|
}
|
|
dns = {
|
|
source = "hashicorp/dns"
|
|
version = "~> 3.4"
|
|
}
|
|
}
|
|
}
|
|
|
|
# Configure the DNS Provider
|
|
provider "dns" {
|
|
update {
|
|
server = data.vault_kv_secret_v2.dns.data["dns_server"]
|
|
key_name = data.vault_kv_secret_v2.dns.data["key_name"]
|
|
key_algorithm = data.vault_kv_secret_v2.dns.data["key_algorithm"]
|
|
key_secret = data.vault_kv_secret_v2.dns.data["key_secret"]
|
|
}
|
|
}
|
|
|
|
# Configure the Docker Provider
|
|
provider "docker" {
|
|
host = "ssh://ansible@wbyc-srv-docker01.bsdserver.lan:22"
|
|
|
|
ssh_opts = ["-i", "${path.module}/.ssh/id_rsa", "-o", "StrictHostKeyChecking=no"]
|
|
}
|
|
|
|
# Configure the Vault Provider
|
|
provider "vault" {
|
|
address = "https://wbyc-srv-docker01.bsdserver.lan:8200"
|
|
|
|
# Skip TLS verification for self-signed certificates in CI/CD
|
|
# Set VAULT_SKIP_VERIFY=true environment variable in pipeline
|
|
skip_tls_verify = tobool(coalesce(try(var.vault_skip_tls_verify, null), false))
|
|
|
|
auth_login {
|
|
path = "auth/approle/login"
|
|
parameters = {
|
|
role_id = var.role_id
|
|
secret_id = var.secret_id
|
|
}
|
|
}
|
|
}
|