From 547596cde7b4d4f318f834c9a26a17856dd0bcdd Mon Sep 17 00:00:00 2001 From: Soren Martius Date: Wed, 8 May 2024 15:03:31 +0200 Subject: [PATCH 1/2] feat: upgrade terraform to v1.8.2 and terramate to v0.8.3 --- .tool-versions | 2 +- _bootstrap/oidc-aws-github/terraform.tf | 4 ++-- _bootstrap/terraform-state-bucket/terraform.tf | 4 ++-- config.tm.hcl | 4 ++-- stacks/opentofu/empty/terraform.tf | 2 +- stacks/terraform/prod/us-east-1/alb/terraform.tf | 4 ++-- .../terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf | 4 ++-- .../prod/us-east-1/ecs-fargate-services/nginx/terraform.tf | 4 ++-- stacks/terraform/prod/us-east-1/vpc/terraform.tf | 4 ++-- 9 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.tool-versions b/.tool-versions index 3e4ea7d..9beeb5c 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,4 +1,4 @@ terraform 1.7.5 -terramate 0.8.2 +terramate 0.8.3 pre-commit 3.6.2 opentofu 1.6.2 diff --git a/_bootstrap/oidc-aws-github/terraform.tf b/_bootstrap/oidc-aws-github/terraform.tf index c939ef7..914be97 100644 --- a/_bootstrap/oidc-aws-github/terraform.tf +++ b/_bootstrap/oidc-aws-github/terraform.tf @@ -1,13 +1,13 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.7.5" + required_version = "1.8.2" } terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" } } } diff --git a/_bootstrap/terraform-state-bucket/terraform.tf b/_bootstrap/terraform-state-bucket/terraform.tf index c939ef7..914be97 100644 --- a/_bootstrap/terraform-state-bucket/terraform.tf +++ b/_bootstrap/terraform-state-bucket/terraform.tf @@ -1,13 +1,13 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.7.5" + required_version = "1.8.2" } terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" } } } diff --git a/config.tm.hcl b/config.tm.hcl index 082f61c..44c4616 100644 --- a/config.tm.hcl +++ b/config.tm.hcl @@ -1,5 +1,5 @@ globals "terraform" { - version = "1.7.5" + version = "1.8.2" } globals "terraform" "backend" { @@ -17,7 +17,7 @@ globals "aws" "oidc" { globals "terraform" "providers" "aws" { enabled = true source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" config = { region = "us-east-1" } diff --git a/stacks/opentofu/empty/terraform.tf b/stacks/opentofu/empty/terraform.tf index e12ddf7..56e32d7 100644 --- a/stacks/opentofu/empty/terraform.tf +++ b/stacks/opentofu/empty/terraform.tf @@ -7,7 +7,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" } } } diff --git a/stacks/terraform/prod/us-east-1/alb/terraform.tf b/stacks/terraform/prod/us-east-1/alb/terraform.tf index c939ef7..914be97 100644 --- a/stacks/terraform/prod/us-east-1/alb/terraform.tf +++ b/stacks/terraform/prod/us-east-1/alb/terraform.tf @@ -1,13 +1,13 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.7.5" + required_version = "1.8.2" } terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" } } } diff --git a/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf b/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf index c939ef7..914be97 100644 --- a/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf +++ b/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf @@ -1,13 +1,13 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.7.5" + required_version = "1.8.2" } terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" } } } diff --git a/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf b/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf index c939ef7..914be97 100644 --- a/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf +++ b/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf @@ -1,13 +1,13 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.7.5" + required_version = "1.8.2" } terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" } } } diff --git a/stacks/terraform/prod/us-east-1/vpc/terraform.tf b/stacks/terraform/prod/us-east-1/vpc/terraform.tf index c939ef7..914be97 100644 --- a/stacks/terraform/prod/us-east-1/vpc/terraform.tf +++ b/stacks/terraform/prod/us-east-1/vpc/terraform.tf @@ -1,13 +1,13 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.7.5" + required_version = "1.8.2" } terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.31" + version = "~> 5.48" } } } From 269745611d82ab8ef4fa70bdb0ed53369905144d Mon Sep 17 00:00:00 2001 From: Soren Martius Date: Wed, 8 May 2024 15:04:47 +0200 Subject: [PATCH 2/2] feat: fix drift reconciliation workflows --- _bootstrap/oidc-aws-github/terraform.tf | 2 +- _bootstrap/terraform-state-bucket/terraform.tf | 2 +- config.tm.hcl | 2 +- stacks/opentofu/workflows.tm.hcl | 7 ++++--- stacks/terraform/prod/us-east-1/alb/terraform.tf | 2 +- .../prod/us-east-1/ecs-fargate-cluster/terraform.tf | 2 +- .../prod/us-east-1/ecs-fargate-services/nginx/terraform.tf | 2 +- stacks/terraform/prod/us-east-1/vpc/terraform.tf | 2 +- stacks/terraform/workflows.tm.hcl | 5 +++-- 9 files changed, 14 insertions(+), 12 deletions(-) diff --git a/_bootstrap/oidc-aws-github/terraform.tf b/_bootstrap/oidc-aws-github/terraform.tf index 914be97..3828f6e 100644 --- a/_bootstrap/oidc-aws-github/terraform.tf +++ b/_bootstrap/oidc-aws-github/terraform.tf @@ -1,7 +1,7 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.8.2" + required_version = "1.7.5" } terraform { required_providers { diff --git a/_bootstrap/terraform-state-bucket/terraform.tf b/_bootstrap/terraform-state-bucket/terraform.tf index 914be97..3828f6e 100644 --- a/_bootstrap/terraform-state-bucket/terraform.tf +++ b/_bootstrap/terraform-state-bucket/terraform.tf @@ -1,7 +1,7 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.8.2" + required_version = "1.7.5" } terraform { required_providers { diff --git a/config.tm.hcl b/config.tm.hcl index 44c4616..2ae0d57 100644 --- a/config.tm.hcl +++ b/config.tm.hcl @@ -1,5 +1,5 @@ globals "terraform" { - version = "1.8.2" + version = "1.7.5" } globals "terraform" "backend" { diff --git a/stacks/opentofu/workflows.tm.hcl b/stacks/opentofu/workflows.tm.hcl index b2714d5..1d49720 100644 --- a/stacks/opentofu/workflows.tm.hcl +++ b/stacks/opentofu/workflows.tm.hcl @@ -60,10 +60,11 @@ script "drift" "reconcile" { job { commands = [ - ["tofu", "plan", "-out", "drift.tfplan", "-detailed-exitcode", "-lock=false", { - sync_drift_status = true - tofu_plan_file = "drift.tfplan" + ["tofu", "apply", "-input=false", "-auto-approve", "-lock-timeout=5m", "drift.tfplan", { + sync_deployment = true + tofu_plan_file = "drift.tfplan" }], + ] } } diff --git a/stacks/terraform/prod/us-east-1/alb/terraform.tf b/stacks/terraform/prod/us-east-1/alb/terraform.tf index 914be97..3828f6e 100644 --- a/stacks/terraform/prod/us-east-1/alb/terraform.tf +++ b/stacks/terraform/prod/us-east-1/alb/terraform.tf @@ -1,7 +1,7 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.8.2" + required_version = "1.7.5" } terraform { required_providers { diff --git a/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf b/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf index 914be97..3828f6e 100644 --- a/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf +++ b/stacks/terraform/prod/us-east-1/ecs-fargate-cluster/terraform.tf @@ -1,7 +1,7 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.8.2" + required_version = "1.7.5" } terraform { required_providers { diff --git a/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf b/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf index 914be97..3828f6e 100644 --- a/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf +++ b/stacks/terraform/prod/us-east-1/ecs-fargate-services/nginx/terraform.tf @@ -1,7 +1,7 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.8.2" + required_version = "1.7.5" } terraform { required_providers { diff --git a/stacks/terraform/prod/us-east-1/vpc/terraform.tf b/stacks/terraform/prod/us-east-1/vpc/terraform.tf index 914be97..3828f6e 100644 --- a/stacks/terraform/prod/us-east-1/vpc/terraform.tf +++ b/stacks/terraform/prod/us-east-1/vpc/terraform.tf @@ -1,7 +1,7 @@ // TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT terraform { - required_version = "1.8.2" + required_version = "1.7.5" } terraform { required_providers { diff --git a/stacks/terraform/workflows.tm.hcl b/stacks/terraform/workflows.tm.hcl index b578a4f..7119543 100644 --- a/stacks/terraform/workflows.tm.hcl +++ b/stacks/terraform/workflows.tm.hcl @@ -60,10 +60,11 @@ script "drift" "reconcile" { job { commands = [ - ["terraform", "plan", "-out", "drift.tfplan", "-detailed-exitcode", "-lock=false", { - sync_drift_status = true + ["terraform", "apply", "-input=false", "-auto-approve", "-lock-timeout=5m", "drift.tfplan", { + sync_deployment = true terraform_plan_file = "drift.tfplan" }], + ] } }