From f92897829ec36729934b7df165a3dc072ce5fba5 Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:15:38 +0200 Subject: [PATCH 1/8] chore: terraform project initialization including dependencies --- .terraform.lock.hcl | 25 +++++++++++++++++++++++++ cloudflare.tf | 18 ++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 .terraform.lock.hcl create mode 100644 cloudflare.tf diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl new file mode 100644 index 0000000..81a71d4 --- /dev/null +++ b/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/cloudflare/cloudflare" { + version = "3.35.0" + constraints = "~> 3.0" + hashes = [ + "h1:MnFPQ4VOICJgdxz7ZDMvKBdK2dk3xuQF2PELjAEgQIg=", + "zh:13aabc00fee823422831bcc870227650cc765fc4c9622074d24d6d62a4ac0e37", + "zh:1544405f0ea6b388dad7eb25c434427b2682417396da9186e1b33551e6b4adff", + "zh:5d58394cb8e71bd4bf6ef0135f1ca6a4ad2cec937f3731b224125eb34ee059f7", + "zh:648596ed545ed01ae757d5a0b37c20e8050cfb51d42e9a2c82fcc94d883ff11d", + "zh:68d75e14eef4f073faa975ed6baf4db7e0e1f2fc61a4e54fd95325df42793810", + "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f", + "zh:9916cc626fef57428c4c60db7897b34068c65639b68482e94f62d97d773d64bc", + "zh:9c8c9f369eb30e7360a0ebd7918e4846ca4d5bca430b861fdbde7522a3146459", + "zh:a40e244688bbcb6f1a771e6ea89fb0b0b7bb53be3fab718abc66b3593e0f8133", + "zh:cc5a6191aa8713275550ff2b6adda6e6d56e4780c9cbe3d1da1dc23ea893bfff", + "zh:d1dd435780e8c7e79bff26b46a76df0e123971849355ad17877d1e24dc5953c3", + "zh:d751fc72f2833f2bdb897fa89de2bb5b6efbad1e648896642f0e6fe5cde789c8", + "zh:dfc4c90b3605ec1bb7cc7a9f1fb1b67235578bdd6b9be78e7b3516b55d0422db", + "zh:e6101a80fe24e2df3ab60152458ff1666a4a1befc87c62e459a219cdbb53e6df", + "zh:e9bcf26c44dd231f74703b6a6717470021a3ba7e1d7531dcf7287a6441300e27", + ] +} diff --git a/cloudflare.tf b/cloudflare.tf new file mode 100644 index 0000000..5476a27 --- /dev/null +++ b/cloudflare.tf @@ -0,0 +1,18 @@ +terraform { + cloud { + organization = "nodejs" + + workspaces { + name = "nodejs-cloudflare" + } + } + required_providers { + cloudflare = { + source = "cloudflare/cloudflare" + version = "~> 3.0" + } + } +} + +provider "cloudflare" { +} From fd91b3c16491c08656b0310324d146704f447a9a Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:16:07 +0200 Subject: [PATCH 2/8] feat: migrated iojs.org dns records --- dns_iojs_org.tf | 146 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 146 insertions(+) create mode 100644 dns_iojs_org.tf diff --git a/dns_iojs_org.tf b/dns_iojs_org.tf new file mode 100644 index 0000000..0170213 --- /dev/null +++ b/dns_iojs_org.tf @@ -0,0 +1,146 @@ +resource "cloudflare_record" "terraform_managed_resource_1913231cd4f209515037c1ffee5d4a27" { + name = "direct" + proxied = false + ttl = 1 + type = "A" + value = "138.197.224.240" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_0f6b6757054fdba56c054cca6aecc9be" { + name = "iojs.org" + proxied = false + ttl = 1 + type = "A" + value = "138.197.224.240" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_3e025abdebca0ae6576a71a2c26d2c1b" { + name = "www" + proxied = false + ttl = 1 + type = "A" + value = "138.197.224.240" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_b33f8bbe47906fef181a1592437fd95a" { + name = "iojs.org" + proxied = true + ttl = 1 + type = "AAAA" + value = "2604:a880:400:d1::a3c:f001" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_f356629b68819fd225bdd3394c12b560" { + name = "www" + proxied = true + ttl = 1 + type = "AAAA" + value = "2604:a880:400:d1::a3c:f001" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_bddb08d52eb2227d0dc3e4f7ce056c8b" { + name = "_19b4f8a51243a804259af6d5b2490cbf" + proxied = false + ttl = 1 + type = "CNAME" + value = "0fa21492b60cd77cef88dd04e54a6c9b.d5ddcd1a90d12402e4751fb51f52d610.w0936042001502710049.comodoca.com" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_ddd771da56ee034b1d3203b2c67bbfeb" { + name = "email.iojs.org" + proxied = false + ttl = 1 + type = "CNAME" + value = "mailgun.org" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_1aad4db1f51e00a30cb1d81e5150e32c" { + name = "logos" + proxied = false + ttl = 1 + type = "CNAME" + value = "iojs.org" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_a78309035efe195a7a2607c3f52e7f15" { + name = "new-nodejs" + proxied = false + ttl = 1 + type = "CNAME" + value = "www.iojs.org" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_e146702ef04508a564c99f69e84e78e7" { + name = "roadmap" + proxied = false + ttl = 1 + type = "CNAME" + value = "iojs.org" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_78ef7407c3d14a5c679084b035abe76b" { + name = "iojs.org" + priority = 10 + proxied = false + ttl = 1 + type = "MX" + value = "mxb.mailgun.org" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_73d56ede702145a55657302ed70a4def" { + name = "iojs.org" + priority = 10 + proxied = false + ttl = 1 + type = "MX" + value = "mxa.mailgun.org" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_fe6cb302ca689b99a71a55c503ddba72" { + name = "_dmarc" + proxied = false + ttl = 1 + type = "TXT" + value = "v=DMARC1; p=reject; rua=mailto:build@iojs.org; ruf=mailto:build@iojs.org; sp=reject; ri=86400" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_a586614f723184920a970d2967a5b0f8" { + name = "iojs.org" + proxied = false + ttl = 1 + type = "TXT" + value = "\"google-site-verification=sLdkuluh-xi3YZs_Uhobiw1XA_Wjalt8D8O_2jiwudg\"" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_1d4e8509d885efb04761863b0493cbfc" { + name = "iojs.org" + proxied = false + ttl = 1 + type = "TXT" + value = "\"v=spf1 include:mailgun.org ~all\"" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + +resource "cloudflare_record" "terraform_managed_resource_8966613ab75b29a56f3c787f8bb10e56" { + name = "mailo._domainkey" + proxied = false + ttl = 1 + type = "TXT" + value = "\"k=rsa\\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBvSPBv8CLasvSnADi672NJNMa2hK0CTuTIpzCLIz1hfZKcFybimLDvMGFTAhxG3SnQOT9Torm4Ep16kIxjl6c2ms1fmoZr7e0iia4l45vO0/mYs3sZJIOlGDh1r0Vwr6aOB5eJL3D41+HPfdw236mTX+v+W6swQNCHrlXZeIoTQIDAQAB\"" + zone_id = "8c96c2859d246364a9b78b2fee7bee49" +} + From a39809ada35916ae3612bff9d6c0dba6bb8eb177 Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:16:15 +0200 Subject: [PATCH 3/8] feat: migrated nodejs.org dns records --- dns_nodejs_org.tf | 348 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 348 insertions(+) create mode 100644 dns_nodejs_org.tf diff --git a/dns_nodejs_org.tf b/dns_nodejs_org.tf new file mode 100644 index 0000000..15f8dcd --- /dev/null +++ b/dns_nodejs_org.tf @@ -0,0 +1,348 @@ +resource "cloudflare_record" "terraform_managed_resource_1e97b7a84f994af9aedcd252c8aae198" { + name = "ansible" + proxied = true + ttl = 1 + type = "A" + value = "169.60.150.91" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_7c7bed12d0273b7070ce212326104faf" { + name = "ci" + proxied = false + ttl = 1 + type = "A" + value = "107.170.240.62" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_a8cdda4611ecd58b2e2269179aa392db" { + name = "ci-release" + proxied = false + ttl = 1 + type = "A" + value = "169.45.166.50" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_6b6c1fea957ef35dc91387d697108c7d" { + name = "direct" + proxied = false + ttl = 1 + type = "A" + value = "138.197.224.240" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_2c267a0a7b259ec0168a385619af14b2" { + name = "github-bot" + proxied = false + ttl = 1 + type = "A" + value = "23.253.100.79" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_7797ebb76f7797762d5d6a41a2c97400" { + name = "grafana" + proxied = true + ttl = 1 + type = "A" + value = "147.28.162.110" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_517b225ac142ebb3eddf06a06a5ede8a" { + name = "gzemnid" + proxied = true + ttl = 1 + type = "A" + value = "178.128.202.158" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_4202d23997f33464f0a290760badf99b" { + name = "memtest" + proxied = false + ttl = 1 + type = "A" + value = "172.99.112.140" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_6ee190392452894868200725c55beef5" { + name = "triage" + proxied = false + ttl = 1 + type = "A" + value = "72.2.118.51" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_edec9009e8b3d5280c7c08f83b5b06f6" { + name = "unencrypted" + proxied = false + ttl = 1 + type = "A" + value = "147.28.162.105" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_62a1a70e9a6664053272850dd38cfa23" { + name = "unofficial-builds" + proxied = false + ttl = 1 + type = "A" + value = "45.55.98.129" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_39362d1838ae02ce3c212d8cf1d122a5" { + name = "nodejs.org" + proxied = true + ttl = 1 + type = "AAAA" + value = "2604:a880:400:d1::a3c:f001" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_b92bb39ac8d8a7fe1f60f295ae4e6f3c" { + name = "_2ad3ed9cacf2d25d5224d04db1a4d677" + proxied = false + ttl = 1 + type = "CNAME" + value = "2fb3dc900f0968bd883ee25a88024c39.45e0122a0374b8b09f485b2d239c01b7.e16c1c41bcd4c7842b.sectigo.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_475548ad57e9d2b01393a7e543231148" { + name = "_c44b831a22ab9039953536a5fbf41513" + proxied = false + ttl = 1 + type = "CNAME" + value = "e7e4215c01a2775a2d2fd7b799eeb963.8d7d7eb200163a2107dc4d4505aa08ba.fa3ed62adf396f9275.sectigo.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_6ab233c3c1b231e6bb576df49cd80e8e" { + name = "_c9ef34ab7f60f3e351aaeaa158a3553c" + proxied = false + ttl = 1 + type = "CNAME" + value = "c2b1a295cdb3f1c5cfa03d1bc7c6b598.0ef9b3ba802051f61c70bc3080ec968f.w0834777001502709292.comodoca.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_b5355dea1fae185149c7c970ef36c74e" { + name = "coverage" + proxied = true + ttl = 1 + type = "CNAME" + value = "nodejs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_e23716010539dc90edf5667f022f1fee" { + name = "foundation" + proxied = true + ttl = 1 + type = "CNAME" + value = "nodejs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_fafc41f07e8294ec9bc6dc4b7e46c976" { + name = "interactive" + proxied = true + ttl = 1 + type = "CNAME" + value = "nodejs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_7ee0bf83cdbf7c81f1474ad30e474e3c" { + name = "live" + proxied = true + ttl = 1 + type = "CNAME" + value = "nodejs.github.io" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_e7385cf24ad8660f929ad64132c56c72" { + name = "logs" + proxied = true + ttl = 1 + type = "CNAME" + value = "logs.libuv.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_d0dbc6d7694d2445b23e84f5fdc8e6cd" { + name = "modules" + proxied = false + ttl = 1 + type = "CNAME" + value = "npmjs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_d02089a550d282c5c3037779e62873c9" { + name = "new" + proxied = false + ttl = 1 + type = "CNAME" + value = "nodejs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_b50357bffb69a1e3a67de31e4184a837" { + name = "*" + proxied = false + ttl = 1 + type = "CNAME" + value = "nodejs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_e30d4a05a180489fa391d40baee0b95c" { + name = "packages" + proxied = false + ttl = 1 + type = "CNAME" + value = "npmjs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_40b8fc17985cdefb1730c4e32916c4eb" { + name = "status" + proxied = false + ttl = 1 + type = "CNAME" + value = "rxy2rhgm8q1n.stspg-customer.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_ca0756f747cbb829018cd96d0a1287bf" { + name = "store" + proxied = false + ttl = 1 + type = "CNAME" + value = "node-js-community-store.myshopify.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_c15ad1f5dcab7b626a6877ce0f823423" { + name = "training" + proxied = false + ttl = 1 + type = "CNAME" + value = "portal.linuxfoundation.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_2ba0078ee97347649b6f03fbcb1d4ef4" { + name = "undici" + proxied = true + ttl = 1 + type = "CNAME" + value = "nodejs.github.io" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_583eb882748918e06b43cf75c71761e0" { + comment = "Experiment with Node.js Website Traffic on Vercel: https://github.com/nodejs/build/issues/3366" + name = "vercel" + proxied = true + ttl = 1 + type = "CNAME" + value = "cname.vercel-dns.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_ded591b2162b27b8c835337efc8cd515" { + name = "www" + proxied = true + ttl = 1 + type = "CNAME" + value = "nodejs.org" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_effe3c060a29ec6eceb27b89169d42bf" { + name = "nodejs.org" + priority = 20 + proxied = false + ttl = 1 + type = "MX" + value = "alt2.aspmx.l.google.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_6b72eff173bb573f8818835195a3355d" { + name = "nodejs.org" + priority = 20 + proxied = false + ttl = 1 + type = "MX" + value = "alt1.aspmx.l.google.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_270db44c46f250a5e83b8b1fbc7ccbe4" { + name = "nodejs.org" + priority = 10 + proxied = false + ttl = 1 + type = "MX" + value = "aspmx.l.google.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_5d46bf1555ccf32c1c2d65e8e2db341c" { + name = "nodejs.org" + priority = 30 + proxied = false + ttl = 1 + type = "MX" + value = "aspmx3.googlemail.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_6918f98540583233f3d7b54eb663d34f" { + name = "nodejs.org" + priority = 30 + proxied = false + ttl = 1 + type = "MX" + value = "aspmx2.googlemail.com" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_965e11dce32697ad7fe24ebd0c1af8f4" { + name = "_dmarc" + proxied = false + ttl = 1 + type = "TXT" + value = "v=DMARC1; p=reject; rua=mailto:build@iojs.org; ruf=mailto:build@iojs.org; sp=reject; ri=86400" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_3ec027a6661a695ab2e286fc996edda3" { + name = "_github-challenge-nodejs" + proxied = false + ttl = 1 + type = "TXT" + value = "225c7d79d9" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + +resource "cloudflare_record" "terraform_managed_resource_56098fab3ccae56775e6e9b52ce2794b" { + name = "nodejs.org" + proxied = false + ttl = 1 + type = "TXT" + value = "v=spf1 include:aspmx.googlemail.com -all" + zone_id = "1206c4f949d69993ae55d9d015804406" +} + From b23ba9f5018543fdfd74b2b00826369a629eed45 Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:16:35 +0200 Subject: [PATCH 4/8] chore: added editor config rules --- .editorconfig | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .editorconfig diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..5760be5 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,12 @@ +# http://editorconfig.org +root = true + +[*] +indent_style = space +indent_size = 2 +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true + +[*.md] +trim_trailing_whitespace = false From 3238b8d32c829646679a9468e4aed89ca7b9c63c Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:16:50 +0200 Subject: [PATCH 5/8] chore: extended git ignore rules --- .gitignore | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index 9b8a46e..b547c68 100644 --- a/.gitignore +++ b/.gitignore @@ -7,14 +7,12 @@ # Crash log files crash.log -crash.*.log -# Exclude all .tfvars files, which are likely to contain sensitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject -# to change depending on the environment. -*.tfvars -*.tfvars.json +# Ignore any .tfvars files that are generated automatically for each Terraform run. Most +# .tfvars files are managed as part of configuration and so should be included in +# version control. +# +# example.tfvars # Ignore override files as they are usually used to override resources locally and so # are not checked in @@ -24,11 +22,14 @@ override.tf.json *_override.tf.json # Include override files you do wish to add to version control using negated pattern +# # !example_override.tf # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan # example: *tfplan* -# Ignore CLI configuration files -.terraformrc -terraform.rc + +# OTHER +*.env +.vscode/ +IGNORE/ \ No newline at end of file From 433e014fca8fb7fe9d2e403f48c9bfecb0a791c5 Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:17:49 +0200 Subject: [PATCH 6/8] feat: added CI support --- .github/workflows/terraform.yml | 48 +++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 .github/workflows/terraform.yml diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml new file mode 100644 index 0000000..26ba146 --- /dev/null +++ b/.github/workflows/terraform.yml @@ -0,0 +1,48 @@ +name: 'Terraform' + +on: + push: + branches: [ "main" ] + pull_request: + +permissions: + contents: read + +jobs: + terraform: + name: 'Terraform' + runs-on: ubuntu-latest + + # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest + defaults: + run: + shell: bash + + steps: + # Checkout the repository to the GitHub Actions runner + - name: Checkout + uses: actions/checkout@v3 + + # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + with: + cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} + + # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. + - name: Terraform Init + run: terraform init + + # Checks that all Terraform configuration files adhere to a canonical format + - name: Terraform Format + run: terraform fmt -check + + # Generates an execution plan for Terraform + - name: Terraform Plan + run: terraform plan -input=false + + # On push to "main", build or change infrastructure according to Terraform configuration files + # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks + - name: Terraform Apply + if: github.ref == 'refs/heads/main' && github.event_name == 'push' + run: terraform apply -auto-approve -input=false From 2f6012a0f818708d3ab78ca712cf914f281f8390 Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:24:38 +0200 Subject: [PATCH 7/8] docs: added basic documentation --- README.md | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8cb47c4..3574ba8 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,26 @@ -# cloudflare-terraform -Repository to manage Cloudflare settings using Terraform +# Cloudflare Infrastructure + +Repository to manage Node.js Cloudflare settings using Terraform + +### Contributing + +To modify the Cloudflare settings, you must fork/clone this repository and submit a pull request with the changes. Any alterations made in the `main` branch will be deployed to the Cloudflare account automatically. + +### Historical Context + +Today, we use Terraform to manage DNS records in Cloudflare. Previously, we used the Cloudflare UI for this task. To begin using Terraform, we cloned the Cloudflare settings and migrated them as the initial Terraform state using the utility cf-terraforming. This step was completed only once, and the state was stored in Terraform Cloud. + +Since the imported resources had non-human friendly names like "terraform_managed_resource_*," we cannot change their names to prevent recreation or updates of the resources. However, we can use our own naming conventions for new Terraform resources, and there is no need to run the cf-terraforming utility again. + + +#### Side notes + +- Terraform version `Terraform v1.4.5 on darwin_amd64` +- Use [Cloudflare Terraforming](https://github.com/cloudflare/cf-terraforming) to bring the cloudflare resources, like `cf-terraforming generate --resource-type "cloudflare_record" --zone {ZONE_ID} --token {TOKEN} > imported.tf` and then import them to the state `cf-terraforming import --resource-type "cloudflare_record" --zone {ZONE_ID} --token {TOKEN}` +- Use Terraform cloud to safely store the state +- Add the token `TF_API_TOKEN` in the Github actions with a valid Terraform cloud API Key + +#### Reference +- [Terraform Cheatsheet](https://acloudguru.com/blog/engineering/the-ultimate-terraform-cheatsheet) +- [Youtube | Automate Cloudflare with Terraform and GitHub Actions! - Terraform Tutorial for Beginners](https://www.youtube.com/watch?v=FmYvrxYvBP0) +- [Techno Tim Docs | Automate Cloudflare with Terraform and GitHub Actions! - Terraform Tutorial for Beginners](https://docs.technotim.live/posts/terraform-cloudflare-github/) \ No newline at end of file From a8543c999f71ae59b4fd4fbdbb254d9ea9077220 Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Mon, 12 Jun 2023 18:27:19 +0200 Subject: [PATCH 8/8] chore: linting --- cloudflare.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloudflare.tf b/cloudflare.tf index 5476a27..34e3e97 100644 --- a/cloudflare.tf +++ b/cloudflare.tf @@ -1,4 +1,4 @@ -terraform { +terraform { cloud { organization = "nodejs"