CCM-6104 consolidating repo changes for AMET structure back to template

NHSDigital · Aug 30, 2024 · 8c34b83 · 8c34b83
1 parent b2f48dd
commit 8c34b83
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 8 deletions.
diff --git a/scripts/terraform/terraform.lib.sh b/scripts/terraform/terraform.lib.sh
@@ -53,8 +53,12 @@ function terraform-destroy() {
 #   dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is '.']
 #   opts=[options to pass to the Terraform fmt command, default is '-recursive']
 function terraform-fmt() {
+  for d in "${PWD}infrastructure/"*; do
+    if [ -d "$d" ]; then
+        terraform fmt --recursive "${d}"
+    fi
+  done
 
-  _terraform fmt -recursive # 'dir' and 'opts' are passed to the function as environment variables, if set
 }
 
 # Validate Terraform code.

diff --git a/scripts/terraform/terraform.mk b/scripts/terraform/terraform.mk
@@ -4,11 +4,6 @@
 # Custom implementation - implementation of a make target should not exceed 5 lines of effective code.
 # In most cases there should be no need to modify the existing make targets.
 
-TF_ENV ?= dev
-STACK ?= ${stack}
-TERRAFORM_STACK ?= $(or ${STACK}, infrastructure/environments/${TF_ENV})
-dir ?= ${TERRAFORM_STACK}
-
 terraform-init: # Initialise Terraform - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform init command, default is none/empty] @Development
 	make _terraform cmd="init" \
 		dir=$(or ${terraform_dir}, ${dir}) \
@@ -46,9 +41,11 @@ clean:: # Remove Terraform files (terraform) - optional: terraform_dir|dir=[path
 		opts=$(or ${terraform_opts}, ${opts})
 
 _terraform: # Terraform command wrapper - mandatory: cmd=[command to execute]; optional: dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], opts=[options to pass to the Terraform command, default is none/empty]
+	# 'TERRAFORM_STACK' is passed to the functions as environment variable
+	TERRAFORM_STACK=$(or ${TERRAFORM_STACK}, $(or ${terraform_stack}, $(or ${STACK}, ${stack})))
 	dir=$(or ${dir}, ${TERRAFORM_STACK})
-	. scripts/terraform/terraform.lib.sh && \
-		terraform-${cmd} # 'dir' and 'opts' are accessible by the function as environment variables, if set
+	. "scripts/terraform/terraform.lib.sh"; \
+	terraform-${cmd} # 'dir' and 'opts' are accessible by the function as environment variables, if set
 
 # ==============================================================================
 # Quality checks - please DO NOT edit this section!
@@ -58,6 +55,31 @@ terraform-shellscript-lint: # Lint all Terraform module shell scripts @Quality
 		file=$${file} scripts/shellscript-linter.sh
 	done
 
+terraform-sec: # TFSEC check against Terraform files - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform fmt command, default is '-recursive'] @Quality
+	tfsec infrastructure/terraform \
+		--force-all-dirs \
+		--exclude-downloaded-modules \
+		--tfvars-file infrastructure/terraform/etc/global.tfvars \
+		--tfvars-file infrastructure/terraform/etc/env_eu-west-2_main.tfvars \
+		--config-file scripts/config/tfsec.yml
+
+# ==============================================================================
+# Module tests and examples - please DO NOT edit this section!
+
+terraform-example-provision-aws-infrastructure: # Provision example of AWS infrastructure @ExamplesAndTests
+	make terraform-init
+	make terraform-plan opts="-out=terraform.tfplan"
+	make terraform-apply opts="-auto-approve terraform.tfplan"
+
+terraform-example-destroy-aws-infrastructure: # Destroy example of AWS infrastructure @ExamplesAndTests
+	make terraform-destroy opts="-auto-approve"
+
+terraform-example-clean: # Remove Terraform example files @ExamplesAndTests
+	dir=$(or ${dir}, ${TERRAFORM_STACK})
+	. "scripts/terraform/terraform.lib.sh"; \
+	terraform-clean
+	rm -f ${TERRAFORM_STACK}/.terraform.lock.hcl
+
 # ==============================================================================
 # Configuration - please DO NOT edit this section!
 
@@ -71,6 +93,9 @@ ${VERBOSE}.SILENT: \
 	clean \
 	terraform-apply \
 	terraform-destroy \
+	terraform-example-clean \
+	terraform-example-destroy-aws-infrastructure \
+	terraform-example-provision-aws-infrastructure \
 	terraform-fmt \
 	terraform-init \
 	terraform-install \