working dev/qa environments

.github/workflows/infra-plan.yaml

@@ -0,0 +1,20 @@
+name: Infrastructure-Plan
+
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: "Environment to run tests against"
+        type: environment
+        required: true
+
+env:
+  TERRAFORM_VERSION: '1.5.7'
+
+jobs:
+
+  terraform-plan:
+    runs-on: ubuntu-latest
+
+    envrionment:
+      name: ${{ github.event.inputs.environment }}

.gitignore

@@ -1,3 +1,6 @@
 /.terraform/*
 terraform.tfvars
 *.swp
+terratest_logs/
+infrastructure/.terraform/*
+infrastructure/terraform.tfvars

README.md

@@ -1,99 +1,16 @@
-# Bootstrapped TofuGrunt Kubernetes
+# Terraform scripts for RDS, ECR, and App Runner
 
-A system that creates an entire EKS cluster from scratch in Kubernetes. 
-Automatically creates the remote state backend
 
-### Setup
+## Instructions
 
-- Ensure you have OpenTofu installed with a version of at least 1.7 [here](https://opentofu.org/docs/intro/install/)
+1. Ensure you are authenticated to your AWS account
 
-- Ensure you have Terragrunt installed (if using a Debian-based Linux, use the method with taking the binary from the Github Release file instead of using Homebrew) [here](https://davidbegin.github.io/terragrunt/)
+2. Clone the Repository
 
-- Ensure your AWS Access credentials are properly configured
+3. Go to the infrastructure folder (`cd infrastructure`) 
 
-### Steps to create the infrastructure
+4. Run `tofu apply`
 
-Clone the repo
+5. Check the configuration and confirm the infrastructure before typing 'yes'
 
-Run `terragrunt init` if this is a clean account with no state history.
-
-Run `terragrunt plan` to see what the current infrastructure will likely build
-
-Run `terragrunt apply` to attempt to create that infrastructure
-
-If you get an error saying something already exists, change the name of that thing in the code.
-
-### Steps to destroy the infrastructure
-
-Run `terragrunt destroy` to destroy the infrastructure.
-
-If the destruction does not work, attempt to delete the RDS instance manually in AWS and then try again.
-
-
-<!-- BEGIN_TF_DOCS -->
-# Terraform-docs for the repo
-
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_tofu"></a> [OpenTofu](#requirement\_opentofu) | ~> 1.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
-| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | ~> 2.31.0 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.0 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_eks"></a> [eks](#module\_eks) | terraform-aws-modules/eks/aws | ~> 20.0 |
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 5.9.0 |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_db_instance.mysql](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance) | resource |
-| [aws_db_subnet_group.mysql-group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_subnet_group) | resource |
-| [aws_iam_role.eks_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role.eks_node](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.eks_cluster_AmazonEKSClusterPolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_node_AmazonEC2ContainerRegistryReadOnly](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_node_AmazonEKSWorkerNodePolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_node_AmazonEKS_CNI_Policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_secretsmanager_secret.db_credentials](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret_version.db_credentials_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_security_group.db_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-| [aws_security_group.eks_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | EKS cluster name | `string` | `"cm-cluster"` | no |
-| <a name="input_cluster_version"></a> [cluster\_version](#input\_cluster\_version) | EKS cluster version | `number` | `"1.30"` | no |
-| <a name="input_db_name"></a> [db\_name](#input\_db\_name) | The database name | `string` | n/a | yes |
-| <a name="input_db_password"></a> [db\_password](#input\_db\_password) | The database password | `string` | n/a | yes |
-| <a name="input_db_username"></a> [db\_username](#input\_db\_username) | The database username | `string` | n/a | yes |
-| <a name="input_desired_capacity"></a> [desired\_capacity](#input\_desired\_capacity) | Desired number of worker nodes | `number` | `3` | no |
-| <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | EC2 instance type for worker nodes | `list` | <pre>[<br>  "t2.small"<br>]</pre> | no |
-| <a name="input_max_node_count"></a> [max\_node\_count](#input\_max\_node\_count) | Maximum number of worker nodes | `number` | `4` | no |
-| <a name="input_min_node_count"></a> [min\_node\_count](#input\_min\_node\_count) | Minimum number of worker nodes | `number` | `2` | no |
-| <a name="input_region"></a> [region](#input\_region) | n/a | `string` | `"us-east-1"` | no |
-| <a name="input_vpc_cidr"></a> [vpc\_cidr](#input\_vpc\_cidr) | CIDR block for the VPC | `string` | `"10.0.0.0/16"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_cluster_endpoint"></a> [cluster\_endpoint](#output\_cluster\_endpoint) | n/a |
-| <a name="output_cluster_name"></a> [cluster\_name](#output\_cluster\_name) | n/a |
-| <a name="output_cluster_security_group_id"></a> [cluster\_security\_group\_id](#output\_cluster\_security\_group\_id) | n/a |
-| <a name="output_db_instance_endpoint"></a> [db\_instance\_endpoint](#output\_db\_instance\_endpoint) | n/a |
-| <a name="output_region"></a> [region](#output\_region) | n/a |
-<!-- END_TF_DOCS -->
+6. The process will fail with errors. If the errors are all related to AppRunner, then the process has succeeded. It is now necessary to push a container image to the ECR repository with the correct database url attached.

features/ecr_repositories.feature

@@ -0,0 +1,7 @@
+Feature: Create AWS ECR Repositories for each application and environment
+
+Scenario: Create ECR Repositories
+    Given I have the necessary IAM permissions
+    When I apply the OpenTofu configuration
+    Then ECR repositories should be created
+    And the repositories' URLs should be output

infrastructure/01_provider.tf

@@ -1,42 +1,9 @@
-provider "aws" {
-  region = var.primary_region
-}
-
-provider "kubernetes" {
-  host                   = data.aws_eks_cluster.cluster.endpoint
-  cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
-  token                  = data.aws_eks_cluster_auth.cluster.token
-  load_config_file       = false
-}
-
-provider "helm" {
-  kubernetes {
-    host                   = data.aws_eks_cluster.main.endpoint
-    cluster_ca_certificate = base64decode(data.aws_eks_cluster.main.certificate_authority[0].data)
-    token                  = data.aws_eks_cluster_auth.main.token
-  }
-}
-
-provider "random" {}
-
 terraform {
-  required_version = "~> 1.7"
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.17"
-    }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = "~> 2.31.0"
-    }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "~> 2.14.0"
-    }
-    random = {
-      source = "hashicorp/random"
-      version = "3.6.2"
+      version = "5.62.0"
     }
   }
 }
+