public
/
stack
5
0
Fork 1
Code Issues 4 Pull Requests 1 Packages Projects Releases Wiki Activity

Makefile: use sops only when needed

This commit is contained in:
RyanSquared 2023-05-06 16:35:46 -04:00
parent 64d3385291
commit 6fb97a7b8e
Signed by untrusted user who does not match committer: ryan
GPG Key ID: 8E401478A3FBEF72
1 changed files with 19 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
Makefile
View File

@ -6,6 +6,7 @@ ENVIRONMENT := production
REGION := sfo3
ROOT_DIR := $(shell pwd)
TERRAFORM := $(ROOT_DIR)/out/terraform
SOPS := $(ROOT_DIR)/out/sops
KEYS := \
6B61ECD76088748C70590D55E90A401336C8AAA9 \
88823A75ECAA786B0FF38B148E401478A3FBEF72 \
@ -59,29 +60,41 @@ infra/main/.terraform: | \
infra/backend/$(ENVIRONMENT).tfstate: \
$(OUT_DIR)/terraform \
$(OUT_DIR)/sops \
infra/backend/.terraform
env -C infra/backend $(TERRAFORM) apply \
$(SOPS) exec-env secrets/production.enc.env '\
env -C infra/backend \
$(TERRAFORM) apply \
-var environment=$(ENVIRONMENT) \
-var namespace=$(ENVIRONMENT) \
-var region=$(REGION) \
-state ../../$@
-state ../../$@ \
'
config/$(ENVIRONMENT).tfbackend: | \
$(OUT_DIR)/terraform
$(OUT_DIR)/sops \
# File is not committed and this has no shared state
$(MAKE) infra/backend/$(ENVIRONMENT).tfstate
env -C infra/backend $(TERRAFORM) \
$(SOPS) exec-env secrets/production.enc.env '\
env -C infra/backend \
$(TERRAFORM) \
output -state ../../$< \
> $@
> $@ \
'
.PHONY:
apply: \
$(OUT_DIR)/terraform \
$(OUT_DIR)/sops \
infra/main/.terraform
env -C infra/main $(TERRAFORM) apply \
$(SOPS) exec-env secrets/production.enc.env '\
env -C infra/main \
$(TERRAFORM) apply \
-var environment=$(ENVIRONMENT) \
-var namespace=$(ENVIRONMENT) \
-var region=$(REGION)
-var region=$(REGION) \
'
$(CACHE_DIR)/secrets:
mkdir -p $@