priority-pass: parameterise image_tag via var pattern (matches job-hunter)
Adopts the always-latest convention used by job-hunter, payslip-ingest,
and fire-planner: image SHA lives in stacks/priority-pass/terragrunt.hcl
inputs, default in main.tf var. The priority-pass GHA build workflow
auto-commits new SHAs to this file on every successful push.
- Add `variable "image_tag"` (default = current value 7c01448d).
- Both containers now use `local.{frontend,backend}_image` interpolation.
- Replace symlinked terragrunt.hcl with a real file so the stack-local
inputs block can override image_tag (mirrors payslip-ingest exactly).
State note: priority-pass TF state is currently empty (Tier 1 PG migration
skipped this stack). A subsequent `terragrunt import` is required to
adopt the live deployment + namespace + ingress before running apply.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Viktor Barzin
parent
4c8d12229f
commit
fb454e16d5
2 changed files with 38 additions and 3 deletions
|
|
@ -1,8 +1,19 @@
|
||||||
|
variable "image_tag" {
|
||||||
|
type = string
|
||||||
|
default = "7c01448d"
|
||||||
|
description = "priority-pass image tag (applies to both frontend + backend). Use 8-char git SHA in CI; :latest only for local trials."
|
||||||
|
}
|
||||||
|
|
||||||
variable "tls_secret_name" {
|
variable "tls_secret_name" {
|
||||||
type = string
|
type = string
|
||||||
sensitive = true
|
sensitive = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
locals {
|
||||||
|
frontend_image = "docker.io/viktorbarzin/priority-pass-frontend:${var.image_tag}"
|
||||||
|
backend_image = "docker.io/viktorbarzin/priority-pass-backend:${var.image_tag}"
|
||||||
|
}
|
||||||
|
|
||||||
resource "kubernetes_namespace" "priority-pass" {
|
resource "kubernetes_namespace" "priority-pass" {
|
||||||
metadata {
|
metadata {
|
||||||
name = "priority-pass"
|
name = "priority-pass"
|
||||||
|
|
@ -80,7 +91,7 @@ resource "kubernetes_deployment" "priority-pass" {
|
||||||
}
|
}
|
||||||
container {
|
container {
|
||||||
name = "frontend"
|
name = "frontend"
|
||||||
image = "docker.io/viktorbarzin/priority-pass-frontend:7c01448d"
|
image = local.frontend_image
|
||||||
port {
|
port {
|
||||||
container_port = 3000
|
container_port = 3000
|
||||||
}
|
}
|
||||||
|
|
@ -104,7 +115,7 @@ resource "kubernetes_deployment" "priority-pass" {
|
||||||
}
|
}
|
||||||
container {
|
container {
|
||||||
name = "backend"
|
name = "backend"
|
||||||
image = "docker.io/viktorbarzin/priority-pass-backend:7c01448d"
|
image = local.backend_image
|
||||||
port {
|
port {
|
||||||
container_port = 8000
|
container_port = 8000
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1 +0,0 @@
|
||||||
../../terragrunt.hcl
|
|
||||||
25
stacks/priority-pass/terragrunt.hcl
Normal file
25
stacks/priority-pass/terragrunt.hcl
Normal file
|
|
@ -0,0 +1,25 @@
|
||||||
|
include "root" {
|
||||||
|
path = find_in_parent_folders()
|
||||||
|
}
|
||||||
|
|
||||||
|
dependency "platform" {
|
||||||
|
config_path = "../platform"
|
||||||
|
skip_outputs = true
|
||||||
|
}
|
||||||
|
|
||||||
|
dependency "vault" {
|
||||||
|
config_path = "../vault"
|
||||||
|
skip_outputs = true
|
||||||
|
}
|
||||||
|
|
||||||
|
dependency "external-secrets" {
|
||||||
|
config_path = "../external-secrets"
|
||||||
|
skip_outputs = true
|
||||||
|
}
|
||||||
|
|
||||||
|
inputs = {
|
||||||
|
# priority-pass repo HEAD — auto-bumped by GHA `build-and-deploy.yml`
|
||||||
|
# on every successful build. Manual edits welcome for local trials,
|
||||||
|
# but CI will overwrite on the next push to main.
|
||||||
|
image_tag = "7c01448d"
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue