Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support new COOL environment structure #83

Open
wants to merge 6 commits into
base: develop
Choose a base branch
from
Open

Support new COOL environment structure #83

wants to merge 6 commits into from
+49 −45

Conversation

dav3r
Copy link
Member

@dav3r dav3r commented Feb 12, 2025

🗣 Description

This PR makes updates in support of the switchover from our legacy account/environment scheme (where staging and production accounts exist within the same AWS organization) to our new scheme (where they do not).

Highlights include:

  • Removal of any hard-coded references to production resources
  • Use of partial backend configurations
  • Support for both the legacy account naming scheme and our new scheme

This PR also removes references to the Domain Manager and PCA accounts, which were previously removed, but never cleaned up in this repository.

💭 Motivation and context

The goal of this PR is to get us closer to our modernized account scheme where there is no more co-mingling of staging and production accounts. Doing that will result in cleaner code across all COOL-related repositories as well as improved separation of resources across all COOL environments.

🧪 Testing

I applied this code in a development environment (which uses the new account naming scheme) and confirmed that it applied successfully and appeared correct.

I also ran terraform plan in Production (which uses the legacy account naming scheme) and confirmed that all planned changes looked accurate and expected.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All relevant repo and/or project documentation has been updated
    to reflect the changes in this PR.
  • All new and existing tests pass.

✅ Post-merge checklist

  • Apply these changes in staging-a
  • Apply these changes in production

dav3r added 6 commits February 12, 2025 13:58
@dav3r
Modify backend to use a partial configuration
7670888 
This avoids hardcoding the bucket name and allows the bucket name to be set on a per-environment basis via the -backend-config command line option or other methods.  For details, see: https://developer.hashicorp.com/terraform/language/backend#partial-configuration
@dav3r
Add a required variable for the name of the Terraform state bucket
4060e35 
This will be used to avoid hard-coding the bucket name in remote_states.tf.
@dav3r
Replace hardcoded bucket names with a variable.
b90593c 
Also, make each remote state use the same workspace name as the current Terraform workspace.
@dav3r
Add *.tfconfig to .gitignore
a9ecc88 
This is our chosen extension for Terraform backend config files.
@dav3r
Modify local variables to support legacy and current COOL account nam…
74a2fc3 
…ing schemes

While I was here, I also:
* Deleted local variables related to the now-defunct Domain Manager and PCA accounts
* Ensured that we are only searching non-master accounts when looking for the various account IDs
@dav3r
Remove TGW associations, route table attachments, and routes related …
af32090 
…to now-defunct Domain Manager and PCA accounts
@dav3r dav3r added the improvement This issue or pull request will add or improve functionality, maintainability, or ease of use label Feb 12, 2025
@dav3r dav3r requested a review from felddy February 12, 2025 19:24
@dav3r dav3r self-assigned this Feb 12, 2025
@dav3r dav3r requested review from jsf9k and mcdonnnj as code owners February 12, 2025 19:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsf9k jsf9k jsf9k approved these changes

@felddy felddy Awaiting requested review from felddy

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@dav3r dav3r

Labels
improvement This issue or pull request will add or improve functionality, maintainability, or ease of use
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dav3r @jsf9k