mirrors/khuedoan-homelab
1
0
Fork 0
mirror of https://github.com/khuedoan/homelab.git synced 2024-12-22 15:34:33 +07:00
Code Issues Packages Projects Releases Wiki Activity

refactor: replace Terraform binary with OpenTofu

Browse Source 
OpenTofu is a drop-in replacement for Terraform, so aside from changing
the binary, it only needs some minor adjustments.
This commit is contained in:
Khue Doan 2024-11-24 00:09:15 +07:00
parent 47aefc54af
commit 21fac43e57
7 changed files with 20 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.pre-commit-config.yaml
View File

@ -15,8 +15,11 @@ repos:
hooks: hooks:
- id: yamllint - id: yamllint
- repo: https://github.com/gruntwork-io/pre-commit - repo: https://github.com/gruntwork-io/pre-commit
rev: v0.1.17 rev: v0.1.24
hooks: hooks:
- id: helmlint - id: helmlint
- id: shellcheck - id: shellcheck
- id: terraform-fmt - repo: https://github.com/tofuutils/pre-commit-opentofu
rev: v2.1.0
hooks:
- id: tofu_fmt

2
docs/installation/production/external-resources.md
View File

@ -24,7 +24,7 @@ Terraform is stateful, which means it needs somewhere to store its state. Terraf
1. Sign up for a [Terraform Cloud](https://cloud.hashicorp.com/products/terraform) account 1. Sign up for a [Terraform Cloud](https://cloud.hashicorp.com/products/terraform) account
2. Create a workspace named `homelab-external`, this is the workspace where your homelab state will be stored. 2. Create a workspace named `homelab-external`, this is the workspace where your homelab state will be stored.
3. Change the "Execution Mode" from "Remote" to "Local". This will ensure your local machine, which can access your lab, is the one executing the terraform plan rather than the cloud runners. 3. Change the "Execution Mode" from "Remote" to "Local". This will ensure your local machine, which can access your lab, is the one executing the Terraform plan rather than the cloud runners.
If you decide to use a [different Terraform backend](https://www.terraform.io/language/settings/backends#available-backends), you'll need to edit the `external/versions.tf` file as required. If you decide to use a [different Terraform backend](https://www.terraform.io/language/settings/backends#available-backends), you'll need to edit the `external/versions.tf` file as required.

8
external/Makefile
View File

@ -3,21 +3,21 @@
default: apply default: apply
~/.terraform.d/credentials.tfrc.json: ~/.terraform.d/credentials.tfrc.json:
terraform login tofu login
terraform.tfvars: terraform.tfvars:
cp terraform.tfvars.example ${@} cp terraform.tfvars.example ${@}
nvim ${@} nvim ${@}
.terraform.lock.hcl: ~/.terraform.d/credentials.tfrc.json versions.tf terraform.tfvars .terraform.lock.hcl: ~/.terraform.d/credentials.tfrc.json versions.tf terraform.tfvars
terraform init tofu init
touch ${@} touch ${@}
namespaces: namespaces:
ansible-playbook namespaces.yml ansible-playbook namespaces.yml
plan: .terraform.lock.hcl plan: .terraform.lock.hcl
terraform plan tofu plan
apply: .terraform.lock.hcl namespaces apply: .terraform.lock.hcl namespaces
terraform apply -auto-approve tofu apply -auto-approve

2
external/versions.tf
View File

@ -1,5 +1,5 @@
terraform { terraform {
required_version = "~> 1.8" required_version = "~> 1.7"
backend "remote" { backend "remote" {
hostname = "app.terraform.io" hostname = "app.terraform.io"

12
flake.lock
View File

@ -5,11 +5,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1731533236,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -20,11 +20,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1725001927, "lastModified": 1731797254,
"narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=", "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6e99f2a27d600612004fbd2c3282d614bfee6421", "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59",
"type": "github" "type": "github"
}, },
"original": { "original": {

9
flake.nix
View File

@ -9,12 +9,7 @@
outputs = { self, nixpkgs, flake-utils }: outputs = { self, nixpkgs, flake-utils }:
flake-utils.lib.eachDefaultSystem (system: flake-utils.lib.eachDefaultSystem (system:
let let
# TODO remove unfree after removing Terraform pkgs = import nixpkgs { inherit system; };
# (Source: https://xeiaso.net/blog/notes/nix-flakes-terraform-unfree-fix)
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
in in
with pkgs; with pkgs;
{ {
@ -41,10 +36,10 @@
libisoburn libisoburn
neovim neovim
openssh openssh
opentofu # Drop-in replacement for Terraform
p7zip p7zip
pre-commit pre-commit
shellcheck shellcheck
terraform # TODO replace with OpenTofu, Terraform is no longer FOSS
yamllint yamllint
(python3.withPackages (p: with p; [ (python3.withPackages (p: with p; [

2
test/tools_test.go
View File

@ -24,7 +24,7 @@ func TestToolsVersions(t *testing.T) {
{"kubectl", "version", ">= 1.30.0, < 1.32.0"}, // https://kubernetes.io/releases/version-skew-policy/#kubectl {"kubectl", "version", ">= 1.30.0, < 1.32.0"}, // https://kubernetes.io/releases/version-skew-policy/#kubectl
{"kustomize", "version", ">= 5.0.3, < 6.0.0"}, {"kustomize", "version", ">= 5.0.3, < 6.0.0"},
{"pre-commit", "--version", ">= 3.3.2, < 4.0.0"}, {"pre-commit", "--version", ">= 3.3.2, < 4.0.0"},
{"terraform", "--version", ">= 1.8.0, < 1.9.0"}, {"tofu", "--version", ">= 1.7.0, < 1.9.0"},
} }
for _, tool := range tools { for _, tool := range tools {