feat: add terraform-providers targets
This commit is contained in:
parent
1da97ad867
commit
43455a4481
2 changed files with 75 additions and 0 deletions
33
Makefile
33
Makefile
|
|
@ -92,6 +92,39 @@ tf-destroy: tf-init ## Terraform destroy (tear down)
|
|||
@[ -n "$(HCLOUD_TOKEN)" ] || (echo "HCLOUD_TOKEN empty; export SOPS_AGE_KEY or set keys.txt & fill secrets.sops.yaml" && exit 1)
|
||||
@export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner destroy -auto-approve -var="hcloud_token=$(HCLOUD_TOKEN)"
|
||||
|
||||
# --- Terraform provider/lockfile helpers ---
|
||||
TF_DIR := terraform/hetzner
|
||||
TF_TOKEN := $(HCLOUD_TOKEN)
|
||||
LOCKFILE := $(TF_DIR)/.terraform.lock.hcl
|
||||
|
||||
tf-lock-commit: ## Commit the current provider lockfile
|
||||
@test -f $(LOCKFILE) || (echo "❌ $(LOCKFILE) not found. Run 'make tf-init' first."; exit 1)
|
||||
@git add $(LOCKFILE)
|
||||
@git commit -m "chore(terraform): lock providers" || echo "ℹ No lockfile changes to commit."
|
||||
|
||||
tf-providers-check: ## Check if newer provider versions are available (non-destructive)
|
||||
@echo "🔎 Checking for provider upgrades (lockfile readonly)…"
|
||||
@if terraform -chdir=$(TF_DIR) init -upgrade -lockfile=readonly >/dev/null 2>&1; then \
|
||||
echo "✔ Providers up to date (no upgrades available)."; \
|
||||
else \
|
||||
echo "↗ Provider upgrades likely available (readonly lockfile blocked changes)."; \
|
||||
echo " Run: make tf-providers-upgrade"; \
|
||||
fi
|
||||
|
||||
tf-providers-upgrade: ## Upgrade providers (updates .terraform.lock.hcl)
|
||||
@echo "⬆️ Upgrading providers…"
|
||||
@terraform -chdir=$(TF_DIR) init -upgrade
|
||||
@echo "— Diff for $(LOCKFILE):"
|
||||
@git --no-pager diff -- $(LOCKFILE) || true
|
||||
@echo "💡 If changes look good: make tf-lock-commit"
|
||||
|
||||
tf-providers-upgrade-commit: tf-providers-upgrade tf-lock-commit ## Upgrade providers and commit the lockfile
|
||||
|
||||
tf-providers-plan: ## Plan after an upgrade (uses HCLOUD_TOKEN if set)
|
||||
@echo "🧪 Planning with upgraded providers…"
|
||||
@terraform -chdir=$(TF_DIR) plan $(if $(TF_TOKEN),-var="hcloud_token=$(TF_TOKEN)")
|
||||
|
||||
|
||||
# ---- Ansible ----
|
||||
ansible-bootstrap: ## Run base bootstrap play (users, ssh, ufw, sops-agent)
|
||||
cd ansible && ansible-playbook playbooks/bootstrap.yaml -u admin
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue