-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
80 lines (57 loc) · 2.26 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# GCP reference architecture
module "base" {
source = "./modules/base"
project_id = var.project_id
region = var.region
humanitec_prefix = var.humanitec_prefix
humanitec_org_id = var.humanitec_org_id
gar_repository_id = var.gar_repository_id
gar_repository_region = var.gar_repository_region
}
# User used for scaffolding and deploying apps
resource "humanitec_user" "deployer" {
count = var.with_backstage ? 1 : 0
name = "deployer"
role = "administrator"
type = "service"
}
resource "humanitec_service_user_token" "deployer" {
count = var.with_backstage ? 1 : 0
id = "deployer"
user_id = humanitec_user.deployer[0].id
description = "Used by scaffolding and deploying"
}
module "github" {
count = var.with_backstage ? 1 : 0
source = "./modules/github"
humanitec_org_id = var.humanitec_org_id
humanitec_ci_service_user_token = humanitec_service_user_token.deployer[0].token
project_id = var.project_id
github_org_id = var.github_org_id
gar_repository_id = var.gar_repository_id
gar_repository_region = var.gar_repository_region
depends_on = [module.base]
}
# Configure GitHub variables & secrets for Backstage itself and for all scaffolded apps
locals {
github_app_credentials_file = "github-app-credentials.json"
}
module "github_app" {
count = var.with_backstage ? 1 : 0
source = "github.com/humanitec-architecture/shared-terraform-modules?ref=v2024-06-12//modules/github-app"
credentials_file = "${path.module}/${local.github_app_credentials_file}"
}
# Deploy Backstage as Portal
module "portal_backstage" {
count = var.with_backstage ? 1 : 0
source = "./modules/portal-backstage"
humanitec_org_id = var.humanitec_org_id
humanitec_ci_service_user_token = humanitec_service_user_token.deployer[0].token
github_org_id = var.github_org_id
github_app_client_id = module.github_app[0].client_id
github_app_client_secret = module.github_app[0].client_secret
github_app_id = module.github_app[0].app_id
github_app_private_key = module.github_app[0].private_key
github_webhook_secret = module.github_app[0].webhook_secret
depends_on = [module.github]
}