Relevant paths include:
domain/gtfs-infrastructure.tfvars
: manage infrastructure configuration (definitions)terraform/*
: manage infrastructure implementation
To test changes:
make -C pipelines/iac ci
To apply changes:
make -C pipelines/iac cd
Re-init terraform (required when, e.g., new or renamed module, new provider, etc):
rm -r terraform/.terraform
make -C pipelines/iac ci
These steps must be performed once at creation time of the project
- Create a bucket for terraform state
gcloud storage buckets create gs://gtfs-infrastructure-tfstate
- Create a service account
gcloud iam service-accounts create github-actions \
--display-name="GitHub Actions Runner"
- Grant the account privileges to manage the project
gcloud projects add-iam-policy-binding web-based-gtfs-validator \
--member=serviceAccount:github-actions@web-based-gtfs-validator.iam.gserviceaccount.com \
--role=roles/owner
- Provision a key for the service account
gcloud iam service-accounts keys create .git/github-actions-sa.json \
--iam-account=github-actions@web-based-gtfs-validator.iam.gserviceaccount.com
- Upload the key to a GitHub Actions secret
gh -R MobilityData/gtfs-infrastructure secret set GCP_SA_KEY < .git/github-actions-sa.json