Set workflow-level environment variables in Github Action workflows consistently

* and remove project and organization id vars from instances of provider "scaleway" {} configuration

Author: pacphi

.github/workflows/deploy-environment.yml

@@ -91,6 +91,14 @@ env:
   TF_IN_AUTOMATION: true
   TF_VAR_scaleway_region: ${{ github.event.inputs.region }}
   TF_VAR_scaleway_zone: ${{ github.event.inputs.availability_zone }}
+  # Consolidated Scaleway credentials and mappings
+  SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+  SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+  SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
+  SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
+  # AWS variables for S3 backend compatibility
+  AWS_ACCESS_KEY_ID: ${{ secrets.SCW_ACCESS_KEY }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.SCW_SECRET_KEY }}
 
 jobs:
   validate:
@@ -150,23 +158,6 @@ jobs:
         with:
           version: 'v3.12.0'
 
-      - name: Configure Scaleway Credentials for Validation
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
-          # AWS environment variables for S3 backend (required by Terraform S3 backend)
-          echo "AWS_ACCESS_KEY_ID=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "AWS_SECRET_ACCESS_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          # Terraform-specific variables for project and organization IDs
-          echo "TF_VAR_scaleway_project_id=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "TF_VAR_scaleway_organization_id=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
 
       - name: Check Terraform Formatting
         run: |
@@ -493,23 +484,6 @@ jobs:
           terraform_version: "~1.12.0"
           terraform_wrapper: false
 
-      - name: Configure Scaleway Credentials
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
-          # AWS environment variables for S3 backend (required by Terraform S3 backend)
-          echo "AWS_ACCESS_KEY_ID=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "AWS_SECRET_ACCESS_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          # Terraform-specific variables for project and organization IDs
-          echo "TF_VAR_scaleway_project_id=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "TF_VAR_scaleway_organization_id=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
 
       - name: Download Backend Configuration
         uses: actions/download-artifact@v4
@@ -747,23 +721,6 @@ jobs:
         with:
           version: 'v3.12.0'
 
-      - name: Configure Scaleway Credentials
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
-          # AWS environment variables for S3 backend (required by Terraform S3 backend)
-          echo "AWS_ACCESS_KEY_ID=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "AWS_SECRET_ACCESS_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          # Terraform-specific variables for project and organization IDs
-          echo "TF_VAR_scaleway_project_id=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "TF_VAR_scaleway_organization_id=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
 
       - name: Setup Deployment Flags
         id: setup-flags

.github/workflows/setup-backend.yml

@@ -59,6 +59,14 @@ on:
 
 env:
   TF_IN_AUTOMATION: true
+  # Consolidated Scaleway credentials and mappings
+  SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+  SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+  SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
+  SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
+  # AWS variables for S3 backend compatibility
+  AWS_ACCESS_KEY_ID: ${{ secrets.SCW_ACCESS_KEY }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.SCW_SECRET_KEY }}
 
 jobs:
   setup-backend:
@@ -81,20 +89,6 @@ jobs:
           terraform_version: "~1.12.0"
           terraform_wrapper: false
 
-      - name: Configure Scaleway Credentials
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
-          # AWS environment variables for S3 backend (required by Terraform S3 backend)
-          echo "AWS_ACCESS_KEY_ID=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "AWS_SECRET_ACCESS_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
 
       - name: Validate Environment
         id: validate

.github/workflows/teardown-environment.yml

@@ -66,6 +66,14 @@ env:
   TF_IN_AUTOMATION: true
   TF_VAR_scaleway_region: ${{ github.event.inputs.region }}
   TF_VAR_scaleway_zone: ${{ github.event.inputs.availability_zone }}
+  # Consolidated Scaleway credentials and mappings
+  SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+  SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+  SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
+  SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
+  # AWS variables for S3 backend compatibility
+  AWS_ACCESS_KEY_ID: ${{ secrets.SCW_ACCESS_KEY }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.SCW_SECRET_KEY }}
 
 jobs:
   validate-request:
@@ -114,17 +122,6 @@ jobs:
         with:
           version: 'v1.32.0'
 
-      - name: Configure Scaleway Credentials
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
 
       - name: Download Kubeconfig
         continue-on-error: true
@@ -191,17 +188,6 @@ jobs:
         with:
           version: 'v1.32.0'
 
-      - name: Configure Scaleway Credentials
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
 
       - name: Analyze Impact
         id: impact
@@ -274,17 +260,6 @@ jobs:
         with:
           version: 'v1.32.0'
 
-      - name: Configure Scaleway Credentials
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
 
       - name: Download Kubeconfig
         continue-on-error: true

.github/workflows/validate-templates.yml

@@ -47,6 +47,14 @@ on:
 
 env:
   TF_IN_AUTOMATION: true
+  # Consolidated Scaleway credentials and mappings
+  SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+  SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+  SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
+  SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
+  # AWS variables for S3 backend compatibility
+  AWS_ACCESS_KEY_ID: ${{ secrets.SCW_ACCESS_KEY }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.SCW_SECRET_KEY }}
 
 jobs:
   discover-templates:
@@ -369,17 +377,6 @@ jobs:
         with:
           version: 'v1.32.0'
 
-      - name: Configure Scaleway Credentials
-        env:
-          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
-          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
-          SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
-          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
-        run: |
-          echo "SCW_ACCESS_KEY=${SCW_ACCESS_KEY}" >> $GITHUB_ENV
-          echo "SCW_SECRET_KEY=${SCW_SECRET_KEY}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_PROJECT_ID=${SCW_DEFAULT_PROJECT_ID}" >> $GITHUB_ENV
-          echo "SCW_DEFAULT_ORGANIZATION_ID=${SCW_DEFAULT_ORGANIZATION_ID}" >> $GITHUB_ENV
 
       - name: Download Backend Configuration
         uses: actions/download-artifact@v4

environments/dev/providers.tf

@@ -30,8 +30,6 @@ terraform {
 provider "scaleway" {
   zone            = var.scaleway_zone
   region          = var.scaleway_region
-  organization_id = var.scaleway_organization_id
-  project_id      = var.scaleway_project_id
 }
 
 provider "kubernetes" {

environments/staging/providers.tf

@@ -30,8 +30,6 @@ terraform {
 provider "scaleway" {
   zone            = var.scaleway_zone
   region          = var.scaleway_region
-  organization_id = var.scaleway_organization_id
-  project_id      = var.scaleway_project_id
 }
 
 provider "kubernetes" {

modules/postgresql/variables.tf

@@ -76,20 +76,20 @@ variable "settings" {
   description = "Database settings"
   type        = map(string)
   default = {
-    "max_connections"              = "200"
-    "shared_preload_libraries"     = "pg_stat_statements"
-    "log_min_duration_statement"   = "1000"
-    "log_connections"              = "on"
-    "log_disconnections"           = "on"
-    "log_lock_waits"               = "on"
-    "log_statement"                = "ddl"
-    "log_temp_files"               = "0"
-    "work_mem"                     = "4MB"
-    "maintenance_work_mem"         = "128MB"
-    "wal_buffers"                  = "16MB"
-    "default_statistics_target"    = "100"
-    "random_page_cost"             = "1.1"
-    "effective_cache_size"         = "128MB"
+    "max_connections"            = "200"
+    "shared_preload_libraries"   = "pg_stat_statements"
+    "log_min_duration_statement" = "1000"
+    "log_connections"            = "on"
+    "log_disconnections"         = "on"
+    "log_lock_waits"             = "on"
+    "log_statement"              = "ddl"
+    "log_temp_files"             = "0"
+    "work_mem"                   = "4MB"
+    "maintenance_work_mem"       = "128MB"
+    "wal_buffers"                = "16MB"
+    "default_statistics_target"  = "100"
+    "random_page_cost"           = "1.1"
+    "effective_cache_size"       = "128MB"
   }
 }
 

shared/providers.tf

@@ -4,8 +4,6 @@
 provider "scaleway" {
   zone            = var.scaleway_zone
   region          = var.scaleway_region
-  organization_id = var.scaleway_organization_id
-  project_id      = var.scaleway_project_id
 }
 
 provider "kubernetes" {