From 02c2c8000aecce468b732d62a2797bf0d977eeb0 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Tue, 18 Jun 2024 15:38:59 +0100
Subject: [PATCH] tidy up workflows

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 .github/workflows/AMAZON2.tfvars              |   3 -
 .github/workflows/OS.tfvars                   |   9 --
 .github/workflows/github_network.tf           |  53 ---------
 .github/workflows/github_vars.tfvars          |  13 --
 .github/workflows/linux_benchmark_testing.yml | 111 ------------------
 .github/workflows/terraform.tfvars            |   6 -
 6 files changed, 195 deletions(-)
 delete mode 100644 .github/workflows/OS.tfvars
 delete mode 100644 .github/workflows/github_network.tf
 delete mode 100644 .github/workflows/github_vars.tfvars
 delete mode 100644 .github/workflows/linux_benchmark_testing.yml
 delete mode 100644 .github/workflows/terraform.tfvars

diff --git a/.github/workflows/AMAZON2.tfvars b/.github/workflows/AMAZON2.tfvars
index fc635fb..3c51061 100644
--- a/.github/workflows/AMAZON2.tfvars
+++ b/.github/workflows/AMAZON2.tfvars
@@ -4,6 +4,3 @@ ami_os         = "AmazonLinux2"
 ami_username   = "ec2-user"
 ami_user_home  = "/home/ec2-user"
 benchmark_os   = "Amazon2"
-privsubnet_id  = "subnet-0ce2cd3c739f6421c"
-vpc_secgrp_id  = "sg-0c0593968712e684d"
-benchmark_type = "CIS"
diff --git a/.github/workflows/OS.tfvars b/.github/workflows/OS.tfvars
deleted file mode 100644
index 0285721..0000000
--- a/.github/workflows/OS.tfvars
+++ /dev/null
@@ -1,9 +0,0 @@
-# Amazon Linux 2
-ami_id        = "ami-03e0b06f01d45a4eb"
-ami_os        = "AmazonLinux2"
-ami_username  = "ec2-user"
-ami_user_home = "/home/ec2-user"
-instance_tags = {
-  Name        = "Amazon2-CIS"
-  Environment = "lockdown_github_repo_workflow"
-}
diff --git a/.github/workflows/github_network.tf b/.github/workflows/github_network.tf
deleted file mode 100644
index 5001dc2..0000000
--- a/.github/workflows/github_network.tf
+++ /dev/null
@@ -1,53 +0,0 @@
-resource "aws_vpc" "Main" {
-  cidr_block = var.main_vpc_cidr
-  instance_tenancy = "default"
-  tags       = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-VPC"
-    }
-}
-
-resource "aws_internet_gateway" "IGW" {
-  vpc_id = aws_vpc.Main.id
-  tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-IGW"
-  }
-}
-
-resource "aws_subnet" "publicsubnets" {
-  vpc_id =  aws_vpc.Main.id
-  cidr_block = var.public_subnets
-  availability_zone = var.availability_zone
-  tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-pubsub"
-  }
-}
-
-resource "aws_subnet" "Main" {
-  vpc_id =  aws_vpc.Main.id
-  availability_zone = var.availability_zone
-  cidr_block = var.private_subnets
-  tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-prvsub"
-  }
-}
-
-resource "aws_route_table" "PublicRT" {
-   vpc_id =  aws_vpc.Main.id
-   route {
-   cidr_block = "0.0.0.0/0"
-   gateway_id = aws_internet_gateway.IGW.id
-   }
-   tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-publicRT"
-  }
-}
-
-resource "aws_route_table_association" "rt_associate_public" {
-  subnet_id = aws_subnet.Main.id
-  route_table_id = aws_route_table.PublicRT.id
-}
diff --git a/.github/workflows/github_vars.tfvars b/.github/workflows/github_vars.tfvars
deleted file mode 100644
index b8d1f5e..0000000
--- a/.github/workflows/github_vars.tfvars
+++ /dev/null
@@ -1,13 +0,0 @@
-// github_actions variables
-// Resourced in github_networks.tf
-// Declared in variables.tf
-//
-
-namespace = "github_actions"
-environment = "lockdown_github_repo_workflow"
-
-// Matching pair name found in AWS for keypairs PEM key
-ami_key_pair_name = "github_actions"
-main_vpc_cidr     = "172.22.0.0/24"
-public_subnets    = "172.22.0.128/26"
-private_subnets   = "172.22.0.192/26"
diff --git a/.github/workflows/linux_benchmark_testing.yml b/.github/workflows/linux_benchmark_testing.yml
deleted file mode 100644
index 9cc43d8..0000000
--- a/.github/workflows/linux_benchmark_testing.yml
+++ /dev/null
@@ -1,111 +0,0 @@
-i# This is a basic workflow to help you get started with Actions
-
-name: linux_benchmark_pipeline
-
-# Controls when the action will run.
-# Triggers the workflow on push or pull request
-# events but only for the devel branch
-on:  # yamllint disable-line rule:truthy
-    pull_request_target:
-        types: [opened, reopened, synchronize]
-        branches:
-            - devel
-            - main
-        paths:
-            - '**.yml'
-            - '**.sh'
-            - '**.j2'
-            - '**.ps1'
-            - '**.cfg'
-
-# A workflow run is made up of one or more jobs
-# that can run sequentially or in parallel
-jobs:
-  # This will create messages for first time contributers and direct them to the Discord server
-    welcome:
-        runs-on: ubuntu-latest
-
-        steps:
-            - uses: actions/first-interaction@main
-              with:
-                  repo-token: ${{ secrets.GITHUB_TOKEN }}
-                  pr-message: |-
-                      Congrats on opening your first pull request and thank you for taking the time to help improve Ansible-Lockdown!
-                      Please join in the conversation happening on the [Discord Server](https://discord.io/ansible-lockdown) as well.
-    # This workflow contains a single job called "build"
-    build:
-        # The type of runner that the job will run on
-        runs-on: ubuntu-latest
-
-        env:
-            ENABLE_DEBUG: false
-
-    # Steps represent a sequence of tasks that will be executed as part of the job
-        steps:
-            # Checks-out your repository under $GITHUB_WORKSPACE,
-            # so your job can access it
-            - uses: actions/checkout@v3
-              with:
-                  ref: ${{ github.event.pull_request.head.sha }}
-
-            - name: Add_ssh_key
-              working-directory: .github/workflows
-              env:
-                  SSH_AUTH_SOCK: /tmp/ssh_agent.sock
-                  PRIVATE_KEY: "${{ secrets.SSH_PRV_KEY }}"
-              run: |
-                  mkdir .ssh
-                  chmod 700 .ssh
-                  echo $PRIVATE_KEY > .ssh/github_actions.pem
-                  chmod 600 .ssh/github_actions.pem
-
-            ### Build out the server
-            - name: Terraform_Init
-              working-directory: .github/workflows
-              run: terraform init
-
-            - name: Terraform_Validate
-              working-directory: .github/workflows
-              run: terraform validate
-
-            - name: Terraform_Apply
-              working-directory: .github/workflows
-              env:
-                  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-                  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-              run: terraform apply -var-file "OS.tfvars" -var-file "github_vars.tfvars" --auto-approve -input=false
-
-            ## Debug Section
-            - name: DEBUG - Show Ansible hostfile
-              if: env.ENABLE_DEBUG == 'true'
-              working-directory: .github/workflows
-              run: cat hosts.yml
-
-            # Aws deployments taking a while to come up insert sleep or playbook fails
-
-            - name: Sleep for 60 seconds
-              run: sleep 60s
-              shell: bash
-
-            # Run the ansible playbook
-            - name: Run_Ansible_Playbook
-              uses: arillso/action.playbook@master
-              with:
-                  playbook: site.yml
-                  inventory: .github/workflows/hosts.yml
-                  galaxy_file: collections/requirements.yml
-                  private_key: ${{ secrets.SSH_PRV_KEY }}
-        #          verbose: 3
-              env:
-                  ANSIBLE_HOST_KEY_CHECKING: "false"
-                  ANSIBLE_DEPRECATION_WARNINGS: "false"
-
-            # Remove test system - User secrets to keep if necessary
-
-            - name: Terraform_Destroy
-              working-directory: .github/workflows
-              if: always() && env.ENABLE_DEBUG == 'false'
-              env:
-                  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-                  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-              run: terraform destroy -var-file "github_vars.tfvars" -var-file "OS.tfvars" --auto-approve -input=false
diff --git a/.github/workflows/terraform.tfvars b/.github/workflows/terraform.tfvars
deleted file mode 100644
index 3111378..0000000
--- a/.github/workflows/terraform.tfvars
+++ /dev/null
@@ -1,6 +0,0 @@
-// vars should be loaded by OSname.tfvars
-availability_zone      = "us-east-1b"
-aws_region    = "us-east-1"
-ami_os        = var.ami_os
-ami_username  = var.ami_username
-instance_tags = var.instance_tags