-
Notifications
You must be signed in to change notification settings - Fork 0
/
tfaction-root.yaml
68 lines (61 loc) · 3.3 KB
/
tfaction-root.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
---
plan_workflow_name: test # Mandatory
label_prefixes:
tfmigrate: "migrate:"
# skip_create_pr: true
# drift_detection:
# # issue_repo_owner:
# # issue_repo_name:
# minimum_detection_interval: 5 # 5 days. By default 7 days.
# num_of_issues: 3 # 3 working directories are checked per workflow run. By default 1 working directory is checked.
tfsec:
enabled: false
trivy:
enabled: false
scaffold_working_directory:
skip_adding_aqua_packages: true
aqua:
update_checksum:
# Update aqua-checksums.json in `setup` action
enabled: true # default is false
skip_push: false # default is false
prune: true # default is false
target_groups:
- working_directory: terraform/aws/
target: terraform/aws/
aws_region: ap-northeast-1
s3_bucket_name_plan_file: 'matchan26-terraform-state-backend-bucket'
s3_bucket_name_tfmigrate_history: 'matchan26-terraform-state-backend-bucket'
template_dir: templates/aws
terraform_plan_config:
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_terraform_plan"
tfmigrate_plan_config:
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_tfmigrate_plan"
terraform_apply_config:
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_terraform_apply"
tfmigrate_apply_config:
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_tfmigrate_apply"
- working_directory: terraform/gcp/
target: terraform/gcp/
aws_region: ap-northeast-1
s3_bucket_name_plan_file: 'matchan26-terraform-state-backend-bucket'
s3_bucket_name_tfmigrate_history: 'matchan26-terraform-state-backend-bucket'
#gcs_bucket_name_plan_file: '<GCS Bucket Name for Terraform Plan File>'
#gcs_bucket_name_tfmigrate_history: '<GCS Bucket Name for tfmigrate history files>'
template_dir: templates/gcp
terraform_plan_config:
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_terraform_plan"
gcp_service_account: [email protected]
gcp_workload_identity_provider: projects/163667651642/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-actions
tfmigrate_plan_config:
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_tfmigrate_plan"
gcp_service_account: [email protected]
gcp_workload_identity_provider: projects/163667651642/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-actions
terraform_apply_config:
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_terraform_apply"
gcp_service_account: [email protected]
gcp_workload_identity_provider: projects/163667651642/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-actions
tfmigrate_apply_config:
gcp_service_account: [email protected]
gcp_workload_identity_provider: projects/163667651642/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-actions
aws_assume_role_arn: "arn:aws:iam::115313250887:role/GitHubActions_Terraform_wordpress-infra_tfmigrate_apply"