docs: add examples for extra modules (#36)

Author: edersonbrilhante

examples/deployments/extras/release_versions.yaml

@@ -0,0 +1,30 @@
+---
+api_version: v1
+product: Forge
+version: v1.0.0
+metadata:
+  use_local_repos: true
+spec:
+  # Versions of our IaC/Terraform modules.
+  iac:
+    modules:
+      cloud_custodian:
+        local_path: ../forge
+        repo: git@github.com:cisco-open/forge.git
+        module_path: modules/infra/cloud_custodian
+        ref: main
+      cloud_formation:
+        local_path: ../forge
+        repo: git@github.com:cisco-open/forge.git
+        module_path: modules/infra/cloud_formation
+        ref: main
+      ecr:
+        local_path: ../forge
+        repo: git@github.com:cisco-open/forge.git
+        module_path: modules/infra/ecr
+        ref: main
+      storage:
+        local_path: ../forge
+        repo: git@github.com:cisco-open/forge.git
+        module_path: modules/infra/storage
+        ref: main

examples/deployments/extras/terragrunt/_global_settings/_global.hcl

@@ -0,0 +1,12 @@
+locals {
+  team_name          = "forgeMT" # <REPLACE WITH YOUR VALUE> # e.g., "DevOps Team"
+  product_name       = "forgeMT" # <REPLACE WITH YOUR VALUE> # e.g., "Internal Platform"
+  project_name       = "forgemt" # <REPLACE WITH YOUR VALUE> # e.g., "intplat"
+  aws_account_prefix = "forge"   # <REPLACE WITH YOUR VALUE> # e.g., "intplat-ops"
+
+  # GitHub organization for GitOps repo.
+  git_org = "forgemt" # <REPLACE WITH YOUR VALUE> e.g., "my-org"
+
+  # Team information.
+  group_email = "forgemt@cisco.com" # <REPLACE WITH YOUR VALUE> e.g., "devops@example.com"
+}

examples/deployments/extras/terragrunt/_global_settings/cloud_custodian.hcl

@@ -0,0 +1,51 @@
+locals {
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Global Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  global_data  = read_terragrunt_config(find_in_parent_folders("_global_settings/_global.hcl"))
+  group_email  = local.global_data.locals.group_email
+  team_name    = local.global_data.locals.team_name
+  product_name = local.global_data.locals.product_name
+  project_name = local.global_data.locals.project_name
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Environment Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  env_data            = read_terragrunt_config(find_in_parent_folders("_environment_wide_settings/_environment.hcl"))
+  default_aws_region  = local.env_data.locals.default_aws_region
+  default_aws_profile = local.env_data.locals.default_aws_profile
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Tags
+  # ─────────────────────────────────────────────────────────────────────────────
+  tags = {
+    TeamName         = local.team_name
+    TechnicalContact = local.group_email
+    SecurityContact  = local.group_email
+  }
+
+  default_tags = {
+    ApplicationName   = local.project_name
+    ResourceOwner     = local.team_name
+    ProductFamilyName = local.product_name
+    IntendedPublic    = "No"
+    LastRevalidatedBy = "Terraform"
+    LastRevalidatedAt = "2025-05-15"
+  }
+
+  cloud_custodian_data = read_terragrunt_config(find_in_parent_folders("cloud_custodian/config.hcl"))
+}
+
+inputs = {
+  # Core Environment
+  aws_account_id = local.aws_account_id
+  aws_profile    = local.default_aws_profile
+  aws_region     = local.default_aws_region
+
+  # Cloud Custodian Configuration
+  forge_role_arn = local.cloud_custodian_data.locals.forge_role_arn
+
+  # Misc
+  tags         = local.tags
+  default_tags = local.default_tags
+}

examples/deployments/extras/terragrunt/_global_settings/cloud_formation.hcl

@@ -0,0 +1,46 @@
+locals {
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Global Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  global_data  = read_terragrunt_config(find_in_parent_folders("_global_settings/_global.hcl"))
+  group_email  = local.global_data.locals.group_email
+  team_name    = local.global_data.locals.team_name
+  product_name = local.global_data.locals.product_name
+  project_name = local.global_data.locals.project_name
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Environment Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  env_data            = read_terragrunt_config(find_in_parent_folders("_environment_wide_settings/_environment.hcl"))
+  default_aws_region  = local.env_data.locals.default_aws_region
+  default_aws_profile = local.env_data.locals.default_aws_profile
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Tags
+  # ─────────────────────────────────────────────────────────────────────────────
+  tags = {
+    TeamName         = local.team_name
+    TechnicalContact = local.group_email
+    SecurityContact  = local.group_email
+  }
+
+  default_tags = {
+    ApplicationName   = local.project_name
+    ResourceOwner     = local.team_name
+    ProductFamilyName = local.product_name
+    IntendedPublic    = "No"
+    LastRevalidatedBy = "Terraform"
+    LastRevalidatedAt = "2025-05-15"
+  }
+}
+
+inputs = {
+  # Core Environment
+  aws_account_id = local.aws_account_id
+  aws_profile    = local.default_aws_profile
+  aws_region     = local.default_aws_region
+
+  # Misc
+  tags         = local.tags
+  default_tags = local.default_tags
+}

examples/deployments/extras/terragrunt/_global_settings/ecr.hcl

@@ -0,0 +1,56 @@
+locals {
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Global Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  global_data  = read_terragrunt_config(find_in_parent_folders("_global_settings/_global.hcl"))
+  group_email  = local.global_data.locals.group_email
+  team_name    = local.global_data.locals.team_name
+  product_name = local.global_data.locals.product_name
+  project_name = local.global_data.locals.project_name
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Environment Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  env_data            = read_terragrunt_config(find_in_parent_folders("_environment_wide_settings/_environment.hcl"))
+  default_aws_region  = local.env_data.locals.default_aws_region
+  default_aws_profile = local.env_data.locals.default_aws_profile
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Region Settings.
+  # ─────────────────────────────────────────────────────────────────────────────
+  region_data = read_terragrunt_config(find_in_parent_folders("_region_wide_settings/_region.hcl"))
+  region      = local.region_data.locals.region_aws
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Tags
+  # ─────────────────────────────────────────────────────────────────────────────
+  tags = {
+    TeamName         = local.team_name
+    TechnicalContact = local.group_email
+    SecurityContact  = local.group_email
+  }
+
+  default_tags = {
+    ApplicationName   = local.project_name
+    ResourceOwner     = local.team_name
+    ProductFamilyName = local.product_name
+    IntendedPublic    = "No"
+    LastRevalidatedBy = "Terraform"
+    LastRevalidatedAt = "2025-05-15"
+  }
+
+  ecr_data = read_terragrunt_config(find_in_parent_folders("ecr/config.hcl"))
+}
+
+inputs = {
+  # Core Environment
+  aws_profile = local.default_aws_profile
+  aws_region  = local.region
+
+  # Cloud Custodian Configuration
+  repositories = local.ecr_data.locals.repositories
+
+  # Misc
+  tags         = local.tags
+  default_tags = local.default_tags
+}

examples/deployments/extras/terragrunt/_global_settings/forge_subscription.hcl

@@ -0,0 +1,50 @@
+locals {
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Global Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  global_data  = read_terragrunt_config(find_in_parent_folders("_global_settings/_global.hcl"))
+  group_email  = local.global_data.locals.group_email
+  team_name    = local.global_data.locals.team_name
+  product_name = local.global_data.locals.product_name
+  project_name = local.global_data.locals.project_name
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Environment Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  env_data            = read_terragrunt_config(find_in_parent_folders("_environment_wide_settings/_environment.hcl"))
+  default_aws_region  = local.env_data.locals.default_aws_region
+  default_aws_profile = local.env_data.locals.default_aws_profile
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Tags
+  # ─────────────────────────────────────────────────────────────────────────────
+  tags = {
+    TeamName         = local.team_name
+    TechnicalContact = local.group_email
+    SecurityContact  = local.group_email
+  }
+
+  default_tags = {
+    ApplicationName   = local.project_name
+    ResourceOwner     = local.team_name
+    ProductFamilyName = local.product_name
+    IntendedPublic    = "No"
+    LastRevalidatedBy = "Terraform"
+    LastRevalidatedAt = "2025-05-15"
+  }
+
+  forge_subscription_data = read_terragrunt_config(find_in_parent_folders("forge_subscription/config.hcl"))
+
+}
+
+inputs = {
+  # Core Environment
+  aws_profile = local.default_aws_profile
+  aws_region  = local.default_aws_region
+
+  forge = local.forge_subscription_data.locals.forge
+
+  # Misc
+  tags         = local.tags
+  default_tags = local.default_tags
+}

examples/deployments/extras/terragrunt/_global_settings/storage.hcl

@@ -0,0 +1,46 @@
+locals {
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Global Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  global_data  = read_terragrunt_config(find_in_parent_folders("_global_settings/_global.hcl"))
+  group_email  = local.global_data.locals.group_email
+  team_name    = local.global_data.locals.team_name
+  product_name = local.global_data.locals.product_name
+  project_name = local.global_data.locals.project_name
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Environment Settings
+  # ─────────────────────────────────────────────────────────────────────────────
+  env_data            = read_terragrunt_config(find_in_parent_folders("_environment_wide_settings/_environment.hcl"))
+  default_aws_region  = local.env_data.locals.default_aws_region
+  default_aws_profile = local.env_data.locals.default_aws_profile
+
+  # ─────────────────────────────────────────────────────────────────────────────
+  # Tags
+  # ─────────────────────────────────────────────────────────────────────────────
+  tags = {
+    TeamName         = local.team_name
+    TechnicalContact = local.group_email
+    SecurityContact  = local.group_email
+  }
+
+  default_tags = {
+    ApplicationName   = local.project_name
+    ResourceOwner     = local.team_name
+    ProductFamilyName = local.product_name
+    IntendedPublic    = "No"
+    LastRevalidatedBy = "Terraform"
+    LastRevalidatedAt = "2025-05-15"
+  }
+}
+
+inputs = {
+  # Core Environment
+  aws_account_id = local.aws_account_id
+  aws_profile    = local.default_aws_profile
+  aws_region     = local.default_aws_region
+
+  # Misc
+  tags         = local.tags
+  default_tags = local.default_tags
+}

examples/deployments/extras/terragrunt/_global_settings/terragrunt.hcl

@@ -0,0 +1,49 @@
+locals {
+  global_settings = read_terragrunt_config(find_in_parent_folders("_global_settings/_global.hcl"))
+
+  # Environment name.
+  env = "prod" # <REPLACE WITH YOUR VALUE>
+
+  # Prefix used throughout various bits of code involving auth. Must only
+  # contain letters, numbers, and hyphens (valid hostname characters).
+  prefix = "prod" # <REPLACE WITH YOUR VALUE>
+
+  # Default region in which we store critical infra such as secrets, DynamoDB
+  # tables, etc.
+  default_aws_region = "eu-west-1" # <REPLACE WITH YOUR VALUE>
+
+  runner_group_name_suffix = "cicd-forge" # <REPLACE WITH YOUR VALUE>
+
+  # AWS account associated with this environment.
+  aws_account_id      = "123456789012" # <REPLACE WITH YOUR VALUE>
+  aws_account_name    = "${local.global_settings.locals.aws_account_prefix}-${local.env}"
+  default_aws_profile = "${local.aws_account_name}"
+
+  # Sanitized values
+  sanitized_project_name = replace(local.global_settings.locals.project_name, "_", "-")
+  sanitized_git_org      = replace(local.global_settings.locals.git_org, "_", "-")
+
+  # Default security tags.
+  # <REPLACE WITH YOUR VALUE>
+  default_tags = {
+    TeamName          = local.global_settings.locals.team_name
+    ApplicationName   = local.global_settings.locals.product_name
+    Environment       = local.env
+    ResourceOwner     = local.global_settings.locals.team_name
+    ProductFamilyName = local.global_settings.locals.product_name
+  }
+
+  remote_state_config = {
+    backend = "s3"
+    config = {
+      bucket              = "${local.aws_account_id}.${local.sanitized_git_org}.${local.sanitized_project_name}"
+      key                 = "${path_relative_to_include("root")}/terraform.tfstate"
+      region              = local.default_aws_region
+      encrypt             = true
+      dynamodb_table      = "${local.aws_account_id}.${local.sanitized_git_org}.${local.sanitized_project_name}"
+      profile             = local.default_aws_profile
+      s3_bucket_tags      = local.default_tags
+      dynamodb_table_tags = local.default_tags
+    }
+  }
+}