automated terminal push

2025-07-12 10:10:12 +00:00
parent 7ab019bfd8
commit df5de796b9
1 changed files with 6 additions and 22 deletions
--- a/28
+++ b/28
@@ -22,7 +22,8 @@ pipeline {
    TF_VAR_public_subnets  = '10.0.1.0/24,10.0.2.0/24'
    TF_VAR_instance_type   = 't2.micro'
    TF_VAR_key_pair_name   = 'nvhi-atsila-deployer'
-    TF_VAR_jenkins_ip_cidr = "${JENKINS_SSH_CIDR}"
+    // ensure we pass a valid CIDR (/32)
+    TF_VAR_jenkins_ip_cidr = "${JENKINS_SSH_CIDR}/32"

    IMAGE_NAME             = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${ECR_REPO}"
    IMAGE_TAG              = "v1.0.${BUILD_NUMBER}"
@@ -30,9 +31,7 @@ pipeline {

  stages {
    stage('Checkout') {
-      steps {
-        checkout scm
-      }
+      steps { checkout scm }
    }

    stage('SonarQube Scan') {
@@ -82,44 +81,29 @@ pipeline {
          sh '''
            set -e

-            # 1) Ensure S3 bucket exists
+            # Ensure S3 bucket exists
            if ! aws s3api head-bucket --bucket $TF_BACKEND_BUCKET 2>/dev/null; then
-              echo "Creating S3 bucket $TF_BACKEND_BUCKET..."
-              aws s3api create-bucket \
-                --bucket $TF_BACKEND_BUCKET \
-                --region $AWS_REGION \
+              aws s3api create-bucket --bucket $TF_BACKEND_BUCKET --region $AWS_REGION \
                --create-bucket-configuration LocationConstraint=$AWS_REGION
-
-              echo "Enabling encryption & versioning..."
              aws s3api put-bucket-encryption \
                --bucket $TF_BACKEND_BUCKET \
                --server-side-encryption-configuration '{"Rules":[{"ApplyServerSideEncryptionByDefault":{"SSEAlgorithm":"AES256"}}]}'
-
              aws s3api put-bucket-versioning \
                --bucket $TF_BACKEND_BUCKET \
                --versioning-configuration Status=Enabled
-            else
-              echo "S3 bucket $TF_BACKEND_BUCKET already exists."
            fi

-            # 2) Ensure DynamoDB table exists
+            # Ensure DynamoDB table exists and is ready
            if ! aws dynamodb describe-table --table-name $TF_DDB_TABLE 2>/dev/null; then
-              echo "Creating DynamoDB table $TF_DDB_TABLE..."
              aws dynamodb create-table \
                --table-name $TF_DDB_TABLE \
                --attribute-definitions AttributeName=LockID,AttributeType=S \
                --key-schema AttributeName=LockID,KeyType=HASH \
                --billing-mode PAY_PER_REQUEST
-
-              echo "Waiting for DynamoDB table to become ACTIVE..."
              aws dynamodb wait table-exists --table-name $TF_DDB_TABLE
-
-              echo "Enabling point‑in‑time recovery..."
              aws dynamodb update-continuous-backups \
                --table-name $TF_DDB_TABLE \
                --point-in-time-recovery-specification PointInTimeRecoveryEnabled=true
-            else
-              echo "DynamoDB table $TF_DDB_TABLE already exists."
            fi
          '''
        }