[infra] Define IaC Terraform code for gno infra deployment
zivkovicmilos opened this issue · comments
Description
This issue concerns creating a GH repository gnolang/infrastructure
, containing IaC Terraform code used to provision the entire Gno infrastructure stack, including k8s, DBs, load balancers, VPCs...
Additionally, Terraform state should be stored in the cloud (S3 bucket, HashiCorp...), so that anyone using Terraform can work on it.
The terraform apply
should be ran from GH actions on the gnolang/infrastructure
repository.
The scope of the IaC Terraform overhaul should cover all existing Gno services, testnets and deployments.
Finally, OIDC should be set up between GitHub and chosen cloud provider, to avoid security token usage.
Definition of done:
- Repository created, and Terraform set up for existing Gno services
- Terraform state stored remotely
gnolang/infrastructure
GH action should apply deployments- OIDC set up in case a cloud provider is chosen (also reflected in Terraform)