diff --git a/.github/actions/setup-terraform/action.yml b/.github/actions/setup-terraform/action.yml index 80d17aef7..42b1a37ce 100644 --- a/.github/actions/setup-terraform/action.yml +++ b/.github/actions/setup-terraform/action.yml @@ -3,7 +3,7 @@ description: "Set up Terraform with the version stored in the .terraform-version inputs: version-file: description: "File containing the terraform version to use." - default: ".terraform-version" + default: "./templates/base/.terraform-version" runs: using: "composite" steps: diff --git a/.github/workflows/ci-docs.yml b/.github/workflows/ci-docs.yml index 0a28f1d7e..e7cd6ca35 100644 --- a/.github/workflows/ci-docs.yml +++ b/.github/workflows/ci-docs.yml @@ -16,4 +16,4 @@ jobs: - uses: gaurav-nelson/github-action-markdown-link-check@1.0.15 with: use-quiet-mode: "yes" # errors only. - config-file: ".github/workflows/markdownlint-config.json" + config-file: "templates/base/.github/workflows/markdownlint-config.json" diff --git a/.github/workflows/ci-infra.yml b/.github/workflows/ci-infra.yml index 78a82f9cd..213e15d96 100644 --- a/.github/workflows/ci-infra.yml +++ b/.github/workflows/ci-infra.yml @@ -5,14 +5,16 @@ on: branches: - main paths: - - bin/** - - infra/** - .github/workflows/** + - templates/*/.github/workflows/** + - templates/*/bin/** + - templates/*/infra/** pull_request: paths: - - bin/** - - infra/** - .github/workflows/** + - templates/*/.github/workflows/** + - templates/*/bin/** + - templates/*/infra/** jobs: lint-github-actions: @@ -35,31 +37,25 @@ jobs: steps: - uses: actions/checkout@v4 - name: Shellcheck - run: make infra-lint-scripts + run: make -f template-only.mak infra-lint-scripts check-terraform-format: name: Check Terraform format runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v2 - with: - terraform_version: 1.8.3 - terraform_wrapper: false + - uses: ./.github/actions/setup-terraform - name: Run infra-lint-terraform run: | echo "If this fails, run 'make infra-format'" - make infra-lint-terraform + make -f template-only.mak infra-lint-terraform validate-terraform: name: Validate Terraform modules runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v2 - with: - terraform_version: 1.8.3 - terraform_wrapper: false + - uses: ./.github/actions/setup-terraform - name: Validate - run: make infra-validate-modules + run: make -f template-only.mak infra-validate-modules check-compliance-with-checkov: name: Check compliance with checkov runs-on: ubuntu-latest @@ -76,7 +72,8 @@ jobs: # In this case, checkov-action v12.2296.0 is mapped to checkov v2.3.194. uses: bridgecrewio/checkov-action@v12.2296.0 with: - directory: infra + # TODO: need to run different steps for templates/*/infra? + # directory: infra framework: terraform quiet: true # only displays failed checks check-compliance-with-tfsec: diff --git a/.github/workflows/template-only-ci-infra.yml b/.github/workflows/template-only-ci-infra.yml index 0c5ed7a44..f21e986db 100644 --- a/.github/workflows/template-only-ci-infra.yml +++ b/.github/workflows/template-only-ci-infra.yml @@ -6,8 +6,8 @@ on: - main pull_request: paths: - - bin/** - - infra/** + - templates/*/bin/** + - templates/*/infra/** - template-only-bin/** - template-only-infra/** - template-only-test/** @@ -40,7 +40,7 @@ jobs: - name: Set up Terraform uses: ./template-infra/.github/actions/setup-terraform with: - version-file: ./template-infra/.terraform-version + version-file: ./template-infra/templates/base/.terraform-version - uses: actions/setup-go@v5 with: diff --git a/copier.yml b/copier.yml index fb149e5f6..2392dccd1 100644 --- a/copier.yml +++ b/copier.yml @@ -100,10 +100,4 @@ _skip_if_exists: - "/{{ app_name }}/" - "/{{ app_name }}/Makefile" -_exclude: - - /.git - - /copier.yml - - /CODEOWNERS - - /CONTRIBUTING.md - - /LICENSE.md - - /README.md +_subdirectory: templates/{{ template }} diff --git a/template-only-app/Dockerfile b/template-only-app/Dockerfile index 5afd9d813..bbe87bd35 100644 --- a/template-only-app/Dockerfile +++ b/template-only-app/Dockerfile @@ -1,5 +1,5 @@ # Run `make update-docker-digest` to update the image -FROM python:3-alpine@sha256:657dbdb20479a6523b46c06114c8fec7db448232f956a429d3cc0606d30c1b59 as release +FROM python:3-alpine@sha256:657dbdb20479a6523b46c06114c8fec7db448232f956a429d3cc0606d30c1b59 AS release RUN adduser --system --disabled-password --no-create-home app diff --git a/template-only-docs/set-up-pr-environments.md b/template-only-docs/set-up-pr-environments.md index f9c78a94b..283cc2075 100644 --- a/template-only-docs/set-up-pr-environments.md +++ b/template-only-docs/set-up-pr-environments.md @@ -3,6 +3,6 @@ [Pull request environments](/docs/infra/pull-request-environments.md) are temporary environments that exist during a pull request. Enable them after [setting up the app environment](/docs/infra/set-up-app-env.md): - In [ci-{{app_name}}-pr-environment-checks.yml](/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja) and [ci-{{app_name}}-pr-environment-destroy.yml](/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja), search for `!!`. -- Uncomment the PR environment triggers for spot testing. Run `nava-platform infra update --answers-only --data app_has_dev_env_setup=true .` to consistently enable things. +- Uncomment the PR environment triggers for spot testing. Run `nava-platform infra update-app --answers-only --data app_has_dev_env_setup=true . ` to consistently enable things. You can verify that PR environments are working by opening a new PR and waiting for the "PR Environment Update" job to finish. diff --git a/template-only.mak b/template-only.mak index 2ca519289..bc9687455 100644 --- a/template-only.mak +++ b/template-only.mak @@ -3,12 +3,30 @@ PROJECT_NAME ?= platform-template-infra +MODULES := $(notdir $(wildcard templates/base/infra/modules/*)) + .PHONY : \ clean \ test \ setup-app-backends \ destroy-account +infra-lint-scripts: ## Lint shell scripts + shellcheck templates/*/bin/** + +infra-lint-terraform: ## Lint Terraform code + terraform fmt -recursive -check templates/*/infra + +# The prerequisite for this rule is obtained by +# prefixing each module with the string "infra-validate-module-" +infra-validate-modules: ## Run terraform validate on reusable child modules +infra-validate-modules: $(patsubst %, infra-validate-module-%, $(MODULES)) + +infra-validate-module-%: + @echo "Validate library module: $*" + terraform -chdir=templates/base/infra/modules/$* init -backend=false + terraform -chdir=templates/base/infra/modules/$* validate + lint-template-scripts: ## Lint template only scripts shellcheck template-only-bin/** diff --git a/.github/workflows/cd-{{app_name}}.yml.jinja b/templates/app/.github/workflows/cd-{{app_name}}.yml.jinja similarity index 93% rename from .github/workflows/cd-{{app_name}}.yml.jinja rename to templates/app/.github/workflows/cd-{{app_name}}.yml.jinja index 64001cbcb..a38e887f0 100644 --- a/.github/workflows/cd-{{app_name}}.yml.jinja +++ b/templates/app/.github/workflows/cd-{{app_name}}.yml.jinja @@ -16,7 +16,7 @@ on: # !! Once you've set up the dev environment and are ready to enable continuous # deployment, run: # - # nava-platform infra update --answers-only --data app_has_dev_env_setup=true . + # nava-platform infra update-app --answers-only --data app_has_dev_env_setup=true . {{app_name}} # # to enable these lines. They are here as comments for context. # diff --git a/.github/workflows/ci-{{app_name}}-infra-service.yml.jinja b/templates/app/.github/workflows/ci-{{app_name}}-infra-service.yml.jinja similarity index 94% rename from .github/workflows/ci-{{app_name}}-infra-service.yml.jinja rename to templates/app/.github/workflows/ci-{{app_name}}-infra-service.yml.jinja index d06f3e6b9..350a41230 100644 --- a/.github/workflows/ci-{{app_name}}-infra-service.yml.jinja +++ b/templates/app/.github/workflows/ci-{{app_name}}-infra-service.yml.jinja @@ -20,7 +20,7 @@ on: # !! Once you've set up the dev environment and are ready to enable automated # infra tests, run: # - # nava-platform infra update --answers-only --data app_has_dev_env_setup=true . + # nava-platform infra update-app --answers-only --data app_has_dev_env_setup=true . {{app_name}} # # to enable these lines. They are here as comments for context. # diff --git a/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja b/templates/app/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja similarity index 90% rename from .github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja rename to templates/app/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja index 899ff1958..f0ae79b34 100644 --- a/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja +++ b/templates/app/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja @@ -14,7 +14,7 @@ on: # !! Once you've set up the dev environment and are ready to enable PR # environments, run: # - # nava-platform infra update --answers-only --data app_has_dev_env_setup=true . + # nava-platform infra update-app --answers-only --data app_has_dev_env_setup=true . {{app_name}} # # to enable these lines. They are here as comments for context. # diff --git a/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja b/templates/app/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja similarity index 88% rename from .github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja rename to templates/app/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja index 137c93e1d..865021699 100644 --- a/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja +++ b/templates/app/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja @@ -12,7 +12,7 @@ on: # !! Once you've set up the dev environment and are ready to enable PR # environments, run: # - # nava-platform infra update --answers-only --data app_has_dev_env_setup=true . + # nava-platform infra update-app --answers-only --data app_has_dev_env_setup=true . {{app_name}} # # to enable these lines. They are here as comments for context. # diff --git a/.github/workflows/ci-{{app_name}}-vulnerability-scans.yml.jinja b/templates/app/.github/workflows/ci-{{app_name}}-vulnerability-scans.yml.jinja similarity index 100% rename from .github/workflows/ci-{{app_name}}-vulnerability-scans.yml.jinja rename to templates/app/.github/workflows/ci-{{app_name}}-vulnerability-scans.yml.jinja diff --git a/.template-infra/{{_copier_conf.answers_file}}.jinja b/templates/app/.template-infra/{{_copier_conf.answers_file}}.jinja similarity index 100% rename from .template-infra/{{_copier_conf.answers_file}}.jinja rename to templates/app/.template-infra/{{_copier_conf.answers_file}}.jinja diff --git a/e2e/{{app_name}}/playwright.config.js.jinja b/templates/app/e2e/{{app_name}}/playwright.config.js.jinja similarity index 100% rename from e2e/{{app_name}}/playwright.config.js.jinja rename to templates/app/e2e/{{app_name}}/playwright.config.js.jinja diff --git a/e2e/{{app_name}}/tests/index.spec.js b/templates/app/e2e/{{app_name}}/tests/index.spec.js similarity index 100% rename from e2e/{{app_name}}/tests/index.spec.js rename to templates/app/e2e/{{app_name}}/tests/index.spec.js diff --git a/infra/{{app_name}}/app-config/build_repository.tf b/templates/app/infra/{{app_name}}/app-config/build_repository.tf similarity index 100% rename from infra/{{app_name}}/app-config/build_repository.tf rename to templates/app/infra/{{app_name}}/app-config/build_repository.tf diff --git a/infra/{{app_name}}/app-config/dev.tf b/templates/app/infra/{{app_name}}/app-config/dev.tf similarity index 100% rename from infra/{{app_name}}/app-config/dev.tf rename to templates/app/infra/{{app_name}}/app-config/dev.tf diff --git a/infra/{{app_name}}/app-config/env-config/database.tf b/templates/app/infra/{{app_name}}/app-config/env-config/database.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/database.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/database.tf diff --git a/infra/{{app_name}}/app-config/env-config/domain.tf b/templates/app/infra/{{app_name}}/app-config/env-config/domain.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/domain.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/domain.tf diff --git a/infra/{{app_name}}/app-config/env-config/environment_variables.tf b/templates/app/infra/{{app_name}}/app-config/env-config/environment_variables.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/environment_variables.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/environment_variables.tf diff --git a/infra/{{app_name}}/app-config/env-config/file_upload_jobs.tf b/templates/app/infra/{{app_name}}/app-config/env-config/file_upload_jobs.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/file_upload_jobs.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/file_upload_jobs.tf diff --git a/infra/{{app_name}}/app-config/env-config/identity_provider.tf b/templates/app/infra/{{app_name}}/app-config/env-config/identity_provider.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/identity_provider.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/identity_provider.tf diff --git a/infra/{{app_name}}/app-config/env-config/main.tf b/templates/app/infra/{{app_name}}/app-config/env-config/main.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/main.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/main.tf diff --git a/infra/{{app_name}}/app-config/env-config/notifications.tf b/templates/app/infra/{{app_name}}/app-config/env-config/notifications.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/notifications.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/notifications.tf diff --git a/infra/{{app_name}}/app-config/env-config/outputs.tf b/templates/app/infra/{{app_name}}/app-config/env-config/outputs.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/outputs.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/outputs.tf diff --git a/infra/{{app_name}}/app-config/env-config/scheduled_jobs.tf b/templates/app/infra/{{app_name}}/app-config/env-config/scheduled_jobs.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/scheduled_jobs.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/scheduled_jobs.tf diff --git a/infra/{{app_name}}/app-config/env-config/variables.tf b/templates/app/infra/{{app_name}}/app-config/env-config/variables.tf similarity index 100% rename from infra/{{app_name}}/app-config/env-config/variables.tf rename to templates/app/infra/{{app_name}}/app-config/env-config/variables.tf diff --git a/infra/{{app_name}}/app-config/main.tf b/templates/app/infra/{{app_name}}/app-config/main.tf similarity index 100% rename from infra/{{app_name}}/app-config/main.tf rename to templates/app/infra/{{app_name}}/app-config/main.tf diff --git a/infra/{{app_name}}/app-config/outputs.tf b/templates/app/infra/{{app_name}}/app-config/outputs.tf similarity index 100% rename from infra/{{app_name}}/app-config/outputs.tf rename to templates/app/infra/{{app_name}}/app-config/outputs.tf diff --git a/infra/{{app_name}}/app-config/prod.tf b/templates/app/infra/{{app_name}}/app-config/prod.tf similarity index 100% rename from infra/{{app_name}}/app-config/prod.tf rename to templates/app/infra/{{app_name}}/app-config/prod.tf diff --git a/infra/{{app_name}}/app-config/staging.tf b/templates/app/infra/{{app_name}}/app-config/staging.tf similarity index 100% rename from infra/{{app_name}}/app-config/staging.tf rename to templates/app/infra/{{app_name}}/app-config/staging.tf diff --git a/infra/{{app_name}}/build-repository/main.tf b/templates/app/infra/{{app_name}}/build-repository/main.tf similarity index 100% rename from infra/{{app_name}}/build-repository/main.tf rename to templates/app/infra/{{app_name}}/build-repository/main.tf diff --git a/infra/{{app_name}}/database/main.tf b/templates/app/infra/{{app_name}}/database/main.tf similarity index 100% rename from infra/{{app_name}}/database/main.tf rename to templates/app/infra/{{app_name}}/database/main.tf diff --git a/infra/{{app_name}}/database/network.tf b/templates/app/infra/{{app_name}}/database/network.tf similarity index 100% rename from infra/{{app_name}}/database/network.tf rename to templates/app/infra/{{app_name}}/database/network.tf diff --git a/infra/{{app_name}}/database/outputs.tf b/templates/app/infra/{{app_name}}/database/outputs.tf similarity index 100% rename from infra/{{app_name}}/database/outputs.tf rename to templates/app/infra/{{app_name}}/database/outputs.tf diff --git a/infra/{{app_name}}/database/variables.tf b/templates/app/infra/{{app_name}}/database/variables.tf similarity index 100% rename from infra/{{app_name}}/database/variables.tf rename to templates/app/infra/{{app_name}}/database/variables.tf diff --git a/infra/{{app_name}}/service/database.tf b/templates/app/infra/{{app_name}}/service/database.tf similarity index 100% rename from infra/{{app_name}}/service/database.tf rename to templates/app/infra/{{app_name}}/service/database.tf diff --git a/infra/{{app_name}}/service/domain.tf b/templates/app/infra/{{app_name}}/service/domain.tf similarity index 100% rename from infra/{{app_name}}/service/domain.tf rename to templates/app/infra/{{app_name}}/service/domain.tf diff --git a/infra/{{app_name}}/service/identity_provider.tf b/templates/app/infra/{{app_name}}/service/identity_provider.tf similarity index 100% rename from infra/{{app_name}}/service/identity_provider.tf rename to templates/app/infra/{{app_name}}/service/identity_provider.tf diff --git a/infra/{{app_name}}/service/image_tag.tf b/templates/app/infra/{{app_name}}/service/image_tag.tf similarity index 100% rename from infra/{{app_name}}/service/image_tag.tf rename to templates/app/infra/{{app_name}}/service/image_tag.tf diff --git a/infra/{{app_name}}/service/main.tf b/templates/app/infra/{{app_name}}/service/main.tf similarity index 100% rename from infra/{{app_name}}/service/main.tf rename to templates/app/infra/{{app_name}}/service/main.tf diff --git a/infra/{{app_name}}/service/monitoring.tf b/templates/app/infra/{{app_name}}/service/monitoring.tf similarity index 100% rename from infra/{{app_name}}/service/monitoring.tf rename to templates/app/infra/{{app_name}}/service/monitoring.tf diff --git a/infra/{{app_name}}/service/network.tf b/templates/app/infra/{{app_name}}/service/network.tf similarity index 100% rename from infra/{{app_name}}/service/network.tf rename to templates/app/infra/{{app_name}}/service/network.tf diff --git a/infra/{{app_name}}/service/notifications.tf b/templates/app/infra/{{app_name}}/service/notifications.tf similarity index 100% rename from infra/{{app_name}}/service/notifications.tf rename to templates/app/infra/{{app_name}}/service/notifications.tf diff --git a/infra/{{app_name}}/service/outputs.tf b/templates/app/infra/{{app_name}}/service/outputs.tf similarity index 100% rename from infra/{{app_name}}/service/outputs.tf rename to templates/app/infra/{{app_name}}/service/outputs.tf diff --git a/infra/{{app_name}}/service/secrets.tf b/templates/app/infra/{{app_name}}/service/secrets.tf similarity index 100% rename from infra/{{app_name}}/service/secrets.tf rename to templates/app/infra/{{app_name}}/service/secrets.tf diff --git a/infra/{{app_name}}/service/storage.tf b/templates/app/infra/{{app_name}}/service/storage.tf similarity index 100% rename from infra/{{app_name}}/service/storage.tf rename to templates/app/infra/{{app_name}}/service/storage.tf diff --git a/infra/{{app_name}}/service/variables.tf b/templates/app/infra/{{app_name}}/service/variables.tf similarity index 100% rename from infra/{{app_name}}/service/variables.tf rename to templates/app/infra/{{app_name}}/service/variables.tf diff --git a/{{app_name}}/Makefile b/templates/app/{{app_name}}/Makefile similarity index 100% rename from {{app_name}}/Makefile rename to templates/app/{{app_name}}/Makefile diff --git a/.dockleconfig b/templates/base/.dockleconfig similarity index 100% rename from .dockleconfig rename to templates/base/.dockleconfig diff --git a/.github/actions/configure-aws-credentials/action.yml b/templates/base/.github/actions/configure-aws-credentials/action.yml similarity index 100% rename from .github/actions/configure-aws-credentials/action.yml rename to templates/base/.github/actions/configure-aws-credentials/action.yml diff --git a/.github/actions/first-file/action.yml b/templates/base/.github/actions/first-file/action.yml similarity index 100% rename from .github/actions/first-file/action.yml rename to templates/base/.github/actions/first-file/action.yml diff --git a/templates/base/.github/actions/setup-terraform/action.yml b/templates/base/.github/actions/setup-terraform/action.yml new file mode 100644 index 000000000..80d17aef7 --- /dev/null +++ b/templates/base/.github/actions/setup-terraform/action.yml @@ -0,0 +1,21 @@ +name: "Set up Terraform" +description: "Set up Terraform with the version stored in the .terraform-version file" +inputs: + version-file: + description: "File containing the terraform version to use." + default: ".terraform-version" +runs: + using: "composite" + steps: + - name: Get Terraform version + id: get-terraform-version + run: | + terraform_version="$(cat ${{ inputs.version-file }})" + echo "Terraform version: ${terraform_version}" + echo "terraform_version=${terraform_version}" >> "$GITHUB_OUTPUT" + shell: bash + - name: Set up Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: ${{ steps.get-terraform-version.outputs.terraform_version }} + terraform_wrapper: false diff --git a/templates/base/.github/pull_request_template.md b/templates/base/.github/pull_request_template.md new file mode 100644 index 000000000..a7db834a4 --- /dev/null +++ b/templates/base/.github/pull_request_template.md @@ -0,0 +1,15 @@ +## Ticket + +Resolves #{TICKET NUMBER OR URL} + +## Changes + +> What was added, updated, or removed in this PR. + +## Context for reviewers + +> Testing instructions, background context, more in-depth details of the implementation, and anything else you'd like to call out or ask reviewers. + +## Testing + +> Provide evidence that the code works as expected. Explain what was done for testing and the results of the test plan. Include screenshots, [GIF demos](https://www.cockos.com/licecap/), shell commands or output to help show the changes working as expected. ProTip: you can drag and drop or paste images into this textbox. diff --git a/.github/workflows/README.md b/templates/base/.github/workflows/README.md similarity index 81% rename from .github/workflows/README.md rename to templates/base/.github/workflows/README.md index 9ae197a35..78c34e051 100644 --- a/.github/workflows/README.md +++ b/templates/base/.github/workflows/README.md @@ -10,11 +10,11 @@ Each app should have: - `ci-`: must be created; should run linting and testing - `ci--vulnerability-scans`: calls `vulnerability-scans` - - Based on [ci-{{app_name}}-vulnerability-scans](https://github.com/navapbc/template-infra/blob/main/.github/workflows/ci-{{app_name}}-vulnerability-scans.yml.jinja) + - Based on [ci-{{app_name}}-vulnerability-scans](https://github.com/navapbc/template-infra/blob/main/templates/app/.github/workflows/ci-{{app_name}}-vulnerability-scans.yml.jinja) - `ci--pr-environment-checks.yml`: calls `pr-environment-checks.yml` to create or update a pull request environment (see [pull request environments](/docs/infra/pull-request-environments.md)) - - Based on [ci-{{app_name}}-pr-environment-checks.yml](https://github.com/navapbc/template-infra/blob/main/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja) + - Based on [ci-{{app_name}}-pr-environment-checks.yml](https://github.com/navapbc/template-infra/blob/main/templates/app/.github/workflows/ci-{{app_name}}-pr-environment-checks.yml.jinja) - `ci--pr-environment-destroy.yml`: calls `pr-environment-destroy.yml` to destroy the pull request environment (see [pull request environments](/docs/infra/pull-request-environments.md)) - - Based on [ci-{{app_name}}-pr-environment-destroy.yml](https://github.com/navapbc/template-infra/blob/main/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja) + - Based on [ci-{{app_name}}-pr-environment-destroy.yml](https://github.com/navapbc/template-infra/blob/main/templates/app/.github/workflows/ci-{{app_name}}-pr-environment-destroy.yml.jinja) ### App-agnostic workflows @@ -27,7 +27,7 @@ Each app should have: Each app should have: - `cd-`: deploys an application - - Based on [`cd-{{app_name}}`](https://github.com/navapbc/template-infra/blob/main/.github/workflows/cd-{{app_name}}.yml.jinja) + - Based on [`cd-{{app_name}}`](https://github.com/navapbc/template-infra/blob/main/templates/app/.github/workflows/cd-{{app_name}}.yml.jinja) The CD workflow uses these reusable workflows: diff --git a/.github/workflows/build-and-publish.yml b/templates/base/.github/workflows/build-and-publish.yml similarity index 100% rename from .github/workflows/build-and-publish.yml rename to templates/base/.github/workflows/build-and-publish.yml diff --git a/.github/workflows/check-ci-cd-auth.yml b/templates/base/.github/workflows/check-ci-cd-auth.yml similarity index 100% rename from .github/workflows/check-ci-cd-auth.yml rename to templates/base/.github/workflows/check-ci-cd-auth.yml diff --git a/.github/workflows/check-infra-deploy-status.yml b/templates/base/.github/workflows/check-infra-deploy-status.yml similarity index 100% rename from .github/workflows/check-infra-deploy-status.yml rename to templates/base/.github/workflows/check-infra-deploy-status.yml diff --git a/templates/base/.github/workflows/ci-docs.yml b/templates/base/.github/workflows/ci-docs.yml new file mode 100644 index 000000000..0a28f1d7e --- /dev/null +++ b/templates/base/.github/workflows/ci-docs.yml @@ -0,0 +1,19 @@ +name: CI Documentation Checks + +on: + push: + branches: + - main + pull_request: + +jobs: + lint-markdown: + name: Lint markdown + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + # This is the GitHub Actions-friendly port of the linter used in the Makefile. + - uses: gaurav-nelson/github-action-markdown-link-check@1.0.15 + with: + use-quiet-mode: "yes" # errors only. + config-file: ".github/workflows/markdownlint-config.json" diff --git a/templates/base/.github/workflows/ci-infra.yml b/templates/base/.github/workflows/ci-infra.yml new file mode 100644 index 000000000..24b9b5cf2 --- /dev/null +++ b/templates/base/.github/workflows/ci-infra.yml @@ -0,0 +1,89 @@ +name: CI Infra Checks + +on: + push: + branches: + - main + paths: + - bin/** + - infra/** + - .github/workflows/** + pull_request: + paths: + - bin/** + - infra/** + - .github/workflows/** + +jobs: + lint-github-actions: + # Lint github actions files using https://github.com/rhysd/actionlint + # This job configuration is largely copied from https://github.com/rhysd/actionlint/blob/main/docs/usage.md#use-actionlint-on-github-actions + name: Lint GitHub Actions workflows + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Download actionlint + id: get_actionlint + run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) + shell: bash + - name: Check workflow files + run: ${{ steps.get_actionlint.outputs.executable }} -color + shell: bash + lint-scripts: + name: Lint scripts + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Shellcheck + run: make infra-lint-scripts + check-terraform-format: + name: Check Terraform format + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/setup-terraform + - name: Run infra-lint-terraform + run: | + echo "If this fails, run 'make infra-format'" + make infra-lint-terraform + validate-terraform: + name: Validate Terraform modules + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/setup-terraform + - name: Validate + run: make infra-validate-modules + check-compliance-with-checkov: + name: Check compliance with checkov + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 + with: + python-version: "3.10" + - name: Run Checkov check + # Pin to specific checkov version rather than running from checkov@master + # since checkov frequently adds new checks that can cause CI checks to fail unpredictably. + # There is currently no way to specify the checkov version to pin to (See https://github.com/bridgecrewio/checkov-action/issues/41) + # so we need to pin the version of the checkov-action, which indirectly pins the checkov version. + # In this case, checkov-action v12.2296.0 is mapped to checkov v2.3.194. + uses: bridgecrewio/checkov-action@v12.2296.0 + with: + directory: infra + framework: terraform + quiet: true # only displays failed checks + check-compliance-with-tfsec: + name: Check compliance with tfsec + runs-on: ubuntu-latest + + permissions: + contents: read + pull-requests: write + + steps: + - uses: actions/checkout@v4 + - name: Run tfsec check + uses: aquasecurity/tfsec-pr-commenter-action@v1.2.0 + with: + github_token: ${{ github.token }} diff --git a/.github/workflows/database-migrations.yml b/templates/base/.github/workflows/database-migrations.yml similarity index 100% rename from .github/workflows/database-migrations.yml rename to templates/base/.github/workflows/database-migrations.yml diff --git a/.github/workflows/deploy.yml b/templates/base/.github/workflows/deploy.yml similarity index 100% rename from .github/workflows/deploy.yml rename to templates/base/.github/workflows/deploy.yml diff --git a/.github/workflows/e2e-tests.yml b/templates/base/.github/workflows/e2e-tests.yml similarity index 100% rename from .github/workflows/e2e-tests.yml rename to templates/base/.github/workflows/e2e-tests.yml diff --git a/.github/workflows/markdownlint-config.json b/templates/base/.github/workflows/markdownlint-config.json similarity index 100% rename from .github/workflows/markdownlint-config.json rename to templates/base/.github/workflows/markdownlint-config.json diff --git a/.github/workflows/pr-environment-checks.yml b/templates/base/.github/workflows/pr-environment-checks.yml similarity index 100% rename from .github/workflows/pr-environment-checks.yml rename to templates/base/.github/workflows/pr-environment-checks.yml diff --git a/.github/workflows/pr-environment-destroy.yml b/templates/base/.github/workflows/pr-environment-destroy.yml similarity index 100% rename from .github/workflows/pr-environment-destroy.yml rename to templates/base/.github/workflows/pr-environment-destroy.yml diff --git a/.github/workflows/scan-orphaned-pr-environments.yml b/templates/base/.github/workflows/scan-orphaned-pr-environments.yml similarity index 100% rename from .github/workflows/scan-orphaned-pr-environments.yml rename to templates/base/.github/workflows/scan-orphaned-pr-environments.yml diff --git a/.github/workflows/send-system-notification.yml b/templates/base/.github/workflows/send-system-notification.yml similarity index 100% rename from .github/workflows/send-system-notification.yml rename to templates/base/.github/workflows/send-system-notification.yml diff --git a/.github/workflows/vulnerability-scans.yml b/templates/base/.github/workflows/vulnerability-scans.yml similarity index 100% rename from .github/workflows/vulnerability-scans.yml rename to templates/base/.github/workflows/vulnerability-scans.yml diff --git a/templates/base/.gitignore b/templates/base/.gitignore new file mode 100644 index 000000000..6b1bc4956 --- /dev/null +++ b/templates/base/.gitignore @@ -0,0 +1,20 @@ +# Ignore Terraform lock files +# As of Feb 2023, Terraform lock files, while well intentioned, have a tendency +# to get into a confusing state that requires recreating the lock file, which +# defeats the purpose. Moreover, lock files are per environment, which can make +# it difficult for people to upgrade dependencies (e.g. upgrade an AWS provider) +# across environments if certain environments are locked down (e.g. production). +.terraform.lock.hcl + +# MacOS files +.DS_Store + +# Ignore develop-specific VS code settings files +.vscode + +# Ignore local environment variables which can contain environment secrets +.env +.envrc + +# Python testing stuff +*__pycache__* diff --git a/.grype.yml b/templates/base/.grype.yml similarity index 100% rename from .grype.yml rename to templates/base/.grype.yml diff --git a/.hadolint.yaml b/templates/base/.hadolint.yaml similarity index 100% rename from .hadolint.yaml rename to templates/base/.hadolint.yaml diff --git a/templates/base/.template-infra/{{_copier_conf.answers_file}}.jinja b/templates/base/.template-infra/{{_copier_conf.answers_file}}.jinja new file mode 100644 index 000000000..a96840d68 --- /dev/null +++ b/templates/base/.template-infra/{{_copier_conf.answers_file}}.jinja @@ -0,0 +1,2 @@ +# Changes here will be overwritten by Copier +{{ _copier_answers|to_nice_yaml -}} diff --git a/.terraform-version b/templates/base/.terraform-version similarity index 100% rename from .terraform-version rename to templates/base/.terraform-version diff --git a/.trivyignore b/templates/base/.trivyignore similarity index 100% rename from .trivyignore rename to templates/base/.trivyignore diff --git a/Makefile b/templates/base/Makefile similarity index 100% rename from Makefile rename to templates/base/Makefile diff --git a/bin/account-ids-by-name b/templates/base/bin/account-ids-by-name similarity index 100% rename from bin/account-ids-by-name rename to templates/base/bin/account-ids-by-name diff --git a/bin/check-database-roles b/templates/base/bin/check-database-roles similarity index 100% rename from bin/check-database-roles rename to templates/base/bin/check-database-roles diff --git a/bin/check-github-actions-auth b/templates/base/bin/check-github-actions-auth similarity index 100% rename from bin/check-github-actions-auth rename to templates/base/bin/check-github-actions-auth diff --git a/bin/configure-monitoring-secret b/templates/base/bin/configure-monitoring-secret similarity index 100% rename from bin/configure-monitoring-secret rename to templates/base/bin/configure-monitoring-secret diff --git a/bin/create-or-update-database-roles b/templates/base/bin/create-or-update-database-roles similarity index 100% rename from bin/create-or-update-database-roles rename to templates/base/bin/create-or-update-database-roles diff --git a/bin/create-tfbackend b/templates/base/bin/create-tfbackend similarity index 100% rename from bin/create-tfbackend rename to templates/base/bin/create-tfbackend diff --git a/bin/current-account-alias b/templates/base/bin/current-account-alias similarity index 100% rename from bin/current-account-alias rename to templates/base/bin/current-account-alias diff --git a/bin/current-account-config-name b/templates/base/bin/current-account-config-name similarity index 100% rename from bin/current-account-config-name rename to templates/base/bin/current-account-config-name diff --git a/bin/current-account-id b/templates/base/bin/current-account-id similarity index 100% rename from bin/current-account-id rename to templates/base/bin/current-account-id diff --git a/bin/current-region b/templates/base/bin/current-region similarity index 100% rename from bin/current-region rename to templates/base/bin/current-region diff --git a/bin/deploy-release b/templates/base/bin/deploy-release similarity index 100% rename from bin/deploy-release rename to templates/base/bin/deploy-release diff --git a/bin/destroy-pr-environment b/templates/base/bin/destroy-pr-environment similarity index 100% rename from bin/destroy-pr-environment rename to templates/base/bin/destroy-pr-environment diff --git a/bin/infra-deploy-status-check-configs b/templates/base/bin/infra-deploy-status-check-configs similarity index 100% rename from bin/infra-deploy-status-check-configs rename to templates/base/bin/infra-deploy-status-check-configs diff --git a/bin/is-image-published b/templates/base/bin/is-image-published similarity index 100% rename from bin/is-image-published rename to templates/base/bin/is-image-published diff --git a/bin/lint-markdown b/templates/base/bin/lint-markdown similarity index 100% rename from bin/lint-markdown rename to templates/base/bin/lint-markdown diff --git a/bin/orphaned-pr-environments b/templates/base/bin/orphaned-pr-environments similarity index 100% rename from bin/orphaned-pr-environments rename to templates/base/bin/orphaned-pr-environments diff --git a/bin/publish-release b/templates/base/bin/publish-release similarity index 100% rename from bin/publish-release rename to templates/base/bin/publish-release diff --git a/bin/run-command b/templates/base/bin/run-command similarity index 100% rename from bin/run-command rename to templates/base/bin/run-command diff --git a/bin/run-database-migrations b/templates/base/bin/run-database-migrations similarity index 100% rename from bin/run-database-migrations rename to templates/base/bin/run-database-migrations diff --git a/bin/set-up-current-account b/templates/base/bin/set-up-current-account similarity index 100% rename from bin/set-up-current-account rename to templates/base/bin/set-up-current-account diff --git a/bin/terraform-apply b/templates/base/bin/terraform-apply similarity index 100% rename from bin/terraform-apply rename to templates/base/bin/terraform-apply diff --git a/bin/terraform-init b/templates/base/bin/terraform-init similarity index 100% rename from bin/terraform-init rename to templates/base/bin/terraform-init diff --git a/bin/terraform-init-and-apply b/templates/base/bin/terraform-init-and-apply similarity index 100% rename from bin/terraform-init-and-apply rename to templates/base/bin/terraform-init-and-apply diff --git a/bin/update-pr-environment b/templates/base/bin/update-pr-environment similarity index 100% rename from bin/update-pr-environment rename to templates/base/bin/update-pr-environment diff --git a/bin/util.sh b/templates/base/bin/util.sh similarity index 100% rename from bin/util.sh rename to templates/base/bin/util.sh diff --git a/docs/code-reviews.md b/templates/base/docs/code-reviews.md similarity index 100% rename from docs/code-reviews.md rename to templates/base/docs/code-reviews.md diff --git a/docs/compliance.md b/templates/base/docs/compliance.md similarity index 100% rename from docs/compliance.md rename to templates/base/docs/compliance.md diff --git a/docs/decisions/index.md b/templates/base/docs/decisions/index.md similarity index 100% rename from docs/decisions/index.md rename to templates/base/docs/decisions/index.md diff --git a/docs/decisions/infra/0000-use-markdown-architectural-decision-records.md b/templates/base/docs/decisions/infra/0000-use-markdown-architectural-decision-records.md similarity index 100% rename from docs/decisions/infra/0000-use-markdown-architectural-decision-records.md rename to templates/base/docs/decisions/infra/0000-use-markdown-architectural-decision-records.md diff --git a/docs/decisions/infra/0001-ci-cd-interface.md b/templates/base/docs/decisions/infra/0001-ci-cd-interface.md similarity index 100% rename from docs/decisions/infra/0001-ci-cd-interface.md rename to templates/base/docs/decisions/infra/0001-ci-cd-interface.md diff --git a/docs/decisions/infra/0002-use-custom-implementation-of-github-oidc.md b/templates/base/docs/decisions/infra/0002-use-custom-implementation-of-github-oidc.md similarity index 100% rename from docs/decisions/infra/0002-use-custom-implementation-of-github-oidc.md rename to templates/base/docs/decisions/infra/0002-use-custom-implementation-of-github-oidc.md diff --git a/docs/decisions/infra/0003-manage-ecr-in-prod-account-module.md b/templates/base/docs/decisions/infra/0003-manage-ecr-in-prod-account-module.md similarity index 100% rename from docs/decisions/infra/0003-manage-ecr-in-prod-account-module.md rename to templates/base/docs/decisions/infra/0003-manage-ecr-in-prod-account-module.md diff --git a/docs/decisions/infra/0004-separate-terraform-backend-configs-into-separate-config-files.md b/templates/base/docs/decisions/infra/0004-separate-terraform-backend-configs-into-separate-config-files.md similarity index 100% rename from docs/decisions/infra/0004-separate-terraform-backend-configs-into-separate-config-files.md rename to templates/base/docs/decisions/infra/0004-separate-terraform-backend-configs-into-separate-config-files.md diff --git a/docs/decisions/infra/0005-separate-database-infrastructure-into-separate-layer.md b/templates/base/docs/decisions/infra/0005-separate-database-infrastructure-into-separate-layer.md similarity index 100% rename from docs/decisions/infra/0005-separate-database-infrastructure-into-separate-layer.md rename to templates/base/docs/decisions/infra/0005-separate-database-infrastructure-into-separate-layer.md diff --git a/docs/decisions/infra/0006-provision-database-users-with-serverless-function.md b/templates/base/docs/decisions/infra/0006-provision-database-users-with-serverless-function.md similarity index 100% rename from docs/decisions/infra/0006-provision-database-users-with-serverless-function.md rename to templates/base/docs/decisions/infra/0006-provision-database-users-with-serverless-function.md diff --git a/docs/decisions/infra/0007-database-migration-architecture.md b/templates/base/docs/decisions/infra/0007-database-migration-architecture.md similarity index 100% rename from docs/decisions/infra/0007-database-migration-architecture.md rename to templates/base/docs/decisions/infra/0007-database-migration-architecture.md diff --git a/docs/decisions/infra/0008-consolidate-infra-config-from-tfvars-files-into-config-module.md b/templates/base/docs/decisions/infra/0008-consolidate-infra-config-from-tfvars-files-into-config-module.md similarity index 100% rename from docs/decisions/infra/0008-consolidate-infra-config-from-tfvars-files-into-config-module.md rename to templates/base/docs/decisions/infra/0008-consolidate-infra-config-from-tfvars-files-into-config-module.md diff --git a/docs/decisions/infra/0009-separate-app-infrastructure-into-layers.md b/templates/base/docs/decisions/infra/0009-separate-app-infrastructure-into-layers.md similarity index 100% rename from docs/decisions/infra/0009-separate-app-infrastructure-into-layers.md rename to templates/base/docs/decisions/infra/0009-separate-app-infrastructure-into-layers.md diff --git a/docs/decisions/infra/0010-feature-flags-system-design.md b/templates/base/docs/decisions/infra/0010-feature-flags-system-design.md similarity index 100% rename from docs/decisions/infra/0010-feature-flags-system-design.md rename to templates/base/docs/decisions/infra/0010-feature-flags-system-design.md diff --git a/docs/decisions/infra/0011-network-layer-design.md b/templates/base/docs/decisions/infra/0011-network-layer-design.md similarity index 100% rename from docs/decisions/infra/0011-network-layer-design.md rename to templates/base/docs/decisions/infra/0011-network-layer-design.md diff --git a/docs/decisions/template.md b/templates/base/docs/decisions/template.md similarity index 100% rename from docs/decisions/template.md rename to templates/base/docs/decisions/template.md diff --git a/docs/e2e/e2e-checks.md b/templates/base/docs/e2e/e2e-checks.md similarity index 100% rename from docs/e2e/e2e-checks.md rename to templates/base/docs/e2e/e2e-checks.md diff --git a/docs/feature-flags.md b/templates/base/docs/feature-flags.md similarity index 100% rename from docs/feature-flags.md rename to templates/base/docs/feature-flags.md diff --git a/docs/infra/background-jobs.md b/templates/base/docs/infra/background-jobs.md similarity index 100% rename from docs/infra/background-jobs.md rename to templates/base/docs/infra/background-jobs.md diff --git a/docs/infra/cloud-access-control.md b/templates/base/docs/infra/cloud-access-control.md similarity index 100% rename from docs/infra/cloud-access-control.md rename to templates/base/docs/infra/cloud-access-control.md diff --git a/docs/infra/database-access-control.md b/templates/base/docs/infra/database-access-control.md similarity index 100% rename from docs/infra/database-access-control.md rename to templates/base/docs/infra/database-access-control.md diff --git a/docs/infra/destroy-infrastructure.md b/templates/base/docs/infra/destroy-infrastructure.md similarity index 100% rename from docs/infra/destroy-infrastructure.md rename to templates/base/docs/infra/destroy-infrastructure.md diff --git a/docs/infra/develop-and-test-infrastructure-in-isolation-using-workspaces.md b/templates/base/docs/infra/develop-and-test-infrastructure-in-isolation-using-workspaces.md similarity index 100% rename from docs/infra/develop-and-test-infrastructure-in-isolation-using-workspaces.md rename to templates/base/docs/infra/develop-and-test-infrastructure-in-isolation-using-workspaces.md diff --git a/docs/infra/environment-variables-and-secrets.md b/templates/base/docs/infra/environment-variables-and-secrets.md similarity index 100% rename from docs/infra/environment-variables-and-secrets.md rename to templates/base/docs/infra/environment-variables-and-secrets.md diff --git a/docs/infra/https-support.md b/templates/base/docs/infra/https-support.md similarity index 100% rename from docs/infra/https-support.md rename to templates/base/docs/infra/https-support.md diff --git a/docs/infra/infrastructure-configuration.md b/templates/base/docs/infra/infrastructure-configuration.md similarity index 100% rename from docs/infra/infrastructure-configuration.md rename to templates/base/docs/infra/infrastructure-configuration.md diff --git a/docs/infra/making-infra-changes.md b/templates/base/docs/infra/making-infra-changes.md similarity index 100% rename from docs/infra/making-infra-changes.md rename to templates/base/docs/infra/making-infra-changes.md diff --git a/docs/infra/module-architecture.md b/templates/base/docs/infra/module-architecture.md similarity index 100% rename from docs/infra/module-architecture.md rename to templates/base/docs/infra/module-architecture.md diff --git a/docs/infra/module-dependencies.md b/templates/base/docs/infra/module-dependencies.md similarity index 100% rename from docs/infra/module-dependencies.md rename to templates/base/docs/infra/module-dependencies.md diff --git a/docs/infra/pull-request-environments.md b/templates/base/docs/infra/pull-request-environments.md similarity index 100% rename from docs/infra/pull-request-environments.md rename to templates/base/docs/infra/pull-request-environments.md diff --git a/docs/infra/service-command-execution.md b/templates/base/docs/infra/service-command-execution.md similarity index 100% rename from docs/infra/service-command-execution.md rename to templates/base/docs/infra/service-command-execution.md diff --git a/docs/infra/set-up-app-build-repository.md b/templates/base/docs/infra/set-up-app-build-repository.md similarity index 100% rename from docs/infra/set-up-app-build-repository.md rename to templates/base/docs/infra/set-up-app-build-repository.md diff --git a/docs/infra/set-up-app-env.md b/templates/base/docs/infra/set-up-app-env.md similarity index 100% rename from docs/infra/set-up-app-env.md rename to templates/base/docs/infra/set-up-app-env.md diff --git a/docs/infra/set-up-aws-account.md b/templates/base/docs/infra/set-up-aws-account.md similarity index 100% rename from docs/infra/set-up-aws-account.md rename to templates/base/docs/infra/set-up-aws-account.md diff --git a/docs/infra/set-up-custom-domains.md b/templates/base/docs/infra/set-up-custom-domains.md similarity index 100% rename from docs/infra/set-up-custom-domains.md rename to templates/base/docs/infra/set-up-custom-domains.md diff --git a/docs/infra/set-up-database.md b/templates/base/docs/infra/set-up-database.md similarity index 100% rename from docs/infra/set-up-database.md rename to templates/base/docs/infra/set-up-database.md diff --git a/docs/infra/set-up-infrastructure-tools.md b/templates/base/docs/infra/set-up-infrastructure-tools.md similarity index 100% rename from docs/infra/set-up-infrastructure-tools.md rename to templates/base/docs/infra/set-up-infrastructure-tools.md diff --git a/docs/infra/set-up-monitoring-alerts.md b/templates/base/docs/infra/set-up-monitoring-alerts.md similarity index 100% rename from docs/infra/set-up-monitoring-alerts.md rename to templates/base/docs/infra/set-up-monitoring-alerts.md diff --git a/docs/infra/set-up-network.md b/templates/base/docs/infra/set-up-network.md similarity index 100% rename from docs/infra/set-up-network.md rename to templates/base/docs/infra/set-up-network.md diff --git a/docs/infra/set-up-public-internet-access.md b/templates/base/docs/infra/set-up-public-internet-access.md similarity index 100% rename from docs/infra/set-up-public-internet-access.md rename to templates/base/docs/infra/set-up-public-internet-access.md diff --git a/docs/infra/style-guide.md b/templates/base/docs/infra/style-guide.md similarity index 100% rename from docs/infra/style-guide.md rename to templates/base/docs/infra/style-guide.md diff --git a/docs/infra/system-notifications.md b/templates/base/docs/infra/system-notifications.md similarity index 100% rename from docs/infra/system-notifications.md rename to templates/base/docs/infra/system-notifications.md diff --git a/docs/infra/upgrade-database.md b/templates/base/docs/infra/upgrade-database.md similarity index 100% rename from docs/infra/upgrade-database.md rename to templates/base/docs/infra/upgrade-database.md diff --git a/docs/infra/vulnerability-management.md b/templates/base/docs/infra/vulnerability-management.md similarity index 100% rename from docs/infra/vulnerability-management.md rename to templates/base/docs/infra/vulnerability-management.md diff --git a/docs/releases.md b/templates/base/docs/releases.md similarity index 100% rename from docs/releases.md rename to templates/base/docs/releases.md diff --git a/docs/system-architecture.md b/templates/base/docs/system-architecture.md similarity index 100% rename from docs/system-architecture.md rename to templates/base/docs/system-architecture.md diff --git a/e2e/.gitignore b/templates/base/e2e/.gitignore similarity index 100% rename from e2e/.gitignore rename to templates/base/e2e/.gitignore diff --git a/e2e/Dockerfile b/templates/base/e2e/Dockerfile similarity index 100% rename from e2e/Dockerfile rename to templates/base/e2e/Dockerfile diff --git a/e2e/package-lock.json b/templates/base/e2e/package-lock.json similarity index 100% rename from e2e/package-lock.json rename to templates/base/e2e/package-lock.json diff --git a/e2e/package.json b/templates/base/e2e/package.json similarity index 100% rename from e2e/package.json rename to templates/base/e2e/package.json diff --git a/e2e/playwright.config.js b/templates/base/e2e/playwright.config.js similarity index 100% rename from e2e/playwright.config.js rename to templates/base/e2e/playwright.config.js diff --git a/e2e/run-e2e-test b/templates/base/e2e/run-e2e-test similarity index 100% rename from e2e/run-e2e-test rename to templates/base/e2e/run-e2e-test diff --git a/e2e/util.js b/templates/base/e2e/util.js similarity index 100% rename from e2e/util.js rename to templates/base/e2e/util.js diff --git a/infra/.gitignore b/templates/base/infra/.gitignore similarity index 100% rename from infra/.gitignore rename to templates/base/infra/.gitignore diff --git a/infra/README.md b/templates/base/infra/README.md similarity index 100% rename from infra/README.md rename to templates/base/infra/README.md diff --git a/infra/accounts/main.tf b/templates/base/infra/accounts/main.tf similarity index 100% rename from infra/accounts/main.tf rename to templates/base/infra/accounts/main.tf diff --git a/infra/accounts/outputs.tf b/templates/base/infra/accounts/outputs.tf similarity index 100% rename from infra/accounts/outputs.tf rename to templates/base/infra/accounts/outputs.tf diff --git a/infra/example.s3.tfbackend b/templates/base/infra/example.s3.tfbackend similarity index 100% rename from infra/example.s3.tfbackend rename to templates/base/infra/example.s3.tfbackend diff --git a/infra/modules/auth-github-actions/README.md b/templates/base/infra/modules/auth-github-actions/README.md similarity index 100% rename from infra/modules/auth-github-actions/README.md rename to templates/base/infra/modules/auth-github-actions/README.md diff --git a/infra/modules/auth-github-actions/main.tf b/templates/base/infra/modules/auth-github-actions/main.tf similarity index 100% rename from infra/modules/auth-github-actions/main.tf rename to templates/base/infra/modules/auth-github-actions/main.tf diff --git a/infra/modules/auth-github-actions/variables.tf b/templates/base/infra/modules/auth-github-actions/variables.tf similarity index 100% rename from infra/modules/auth-github-actions/variables.tf rename to templates/base/infra/modules/auth-github-actions/variables.tf diff --git a/infra/modules/container-image-repository/main.tf b/templates/base/infra/modules/container-image-repository/main.tf similarity index 100% rename from infra/modules/container-image-repository/main.tf rename to templates/base/infra/modules/container-image-repository/main.tf diff --git a/infra/modules/container-image-repository/outputs.tf b/templates/base/infra/modules/container-image-repository/outputs.tf similarity index 100% rename from infra/modules/container-image-repository/outputs.tf rename to templates/base/infra/modules/container-image-repository/outputs.tf diff --git a/infra/modules/container-image-repository/variables.tf b/templates/base/infra/modules/container-image-repository/variables.tf similarity index 100% rename from infra/modules/container-image-repository/variables.tf rename to templates/base/infra/modules/container-image-repository/variables.tf diff --git a/infra/modules/database/resources/.gitignore b/templates/base/infra/modules/database/.gitignore similarity index 100% rename from infra/modules/database/resources/.gitignore rename to templates/base/infra/modules/database/.gitignore diff --git a/infra/modules/database/data/main.tf b/templates/base/infra/modules/database/data/main.tf similarity index 100% rename from infra/modules/database/data/main.tf rename to templates/base/infra/modules/database/data/main.tf diff --git a/infra/modules/database/data/outputs.tf b/templates/base/infra/modules/database/data/outputs.tf similarity index 100% rename from infra/modules/database/data/outputs.tf rename to templates/base/infra/modules/database/data/outputs.tf diff --git a/infra/modules/database/data/variables.tf b/templates/base/infra/modules/database/data/variables.tf similarity index 100% rename from infra/modules/database/data/variables.tf rename to templates/base/infra/modules/database/data/variables.tf diff --git a/infra/modules/database/interface/outputs.tf b/templates/base/infra/modules/database/interface/outputs.tf similarity index 100% rename from infra/modules/database/interface/outputs.tf rename to templates/base/infra/modules/database/interface/outputs.tf diff --git a/infra/modules/database/interface/variables.tf b/templates/base/infra/modules/database/interface/variables.tf similarity index 100% rename from infra/modules/database/interface/variables.tf rename to templates/base/infra/modules/database/interface/variables.tf diff --git a/templates/base/infra/modules/database/resources/.gitignore b/templates/base/infra/modules/database/resources/.gitignore new file mode 100644 index 000000000..e5dd1565a --- /dev/null +++ b/templates/base/infra/modules/database/resources/.gitignore @@ -0,0 +1,2 @@ +__pycache__ +vendor/ diff --git a/infra/modules/database/resources/authentication.tf b/templates/base/infra/modules/database/resources/authentication.tf similarity index 100% rename from infra/modules/database/resources/authentication.tf rename to templates/base/infra/modules/database/resources/authentication.tf diff --git a/infra/modules/database/resources/backups.tf b/templates/base/infra/modules/database/resources/backups.tf similarity index 100% rename from infra/modules/database/resources/backups.tf rename to templates/base/infra/modules/database/resources/backups.tf diff --git a/infra/modules/database/resources/main.tf b/templates/base/infra/modules/database/resources/main.tf similarity index 100% rename from infra/modules/database/resources/main.tf rename to templates/base/infra/modules/database/resources/main.tf diff --git a/infra/modules/database/resources/monitoring.tf b/templates/base/infra/modules/database/resources/monitoring.tf similarity index 100% rename from infra/modules/database/resources/monitoring.tf rename to templates/base/infra/modules/database/resources/monitoring.tf diff --git a/infra/modules/database/resources/networking.tf b/templates/base/infra/modules/database/resources/networking.tf similarity index 100% rename from infra/modules/database/resources/networking.tf rename to templates/base/infra/modules/database/resources/networking.tf diff --git a/infra/modules/database/resources/outputs.tf b/templates/base/infra/modules/database/resources/outputs.tf similarity index 100% rename from infra/modules/database/resources/outputs.tf rename to templates/base/infra/modules/database/resources/outputs.tf diff --git a/infra/modules/database/resources/role_manager.tf b/templates/base/infra/modules/database/resources/role_manager.tf similarity index 100% rename from infra/modules/database/resources/role_manager.tf rename to templates/base/infra/modules/database/resources/role_manager.tf diff --git a/infra/modules/database/resources/role_manager/check.py b/templates/base/infra/modules/database/resources/role_manager/check.py similarity index 100% rename from infra/modules/database/resources/role_manager/check.py rename to templates/base/infra/modules/database/resources/role_manager/check.py diff --git a/infra/modules/database/resources/role_manager/db.py b/templates/base/infra/modules/database/resources/role_manager/db.py similarity index 100% rename from infra/modules/database/resources/role_manager/db.py rename to templates/base/infra/modules/database/resources/role_manager/db.py diff --git a/infra/modules/database/resources/role_manager/manage.py b/templates/base/infra/modules/database/resources/role_manager/manage.py similarity index 100% rename from infra/modules/database/resources/role_manager/manage.py rename to templates/base/infra/modules/database/resources/role_manager/manage.py diff --git a/infra/modules/database/resources/role_manager/requirements.txt b/templates/base/infra/modules/database/resources/role_manager/requirements.txt similarity index 100% rename from infra/modules/database/resources/role_manager/requirements.txt rename to templates/base/infra/modules/database/resources/role_manager/requirements.txt diff --git a/infra/modules/database/resources/role_manager/role_manager.py b/templates/base/infra/modules/database/resources/role_manager/role_manager.py similarity index 100% rename from infra/modules/database/resources/role_manager/role_manager.py rename to templates/base/infra/modules/database/resources/role_manager/role_manager.py diff --git a/infra/modules/database/resources/variables.tf b/templates/base/infra/modules/database/resources/variables.tf similarity index 100% rename from infra/modules/database/resources/variables.tf rename to templates/base/infra/modules/database/resources/variables.tf diff --git a/infra/modules/database/resources/role_manager.zip b/templates/base/infra/modules/database/role_manager.zip similarity index 100% rename from infra/modules/database/resources/role_manager.zip rename to templates/base/infra/modules/database/role_manager.zip diff --git a/infra/modules/domain/data/main.tf b/templates/base/infra/modules/domain/data/main.tf similarity index 100% rename from infra/modules/domain/data/main.tf rename to templates/base/infra/modules/domain/data/main.tf diff --git a/infra/modules/domain/data/outputs.tf b/templates/base/infra/modules/domain/data/outputs.tf similarity index 100% rename from infra/modules/domain/data/outputs.tf rename to templates/base/infra/modules/domain/data/outputs.tf diff --git a/infra/modules/domain/data/variables.tf b/templates/base/infra/modules/domain/data/variables.tf similarity index 100% rename from infra/modules/domain/data/variables.tf rename to templates/base/infra/modules/domain/data/variables.tf diff --git a/infra/modules/domain/resources/certificates.tf b/templates/base/infra/modules/domain/resources/certificates.tf similarity index 100% rename from infra/modules/domain/resources/certificates.tf rename to templates/base/infra/modules/domain/resources/certificates.tf diff --git a/infra/modules/domain/resources/main.tf b/templates/base/infra/modules/domain/resources/main.tf similarity index 100% rename from infra/modules/domain/resources/main.tf rename to templates/base/infra/modules/domain/resources/main.tf diff --git a/infra/modules/domain/resources/outputs.tf b/templates/base/infra/modules/domain/resources/outputs.tf similarity index 100% rename from infra/modules/domain/resources/outputs.tf rename to templates/base/infra/modules/domain/resources/outputs.tf diff --git a/infra/modules/domain/resources/query_logs.tf b/templates/base/infra/modules/domain/resources/query_logs.tf similarity index 100% rename from infra/modules/domain/resources/query_logs.tf rename to templates/base/infra/modules/domain/resources/query_logs.tf diff --git a/infra/modules/domain/resources/variables.tf b/templates/base/infra/modules/domain/resources/variables.tf similarity index 100% rename from infra/modules/domain/resources/variables.tf rename to templates/base/infra/modules/domain/resources/variables.tf diff --git a/infra/modules/identity-provider-client/resources/access_control.tf b/templates/base/infra/modules/identity-provider-client/resources/access_control.tf similarity index 100% rename from infra/modules/identity-provider-client/resources/access_control.tf rename to templates/base/infra/modules/identity-provider-client/resources/access_control.tf diff --git a/infra/modules/identity-provider-client/resources/main.tf b/templates/base/infra/modules/identity-provider-client/resources/main.tf similarity index 100% rename from infra/modules/identity-provider-client/resources/main.tf rename to templates/base/infra/modules/identity-provider-client/resources/main.tf diff --git a/infra/modules/identity-provider-client/resources/outputs.tf b/templates/base/infra/modules/identity-provider-client/resources/outputs.tf similarity index 100% rename from infra/modules/identity-provider-client/resources/outputs.tf rename to templates/base/infra/modules/identity-provider-client/resources/outputs.tf diff --git a/infra/modules/identity-provider-client/resources/variables.tf b/templates/base/infra/modules/identity-provider-client/resources/variables.tf similarity index 100% rename from infra/modules/identity-provider-client/resources/variables.tf rename to templates/base/infra/modules/identity-provider-client/resources/variables.tf diff --git a/infra/modules/identity-provider/data/main.tf b/templates/base/infra/modules/identity-provider/data/main.tf similarity index 100% rename from infra/modules/identity-provider/data/main.tf rename to templates/base/infra/modules/identity-provider/data/main.tf diff --git a/infra/modules/identity-provider/data/outputs.tf b/templates/base/infra/modules/identity-provider/data/outputs.tf similarity index 100% rename from infra/modules/identity-provider/data/outputs.tf rename to templates/base/infra/modules/identity-provider/data/outputs.tf diff --git a/infra/modules/identity-provider/data/variables.tf b/templates/base/infra/modules/identity-provider/data/variables.tf similarity index 100% rename from infra/modules/identity-provider/data/variables.tf rename to templates/base/infra/modules/identity-provider/data/variables.tf diff --git a/infra/modules/identity-provider/resources/main.tf b/templates/base/infra/modules/identity-provider/resources/main.tf similarity index 100% rename from infra/modules/identity-provider/resources/main.tf rename to templates/base/infra/modules/identity-provider/resources/main.tf diff --git a/infra/modules/identity-provider/resources/outputs.tf b/templates/base/infra/modules/identity-provider/resources/outputs.tf similarity index 100% rename from infra/modules/identity-provider/resources/outputs.tf rename to templates/base/infra/modules/identity-provider/resources/outputs.tf diff --git a/infra/modules/identity-provider/resources/variables.tf b/templates/base/infra/modules/identity-provider/resources/variables.tf similarity index 100% rename from infra/modules/identity-provider/resources/variables.tf rename to templates/base/infra/modules/identity-provider/resources/variables.tf diff --git a/infra/modules/monitoring/main.tf b/templates/base/infra/modules/monitoring/main.tf similarity index 100% rename from infra/modules/monitoring/main.tf rename to templates/base/infra/modules/monitoring/main.tf diff --git a/infra/modules/monitoring/outputs.tf b/templates/base/infra/modules/monitoring/outputs.tf similarity index 100% rename from infra/modules/monitoring/outputs.tf rename to templates/base/infra/modules/monitoring/outputs.tf diff --git a/infra/modules/monitoring/variables.tf b/templates/base/infra/modules/monitoring/variables.tf similarity index 100% rename from infra/modules/monitoring/variables.tf rename to templates/base/infra/modules/monitoring/variables.tf diff --git a/infra/modules/network/data/main.tf b/templates/base/infra/modules/network/data/main.tf similarity index 100% rename from infra/modules/network/data/main.tf rename to templates/base/infra/modules/network/data/main.tf diff --git a/infra/modules/network/data/outputs.tf b/templates/base/infra/modules/network/data/outputs.tf similarity index 100% rename from infra/modules/network/data/outputs.tf rename to templates/base/infra/modules/network/data/outputs.tf diff --git a/infra/modules/network/data/variables.tf b/templates/base/infra/modules/network/data/variables.tf similarity index 100% rename from infra/modules/network/data/variables.tf rename to templates/base/infra/modules/network/data/variables.tf diff --git a/infra/modules/network/interface/outputs.tf b/templates/base/infra/modules/network/interface/outputs.tf similarity index 100% rename from infra/modules/network/interface/outputs.tf rename to templates/base/infra/modules/network/interface/outputs.tf diff --git a/infra/modules/network/interface/variables.tf b/templates/base/infra/modules/network/interface/variables.tf similarity index 100% rename from infra/modules/network/interface/variables.tf rename to templates/base/infra/modules/network/interface/variables.tf diff --git a/infra/modules/network/resources/main.tf b/templates/base/infra/modules/network/resources/main.tf similarity index 100% rename from infra/modules/network/resources/main.tf rename to templates/base/infra/modules/network/resources/main.tf diff --git a/infra/modules/network/resources/variables.tf b/templates/base/infra/modules/network/resources/variables.tf similarity index 100% rename from infra/modules/network/resources/variables.tf rename to templates/base/infra/modules/network/resources/variables.tf diff --git a/infra/modules/network/resources/vpc_endpoints.tf b/templates/base/infra/modules/network/resources/vpc_endpoints.tf similarity index 100% rename from infra/modules/network/resources/vpc_endpoints.tf rename to templates/base/infra/modules/network/resources/vpc_endpoints.tf diff --git a/infra/modules/notifications-email-domain/data/main.tf b/templates/base/infra/modules/notifications-email-domain/data/main.tf similarity index 100% rename from infra/modules/notifications-email-domain/data/main.tf rename to templates/base/infra/modules/notifications-email-domain/data/main.tf diff --git a/infra/modules/notifications-email-domain/data/outputs.tf b/templates/base/infra/modules/notifications-email-domain/data/outputs.tf similarity index 100% rename from infra/modules/notifications-email-domain/data/outputs.tf rename to templates/base/infra/modules/notifications-email-domain/data/outputs.tf diff --git a/infra/modules/notifications-email-domain/data/variables.tf b/templates/base/infra/modules/notifications-email-domain/data/variables.tf similarity index 100% rename from infra/modules/notifications-email-domain/data/variables.tf rename to templates/base/infra/modules/notifications-email-domain/data/variables.tf diff --git a/infra/modules/notifications-email-domain/resources/access_control.tf b/templates/base/infra/modules/notifications-email-domain/resources/access_control.tf similarity index 100% rename from infra/modules/notifications-email-domain/resources/access_control.tf rename to templates/base/infra/modules/notifications-email-domain/resources/access_control.tf diff --git a/infra/modules/notifications-email-domain/resources/dns.tf b/templates/base/infra/modules/notifications-email-domain/resources/dns.tf similarity index 100% rename from infra/modules/notifications-email-domain/resources/dns.tf rename to templates/base/infra/modules/notifications-email-domain/resources/dns.tf diff --git a/infra/modules/notifications-email-domain/resources/logs.tf b/templates/base/infra/modules/notifications-email-domain/resources/logs.tf similarity index 100% rename from infra/modules/notifications-email-domain/resources/logs.tf rename to templates/base/infra/modules/notifications-email-domain/resources/logs.tf diff --git a/infra/modules/notifications-email-domain/resources/main.tf b/templates/base/infra/modules/notifications-email-domain/resources/main.tf similarity index 100% rename from infra/modules/notifications-email-domain/resources/main.tf rename to templates/base/infra/modules/notifications-email-domain/resources/main.tf diff --git a/infra/modules/notifications-email-domain/resources/outputs.tf b/templates/base/infra/modules/notifications-email-domain/resources/outputs.tf similarity index 100% rename from infra/modules/notifications-email-domain/resources/outputs.tf rename to templates/base/infra/modules/notifications-email-domain/resources/outputs.tf diff --git a/infra/modules/notifications-email-domain/resources/variables.tf b/templates/base/infra/modules/notifications-email-domain/resources/variables.tf similarity index 100% rename from infra/modules/notifications-email-domain/resources/variables.tf rename to templates/base/infra/modules/notifications-email-domain/resources/variables.tf diff --git a/infra/modules/notifications/resources/access_control.tf b/templates/base/infra/modules/notifications/resources/access_control.tf similarity index 100% rename from infra/modules/notifications/resources/access_control.tf rename to templates/base/infra/modules/notifications/resources/access_control.tf diff --git a/infra/modules/notifications/resources/email.tf b/templates/base/infra/modules/notifications/resources/email.tf similarity index 100% rename from infra/modules/notifications/resources/email.tf rename to templates/base/infra/modules/notifications/resources/email.tf diff --git a/infra/modules/notifications/resources/main.tf b/templates/base/infra/modules/notifications/resources/main.tf similarity index 100% rename from infra/modules/notifications/resources/main.tf rename to templates/base/infra/modules/notifications/resources/main.tf diff --git a/infra/modules/notifications/resources/outputs.tf b/templates/base/infra/modules/notifications/resources/outputs.tf similarity index 100% rename from infra/modules/notifications/resources/outputs.tf rename to templates/base/infra/modules/notifications/resources/outputs.tf diff --git a/infra/modules/notifications/resources/variables.tf b/templates/base/infra/modules/notifications/resources/variables.tf similarity index 100% rename from infra/modules/notifications/resources/variables.tf rename to templates/base/infra/modules/notifications/resources/variables.tf diff --git a/infra/modules/secret/main.tf b/templates/base/infra/modules/secret/main.tf similarity index 100% rename from infra/modules/secret/main.tf rename to templates/base/infra/modules/secret/main.tf diff --git a/infra/modules/secret/outputs.tf b/templates/base/infra/modules/secret/outputs.tf similarity index 100% rename from infra/modules/secret/outputs.tf rename to templates/base/infra/modules/secret/outputs.tf diff --git a/infra/modules/secret/variables.tf b/templates/base/infra/modules/secret/variables.tf similarity index 100% rename from infra/modules/secret/variables.tf rename to templates/base/infra/modules/secret/variables.tf diff --git a/infra/modules/service/access_control.tf b/templates/base/infra/modules/service/access_control.tf similarity index 100% rename from infra/modules/service/access_control.tf rename to templates/base/infra/modules/service/access_control.tf diff --git a/infra/modules/service/access_logs.tf b/templates/base/infra/modules/service/access_logs.tf similarity index 100% rename from infra/modules/service/access_logs.tf rename to templates/base/infra/modules/service/access_logs.tf diff --git a/infra/modules/service/application_logs.tf b/templates/base/infra/modules/service/application_logs.tf similarity index 100% rename from infra/modules/service/application_logs.tf rename to templates/base/infra/modules/service/application_logs.tf diff --git a/infra/modules/service/command_execution.tf b/templates/base/infra/modules/service/command_execution.tf similarity index 100% rename from infra/modules/service/command_execution.tf rename to templates/base/infra/modules/service/command_execution.tf diff --git a/infra/modules/service/database_access.tf b/templates/base/infra/modules/service/database_access.tf similarity index 100% rename from infra/modules/service/database_access.tf rename to templates/base/infra/modules/service/database_access.tf diff --git a/infra/modules/service/dns.tf b/templates/base/infra/modules/service/dns.tf similarity index 100% rename from infra/modules/service/dns.tf rename to templates/base/infra/modules/service/dns.tf diff --git a/infra/modules/service/events_jobs.tf b/templates/base/infra/modules/service/events_jobs.tf similarity index 100% rename from infra/modules/service/events_jobs.tf rename to templates/base/infra/modules/service/events_jobs.tf diff --git a/infra/modules/service/events_role.tf b/templates/base/infra/modules/service/events_role.tf similarity index 100% rename from infra/modules/service/events_role.tf rename to templates/base/infra/modules/service/events_role.tf diff --git a/infra/modules/service/load_balancer.tf b/templates/base/infra/modules/service/load_balancer.tf similarity index 100% rename from infra/modules/service/load_balancer.tf rename to templates/base/infra/modules/service/load_balancer.tf diff --git a/infra/modules/service/main.tf b/templates/base/infra/modules/service/main.tf similarity index 100% rename from infra/modules/service/main.tf rename to templates/base/infra/modules/service/main.tf diff --git a/infra/modules/service/networking.tf b/templates/base/infra/modules/service/networking.tf similarity index 100% rename from infra/modules/service/networking.tf rename to templates/base/infra/modules/service/networking.tf diff --git a/infra/modules/service/outputs.tf b/templates/base/infra/modules/service/outputs.tf similarity index 100% rename from infra/modules/service/outputs.tf rename to templates/base/infra/modules/service/outputs.tf diff --git a/infra/modules/service/scheduled_jobs.tf b/templates/base/infra/modules/service/scheduled_jobs.tf similarity index 100% rename from infra/modules/service/scheduled_jobs.tf rename to templates/base/infra/modules/service/scheduled_jobs.tf diff --git a/infra/modules/service/scheduler_role.tf b/templates/base/infra/modules/service/scheduler_role.tf similarity index 100% rename from infra/modules/service/scheduler_role.tf rename to templates/base/infra/modules/service/scheduler_role.tf diff --git a/infra/modules/service/variables.tf b/templates/base/infra/modules/service/variables.tf similarity index 100% rename from infra/modules/service/variables.tf rename to templates/base/infra/modules/service/variables.tf diff --git a/infra/modules/service/workflow_orchestrator_role.tf b/templates/base/infra/modules/service/workflow_orchestrator_role.tf similarity index 100% rename from infra/modules/service/workflow_orchestrator_role.tf rename to templates/base/infra/modules/service/workflow_orchestrator_role.tf diff --git a/infra/modules/storage/access_control.tf b/templates/base/infra/modules/storage/access_control.tf similarity index 100% rename from infra/modules/storage/access_control.tf rename to templates/base/infra/modules/storage/access_control.tf diff --git a/infra/modules/storage/encryption.tf b/templates/base/infra/modules/storage/encryption.tf similarity index 100% rename from infra/modules/storage/encryption.tf rename to templates/base/infra/modules/storage/encryption.tf diff --git a/infra/modules/storage/events.tf b/templates/base/infra/modules/storage/events.tf similarity index 100% rename from infra/modules/storage/events.tf rename to templates/base/infra/modules/storage/events.tf diff --git a/infra/modules/storage/lifecycle.tf b/templates/base/infra/modules/storage/lifecycle.tf similarity index 100% rename from infra/modules/storage/lifecycle.tf rename to templates/base/infra/modules/storage/lifecycle.tf diff --git a/infra/modules/storage/main.tf b/templates/base/infra/modules/storage/main.tf similarity index 100% rename from infra/modules/storage/main.tf rename to templates/base/infra/modules/storage/main.tf diff --git a/infra/modules/storage/outputs.tf b/templates/base/infra/modules/storage/outputs.tf similarity index 100% rename from infra/modules/storage/outputs.tf rename to templates/base/infra/modules/storage/outputs.tf diff --git a/infra/modules/storage/variables.tf b/templates/base/infra/modules/storage/variables.tf similarity index 100% rename from infra/modules/storage/variables.tf rename to templates/base/infra/modules/storage/variables.tf diff --git a/infra/modules/terraform-backend-s3/README.md b/templates/base/infra/modules/terraform-backend-s3/README.md similarity index 100% rename from infra/modules/terraform-backend-s3/README.md rename to templates/base/infra/modules/terraform-backend-s3/README.md diff --git a/infra/modules/terraform-backend-s3/main.tf b/templates/base/infra/modules/terraform-backend-s3/main.tf similarity index 100% rename from infra/modules/terraform-backend-s3/main.tf rename to templates/base/infra/modules/terraform-backend-s3/main.tf diff --git a/infra/modules/terraform-backend-s3/outputs.tf b/templates/base/infra/modules/terraform-backend-s3/outputs.tf similarity index 100% rename from infra/modules/terraform-backend-s3/outputs.tf rename to templates/base/infra/modules/terraform-backend-s3/outputs.tf diff --git a/infra/modules/terraform-backend-s3/variables.tf b/templates/base/infra/modules/terraform-backend-s3/variables.tf similarity index 100% rename from infra/modules/terraform-backend-s3/variables.tf rename to templates/base/infra/modules/terraform-backend-s3/variables.tf diff --git a/infra/networks/main.tf.jinja b/templates/base/infra/networks/main.tf.jinja similarity index 100% rename from infra/networks/main.tf.jinja rename to templates/base/infra/networks/main.tf.jinja diff --git a/infra/networks/outputs.tf b/templates/base/infra/networks/outputs.tf similarity index 100% rename from infra/networks/outputs.tf rename to templates/base/infra/networks/outputs.tf diff --git a/infra/networks/variables.tf b/templates/base/infra/networks/variables.tf similarity index 100% rename from infra/networks/variables.tf rename to templates/base/infra/networks/variables.tf diff --git a/infra/project-config/README.md b/templates/base/infra/project-config/README.md similarity index 100% rename from infra/project-config/README.md rename to templates/base/infra/project-config/README.md diff --git a/infra/project-config/aws_services.tf b/templates/base/infra/project-config/aws_services.tf similarity index 100% rename from infra/project-config/aws_services.tf rename to templates/base/infra/project-config/aws_services.tf diff --git a/infra/project-config/main.tf.jinja b/templates/base/infra/project-config/main.tf.jinja similarity index 100% rename from infra/project-config/main.tf.jinja rename to templates/base/infra/project-config/main.tf.jinja diff --git a/infra/project-config/networks.tf b/templates/base/infra/project-config/networks.tf similarity index 100% rename from infra/project-config/networks.tf rename to templates/base/infra/project-config/networks.tf diff --git a/infra/project-config/outputs.tf b/templates/base/infra/project-config/outputs.tf similarity index 100% rename from infra/project-config/outputs.tf rename to templates/base/infra/project-config/outputs.tf diff --git a/infra/project-config/system_notifications.tf b/templates/base/infra/project-config/system_notifications.tf similarity index 100% rename from infra/project-config/system_notifications.tf rename to templates/base/infra/project-config/system_notifications.tf diff --git a/infra/test/go.mod b/templates/base/infra/test/go.mod similarity index 100% rename from infra/test/go.mod rename to templates/base/infra/test/go.mod diff --git a/infra/test/go.sum b/templates/base/infra/test/go.sum similarity index 100% rename from infra/test/go.sum rename to templates/base/infra/test/go.sum diff --git a/infra/test/helpers.go b/templates/base/infra/test/helpers.go similarity index 100% rename from infra/test/helpers.go rename to templates/base/infra/test/helpers.go diff --git a/infra/test/infra_test.go b/templates/base/infra/test/infra_test.go similarity index 100% rename from infra/test/infra_test.go rename to templates/base/infra/test/infra_test.go