- Description: ordisi.us blog/portfolio project
- Created By: Joe Perez
.
├── app # application code
│ └── blog # hugo site
│ ├── archetypes
│ ├── assets
│ ├── content
│ │ └── posts # markdown based blog posts go here
│ ├── data
│ ├── i18n
│ ├── layouts
│ ├── public # built hugo site
│ ├── resources
│ ├── static
│ └── themes
│ └── typo
└── infra # infrastructure code
└── workspaces
├── app
│ └── blog # resources to support hugo site
└── global # dns and other global level resources- Install dev containers extension
- Install Docker
- In VSCode, press
command+shift+p - Select "Dev Containers: Reopen in Container"
- Install tools:
brew install hugo opentofu pre-commit detect-secrets trivy
- In terminal, navigate to
app/blog - Build Hugo site:
hugo
- Run Hugo server:
hugo server -D - Browse to: http://localhost:1313/
- Make changes to markdown files in
app/blog/contentand save- Hugo will detect the change and reload automatically
- Validate changes by browsing to: http://localhost:1313/
- Make changes to workspace at
infra/workspaces/app/blog - Check in code + create a PR
Github actions will trigger a workflow which will initialize the workspace and output the plan as a PR comment. If the plan looks good, you can proceed with a review, approval and merge to main. This will trigger a tofu apply on the workspace.
- In terminal, browse to:
infra/workspaces/app/blog - Create
prod.tfvarsfile and update values:
env = "prod"
cloudflare_api_token = "CLOUDFLAREAPITOKENGOESHERE"
cloudflare_account_id = "CLOUDFLAREACCOUNTIDGOESHERE"
r2_access_key = "R2ACCESSKEYGOESHERE"
r2_secret_key = "R2SECRETKEYGOESHERE" #pragma: allowlist secretNote: Cloudflare does not offer OIDC/SSO similar to AWS
- Make changes to terraform files in
infra/workspaces/app/blogand save - Initialize infrastructure:
tofu init -var-file=prod.tfvars - Review pending changes:
tofu plan -var-file=prod.tfvars - Check in code + create a PR
Github actions will trigger a workflow which will initialize the workspace and output the plan as a PR comment. If the plan looks good, you can proceed with a review, approval and merge to main. This will trigger a tofu apply on the workspace.
- Check in code
- Fill out PR details
- Request review from team
- Workflow name:
N/A - Description: Cloudflare pages have been hooked into this repository. When a PR is created, a workflow will run to build the Hugo site and deploy it to Cloudlare pages. Once it's been deployed, the workflow will post a comment in the PR with details on how to preview the changes.
- Workflow name:
infra.yaml - Description: The Cloudflare pages infrastructure is managed by OpenTofu (Terraform.) When a PR is created, an approval to start the workflow is required (an extra precaution for a public repo), then the workflow will checkout the code, navigate to the workspace, initialize the infrastructure, run a plan, and post the pending changes as a comment on the PR. After the PR has been reviewed and merged to
main, the workflow will run again and apply the changes.
- Workflow name:
markdown_spellcheck.yaml - Description: When a PR is created, this workflow will run a spellcheck on changes to markdown files. If there are spelling mistakes, the job will fail. If a word causes a failure, but is not actually a typo, it can be added to
.spellcheck-wordlist.txt
- Description: dev containers is a configured development environment to help engineers move more quickly between repos. The local development requirements are already included, so the engineer doesn't have to worry if they have the right packages installed or the supported version
- Description: OpenTofu is a fork of Terraform and is used to manage cloud resource in IaC
- Description: pre-commit is a tool used to check various code and security requirements prior to pushing to github. This helps the feedback loop by catching problems faster
- Testing pre-commit changes:
pre-commit run -a