forge

🛠️ Forge Extras Deployment Example

This directory contains example configurations for deploying Forge infrastructure extras using Terragrunt for layered configuration management.

📦 Module Overview

The following modules are included in this deployment:

Module Name	Description
`cloud_custodian`	Applies Cloud Custodian policies for AWS resource governance
`cloud_formation`	Grants CloudFormation permissions for integrations and automation
`ecr`	Provisions ECR repositories for storing runner/container images
`forge_subscription`	Manages Forge subscription resources, allowing Forge runners to assume roles in tenant accounts and pull ECR images across accounts. Supports both self-subscription and tenant onboarding scenarios.
`storage`	Provisions S3 buckets for integrations and data storage

Prerequisites

Before deploying:

Ensure you have an existing VPC and subnets in your AWS account.
Install Terragrunt and OpenTofu (or Terraform).
Configure AWS credentials (aws configure) with the correct profile.
Ensure your IAM user/role has permissions to create EKS and related resources.

1. Prepare Config Files — Global and Environment

Copy these templates and place them at the correct paths:

Templates to Copy

examples/templates/eks/_global_settings/_global.yaml
examples/templates/eks/_environment_wide_settings/_environment.yaml

Destination Paths

examples/deployments/forge-extras/terragrunt/_global_settings/_global.yaml

examples/deployments/forge-extras/terragrunt/environments/<aws_account>/_environment_wide_settings/_environment.yaml

Edit the Config Files

_global.yaml
Set global values such as team name, product name, AWS account prefix, GitHub organization, and contact email.
(Path: _global_settings/_global.yaml)
_environment.yaml
Define environment-wide settings like environment name, AWS region, and account ID.
(Path: environments/<aws_account>/_environment_wide_settings/_environment.yaml)

Be sure to replace all placeholder values (<...>) with your actual environment details.

2. Prepare EKS Config File

Copy the EKS config template and place it at the correct path:

Template to Copy

examples/templates/extras/cloud_custodian/config.yaml
examples/templates/extras/ecr/config.yaml
examples/templates/extras/forge_subscription/config.yaml

Destination Path

examples/deployments/forge-extras/terragrunt/environments/<aws_account>/cloud_custodian/config.yaml
examples/deployments/forge-extras/terragrunt/environments/<aws_account>/ecr/config.yaml
examples/deployments/forge-extras/terragrunt/environments/<aws_account>/forge_subscription/config.yaml

Be sure to replace all placeholder values (<...>) with your actual environment details.

Deployment

To deploy all modules:

cd examples/deployments/forge-extras/terragrunt/environments/prod/
terragrunt run-all plan
terragrunt run-all apply

To deploy a specific module (example for Cloud Custodian):

cd examples/deployments/forge-extras/terragrunt/environments/prod/cloud_custodian/
terragrunt plan
terragrunt apply

For more advanced scenarios or troubleshooting, see the full documentation.

This site is open source. Improve this page.