{"id":29121014,"url":"https://github.com/chrispsheehan/webstack","last_synced_at":"2025-10-12T00:46:08.740Z","repository":{"id":299652023,"uuid":"944103599","full_name":"chrispsheehan/webstack","owner":"chrispsheehan","description":"Source code for chrispsheehan.com. Astro-powered and deployed with Terragrunt and GitHub Actions. A fast, serverless site that's inexpensive to run.","archived":false,"fork":false,"pushed_at":"2025-08-02T18:26:04.000Z","size":1186,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-08-02T20:42:33.159Z","etag":null,"topics":["astro","aws","serverless","terraform","terragrunt"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chrispsheehan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-03-06T19:42:08.000Z","updated_at":"2025-08-02T18:25:48.000Z","dependencies_parsed_at":"2025-06-17T16:34:22.407Z","dependency_job_id":"be9fa83b-cf57-4940-9ce4-a283a2dc0878","html_url":"https://github.com/chrispsheehan/webstack","commit_stats":null,"previous_names":["chrispsheehan/webstack"],"tags_count":38,"template":false,"template_full_name":null,"purl":"pkg:github/chrispsheehan/webstack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrispsheehan%2Fwebstack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrispsheehan%2Fwebstack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrispsheehan%2Fwebstack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrispsheehan%2Fwebstack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chrispsheehan","download_url":"https://codeload.github.com/chrispsheehan/webstack/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrispsheehan%2Fwebstack/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279009511,"owners_count":26084609,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-11T02:00:06.511Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["astro","aws","serverless","terraform","terragrunt"],"created_at":"2025-06-29T15:38:33.004Z","updated_at":"2025-10-12T00:46:08.709Z","avatar_url":"https://github.com/chrispsheehan.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# webstack\n\nFull stack web project.\n\n---\n\n## setup\n\n**One time** setup with `just import-repo` to import the repo into the Terraform state.\n\nApply GitHub settings and create the GitHub `ci` environment seeded with required variables and branch controls.\n\n```sh\njust setup-repo\njust init dev\njust init prod\n```\n\nExample plan command:\n\n```sh\njust tg dev aws/jobs plan\n```\n\n**_WARNING_**  \nTerragrunt will create the S3 state bucket the first time this is done — this should only happen **once**:\n\n```\nRemote state S3 bucket your-state-bucket-name-tfstate does not exist or you don't have permissions to access it. Would you like Terragrunt to create it? (y/n) y\n```\n\n---\n\n## ☁️ AWS OIDC Integration\n\nThis project uses **GitHub OIDC (OpenID Connect)** for secure, keyless access to AWS.\n\n### 🔐 Terraform OIDC Role Module\n\nThe Terraform module [`chrispsheehan/github-oidc-role/aws`](https://registry.terraform.io/modules/chrispsheehan/github-oidc-role/aws/latest) is used to:\n\n- Create an IAM role with the correct trust relationship\n- Grant least-privilege access for GitHub Actions\n- Bind to a GitHub repository and environment\n\n---\n\n### 🤖 GitHub Actions\n\n#### 1. [`chrispsheehan/just-aws-oidc-action@0.1.1`](https://github.com/chrispsheehan/just-aws-oidc-action)\n\nThis action sets up AWS OIDC and runs a `just` command with AWS credentials:\n\n```yaml\n- uses: chrispsheehan/just-aws-oidc-action@0.1.1\n  with:\n    aws_oidc_role_arn: arn:aws:iam::123456789012:role/webstack-ci\n    just_command: seed dev\n```\n\n#### 2. [`chrispsheehan/terragrunt-aws-oidc-action@0.3.0`](https://github.com/chrispsheehan/terragrunt-aws-oidc-action)\n\nThis action:\n\n- Authenticates via OIDC\n- Installs Terraform and Terragrunt\n- Runs a Terragrunt command with injected config\n\n```yaml\n- uses: chrispsheehan/terragrunt-aws-oidc-action@0.3.0\n  with:\n    aws_oidc_role_arn: arn:aws:iam::123456789012:role/webstack-ci\n    tg_directory: infrastructure/dev\n    tg_action: apply\n    override_tg_vars: '{\"env\": \"dev\"}'\n```\n\n---\n\n## required installs\n\n```sh\nbrew install terragrunt\nbrew install terraform\nbrew install just\nbrew install awscli\nbrew install gh\nbrew install node\nnpm install -g prettier\n```\n\n---\n\n## scripts\n\n- `just setup-repo` – apply GitHub repo state as per Terraform code  \n- `just seed` – locally populate `frontend/public/data` with `data.json` files  \n- `just start` – open hot-reloaded website  \n- `just temp-init` – allow current branch to deploy from `dev` GitHub environment  \n\n---\n\n## infrastructure\n\n![Infrastructure](docs/infra.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchrispsheehan%2Fwebstack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchrispsheehan%2Fwebstack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchrispsheehan%2Fwebstack/lists"}