https://github.com/drifthoundhq/infra-demo
GitOps repository for DriftHound demo website.
https://github.com/drifthoundhq/infra-demo
detection drift iac opentofu terraform terragrunt
Last synced: 5 months ago
JSON representation
GitOps repository for DriftHound demo website.
- Host: GitHub
- URL: https://github.com/drifthoundhq/infra-demo
- Owner: drifthoundhq
- Created: 2025-12-20T15:10:35.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2026-01-21T14:51:08.000Z (5 months ago)
- Last Synced: 2026-01-22T02:28:36.336Z (5 months ago)
- Topics: detection, drift, iac, opentofu, terraform, terragrunt
- Language: HCL
- Homepage: https://demo.drifthound.io/
- Size: 82 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# DriftHound Infrastructure Demo
A demo repository showcasing [DriftHound](https://github.com/drifthoundhq/drifthound) infrastructure drift detection with Terragrunt.
This repository uses Terraform's `random` provider to simulate infrastructure without requiring any cloud accounts.
Demo live site: https://demo.drifthound.io
> [!NOTE]
> DriftHound demo repository in hosted in [Render](https://render.com/) under free tier subscription. It might take some minutes to boot up as it automatically spins down after inactivity period.
## Repository Structure
```
├── drifthound.yaml # DriftHound Action configuration
├── terragrunt.hcl # Root Terragrunt config
├── modules/
│ └── random-resources/ # Shared Terraform module
├── stacks/ # Stack definitions
│ ├── api-gateway/
│ ├── auth-service/
│ ├── billing-platform/
│ ├── data-pipeline/
│ └── user-database/
└── environments/ # Environment deployments
├── production/
├── staging/
└── development/
```
## Projects & Environments
| Project | Production | Staging | Development |
|---------|:----------:|:-------:|:-----------:|
| api-gateway | ✓ | ✓ | - |
| auth-service | ✓ | - | - |
| billing-platform | ✓ | ✓ | - |
| data-pipeline | ✓ | - | - |
| user-database | ✓ | ✓ | ✓ |
**Total**: 5 projects, 9 environments
## Quick Start
### Prerequisites
- [opentofu](https://opentofu.org/docs/v1.11/intro/install/) >= 1.11.2
- [Terragrunt](https://terragrunt.gruntwork.io/docs/getting-started/install/) >= 0.96.0
### Initialize All Environments
```bash
# Initialize all environments at once
cd environments
terragrunt run-all init
# Or initialize a specific environment
cd environments/production/api-gateway
terragrunt init
```
### Apply Infrastructure
```bash
# Apply all environments
cd environments
terragrunt run-all apply --terragrunt-non-interactive
# Or apply a specific environment
cd environments/production/api-gateway
terragrunt apply
```
## Running Drift Checks
### Using GitHub Actions
1. Fork this repository
2. Configure repository secrets:
- `DRIFTHOUND_URL` - Your DriftHound instance URL
- `DRIFTHOUND_TOKEN` - API token from DriftHound
3. Run the "Infrastructure Drift Detection" workflow manually or enable the schedule
### Running Locally
```bash
# Set your DriftHound credentials
export DRIFTHOUND_TOKEN=your-api-token
export DRIFTHOUND_API_URL=https://your-drifthound.example.com
# Run checks on all environments
./scripts/run-all-checks.sh
```
## Creating Drift (For Demo)
To simulate drift, modify the `inputs` in any environment's `terragrunt.hcl` file without applying:
```hcl
# In environments/production/billing-platform/terragrunt.hcl
# Change:
instance_name = "billing-prod"
# To:
instance_name = "billing-prod-v2"
```
Then run a drift check - it will detect the change as drift.
## Configuration
### drifthound.yaml
The `drifthound.yaml` file defines all scopes for the DriftHound GitHub Action:
```yaml
default_tool: terragrunt
scopes:
- name: "api-gateway-prod"
project: "api-gateway"
environment: "production"
directory: "./environments/production/api-gateway"
# ... more scopes
```
### GitHub Secrets Required
| Secret | Description |
|--------|-------------|
| `DRIFTHOUND_URL` | DriftHound API URL (e.g., `https://drifthound.example.com`) |
| `DRIFTHOUND_TOKEN` | API token created in DriftHound web UI |
## License
MIT