refactor(azure): standardize live env token on production (was prod)#47
Merged
Conversation
…`prod`) `production` is the org-wide environment token — the AWS and GCP live trees, eks-gitops, kx, the tenant charts, eks-agent-platform, and eks-fleet all use it. The Azure live tree was the lone holdout on the short `prod`, which contradicted the multi-cloud parity the stack is built around and broke aks-gitops' "mirrors eks-gitops" contract. - Renamed the env directory `live/azure/workload-prod/westus2/prod` → `…/production` (the `workload-prod` subscription/account alias is kept, exactly as AWS pairs a `workload-prod` account with a `production` env). - `env.hcl`: `environment = "prod"` → `"production"`. This value is the cluster's `environment` secret label and feeds `resource_group_name` (so the RG, the `…-aks` cluster name, and every env-derived Azure resource name standardize with it). - Updated the shared `_envcommon/azure/*.hcl` cluster mock_outputs from the stale `mock.oic.prod-aks.azure.com` placeholder to `production-aks`. Pairs with aks-gitops standardizing its env token (so AKS clusters get labeled `environment: production` and the gitops `values-production.yaml` / `overlays/production` resolve). Renaming the env token shifts the Azure tfstate path key `tfstate/prod/…` → `tfstate/production/…`; any previously-applied Azure prod state re-applies under the new key.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
productionis the org-wide environment token — the AWS and GCP live trees, eks-gitops, kx, the tenant charts, eks-agent-platform, and eks-fleet all use it. The Azure live tree was the lone holdout on the shortprod, breaking aks-gitops' "mirrors eks-gitops" contract.live/azure/workload-prod/westus2/prod→…/production(theworkload-prodsubscription alias is kept — same as AWS pairs aworkload-prodaccount with aproductionenv).env.hcl:environment = "prod"→"production". This value is the cluster'senvironmentsecret label and feedsresource_group_name, so the RG, the…-akscluster name, and every env-derived Azure resource name standardize with it._envcommon/azure/*.hclclustermock_outputsfrom the stalemock.oic.prod-aks…placeholder toproduction-aks.Pairs with
aks-gitops#9 — standardizes the gitops side. Merge-coordinate: AKS clusters get labeled
environment: productionfrom this change, which is what makes aks-gitops'values-production.yaml/overlays/productionresolve. Part of the aks-gitops#8 standardization.Note
Renaming the env token shifts the Azure tfstate path key
tfstate/prod/…→tfstate/production/…; any previously-applied Azure prod state re-applies under the new key (greenfield-safe; accepted trade-off for cross-cloud parity).Verification
env.hcl, the 4_envcommonmocks) are correctlyterragrunt hcl-formatted; the repo-wide terragrunt-hcl format drift is pre-existing and not CI-gated (tofu fmtcovers.tf).prod-token sweep of the Azure live tree +_envcommonis clean — only the intentionalworkload-prodalias remains.