diff --git a/.drone.yml b/.drone.yml index 2fc7864..13dc040 100644 --- a/.drone.yml +++ b/.drone.yml @@ -36,13 +36,7 @@ steps: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY commands: - - cp providers.tf.example examples/from_scratch/providers.tf - - cp backend.tf.example examples/from_scratch/backend.tf - - cd examples/from_scratch - - sed -i "s/REPLACE/$DRONE_BUILD_NUMBER/g" backend.tf - - terraform init - - terraform apply --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" - - terraform -v + - EXAMPLE=from_scratch pipeline/run_terraform.sh when: event: - push @@ -59,62 +53,7 @@ steps: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY commands: - - cp providers.tf.example examples/from_scratch/providers.tf - - cp backend.tf.example examples/from_scratch/backend.tf - - cd examples/from_scratch - - sed -i "s/REPLACE/$DRONE_BUILD_NUMBER/g" backend.tf - - terraform init - - terraform destroy --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" -refresh=false - - terraform -v - when: - event: - - push - status: - - failure - - success - branch: - - master - -- name: into_subnets - image: hashicorp/terraform:light - depends_on: - - lint - environment: - AWS_ACCESS_KEY_ID: - from_secret: AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY: - from_secret: AWS_SECRET_ACCESS_KEY - commands: - - cp providers.tf.example examples/into_existing_subnets/providers.tf - - cp backend.tf.example examples/into_existing_subnets/backend.tf - - cd examples/into_existing_subnets - - sed -i "s/REPLACE/intosubnets$DRONE_BUILD_NUMBER/g" backend.tf - - terraform init - - terraform apply --auto-approve -var "deployment_id=intosubnets$DRONE_BUILD_NUMBER" - - terraform -v - when: - event: - - push - branch: - - master - -- name: into_subnets_cleanup - depends_on: - - into_subnets - image: hashicorp/terraform:light - environment: - AWS_ACCESS_KEY_ID: - from_secret: AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY: - from_secret: AWS_SECRET_ACCESS_KEY - commands: - - cp providers.tf.example examples/into_existing_subnets/providers.tf - - cp backend.tf.example examples/into_existing_subnets/backend.tf - - cd examples/into_existing_subnets - - sed -i "s/REPLACE/intosubnets$DRONE_BUILD_NUMBER/g" backend.tf - - terraform init - - terraform destroy --auto-approve -var "deployment_id=intosubnets$DRONE_BUILD_NUMBER" -refresh=false - - terraform -v + - DESTROY=1 EXAMPLE=from_scratch pipeline/run_terraform.sh when: event: - push diff --git a/eks.tf b/eks.tf index 8e64089..a224e41 100644 --- a/eks.tf +++ b/eks.tf @@ -29,10 +29,6 @@ module "eks" { worker_additional_security_group_ids = [aws_security_group.all_worker_mgmt.id] - map_roles = [] - map_accounts = [] - map_users = [] - cluster_endpoint_private_access = "true" cluster_endpoint_public_access = var.management_api == "public" ? true : false diff --git a/examples/from_scratch/main.tf b/examples/from_scratch/main.tf index bd3ab7d..3724339 100644 --- a/examples/from_scratch/main.tf +++ b/examples/from_scratch/main.tf @@ -13,4 +13,7 @@ module "astronomer_aws_with_vpc" { admin_email = "steven@astronomer.io" route53_domain = "astronomer-development.com" management_api = "public" + tags = { + "CI" = "true" + } } diff --git a/pipeline/run_terraform.sh b/pipeline/run_terraform.sh new file mode 100755 index 0000000..0940302 --- /dev/null +++ b/pipeline/run_terraform.sh @@ -0,0 +1,21 @@ +set -xe + +terraform -v + +# unique deployment ID to avoid collisions in CI +# needs to be 32 characters or less and start with letter +DEPLOYMENT_ID=ci$(echo "$DRONE_REPO_NAME$DRONE_BUILD_NUMBER" | md5sum | awk '{print substr($1,0,30)}') +echo $DEPLOYMENT_ID + +cp providers.tf.example examples/$EXAMPLE/providers.tf +cp backend.tf.example examples/$EXAMPLE/backend.tf +cd examples/$EXAMPLE +sed -i "s/REPLACE/$DEPLOYMENT_ID/g" backend.tf + +terraform init + +if [ $DESTROY -eq 1 ]; then + terraform destroy --auto-approve -var "deployment_id=$DEPLOYMENT_ID" +else + terraform apply --auto-approve -var "deployment_id=$DEPLOYMENT_ID" +fi