From 81ead2446a08e7786782f7183cf941d13d5cbe62 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 19:14:18 +0000 Subject: [PATCH 01/13] testing drone CI --- .drone.yml | 30 +++++++++++++++++ .gitignore | 1 + examples/from_scratch/main.tf | 23 +++++++++++++ examples/into_existing_subnets/main.tf | 45 ++++++++++++++++++++++++++ test/main.tf | 27 ---------------- test/providers.tf | 8 ----- test/test.sh | 15 --------- variables.tf | 10 +++--- 8 files changed, 104 insertions(+), 55 deletions(-) create mode 100644 .drone.yml create mode 100644 examples/from_scratch/main.tf create mode 100644 examples/into_existing_subnets/main.tf delete mode 100644 test/main.tf delete mode 100644 test/providers.tf delete mode 100644 test/test.sh diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..8442d8c --- /dev/null +++ b/.drone.yml @@ -0,0 +1,30 @@ +kind: pipeline +name: terraform-aws-astronomer-aws + +# - push +# - pull_request +# - tag +# - promote +# - rollback + +steps: + +- name: lint + image: hashicorp/terraform:light + commands: + - terraform init + - terraform fmt -check=true + - terraform validate -var "deployment_id=validate" -var "route53_domain=validate-fake.com" -var "admin_email=fake@mailinator.com" + - | + for example in $(find examples -maxdepth 1 -mindepth 1 -type d); do + cd $example + terraform init + terraform fmt -check=true + terraform validate + cd - + done + - terraform -v + when: + event: + - pull_request + - push diff --git a/.gitignore b/.gitignore index d7f54c5..6c69ea1 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,4 @@ config-map* *.log *.tfvars* *.zip +examples/*/.terraform diff --git a/examples/from_scratch/main.tf b/examples/from_scratch/main.tf new file mode 100644 index 0000000..e6ff880 --- /dev/null +++ b/examples/from_scratch/main.tf @@ -0,0 +1,23 @@ +# This resource is just to enable us to +# run multiple pipelines at the same time. +# It randomizes the deployment_id, an argument +# specifically designed for the case of collision +# avoidance and labeling. +resource random_id "ci_collision_avoidance" { + byte_length = 4 +} + +# this is how the module can be called +# if you want to create a VPC and the subnets +# from scratch. +module "astronomer_aws_with_vpc" { + source = "../.." + # you should use the following commented lines, not + # the above "../.." if you want to consume this remotely + # source = "astronomer/astronomer-aws/aws" + # version = "" # Look here https://registry.terraform.io/modules/astronomer/astronomer-aws/aws + deployment_id = "fromscratchci${random_id.ci_collision_avoidance.hex}" + admin_email = "steven@astronomer.io" + route53_domain = "astronomer-development.com" + management_api = "public" +} diff --git a/examples/into_existing_subnets/main.tf b/examples/into_existing_subnets/main.tf new file mode 100644 index 0000000..c06b475 --- /dev/null +++ b/examples/into_existing_subnets/main.tf @@ -0,0 +1,45 @@ +# This is a sample vpc configuration +# you may choose to use your own, existing +# VPC. +module "vpc" { + + source = "terraform-aws-modules/vpc/aws" + version = "2.5.0" + + name = "simple-example" + + cidr = "10.0.0.0/16" + + azs = ["us-east-1a", "us-east-1b", "us-east-1c"] + private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] + public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] + + assign_generated_ipv6_cidr_block = true + + enable_nat_gateway = true + single_nat_gateway = true + +} + +# This resource is just to enable us to +# run multiple pipelines at the same time. +# It randomizes the deployment_id, an argument +# specifically designed for the case of collision +# avoidance and labeling. +resource random_id "ci_collision_avoidance" { + byte_length = 4 +} + +# this is how the module can be called if you +# want to deploy into a set of existing, private subnets +module "astronomer_aws_in_specific_subnet" { + # same idea above - use a different 'source', and specify 'version' + source = "../" + deployment_id = "subnetsci${random_id.collision_avoidance.hex}" + admin_email = "steven@astronomer.io" + route53_domain = "astronomer-development.com" + management_api = "public" + + vpc_id = module.vpc.vpc_id + private_subnets = module.vpc.private_subnets +} diff --git a/test/main.tf b/test/main.tf deleted file mode 100644 index dd2aa98..0000000 --- a/test/main.tf +++ /dev/null @@ -1,27 +0,0 @@ -# this is how the module can be called -# if you want to create a VPC and the subnets -# from scratch. -module "astronomer_aws_with_vpc" { - source = "../" - # you should use the following commented lines, not - # the above "../" if you want to consume this remotely - # source = "astronomer/astronomer-aws/aws" - # version = "" # Look here https://registry.terraform.io/modules/astronomer/astronomer-aws/aws - deployment_id = "test1" - admin_email = "steven@astronomer.io" - route53_domain = "astronomer-development.com" - management_api = "public" -} - -# this is how the module can be called if you -# want to deploy into a set of existing, private subnets -module "astronomer_aws_in_specific_subnet" { - # same idea above - use a different 'source', and specify 'version' - source = "../" - deployment_id = "test2" - admin_email = "steven@astronomer.io" - route53_domain = "astronomer-development.com" - vpc_id = module.astronomer_aws_with_vpc.vpc_id - private_subnets = module.astronomer_aws_with_vpc.private_subnets - management_api = "public" -} diff --git a/test/providers.tf b/test/providers.tf deleted file mode 100644 index c08fb4f..0000000 --- a/test/providers.tf +++ /dev/null @@ -1,8 +0,0 @@ -provider "acme" { - server_url = "https://acme-staging-v02.api.letsencrypt.org/directory" -} - -provider "aws" { - region = "us-east-1" -} - diff --git a/test/test.sh b/test/test.sh deleted file mode 100644 index 66ce71c..0000000 --- a/test/test.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -xe - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" - -PREV=$(pwd) -cd $DIR - -terraform --version -terraform init -terraform apply --auto-approve --target=module.astronomer_aws_with_vpc -terraform apply --auto-approve -terraform destroy --auto-approve -cd $PREV diff --git a/variables.tf b/variables.tf index 4784c31..2655a27 100644 --- a/variables.tf +++ b/variables.tf @@ -17,6 +17,11 @@ variable "route53_domain" { type = string } +variable "admin_email" { + description = "An email address that will be used to create the let's encrypt cert" + type = string +} + variable "cluster_version" { default = "1.12" type = string @@ -40,11 +45,6 @@ variable "public_subnets" { description = "This variable does nothing unless vpc_id is also set. Specify the subnet ID(s) (you probably only want one) in the bastion will be deployed. This is not needed unless you are enabling the bastion host." } -variable "admin_email" { - description = "An email address that will be used to create the let's encrypt cert" - type = string -} - variable "postgres_airflow_password" { default = "" description = "The password for the 'airflow' user in postgres. If blank, will be auto-generated" From 3fc868b98beafc1cf190e3f156a98462cf5b8439 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 19:17:48 +0000 Subject: [PATCH 02/13] add build status bar --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 84402b5..6e9c3b7 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Terraform Module for Astronomer for AWS +[![Build Status](https://cloud.drone.io/api/badges/astronomer/terraform-aws-astronomer-aws/status.svg)](https://cloud.drone.io/astronomer/terraform-aws-astronomer-aws) + [Terraform](https://www.terraform.io/) is a simple and powerful tool that lets us write, plan and create infrastructure as code. This code will allow you to efficiently provision the infrastructure required to run the Astronomer platform. ## Features From 28c6ef5d4b0eec3ccd9bb7c67996b8a711c32b79 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 19:50:46 +0000 Subject: [PATCH 03/13] fixing pipeline --- .drone.yml | 34 +++++++++++++++++--------- examples/from_scratch/main.tf | 8 ++++++ examples/into_existing_subnets/main.tf | 12 +++++++-- locals.tf | 6 ++++- peer.tf | 2 +- variables.tf | 5 ---- 6 files changed, 46 insertions(+), 21 deletions(-) diff --git a/.drone.yml b/.drone.yml index 8442d8c..4770da2 100644 --- a/.drone.yml +++ b/.drone.yml @@ -12,18 +12,28 @@ steps: - name: lint image: hashicorp/terraform:light commands: - - terraform init - - terraform fmt -check=true - - terraform validate -var "deployment_id=validate" -var "route53_domain=validate-fake.com" -var "admin_email=fake@mailinator.com" - - | - for example in $(find examples -maxdepth 1 -mindepth 1 -type d); do - cd $example - terraform init - terraform fmt -check=true - terraform validate - cd - - done - - terraform -v + - | + echo < providers.tf + - terraform init + - terraform fmt -check=true + - terraform validate -var "deployment_id=validate" -var "route53_domain=validate-fake.com" -var "admin_email=fake@mailinator.com" + - | + for example in $(find examples -maxdepth 1 -mindepth 1 -type d); do + cd $example + terraform init + terraform fmt -check=true + terraform validate + cd - + done + - terraform -v when: event: - pull_request diff --git a/examples/from_scratch/main.tf b/examples/from_scratch/main.tf index e6ff880..32eb34b 100644 --- a/examples/from_scratch/main.tf +++ b/examples/from_scratch/main.tf @@ -1,3 +1,11 @@ +provider "aws" { + region = "us-east-1" +} + +provider "acme" { + server_url = "https://acme-staging-v02.api.letsencrypt.org/directory" +} + # This resource is just to enable us to # run multiple pipelines at the same time. # It randomizes the deployment_id, an argument diff --git a/examples/into_existing_subnets/main.tf b/examples/into_existing_subnets/main.tf index c06b475..e46aa4c 100644 --- a/examples/into_existing_subnets/main.tf +++ b/examples/into_existing_subnets/main.tf @@ -1,3 +1,11 @@ +provider "aws" { + region = "us-east-1" +} + +provider "acme" { + server_url = "https://acme-staging-v02.api.letsencrypt.org/directory" +} + # This is a sample vpc configuration # you may choose to use your own, existing # VPC. @@ -34,8 +42,8 @@ resource random_id "ci_collision_avoidance" { # want to deploy into a set of existing, private subnets module "astronomer_aws_in_specific_subnet" { # same idea above - use a different 'source', and specify 'version' - source = "../" - deployment_id = "subnetsci${random_id.collision_avoidance.hex}" + source = "../.." + deployment_id = "subnetsci${random_id.ci_collision_avoidance.hex}" admin_email = "steven@astronomer.io" route53_domain = "astronomer-development.com" management_api = "public" diff --git a/locals.tf b/locals.tf index 5a7096a..05294b7 100644 --- a/locals.tf +++ b/locals.tf @@ -3,12 +3,14 @@ resource "random_string" "suffix" { special = false } +data aws_region current {} + locals { cluster_name = "${var.deployment_id}-astronomer-${random_string.suffix.result}" postgres_airflow_password = var.postgres_airflow_password == "" ? random_string.postgres_airflow_password[0].result : var.postgres_airflow_password - azs = ["${var.aws_region}a", "${var.aws_region}b"] + azs = ["${local.region}a", "${local.region}b"] vpc_id = "${var.vpc_id == "" ? module.vpc.vpc_id : var.vpc_id}" @@ -16,6 +18,8 @@ locals { public_subnets = "${var.vpc_id == "" ? module.vpc.public_subnets : var.public_subnets}" + region = data.aws_region.current.name + tags = merge( var.tags, map( diff --git a/peer.tf b/peer.tf index 0aa35ea..1c38f75 100644 --- a/peer.tf +++ b/peer.tf @@ -4,6 +4,6 @@ resource "null_resource" "peer_with_customer" { provisioner "local-exec" { working_dir = "${path.module}" - command = "python3 files/peer_vpc.py ${var.peer_account_id} ${var.peer_vpc_id} ${var.aws_region} ${module.vpc.vpc_id} ${join(" ", local.private_subnets)} >> ${path.root}/peering.log" + command = "python3 files/peer_vpc.py ${var.peer_account_id} ${var.peer_vpc_id} ${local.region} ${module.vpc.vpc_id} ${join(" ", local.private_subnets)} >> ${path.root}/peering.log" } } diff --git a/variables.tf b/variables.tf index 2655a27..d671dbb 100644 --- a/variables.tf +++ b/variables.tf @@ -51,11 +51,6 @@ variable "postgres_airflow_password" { type = string } -variable "aws_region" { - default = "us-east-1" - type = string -} - variable "max_cluster_size" { default = "8" type = string From 80d1178765b08d9d43e4737cc11851198e23107d Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 20:00:54 +0000 Subject: [PATCH 04/13] setting up provider arguments for pipeline to work --- .drone.yml | 12 ++---------- examples/from_scratch/main.tf | 8 -------- examples/into_existing_subnets/main.tf | 8 -------- providers.tf.example | 7 +++++++ 4 files changed, 9 insertions(+), 26 deletions(-) create mode 100644 providers.tf.example diff --git a/.drone.yml b/.drone.yml index 4770da2..947a51a 100644 --- a/.drone.yml +++ b/.drone.yml @@ -12,21 +12,13 @@ steps: - name: lint image: hashicorp/terraform:light commands: - - | - echo < providers.tf + - cp providers.tf.example providers.tf - terraform init - terraform fmt -check=true - terraform validate -var "deployment_id=validate" -var "route53_domain=validate-fake.com" -var "admin_email=fake@mailinator.com" - | for example in $(find examples -maxdepth 1 -mindepth 1 -type d); do + cp providers.tf $example cd $example terraform init terraform fmt -check=true diff --git a/examples/from_scratch/main.tf b/examples/from_scratch/main.tf index 32eb34b..e6ff880 100644 --- a/examples/from_scratch/main.tf +++ b/examples/from_scratch/main.tf @@ -1,11 +1,3 @@ -provider "aws" { - region = "us-east-1" -} - -provider "acme" { - server_url = "https://acme-staging-v02.api.letsencrypt.org/directory" -} - # This resource is just to enable us to # run multiple pipelines at the same time. # It randomizes the deployment_id, an argument diff --git a/examples/into_existing_subnets/main.tf b/examples/into_existing_subnets/main.tf index e46aa4c..ad6a6aa 100644 --- a/examples/into_existing_subnets/main.tf +++ b/examples/into_existing_subnets/main.tf @@ -1,11 +1,3 @@ -provider "aws" { - region = "us-east-1" -} - -provider "acme" { - server_url = "https://acme-staging-v02.api.letsencrypt.org/directory" -} - # This is a sample vpc configuration # you may choose to use your own, existing # VPC. diff --git a/providers.tf.example b/providers.tf.example new file mode 100644 index 0000000..d10711f --- /dev/null +++ b/providers.tf.example @@ -0,0 +1,7 @@ +provider "aws" { + region = "us-east-1" +} + +provider "acme" { + server_url = "https://acme-staging-v02.api.letsencrypt.org/directory" +} From b60c6298345143ce3c106a64f204fc82d22dfef3 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 20:32:34 +0000 Subject: [PATCH 05/13] try pipeline with actual deployment --- .drone.yml | 51 ++++++++++++++++++++++++++++++++++++++++------ backend.tf.example | 9 ++++++++ 2 files changed, 54 insertions(+), 6 deletions(-) create mode 100644 backend.tf.example diff --git a/.drone.yml b/.drone.yml index 947a51a..b24d382 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,12 +1,6 @@ kind: pipeline name: terraform-aws-astronomer-aws -# - push -# - pull_request -# - tag -# - promote -# - rollback - steps: - name: lint @@ -30,3 +24,48 @@ steps: event: - pull_request - push + +- name: from_scratch + image: hashicorp/terraform:light + depends_on: + - lint + environment: + AWS_ACCESS_KEY_ID: + from_secret: AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: + from_secret: AWS_SECRET_ACCESS_KEY + commands: + - cp providers.tf.example examples/from_scratch/providers.tf + - cp backend.tf.example examples/from_scratch/backend.tf + - cd examples/from_scratch + - sed -i "s/REPLACE/$DRONE_BUILD_NUMBER/g" backend.tf + - terraform init + - terraform apply --auto-approve + - terraform -v + when: + event: + - push + +- name: cleanup_failure_from_scratch + depends_on: + - from_scratch + image: hashicorp/terraform:light + environment: + AWS_ACCESS_KEY_ID: + from_secret: AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: + from_secret: AWS_SECRET_ACCESS_KEY + commands: + - cp providers.tf.example examples/from_scratch/providers.tf + - cp backend.tf.example examples/from_scratch/backend.tf + - cd examples/from_scratch + - sed -i "s/REPLACE/$DRONE_BUILD_NUMBER/g" backend.tf + - terraform init + - terraform destroy --auto-approve + - terraform -v + when: + event: + - push + status: + - failure + - success diff --git a/backend.tf.example b/backend.tf.example new file mode 100644 index 0000000..24cb475 --- /dev/null +++ b/backend.tf.example @@ -0,0 +1,9 @@ +terraform { + required_version = ">= 0.12" + backend "s3" { + bucket = "ci-terraform-state-astronomer" + key = "REPLACE/terraform.tfstate" + region = "us-east-1" + encrypt = true + } +} From 153669a0ea172466c98de15a3f8ed74441b0c5bd Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 20:43:04 +0000 Subject: [PATCH 06/13] attempting to work around indeterminate 'count' issue The "count" value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many instances will be created. To work around this, use the -target argument to first apply only the resources that the count depends on. --- .drone.yml | 2 +- examples/from_scratch/main.tf | 2 +- locals.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone.yml b/.drone.yml index b24d382..b0c3bc4 100644 --- a/.drone.yml +++ b/.drone.yml @@ -46,7 +46,7 @@ steps: event: - push -- name: cleanup_failure_from_scratch +- name: from_scratch_cleanup depends_on: - from_scratch image: hashicorp/terraform:light diff --git a/examples/from_scratch/main.tf b/examples/from_scratch/main.tf index e6ff880..e406ad8 100644 --- a/examples/from_scratch/main.tf +++ b/examples/from_scratch/main.tf @@ -16,7 +16,7 @@ module "astronomer_aws_with_vpc" { # the above "../.." if you want to consume this remotely # source = "astronomer/astronomer-aws/aws" # version = "" # Look here https://registry.terraform.io/modules/astronomer/astronomer-aws/aws - deployment_id = "fromscratchci${random_id.ci_collision_avoidance.hex}" + deployment_id = "fromscratchci" admin_email = "steven@astronomer.io" route53_domain = "astronomer-development.com" management_api = "public" diff --git a/locals.tf b/locals.tf index 05294b7..60fe092 100644 --- a/locals.tf +++ b/locals.tf @@ -23,7 +23,7 @@ locals { tags = merge( var.tags, map( - "Deployment ID", "${var.deployment_id}" + "Deployment ID", var.deployment_id ) ) } From cfac1736787303776dad7b0d479d7c2a39ce0346 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 20:54:54 +0000 Subject: [PATCH 07/13] worked around indeterminate 'count' issue --- .drone.yml | 6 +++--- examples/from_scratch/main.tf | 11 +---------- examples/into_existing_subnets/main.tf | 11 +---------- 3 files changed, 5 insertions(+), 23 deletions(-) diff --git a/.drone.yml b/.drone.yml index b0c3bc4..832d8a9 100644 --- a/.drone.yml +++ b/.drone.yml @@ -16,7 +16,7 @@ steps: cd $example terraform init terraform fmt -check=true - terraform validate + terraform validate -var "deployment_id=citest" cd - done - terraform -v @@ -40,7 +40,7 @@ steps: - cd examples/from_scratch - sed -i "s/REPLACE/$DRONE_BUILD_NUMBER/g" backend.tf - terraform init - - terraform apply --auto-approve + - terraform apply --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" - terraform -v when: event: @@ -61,7 +61,7 @@ steps: - cd examples/from_scratch - sed -i "s/REPLACE/$DRONE_BUILD_NUMBER/g" backend.tf - terraform init - - terraform destroy --auto-approve + - terraform destroy --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" - terraform -v when: event: diff --git a/examples/from_scratch/main.tf b/examples/from_scratch/main.tf index e406ad8..7e0dace 100644 --- a/examples/from_scratch/main.tf +++ b/examples/from_scratch/main.tf @@ -1,12 +1,3 @@ -# This resource is just to enable us to -# run multiple pipelines at the same time. -# It randomizes the deployment_id, an argument -# specifically designed for the case of collision -# avoidance and labeling. -resource random_id "ci_collision_avoidance" { - byte_length = 4 -} - # this is how the module can be called # if you want to create a VPC and the subnets # from scratch. @@ -16,7 +7,7 @@ module "astronomer_aws_with_vpc" { # the above "../.." if you want to consume this remotely # source = "astronomer/astronomer-aws/aws" # version = "" # Look here https://registry.terraform.io/modules/astronomer/astronomer-aws/aws - deployment_id = "fromscratchci" + deployment_id = var.deployment_id admin_email = "steven@astronomer.io" route53_domain = "astronomer-development.com" management_api = "public" diff --git a/examples/into_existing_subnets/main.tf b/examples/into_existing_subnets/main.tf index ad6a6aa..0371c72 100644 --- a/examples/into_existing_subnets/main.tf +++ b/examples/into_existing_subnets/main.tf @@ -21,21 +21,12 @@ module "vpc" { } -# This resource is just to enable us to -# run multiple pipelines at the same time. -# It randomizes the deployment_id, an argument -# specifically designed for the case of collision -# avoidance and labeling. -resource random_id "ci_collision_avoidance" { - byte_length = 4 -} - # this is how the module can be called if you # want to deploy into a set of existing, private subnets module "astronomer_aws_in_specific_subnet" { # same idea above - use a different 'source', and specify 'version' source = "../.." - deployment_id = "subnetsci${random_id.ci_collision_avoidance.hex}" + deployment_id = var.deployment_id admin_email = "steven@astronomer.io" route53_domain = "astronomer-development.com" management_api = "public" From 39cea435b827ae19bf37e02acb48225f839240ae Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 20:57:33 +0000 Subject: [PATCH 08/13] fix max length exceeded issue --- db.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/db.tf b/db.tf index 3083d1c..67dfbdd 100644 --- a/db.tf +++ b/db.tf @@ -1,5 +1,5 @@ resource "random_id" "db_name_suffix" { - byte_length = 4 + byte_length = 8 } resource "random_string" "postgres_airflow_password" { @@ -14,7 +14,7 @@ module "aurora" { version = "2.2.0" source = "terraform-aws-modules/rds-aurora/aws" # source = "./modules/terraform-aws-rds-aurora" - name = "${var.deployment_id}-astrodb-${random_id.db_name_suffix.hex}" + name = "astrodb-${random_id.db_name_suffix.hex}" engine = "aurora-postgresql" engine_version = "10.6" From 2a261e83c56ed69c593bef656c5da621195d1d72 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Thu, 4 Jul 2019 21:09:06 +0000 Subject: [PATCH 09/13] debug pipeline - add variable deployment_id to examples --- .drone.yml | 1 + examples/from_scratch/main.tf | 2 ++ examples/into_existing_subnets/main.tf | 2 ++ 3 files changed, 5 insertions(+) diff --git a/.drone.yml b/.drone.yml index 832d8a9..a755fd4 100644 --- a/.drone.yml +++ b/.drone.yml @@ -14,6 +14,7 @@ steps: for example in $(find examples -maxdepth 1 -mindepth 1 -type d); do cp providers.tf $example cd $example + echo $example terraform init terraform fmt -check=true terraform validate -var "deployment_id=citest" diff --git a/examples/from_scratch/main.tf b/examples/from_scratch/main.tf index 7e0dace..bd3ab7d 100644 --- a/examples/from_scratch/main.tf +++ b/examples/from_scratch/main.tf @@ -1,3 +1,5 @@ +variable deployment_id {} + # this is how the module can be called # if you want to create a VPC and the subnets # from scratch. diff --git a/examples/into_existing_subnets/main.tf b/examples/into_existing_subnets/main.tf index 0371c72..34c1b32 100644 --- a/examples/into_existing_subnets/main.tf +++ b/examples/into_existing_subnets/main.tf @@ -1,3 +1,5 @@ +variable deployment_id {} + # This is a sample vpc configuration # you may choose to use your own, existing # VPC. From c874c84f7c2690307b5c736bbf92e5688776cdc7 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Fri, 5 Jul 2019 13:37:28 +0000 Subject: [PATCH 10/13] limit length of cluster name --- .drone.yml | 2 +- locals.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index a755fd4..cacca65 100644 --- a/.drone.yml +++ b/.drone.yml @@ -62,7 +62,7 @@ steps: - cd examples/from_scratch - sed -i "s/REPLACE/$DRONE_BUILD_NUMBER/g" backend.tf - terraform init - - terraform destroy --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" + - terraform destroy --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" -refresh=false - terraform -v when: event: diff --git a/locals.tf b/locals.tf index 60fe092..68f404b 100644 --- a/locals.tf +++ b/locals.tf @@ -6,7 +6,7 @@ resource "random_string" "suffix" { data aws_region current {} locals { - cluster_name = "${var.deployment_id}-astronomer-${random_string.suffix.result}" + cluster_name = "astronomer-${random_string.suffix.result}" postgres_airflow_password = var.postgres_airflow_password == "" ? random_string.postgres_airflow_password[0].result : var.postgres_airflow_password From ad748085a597c7a282fb407289bf4209c16bfea3 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Fri, 5 Jul 2019 13:51:36 +0000 Subject: [PATCH 11/13] test deploying into subnets scenario --- .drone.yml | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/.drone.yml b/.drone.yml index cacca65..19f5952 100644 --- a/.drone.yml +++ b/.drone.yml @@ -70,3 +70,48 @@ steps: status: - failure - success + +- name: into_subnets + image: hashicorp/terraform:light + depends_on: + - lint + environment: + AWS_ACCESS_KEY_ID: + from_secret: AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: + from_secret: AWS_SECRET_ACCESS_KEY + commands: + - cp providers.tf.example examples/into_existing_subnets/providers.tf + - cp backend.tf.example examples/into_existing_subnets/backend.tf + - cd examples/from_scratch + - sed -i "s/REPLACE/$DRONE_BUILD_NUMBERintosubnets/g" backend.tf + - terraform init + - terraform apply --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" + - terraform -v + when: + event: + - push + +- name: into_subnets_cleanup + depends_on: + - into_subnets + image: hashicorp/terraform:light + environment: + AWS_ACCESS_KEY_ID: + from_secret: AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: + from_secret: AWS_SECRET_ACCESS_KEY + commands: + - cp providers.tf.example examples/into_existing_subnets/providers.tf + - cp backend.tf.example examples/into_existing_subnets/backend.tf + - cd examples/from_scratch + - sed -i "s/REPLACE/$DRONE_BUILD_NUMBERintosubnets/g" backend.tf + - terraform init + - terraform destroy --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" -refresh=false + - terraform -v + when: + event: + - push + status: + - failure + - success From 92aff576cac8499aa5e71b6c61d38addf6e67c54 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Fri, 5 Jul 2019 14:01:50 +0000 Subject: [PATCH 12/13] added 'when branch master' --- .drone.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.drone.yml b/.drone.yml index 19f5952..7ba2fe0 100644 --- a/.drone.yml +++ b/.drone.yml @@ -46,6 +46,8 @@ steps: when: event: - push + branch: + - master - name: from_scratch_cleanup depends_on: @@ -70,6 +72,8 @@ steps: status: - failure - success + branch: + - master - name: into_subnets image: hashicorp/terraform:light @@ -91,6 +95,8 @@ steps: when: event: - push + branch: + - master - name: into_subnets_cleanup depends_on: @@ -115,3 +121,5 @@ steps: status: - failure - success + branch: + - master From e30911c5485f0122285883765edf886f41b2b0e7 Mon Sep 17 00:00:00 2001 From: Steven Miller Date: Fri, 5 Jul 2019 14:11:27 +0000 Subject: [PATCH 13/13] debugging pipeline --- .drone.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.drone.yml b/.drone.yml index 7ba2fe0..380f55a 100644 --- a/.drone.yml +++ b/.drone.yml @@ -87,10 +87,10 @@ steps: commands: - cp providers.tf.example examples/into_existing_subnets/providers.tf - cp backend.tf.example examples/into_existing_subnets/backend.tf - - cd examples/from_scratch + - cd examples/into_existing_subnets - sed -i "s/REPLACE/$DRONE_BUILD_NUMBERintosubnets/g" backend.tf - terraform init - - terraform apply --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" + - terraform apply --auto-approve -var "deployment_id=intosubnets$DRONE_BUILD_NUMBER" - terraform -v when: event: @@ -110,10 +110,10 @@ steps: commands: - cp providers.tf.example examples/into_existing_subnets/providers.tf - cp backend.tf.example examples/into_existing_subnets/backend.tf - - cd examples/from_scratch + - cd examples/into_existing_subnets - sed -i "s/REPLACE/$DRONE_BUILD_NUMBERintosubnets/g" backend.tf - terraform init - - terraform destroy --auto-approve -var "deployment_id=fromscratch$DRONE_BUILD_NUMBER" -refresh=false + - terraform destroy --auto-approve -var "deployment_id=intosubnets$DRONE_BUILD_NUMBER" -refresh=false - terraform -v when: event: