Merge pull request #9 from taylorludwig/feature/run-script

Add create and destroy scripts for the module to run

CHANGELOG.md

@@ -9,6 +9,11 @@ and this project adheres to
 
 ## [Unreleased]
 
+### Added
+
+- `create_cmd_entrypoint` and `destroy_cmd_entrypoint` variables can now be set to a custom script to run. Prior to running the command the module will prepend the module's bin directory to `PATH`. [#9]
+- `create_cmd_triggers` can be set to trigger the `create_cmd` local-exec again. [#9]
+
 ## [0.2.0] - 2019-12-18
 
 ### Changed
@@ -24,3 +29,5 @@ and this project adheres to
 [Unreleased]: https://github.com/terraform-google-modules/terraform-google-gcloud/compare/v0.2.0...HEAD
 [0.2.0]: https://github.com/terraform-google-modules/terraform-google-gcloud/compare/v0.1.0...v0.2.0
 [0.1.0]: https://github.com/terraform-google-modules/terraform-google-gcloud/releases/tag/v0.1.0
+
+[#9]: https://github.com/terraform-google-modules/terraform-google-gcloud/pull/9

README.md

@@ -35,9 +35,10 @@ The [jq](https://stedolan.github.io/jq/) binary is also included in this module
 |------|-------------|:----:|:-----:|:-----:|
 | additional\_components | Additional gcloud CLI components to install. Defaults to none. Valid value are components listed in `gcloud components list` | list | `<list>` | no |
 | create\_cmd\_body | On create, the command body you'd like to run with your entrypoint. | string | `"info"` | no |
-| create\_cmd\_entrypoint | On create, the command entrypoint you'd like to use. | string | `"gcloud"` | no |
+| create\_cmd\_entrypoint | On create, the command entrypoint you'd like to use. Can also be set to a custom script. Module's bin directory will be prepended to path. | string | `"gcloud"` | no |
+| create\_cmd\_triggers | List of any additional triggers for the create command execution. | map | `<map>` | no |
 | destroy\_cmd\_body | On destroy, the command body you'd like to run with your entrypoint. | string | `"info"` | no |
-| destroy\_cmd\_entrypoint | On destroy, the command entrypoint you'd like to use. | string | `"gcloud"` | no |
+| destroy\_cmd\_entrypoint | On destroy, the command entrypoint you'd like to use.  Can also be set to a custom script. Module's bin directory will be prepended to path. | string | `"gcloud"` | no |
 | enabled | Flag to optionally disable usage of this module. | bool | `"true"` | no |
 | platform | Platform CLI will run on. Defaults to linux. Valid values: linux, darwin | string | `"linux"` | no |
 | service\_account\_key\_file | Path to service account key file to run `gcloud auth activate-service-account` with. Optional. | string | `""` | no |
@@ -47,6 +48,7 @@ The [jq](https://stedolan.github.io/jq/) binary is also included in this module
 
 | Name | Description |
 |------|-------------|
+| bin\_dir | The full bin path of the modules executables |
 | create\_cmd\_bin | The full bin path & command used on create |
 | destroy\_cmd\_bin | The full bin path & command used on destroy |
 

examples/script_example/README.md

@@ -0,0 +1,18 @@
+# Script Example
+
+This example illustrates how to use the `gcloud` module with a script
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| project\_id | The ID of the project in which to provision resources. | string | n/a | yes |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+To provision this example, run the following from within this directory:
+- `terraform init` to get the plugins
+- `terraform plan` to see the infrastructure plan
+- `terraform apply` to apply the infrastructure build
+- `terraform destroy` to destroy the built infrastructure

examples/script_example/main.tf

@@ -0,0 +1,32 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+provider "google" {
+  version = "~> 2.0"
+}
+
+module "cli" {
+  source = "../.."
+
+  platform              = "linux"
+  additional_components = ["kubectl", "beta"]
+
+  create_cmd_entrypoint = "${path.module}/scripts/script.sh"
+  create_cmd_body       = "enable ${var.project_id}"
+
+  destroy_cmd_entrypoint = "${path.module}/scripts/script.sh"
+  destroy_cmd_body       = "disable ${var.project_id}"
+}

examples/script_example/outputs.tf

@@ -0,0 +1,15 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */

examples/script_example/scripts/script.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/sh
+
+GCLOUD_LOCATION=$(command -v gcloud)
+echo "Using gcloud from $GCLOUD_LOCATION"
+
+if [[ $GCLOUD_LOCATION != *"/cache/linux/google-cloud-sdk/bin/gcloud" ]]; then
+  echo "gcloud bin not in modules directory"
+  exit 1
+fi
+
+gcloud --version
+echo "running gcloud services $1 appengine.googleapis.com --project $2"
+gcloud services "$1" appengine.googleapis.com --project "$2"

examples/script_example/variables.tf

@@ -0,0 +1,20 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  description = "The ID of the project in which to provision resources."
+  type        = string
+}

examples/script_example/versions.tf

@@ -0,0 +1,19 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">= 0.12"
+}

kitchen.yml

@@ -37,3 +37,14 @@ suites:
           backend: local
           controls:
             - gcloud
+  - name: script_example
+    driver:
+      command_timeout: 1800
+      root_module_directory: test/fixtures/script_example/
+    verifier:
+      color: false
+      systems:
+        - name: script_example local
+          backend: local
+          controls:
+            - gcloud

main.tf

@@ -19,6 +19,7 @@ locals {
   cache_path           = "${path.module}/cache/${var.platform}"
   gcloud_tar_path      = "${local.cache_path}/google-cloud-sdk.tar.gz"
   gcloud_bin_path      = "${local.cache_path}/google-cloud-sdk/bin"
+  gcloud_bin_abs_path  = abspath(local.gcloud_bin_path)
   components           = join(" ", var.additional_components)
 
   gcloud  = "${local.gcloud_bin_path}/gcloud"
@@ -118,13 +119,24 @@ resource "null_resource" "run_command" {
     null_resource.gcloud_auth_service_account_key_file
   ]
 
+  triggers = merge({
+    md5       = md5(var.create_cmd_entrypoint)
+    arguments = md5(var.create_cmd_body)
+  }, var.create_cmd_triggers)
+
   provisioner "local-exec" {
     when    = create
-    command = "${local.create_cmd_bin} ${var.create_cmd_body}"
+    command = <<-EOT
+    PATH=${local.gcloud_bin_abs_path}:$PATH
+    ${var.create_cmd_entrypoint} ${var.create_cmd_body}
+    EOT
   }
 
   provisioner "local-exec" {
     when    = destroy
-    command = "${local.destroy_cmd_bin} ${var.destroy_cmd_body}"
+    command = <<-EOT
+    PATH=${local.gcloud_bin_abs_path}:$PATH
+    ${var.destroy_cmd_entrypoint} ${var.destroy_cmd_body}
+    EOT
   }
 }

outputs.tf

@@ -23,3 +23,8 @@ output "destroy_cmd_bin" {
   description = "The full bin path & command used on destroy"
   value       = local.destroy_cmd_bin
 }
+
+output "bin_dir" {
+  description = "The full bin path of the modules executables"
+  value       = local.gcloud_bin_path
+}

test/fixtures/script_example/main.tf

@@ -0,0 +1,21 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "example" {
+  source = "../../../examples/script_example"
+
+  project_id = var.project_id
+}

test/fixtures/script_example/outputs.tf

@@ -0,0 +1,20 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "project_id" {
+  description = "The ID of the project in which resources are provisioned."
+  value       = var.project_id
+}

test/fixtures/script_example/variables.tf

@@ -0,0 +1,20 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  description = "The ID of the project in which to provision resources."
+  type        = string
+}

test/fixtures/script_example/versions.tf

@@ -0,0 +1,19 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">= 0.12"
+}

test/integration/script_example/controls/gcloud.rb

@@ -0,0 +1,23 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+control "gcloud" do
+  title "gcloud"
+
+  describe command("gcloud --project=#{attribute("project_id")} services list --enabled") do
+    its(:exit_status) { should eq 0 }
+    its(:stderr) { should eq "" }
+    its(:stdout) { should match "appengine.googleapis.com" }
+  end
+end

test/integration/script_example/inspec.yml

@@ -0,0 +1,9 @@
+name: script_example
+depends:
+  - name: inspec-gcp
+    git: https://github.com/inspec/inspec-gcp.git
+    tag: v0.10.0
+attributes:
+  - name: project_id
+    required: true
+    type: string

variables.tf

@@ -21,7 +21,7 @@ variable "enabled" {
 }
 
 variable "create_cmd_entrypoint" {
-  description = "On create, the command entrypoint you'd like to use."
+  description = "On create, the command entrypoint you'd like to use. Can also be set to a custom script. Module's bin directory will be prepended to path."
   default     = "gcloud"
 }
 
@@ -30,8 +30,14 @@ variable "create_cmd_body" {
   default     = "info"
 }
 
+variable "create_cmd_triggers" {
+  description = "List of any additional triggers for the create command execution."
+  type        = map
+  default     = {}
+}
+
 variable "destroy_cmd_entrypoint" {
-  description = "On destroy, the command entrypoint you'd like to use."
+  description = "On destroy, the command entrypoint you'd like to use.  Can also be set to a custom script. Module's bin directory will be prepended to path."
   default     = "gcloud"
 }