Adding dockerfile for container with terraform, inspec, cloud sdk

GoogleCloudPlatform · Nov 26, 2018 · 569c932 · 569c932
1 parent 4b55ba7
commit 569c932
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 17 deletions.
diff --git a/.ci/acceptance-tests/inspec-integration.sh b/.ci/acceptance-tests/inspec-integration.sh
@@ -5,7 +5,7 @@ set -x
 
 function cleanup {
 	cd $TF_PATH
-	./terraform destroy -auto-approve
+	terraform destroy -auto-approve
 }
 
 # Service account credentials for GCP to allow terraform to work
@@ -17,11 +17,6 @@ export GOPATH=${PWD}/go
 # to disk for use in tests.
 echo "${TERRAFORM_KEY}" > /tmp/google-account.json
 
-export CLOUD_SDK_REPO="cloud-sdk-stretch"
-echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
-curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
-apt-get update && apt-get install google-cloud-sdk -y
-
 gcloud auth activate-service-account [email protected] --key-file=$GOOGLE_CLOUD_KEYFILE_JSON
 
 pushd magic-modules-new-prs
@@ -42,15 +37,12 @@ popd
 
 # Run terraform
 pushd terraform
-curl https://releases.hashicorp.com/terraform/0.11.10/terraform_0.11.10_linux_amd64.zip > terraform_0.11.10_linux_amd64.zip
-apt-get install unzip
-unzip terraform_0.11.10_linux_amd64.zip
-./terraform init
-./terraform plan
+terraform init
+terraform plan
 
 export TF_PATH=${PWD}
 trap cleanup EXIT
-./terraform apply -auto-approve
+terraform apply -auto-approve
 export GOOGLE_APPLICATION_CREDENTIALS="${PWD}/inspec.json"
 popd
 
@@ -64,8 +56,8 @@ for i in {1..30}
 do
 	# Cleanup cassettes folder each time, we don't want to use a recorded cassette if it records an unauthorized response
 	rm -r inspec-cassettes
-	inspec exec verify-mm --attrs=attributes/attributes.yaml -t gcp:// --no-distinct-exit
-	if [ "$?" -eq "0" ]; then
+
+	if inspec exec verify-mm --attrs=attributes/attributes.yaml -t gcp:// --no-distinct-exit; then
 		# Upload cassettes to storage bucket for unit test use
 		gsutil cp inspec-cassettes/* gs://magic-modules-inspec-bucket/inspec-cassettes
 		exit 0

diff --git a/.ci/acceptance-tests/inspec-integration.yml b/.ci/acceptance-tests/inspec-integration.yml
@@ -6,8 +6,8 @@ inputs:
 image_resource:
     type: docker-image
     source:
-        repository: nmckinley/go-ruby-python
-        tag: '1.11-2.5.1-2.7'
+        repository: nmckinley/terraform-gcloud-inspec
+        tag: '0.11.10-3.0.0'
 
 run:
     path: magic-modules-new-prs/.ci/acceptance-tests/inspec-integration.sh
diff --git a/.ci/containers/terraform-gcloud-inspec/Dockerfile b/.ci/containers/terraform-gcloud-inspec/Dockerfile
@@ -0,0 +1,12 @@
+FROM nmckinley/go-ruby-python:1.11-2.5.1-2.7
+
+RUN apt-get install unzip
+RUN curl https://releases.hashicorp.com/terraform/0.11.10/terraform_0.11.10_linux_amd64.zip > terraform_0.11.10_linux_amd64.zip
+RUN unzip terraform_0.11.10_linux_amd64.zip -d /usr/bin
+# Install google cloud sdk
+RUN echo "deb http://packages.cloud.google.com/apt cloud-sdk-stretch main" >> /etc/apt/sources.list.d/google-cloud-sdk.list
+RUN curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
+RUN apt-get update && apt-get install google-cloud-sdk -y
+
+# Install inspec
+RUN gem install inspec -v '~> 3.0.0'
diff --git a/.ci/magic-modules/generate-inspec.sh b/.ci/magic-modules/generate-inspec.sh
@@ -25,7 +25,7 @@ fi
 
 pushd "build/inspec"
 # We are not ready to overwrite changelog yet.
-git checkout CHANGELOG.md
+git checkout HEAD -- CHANGELOG.md
 # These config entries will set the "committer".
 git config --global user.email "[email protected]"
 git config --global user.name "Modular Magician"