draft implementation for 01-getting-started and 02-at-scale

.github/CODEOWNERS

@@ -1 +1,2 @@
 * @carlosrodlop
+* @holywen

.github/workflows/markdown.links.config.json

@@ -4,7 +4,7 @@
 			"pattern": "^https://support.cloudbees.com/hc/en-us"
 		},
 		{
-			"pattern": "^https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon"
+			"pattern": "^https://github.com/cloudbees/terraform-aws-cloudbees-cd-eks-addon"
 		},
 		{
 			"pattern": "^https://university.cloudbees.com/"

.github/workflows/md-link-checker.yml

@@ -4,7 +4,7 @@
 name: "Documentation: MD Links Checker"
 
 on:
-  pull_request:
+  push:
 
 jobs:
   check-links:

.github/workflows/superlinter.yml

@@ -4,7 +4,7 @@
 name: "Code Quality: Super-Linter"
 
 on:
-  pull_request:
+  push:
 
 jobs:
   superlinter:

.github/workflows/terraform-docs.yml

@@ -4,7 +4,7 @@
 name: "Documentation: terraform-docs"
 
 on:
-  pull_request:
+  push:
 
 jobs:
   docs:

.github/workflows/terraform.yml

@@ -3,7 +3,7 @@
 name: "Code Quality: Terraform"
 
 on:
-  pull_request:
+  push:
 
 jobs:
   terraform:

.gitignore

@@ -5,9 +5,22 @@
 *.tfstate
 *.tfstate.*
 
+# terraform output file
+terraform.output
+
 # Crash log files
 crash.log
 crash.*.log
+*.log
+
+#terraform lock hcl file
+*.hcl
+
+#macos .DS_Store
+.DS_Store
+
+#idea
+.idea
 
 # Exclude all .tfvars files, which are likely to contain sensitive data, such as
 # password, private keys, and other secrets. These should not be part of version 
@@ -32,3 +45,10 @@ override.tf.json
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
+
+#Secrets files
+*secrets-values.yml
+
+#Ignore kubeconfig files
+kubeconfig_*.yaml
+blueprints/02-at-scale/k8s/flow_db_secrets-values.yml

.pre-commit-config.yaml

@@ -6,7 +6,7 @@ repos:
   rev: v4.4.0
   hooks:
     - id: check-added-large-files
-      args: [--maxkb=1024]
+      args: [--maxkb=2048]
     - id: detect-private-key
     - id: check-merge-conflict
     - id: check-case-conflict

CONTRIBUTING.md

@@ -4,7 +4,7 @@ This document provides guidelines for contributing to the module.
 
 ## Dependencies
 
-Validate your changes inside the blueprint-agent described in [.Dockerfile](.docker/Dockerfile). It can be run `make dBuildAndRun`.
+Validate your changes inside the blueprint-agent described in [.Dockerfile](blueprints/Dockerfile). It can be run `make dBuildAndRun`.
 
 ## Pre-commits: Linting, Formatting and Secrets Scanning
 

Makefile

@@ -1,38 +1,142 @@
 .DEFAULT_GOAL   	:= help
-SHELL           	:= /bin/bash
+SHELL           	:= /usr/bin/env bash
 MAKEFLAGS       	+= --no-print-directory
+BP_AGENT_USER		:= bp-agent
+CI 					?= false
 MKFILEDIR 			:= $(abspath $(dir $(lastword $(MAKEFILE_LIST))))
+MSG_INFO     		:= "\033[36m[INFO] %s\033[0m\n"
+MSG_WARN 			:= "\033[0;33m[WARN] %s\033[0m\n"
+MSG_ERROR 			:= "\033[0;31m[ERROR] %s\033[0m\n"
 
-.PHONY: dBuildAndRun
-dBuildAndRun: ## Docker Build and Run locally 
-dBuildAndRun:
-	docker build . --file .docker/Dockerfile \
-		--tag local.cloudbees/bp-agent:latest
-	docker run -it --name bp-agent_$(shell echo $$RANDOM) \
-		-v $(MKFILEDIR):/root/cloudbees-ci-addons -v $(HOME)/.aws:/root/.aws \
-		local.cloudbees/bp-agent:latest
-
-.PHONY: tfRun
-tfRun: ## Run Terraform Blueprint passed as parameter. ROOT=getting-started/v4 make tfRun 
-tfRun: guard-ROOT
-	terraform -chdir=blueprints/$(ROOT) fmt
-	terraform -chdir=blueprints/$(ROOT) init -upgrade
-	terraform -chdir=blueprints/$(ROOT) plan 
-	terraform -chdir=blueprints/$(ROOT) apply
-
-.PHONY: tfDestroy
-tfDestroy: ## Destroy Terraform Blueprint passed as parameter. ROOT=getting-started/v4 make tfDestroy 
-tfDestroy: guard-ROOT
-	terraform -chdir=blueprints/$(ROOT) destroy -target=module.eks_blueprints_addon_cbci
-	terraform -chdir=blueprints/$(ROOT) destroy -target=module.eks_blueprints_addons
-	terraform -chdir=blueprints/$(ROOT) destroy -target=module.eks
-	terraform -chdir=blueprints/$(ROOT) destroy -target=module.vpc
-	terraform -chdir=blueprints/$(ROOT) destroy
+#https://developer.hashicorp.com/terraform/internals/debugging
+export TF_LOG=INFO
+export TF_LOG_PATH=$(MKFILEDIR)/blueprints/terraform.log
+
+define confirmation
+	@if [ $(CI) == false ]; then \
+		echo -n "Asking for your confirmation to $(1) [yes/No]" && read ans && [ $${ans:-No} = yes ] ; fi
+endef
+
+#https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started/#deploy
+define deploy
+	@printf $(MSG_INFO) "Deploying CloudBees CD Blueprint $(1) ..."
+	$(call confirmation,Deploy $(1))
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) init
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) apply -target="module.vpc" -auto-approve
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) apply -target="module.eks" -auto-approve
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) apply -auto-approve
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) output > $(MKFILEDIR)/blueprints/$(1)/terraform.output
+endef
+
+#https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started/#destroy
+define destroy
+	@printf $(MSG_INFO) "Destroying CloudBees CD Blueprint $(1) ..."
+	$(call confirmation,Destroy $(1))
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) destroy -target=module.eks_blueprints_addon_cbcd -auto-approve
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) destroy -target=module.eks_blueprints_addons -auto-approve
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) destroy -target=module.eks -auto-approve
+	@terraform -chdir=$(MKFILEDIR)/blueprints/$(1) destroy -auto-approve
+	@rm -f $(MKFILEDIR)/blueprints/$(1)/terraform.output
+endef
+
+define validate
+	@printf $(MSG_INFO) "Validating CloudBees CD availability for $(1) ..."
+	$(call confirmation,Validate $(1))
+	@source blueprints/helpers.sh && probes-common $(1)
+	@if [ "$(1)" == "01-getting-started" ]; then \
+		source blueprints/helpers.sh && probes-bp01 ; fi
+	@if [ "$(1)" == "02-at-scale" ]; then \
+		source blueprints/helpers.sh && probes-bp02 ; fi
+endef
+
+define clean
+	@cd blueprints/$(ROOT) && find -name ".terraform" -type d | xargs rm -rf
+	@cd blueprints/$(ROOT) && find -name ".terraform.lock.hcl" -type f | xargs rm -f
+	@cd blueprints/$(ROOT) && find -name "kubeconfig_*.yaml" -type f | xargs rm -f
+	@cd blueprints/$(ROOT) && find -name "terraform.output" -type f | xargs rm -f
+	@cd blueprints && find -name terraform.log -type f | xargs rm -f
+endef
+
+.PHONY: dRun
+dRun: ## Build (if not locally present) and Run the Blueprint Agent using Bash as Entrypoint. It is ideal starting point for all targets. Example: make dRun
+dRun:
+	$(eval IMAGE := $(shell docker image ls | grep -c local.cloudbees/bp-agent-cd))
+	@if [ "$(IMAGE)" == "0" ]; then \
+		printf $(MSG_INFO) "Building Docker Image local.cloudbees/bp-agent-cd:latest" && \
+		docker build . --file $(MKFILEDIR)/blueprints/Dockerfile --tag local.cloudbees/bp-agent-cd:latest; \
+		fi
+	docker run --rm -it --name bp-agent-cd \
+		-v $(MKFILEDIR):/$(BP_AGENT_USER)/cbcd-eks-addon -v $(HOME)/.aws:/$(BP_AGENT_USER)/.aws \
+		local.cloudbees/bp-agent-cd:latest
+
+.PHONY: tfpreFlightChecks
+tfpreFlightChecks: ## Run preflight checks for terraform according to getting-started/README.md . Example: ROOT=02-at-scale make tfpreFlightChecks
+tfpreFlightChecks: guard-ROOT
+	@if [ "$(shell whoami)" != "$(BP_AGENT_USER)" ]; then printf $(MSG_WARN) "$(BP_AGENT_USER) user is not detected. Note that blueprints validations use the companion Blueprint Docker Agent available via: make dRun"; fi
+	@if [ ! -f blueprints/$(ROOT)/.auto.tfvars ]; then printf $(MSG_ERROR) "blueprints/$(ROOT)/.auto.tfvars file does not exist and it is required to store your own values"; exit 1; fi
+	@if ([ ! -f blueprints/$(ROOT)/k8s/flow_admin_secrets-values.yml ] && [ $(ROOT) == "02-at-scale" ]); then printf $(MSG_ERROR) "blueprints/$(ROOT)/flow_admin_secrets-values.yml file does not exist and it is required to store your secrets"; exit 1; fi
+	@if ([ ! -f blueprints/$(ROOT)/k8s/flow_db_secrets-values.yml ] && [ $(ROOT) == "02-at-scale" ]); then printf $(MSG_ERROR) "blueprints/$(ROOT)/flow_db_secrets-values.yml file does not exist and it is required to store your secrets"; exit 1; fi
+	$(eval USER_ID := $(shell aws sts get-caller-identity | grep UserId | cut -d"," -f 1 | xargs ))
+	@if [ "$(USER_ID)" == "" ]; then printf $(MSG_ERROR) "AWS Authention for CLI is not configured" && exit 1; fi
+	@printf $(MSG_INFO) "Preflight Checks OK for $(USER_ID)"
+
+.PHONY: deploy
+deploy: ## Deploy Terraform Blueprint passed as parameter. Example: ROOT=02-at-scale make deploy
+deploy: guard-ROOT tfpreFlightChecks
+	$(call deploy,$(ROOT))
+
+.PHONY: destroy
+destroy: ## Destroy Terraform Blueprint passed as parameter. Example: ROOT=02-at-scale make destroy
+destroy: guard-ROOT tfpreFlightChecks
+ifneq ("$(wildcard blueprints/$(ROOT)/terraform.output)","")
+	$(call destroy,$(ROOT))
+else
+	@printf $(MSG_ERROR) "Blueprint $(ROOT) did not complete the Deployment target. It is not Ready for Destroy target but it is possible to destroy manually https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started/#destroy"
+endif
+
+.PHONY: clean
+clean: ## Clean Blueprint passed as parameter. Example: ROOT=02-at-scale make clean
+clean: guard-ROOT tfpreFlightChecks
+	$(call clean,$(ROOT))
+
+.PHONY: tfAction
+tfAction: ## Any Terraform Action for Blueprint passed as parameters. Usage: ROOT=02-at-scale ACTION="status list" make tf_action
+tfAction: guard-ROOT guard-ACTION tfpreFlightChecks
+	terraform -chdir=blueprints/$(ROOT) $(ACTION)
+
+.PHONY: validate
+validate: ## Validate CloudBees CD Blueprint deployment passed as parameter. Example: ROOT=02-at-scale make validate
+validate: guard-ROOT tfpreFlightChecks
+ifneq ("$(wildcard blueprints/$(ROOT)/terraform.output)","")
+	$(call validate,$(ROOT))
+else
+	@printf $(MSG_ERROR) "Blueprint $(ROOT) did not complete the Deployment target thus it is not Ready to be validated."
+endif
+
+.PHONY: test
+test: ## Runs a test for blueprint passed as parameters throughout their Terraform Lifecycle. Example: ROOT=02-at-scale make test
+	@printf $(MSG_INFO) "Running Test for $(ROOT) blueprint ..."
+	$(call deploy,$(ROOT))
+	until ls blueprints/$(ROOT)/terraform.output; do sleep 3 && echo "Waiting for output file..."; done ;
+ifneq ("$(wildcard blueprints/$(ROOT)/terraform.output)","")
+	$(call validate,$(ROOT))
+	$(call destroy,$(ROOT))
+	$(call clean,$(ROOT))
+else
+	@printf $(MSG_ERROR) "Blueprint $(ROOT) did not complete the Deployment target thus it is not Ready for the following phases."
+endif
+
+.PHONY: test-all
+test-all: ## Runs test for all blueprints throughout their Terraform Lifecycle. Example: make test
+test-all:
+	@printf $(MSG_INFO) "Running Test for all blueprints ..."
+	@source $(MKFILEDIR)/blueprints/helpers.sh && test-all
 
 .PHONY: help
 help: ## Makefile Help Page
 	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n\nTargets:\n"} /^[\/\%a-zA-Z_-]+:.*?##/ { printf "  \033[36m%-21s\033[0m %s\n", $$1, $$2 }' $(MAKEFILE_LIST) 2>/dev/null
+	@printf "\nDebug: Use -d flag with targets. Example: ROOT=02-at-scale make -d validate \n\n"
 
 .PHONY: guard-%
 guard-%:
-	@if [[ "${${*}}" == "" ]]; then echo "Environment variable $* not set"; exit 1; fi
+	@if [[ "${${*}}" == "" ]]; then printf "\033[0;31m[ERROR]\033[0m %s\n" "Environment variable $* not set."; exit 1; fi