From 4f8a3eb5f35d2208165231a2d9e2dab75d9c0921 Mon Sep 17 00:00:00 2001 From: Steven Gorrell Date: Fri, 3 Aug 2018 08:32:09 -0500 Subject: [PATCH] Adding CircleCI. --- .circleci/bin/apply.sh | 25 ++++++++++++++++++ .circleci/bin/check_master.sh | 32 +++++++++++++++++++++++ .circleci/bin/destroy.sh | 24 +++++++++++++++++ .circleci/bin/lint.sh | 27 +++++++++++++++++++ .circleci/bin/plan.sh | 28 ++++++++++++++++++++ .circleci/bin/validate.sh | 28 ++++++++++++++++++++ .circleci/config.yml | 40 ++++++++++++++++++++++++++++ examples/s3.tf | 15 +++++++++-- main.tf | 2 +- tests/test1/main.tf | 49 +++++++++++++++++++++++++++++++++++ 10 files changed, 267 insertions(+), 3 deletions(-) create mode 100755 .circleci/bin/apply.sh create mode 100755 .circleci/bin/check_master.sh create mode 100755 .circleci/bin/destroy.sh create mode 100755 .circleci/bin/lint.sh create mode 100755 .circleci/bin/plan.sh create mode 100755 .circleci/bin/validate.sh create mode 100644 .circleci/config.yml create mode 100644 tests/test1/main.tf diff --git a/.circleci/bin/apply.sh b/.circleci/bin/apply.sh new file mode 100755 index 0000000..15f61d3 --- /dev/null +++ b/.circleci/bin/apply.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +set -e + +WORKING_DIR=$(pwd) +WORKSPACE_DIR="$WORKING_DIR/workspace" +LAYERS_DIR="$WORKING_DIR/layers" + +if [ -f "$WORKSPACE_DIR/changed_layers" ]; then + LAYERS=$(cat "$WORKSPACE_DIR/changed_layers" | sort -n) +else + LAYERS=$(find "$LAYERS_DIR"/* -type d -maxdepth 0 -exec basename '{}' \; | sort -n) +fi + +for LAYER in $LAYERS; do + # for debugging, show that these files exist + ls -la "$WORKSPACE_DIR/.terraform.$LAYER.tar.gz" + ls -la "$WORKSPACE_DIR/terraform.$LAYER.plan" + + # uncache .terraform for the apply + (cd "$LAYERS_DIR/$LAYER" && tar xzf "$WORKSPACE_DIR/.terraform.$LAYER.tar.gz") + + echo "terraform apply $LAYER" + (cd "$LAYERS_DIR/$LAYER" && terraform apply -input=false -no-color "$WORKSPACE_DIR/terraform.$LAYER.plan") +done diff --git a/.circleci/bin/check_master.sh b/.circleci/bin/check_master.sh new file mode 100755 index 0000000..ff50dee --- /dev/null +++ b/.circleci/bin/check_master.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +# standard paths +WORKING_DIR=$(pwd) +WORKSPACE_DIR="$WORKING_DIR/workspace" +LAYERS_DIR="$WORKING_DIR/layers" +LAYERS=$(find "$LAYERS_DIR"/* -type d -maxdepth 0 -exec basename '{}' \; | sort -n) + +# be sure we know about the latest remote refs +git fetch origin +MASTER_REF=$(git rev-parse remotes/origin/master) + +# in the last hundred commits, is one of the parents in the current master? +git log --pretty=format:'%H' -n 100 | grep -q "$MASTER_REF" +UPTODATE=$? + +if [ $UPTODATE -ne 0 ] +then + echo "Your branch is not up to date. Exiting." +fi + +if [ -f "$WORKSPACE_DIR/changed_layers" ]; then + CHANGED_LAYERS=$(cat "$WORKSPACE_DIR/changed_layers") +else + CHANGED_LAYERS=$(git diff --name-only "$MASTER_REF" -- "$LAYERS_DIR" | awk -F "/" '{print $2}' | sort -n | uniq) + echo $CHANGED_LAYERS > "$WORKSPACE_DIR/changed_layers" +fi + +echo "Changed layers: " +echo $CHANGED_LAYERS diff --git a/.circleci/bin/destroy.sh b/.circleci/bin/destroy.sh new file mode 100755 index 0000000..2f65397 --- /dev/null +++ b/.circleci/bin/destroy.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +set -e + +WORKING_DIR=$(pwd) +WORKSPACE_DIR="$WORKING_DIR/workspace" +LAYERS_DIR="$WORKING_DIR/layers" + +if [ -f "$WORKSPACE_DIR/changed_layers" ]; then + LAYERS=$(cat "$WORKSPACE_DIR/changed_layers" | sort -nr) +else + LAYERS=$(find "$LAYERS_DIR"/* -type d -maxdepth 0 -exec basename '{}' \; | sort -nr) +fi + +for LAYER in $LAYERS; do + # for debugging, show that these files exist + ls -la "$LAYERS_DIR/$LAYER/terraform.tfstate" + + # uncache .terraform for the destroy + (cd "$LAYERS_DIR/$LAYER" && tar xzf "$WORKSPACE_DIR/.terraform.$LAYER.tar.gz" || echo "Did not find a cached .terraform directory") + + echo "terraform destroy $LAYER" + (cd "$LAYERS_DIR/$LAYER" && terraform destroy -refresh=false -auto-approve) +done diff --git a/.circleci/bin/lint.sh b/.circleci/bin/lint.sh new file mode 100755 index 0000000..32e4ebc --- /dev/null +++ b/.circleci/bin/lint.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +set -e + +WORKING_DIR=$(pwd) +LAYERS_DIR="$WORKING_DIR/layers" +LAYERS=$(find "$LAYERS_DIR"/* -type d -maxdepth 0 -exec basename '{}' \; | sort -n) + +OVERALL_RETURN=0 +for LAYER in $LAYERS; do + echo "terraform fmt $LAYER" + + LINT_OUTPUT=$(cd "$LAYERS_DIR/$LAYER" && terraform fmt -check=true -write=false -diff=false -list=true) + LINT_RETURN=$? + + if [ $LINT_RETURN -ne 0 ] + then + echo "Linting failed in $LAYER, please run terraform fmt" + echo $LINT_OUTPUT + OVERALL_RETURN=1 + fi +done + +if [ $OVERALL_RETURN -ne 0 ] +then + exit $OVERALL_RETURN +fi diff --git a/.circleci/bin/plan.sh b/.circleci/bin/plan.sh new file mode 100755 index 0000000..6b9d96d --- /dev/null +++ b/.circleci/bin/plan.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +set -e + +WORKING_DIR=$(pwd) +WORKSPACE_DIR="$WORKING_DIR/workspace" +LAYERS_DIR="$WORKING_DIR/layers" + +if [ -f "$WORKSPACE_DIR/changed_layers" ]; then + LAYERS=$(cat "$WORKSPACE_DIR/changed_layers") +else + LAYERS=$(find "$LAYERS_DIR"/* -type d -maxdepth 0 -exec basename '{}' \; | sort -n) +fi + +for LAYER in $LAYERS; do + echo "terraform init $LAYER" + (cd "$LAYERS_DIR/$LAYER" && terraform init -input=false -no-color) + + # cache .terraform during the plan + (cd "$LAYERS_DIR/$LAYER" && tar -czf "$WORKSPACE_DIR/.terraform.$LAYER.tar.gz" .terraform) + + echo "terraform plan $LAYER" + (cd "$LAYERS_DIR/$LAYER" && terraform plan -no-color -input=false -out="$WORKSPACE_DIR/terraform.$LAYER.plan" | tee "$WORKSPACE_DIR/full_plan_output.log" | grep -v "Refreshing state" ) + + # for debugging, show these files exist + ls -la "$WORKSPACE_DIR/.terraform.$LAYER.tar.gz" + ls -la "$WORKSPACE_DIR/terraform.$LAYER.plan" +done diff --git a/.circleci/bin/validate.sh b/.circleci/bin/validate.sh new file mode 100755 index 0000000..69ead31 --- /dev/null +++ b/.circleci/bin/validate.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +set -e + +WORKING_DIR=$(pwd) +WORKSPACE_DIR="$WORKING_DIR/workspace" +LAYERS_DIR="$WORKING_DIR/layers" +LAYERS=$(find "$LAYERS_DIR"/* -type d -maxdepth 0 -exec basename '{}' \; | sort -n) + +OVERALL_RETURN=0 +for LAYER in $LAYERS; do + echo "terraform validate $LAYER" + + VALIDATE_OUTPUT=$(cd "$LAYERS_DIR/$LAYER" && terraform validate -input=false -check-variables=false -no-color .) + VALIDATE_RETURN=$? + + if [ $VALIDATE_RETURN -ne 0 ] + then + echo "Validate failed in $LAYER, please run terraform validate" + echo $VALIDATE_OUTPUT + OVERALL_RETURN=1 + fi +done + +if [ $OVERALL_RETURN -ne 0 ] +then + exit $OVERALL_RETURN +fi diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 0000000..b073aeb --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,40 @@ +version: 2 +jobs: + test: + docker: + - image: hashicorp/terraform:0.11.7 + steps: + - checkout: + path: ~/module + - run: mkdir -p ~/workspace + - run: cp -pr ~/module/.circleci/bin ~/bin + - run: mv ~/module/tests/ ~/layers/ # Move tests into layers directory + - run: + name: lint tests + command: cd ~ && ~/bin/lint.sh + - run: mkdir -p ~/example_lint/layers/ && mv ~/module/examples/ ~/example_lint/layers/ + - run: + name: lint examples + command: cd ~/example_lint && ~/bin/lint.sh + - run: mkdir -p ~/module_lint/layers/ && cp -pr ~/module/ ~/module_lint/layers/module/ + - run: + name: lint module + command: cd ~/module_lint && ~/bin/lint.sh + - run: + name: plan + command: cd ~ && ~/bin/plan.sh + - run: + name: apply + command: cd ~ && ~/bin/apply.sh + - run: + name: destroy + command: cd ~ && ~/bin/destroy.sh # must succeed or we have something to clean up manually + +workflows: + version: 2 + build_and_test: + jobs: + - test: + filters: + branches: + ignore: master \ No newline at end of file diff --git a/examples/s3.tf b/examples/s3.tf index 5aa838f..f212579 100644 --- a/examples/s3.tf +++ b/examples/s3.tf @@ -1,7 +1,18 @@ +provider "aws" { + version = "~> 1.2" + region = "us-west-2" +} + +resource "random_string" "s3_rstring" { + length = 18 + upper = false + special = false +} + module "s3" { - source = "path/to/module" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-s3//?ref=v0.0.1" - bucket_name = "" + bucket_name = "${random_string.s3_rstring.result}-example-s3-bucket" bucket_acl = "bucket-owner-full-control" diff --git a/main.tf b/main.tf index 8b7b955..0707330 100644 --- a/main.tf +++ b/main.tf @@ -90,7 +90,7 @@ locals { disabled = "${list()}" } - nc_ia_transitions = "${var.noncurrent_version_transition_ia_days > 0 ? "ia_enbled": "disabled"}" + nc_ia_transitions = "${var.noncurrent_version_transition_ia_days > 0 ? "ia_enabled": "disabled"}" nc_glacier_transitions = "${var.noncurrent_version_transition_glacier_days > 0 ? "glacier_enabled":"disabled"}" nc_transitions = "${concat(local.noncurrent_version_transition[local.nc_ia_transitions], local.noncurrent_version_transition[local.nc_glacier_transitions])}" diff --git a/tests/test1/main.tf b/tests/test1/main.tf new file mode 100644 index 0000000..c09d6d4 --- /dev/null +++ b/tests/test1/main.tf @@ -0,0 +1,49 @@ +provider "aws" { + version = "~> 1.2" + region = "us-west-2" +} + +resource "random_string" "s3_rstring" { + length = 18 + upper = false + special = false +} + +module "s3" { + source = "../../module" + + bucket_name = "${random_string.s3_rstring.result}-example-s3-bucket" + + bucket_acl = "bucket-owner-full-control" + + bucket_logging = false + + bucket_tags = { + RightSaid = "Fred" + LeftSaid = "George" + } + + environment = "Development" + + lifecycle_enabled = true + + noncurrent_version_expiration_days = "425" + + noncurrent_version_transition_glacier_days = "60" + + noncurrent_version_transition_ia_days = "30" + + object_expiration_days = "425" + + transition_to_glacier_days = "60" + + transition_to_ia_days = "30" + + versioning = true + + website = true + + website_error = "error.html" + + website_index = "index.html" +}