Merge pull request #4 from rackspace-infrastructure-automation/jp/escrow

escrows applied git revision
rackspace-infrastructure-automation · Sep 25, 2018 · 15e273a · 15e273a
2 parents e3dd487 + 9dac58a
commit 15e273a
Show file tree

Hide file tree

Showing 7 changed files with 37 additions and 24 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -14,10 +14,11 @@ jobs:
       - deploy:
           name: Build rackspace-toolbox containers
           command: |
-            docker build -t rackspace-toolbox:$CIRCLE_SHA1 -f toolbox/Dockerfile .
+            docker build -t rackautomation/rackspace-toolbox:$CIRCLE_SHA1 -f toolbox/Dockerfile .
             docker login -u $DOCKER_USER -p $DOCKER_PASS
-            docker tag rackspace-toolbox:$CIRCLE_SHA1 rackautomation/rackspace-toolbox:$CIRCLE_SHA1
             docker push rackautomation/rackspace-toolbox:$CIRCLE_SHA1
+            docker tag rackautomation/rackspace-toolbox:$CIRCLE_SHA1 rackautomation/rackspace-toolbox:branch_${CIRCLE_BRANCH//\//_}
+            docker push rackautomation/rackspace-toolbox:branch_${CIRCLE_BRANCH//\//_}
 
   test_toolbox:
     docker:
@@ -37,8 +38,8 @@ jobs:
           name: plan
           command: cd test && plan.sh
       - run:
-          name: apply
-          command: cd test && apply.sh || echo apply failed.
+          name: apply - Please test in a new PR for https://github.com/rackspace-infrastructure-automation/969282-aws-751845724670-Phoenix-Sandbox-Do-Not-Delete/
+          command: 'cd test && apply.sh || echo "TODO: find a way  to test apply.sh"'
       - run:
           name: destroy
           command: cd test && destroy.sh

diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1 @@
+/.cache/
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,7 @@
 *.tfstate
 *.tfstate.backup
 .terraform/
+.cache/
 .DS_Store
 .idea/*
 *.tfvars

diff --git a/repository_template/bin/apply.sh b/repository_template/bin/apply.sh
@@ -22,3 +22,8 @@ for LAYER in $CHANGED_LAYERS; do
   echo "terraform apply $LAYER"
   (cd "$LAYERS_DIR/$LAYER" && terraform apply -input=false -no-color "$WORKSPACE_DIR/terraform.$LAYER.plan")
 done
+
+# escrows applied revision
+REVISION=${CIRCLE_SHA1:-$(git rev-parse HEAD)}
+echo $REVISION > tf-applied-revision.sha
+aws s3 cp ./tf-applied-revision.sha "s3://${TF_STATE_BUCKET}/"
diff --git a/repository_template/bin/check_old.sh b/repository_template/bin/check_old.sh
@@ -1,21 +1,10 @@
 #!/bin/sh
 
-set -e
-
 # be sure branch is up to date
 git fetch origin
-MASTER_REF=$(git rev-parse remotes/origin/master)
-
-. $(dirname $(realpath $0))/variables.sh
 
 # in the last hundred commits, is one of the parents in the current master?
-set +e
-git log --pretty=format:'%H' -n 100 | grep -q "$MASTER_REF"
-UPTODATE=$?
-set -e
-
-if [ $UPTODATE -ne 0 ]
-then
-  echo "Your branch is not up to date. Exiting."
+if ! (git log --pretty=format:'%H' -n 100 | grep -q "$(git rev-parse remotes/origin/master)"); then
+  echo >&2 'Your branch is not up to date. Exiting.'
   exit 1
 fi
diff --git a/repository_template/bin/variables.sh b/repository_template/bin/variables.sh
@@ -3,6 +3,7 @@
 set -e
 
 # standard paths
+MASTER_REF=$(git rev-parse remotes/origin/master)
 WORKING_DIR=$(pwd)
 
 # ensure workspace dir is always present
@@ -15,18 +16,21 @@ mkdir -p "$WORKSPACE_DIR"
 
 # populate current module info
 MODULES_DIR="$WORKING_DIR/modules"
-if [ -d "$MODULES_DIR" ]
-then
+if [ -d "$MODULES_DIR" ]; then
   MODULES=$(find "$MODULES_DIR"/* -maxdepth 0 -type d -exec basename '{}' \; | sort -n)
 
   echo "Modules found: "
   echo $MODULES
 fi
 
+find_changed_layers() {
+  echo >&2 "Comparing current git revision to: $1"
+  git diff --name-only "$1" -- "$LAYERS_DIR" | awk -F "/" '{print $2}' | sort -n | uniq
+}
+
 # populate current layer info
 LAYERS_DIR="$WORKING_DIR/layers"
-if [ -d "$LAYERS_DIR" ]
-then
+if [ -d "$LAYERS_DIR" ]; then
   LAYERS=$(find "$LAYERS_DIR"/* -maxdepth 0 -type d -exec basename '{}' \; | sort -n)
 
   echo "Layers found: "
@@ -36,7 +40,18 @@ then
   if [ -f "$WORKSPACE_DIR/changed_layers" ]; then
     CHANGED_LAYERS=$(cat "$WORKSPACE_DIR/changed_layers")
   else
-    CHANGED_LAYERS=$(git diff --name-only "$MASTER_REF" -- "$LAYERS_DIR" | awk -F "/" '{print $2}' | sort -n | uniq)
+    GIT_BRANCH=${CIRCLE_BRANCH:-$(git rev-parse --abbrev-ref HEAD)}
+    if [ -z "$(aws s3 ls s3://${TF_STATE_BUCKET}/tf-applied-revision.sha)" ]; then
+      if [ "$GIT_BRANCH" = 'master' ]; then
+        echo "No tf-applied-revision.sha file found in s3://${TF_STATE_BUCKET}. Considering all layers changed."
+        CHANGED_LAYERS=$LAYERS
+      else
+        CHANGED_LAYERS=$(find_changed_layers "$MASTER_REF")
+      fi
+    else
+      aws s3 cp "s3://${TF_STATE_BUCKET}/tf-applied-revision.sha" ./last-tf-applied-revision.sha > /dev/null
+      CHANGED_LAYERS=$(find_changed_layers "$(cat ./last-tf-applied-revision.sha)")
+    fi
     echo $CHANGED_LAYERS > "$WORKSPACE_DIR/changed_layers"
   fi
 

diff --git a/toolbox/Dockerfile b/toolbox/Dockerfile
@@ -1,9 +1,10 @@
 FROM alpine:3.8
 
-RUN apk --update add bash git openssh curl \
-  && wget https://github.com/rackspace-infrastructure-automation/tfenv/archive/v0.6.0.zip -O - | unzip -d /var/opt - \
+RUN apk --update add bash git openssh curl py-pip
+Run wget https://github.com/rackspace-infrastructure-automation/tfenv/archive/v0.6.0.zip -O - | unzip -d /var/opt - \
   && chmod +x /var/opt/tfenv-0.6.0/bin/* /var/opt/tfenv-0.6.0/libexec/* \
   && ln -s /var/opt/tfenv-0.6.0/bin/* /usr/local/bin
+RUN pip install --upgrade pip && pip install --progress-bar=off awscli
 
 RUN tfenv install 0.11.8
 RUN tfenv install 0.11.7