From 065ed8428be0e92d349146d073b279bae1d4978f Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Mon, 11 Jun 2018 23:55:05 +0600 Subject: [PATCH 01/12] Added install ts-state script --- aws/tfstate-backend/install.sh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100755 aws/tfstate-backend/install.sh diff --git a/aws/tfstate-backend/install.sh b/aws/tfstate-backend/install.sh new file mode 100755 index 000000000..f85a3a61d --- /dev/null +++ b/aws/tfstate-backend/install.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +sed -i "s/backend/#backend/" main.tf + +init-terraform +terraform plan + +export TF_BUCKET=$(echo "yes" | terraform apply | grep -o -e "tfstate_backend_s3_bucket_id\s=\s.*" | cut -d ' ' -f 3) +export TF_BUCKET_REGION=${TF_VAR_region} + +sed -i "s/#backend/backend/" main.tf + +s3 fstab "${TF_BUCKET}" '/' '/secrets/tf' + +echo "yes" | init-terraform + + +echo "Add to the Geodesic Module Dockerfile following" +echo "#----------------------------------------------" +echo "ENV TF_BUCKET=\"${TF_BUCKET}\"" +echo "ENV TF_BUCKET_REGION=\"${TF_BUCKET_REGION}\"" +echo "#----------------------------------------------" +echo "And rebuild the module" From 607199e9c427941eacba3c7180494231c058a5a0 Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Tue, 12 Jun 2018 18:14:11 +0600 Subject: [PATCH 02/12] Address PR comments --- aws/tfstate-backend/install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/tfstate-backend/install.sh b/aws/tfstate-backend/install.sh index f85a3a61d..073122897 100755 --- a/aws/tfstate-backend/install.sh +++ b/aws/tfstate-backend/install.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -sed -i "s/backend/#backend/" main.tf +sed -i "s/backend(\s+)\"s3\"/#backend\ 1 \"s3\"/" main.tf init-terraform terraform plan @@ -8,7 +8,7 @@ terraform plan export TF_BUCKET=$(echo "yes" | terraform apply | grep -o -e "tfstate_backend_s3_bucket_id\s=\s.*" | cut -d ' ' -f 3) export TF_BUCKET_REGION=${TF_VAR_region} -sed -i "s/#backend/backend/" main.tf +sed -i "s/#backend(\s+)\"s3\"/backend\ 1 \"s3\"/" main.tf s3 fstab "${TF_BUCKET}" '/' '/secrets/tf' From 987202a825cc3fcfb843e36201514d2e216c6fd8 Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Tue, 12 Jun 2018 18:33:28 +0600 Subject: [PATCH 03/12] Added install script --- aws/tfstate-backend/install.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/aws/tfstate-backend/install.sh b/aws/tfstate-backend/install.sh index 073122897..abd13f617 100755 --- a/aws/tfstate-backend/install.sh +++ b/aws/tfstate-backend/install.sh @@ -1,6 +1,7 @@ #!/usr/bin/env bash -sed -i "s/backend(\s+)\"s3\"/#backend\ 1 \"s3\"/" main.tf +## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf +sed -i "s/ backend / #backend /" main.tf init-terraform terraform plan @@ -8,7 +9,8 @@ terraform plan export TF_BUCKET=$(echo "yes" | terraform apply | grep -o -e "tfstate_backend_s3_bucket_id\s=\s.*" | cut -d ' ' -f 3) export TF_BUCKET_REGION=${TF_VAR_region} -sed -i "s/#backend(\s+)\"s3\"/backend\ 1 \"s3\"/" main.tf +## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf +sed -i "s/ #backend / backend /" main.tf s3 fstab "${TF_BUCKET}" '/' '/secrets/tf' From dea35bea01d52dedc2fdd4610437d0386791babf Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Tue, 12 Jun 2018 18:56:03 +0600 Subject: [PATCH 04/12] Comment assme role arn --- aws/tfstate-backend/install.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/aws/tfstate-backend/install.sh b/aws/tfstate-backend/install.sh index abd13f617..9acac3424 100755 --- a/aws/tfstate-backend/install.sh +++ b/aws/tfstate-backend/install.sh @@ -2,6 +2,8 @@ ## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf sed -i "s/ backend / #backend /" main.tf +sed -i "s/ role_arn / #role_arn /" main.tf + init-terraform terraform plan @@ -11,6 +13,7 @@ export TF_BUCKET_REGION=${TF_VAR_region} ## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf sed -i "s/ #backend / backend /" main.tf +sed -i "s/ #role_arn / role_arn /" main.tf s3 fstab "${TF_BUCKET}" '/' '/secrets/tf' From 4210eb3cf2188cc1776bfd98f22fb3a70cd84983 Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Tue, 12 Jun 2018 19:03:12 +0600 Subject: [PATCH 05/12] Address PRs --- aws/tfstate-backend/install.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/aws/tfstate-backend/install.sh b/aws/tfstate-backend/install.sh index 9acac3424..74ed30746 100755 --- a/aws/tfstate-backend/install.sh +++ b/aws/tfstate-backend/install.sh @@ -13,12 +13,10 @@ export TF_BUCKET_REGION=${TF_VAR_region} ## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf sed -i "s/ #backend / backend /" main.tf -sed -i "s/ #role_arn / role_arn /" main.tf - -s3 fstab "${TF_BUCKET}" '/' '/secrets/tf' echo "yes" | init-terraform +sed -i "s/ #role_arn / role_arn /" main.tf echo "Add to the Geodesic Module Dockerfile following" echo "#----------------------------------------------" From 98da1ff078b4c1e4daabc47db5647e8c75b8d270 Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Wed, 13 Jun 2018 16:07:57 +0600 Subject: [PATCH 06/12] Added terraform provision --- aws/iam/install.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100755 aws/iam/install.sh diff --git a/aws/iam/install.sh b/aws/iam/install.sh new file mode 100755 index 000000000..0b6ec1c01 --- /dev/null +++ b/aws/iam/install.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf +sed -i "s/ role_arn / #role_arn /" main.tf + +init-terraform +terraform plan +echo "yes" | init-terraform + +sed -i "s/ #role_arn / role_arn /" main.tf + +echo "IAM provisioned" From 7ccc809506251eae64ff579474e620b75808cc7f Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Wed, 13 Jun 2018 16:25:25 +0600 Subject: [PATCH 07/12] Added branch labels for docker --- codefresh.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/codefresh.yml b/codefresh.yml index 2b6a3678e..229a6c2d7 100644 --- a/codefresh.yml +++ b/codefresh.yml @@ -38,6 +38,7 @@ steps: candidate: ${{build_image}} tags: - "${{SEMVERSION_BRANCH_COMMIT_SHORT}}" + - "${{SEMVERSION_BRANCH}}" when: condition: all: From 6e7372916b24cee6b74ec0b09938653082696dfd Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Wed, 13 Jun 2018 16:56:44 +0600 Subject: [PATCH 08/12] Rollback image tags --- codefresh.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/codefresh.yml b/codefresh.yml index 229a6c2d7..2b6a3678e 100644 --- a/codefresh.yml +++ b/codefresh.yml @@ -38,7 +38,6 @@ steps: candidate: ${{build_image}} tags: - "${{SEMVERSION_BRANCH_COMMIT_SHORT}}" - - "${{SEMVERSION_BRANCH}}" when: condition: all: From 03b7c4d9ef51c9d86a821f0a6c41923eef322742 Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Wed, 13 Jun 2018 18:13:06 +0600 Subject: [PATCH 09/12] Rollback image tags --- aws/accounts/install.sh | 12 ++++++++++++ aws/cloudtrail/install.sh | 12 ++++++++++++ aws/iam/install.sh | 2 +- aws/organization/install.sh | 12 ++++++++++++ aws/root-dns/install.sh | 12 ++++++++++++ 5 files changed, 49 insertions(+), 1 deletion(-) create mode 100755 aws/accounts/install.sh create mode 100755 aws/cloudtrail/install.sh create mode 100755 aws/organization/install.sh create mode 100755 aws/root-dns/install.sh diff --git a/aws/accounts/install.sh b/aws/accounts/install.sh new file mode 100755 index 000000000..4395e0b14 --- /dev/null +++ b/aws/accounts/install.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf +sed -i "s/ role_arn / #role_arn /" main.tf + +init-terraform +terraform plan +echo "yes" | terraform apply + +sed -i "s/ #role_arn / role_arn /" main.tf + +echo "Accounts provisioned" diff --git a/aws/cloudtrail/install.sh b/aws/cloudtrail/install.sh new file mode 100755 index 000000000..b6f46937a --- /dev/null +++ b/aws/cloudtrail/install.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf +sed -i "s/ role_arn / #role_arn /" main.tf + +init-terraform +terraform plan +echo "yes" | terraform apply + +sed -i "s/ #role_arn / role_arn /" main.tf + +echo "CloudTrail provisioned" diff --git a/aws/iam/install.sh b/aws/iam/install.sh index 0b6ec1c01..70454119f 100755 --- a/aws/iam/install.sh +++ b/aws/iam/install.sh @@ -5,7 +5,7 @@ sed -i "s/ role_arn / #role_arn /" main.tf init-terraform terraform plan -echo "yes" | init-terraform +echo "yes" | terraform apply sed -i "s/ #role_arn / role_arn /" main.tf diff --git a/aws/organization/install.sh b/aws/organization/install.sh new file mode 100755 index 000000000..b9ab79c9c --- /dev/null +++ b/aws/organization/install.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf +sed -i "s/ role_arn / #role_arn /" main.tf + +init-terraform +terraform plan +echo "yes" | terraform apply + +sed -i "s/ #role_arn / role_arn /" main.tf + +echo "Organizations provisioned" diff --git a/aws/root-dns/install.sh b/aws/root-dns/install.sh new file mode 100755 index 000000000..e53521631 --- /dev/null +++ b/aws/root-dns/install.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf +sed -i "s/ role_arn / #role_arn /" main.tf + +init-terraform +terraform plan +echo "yes" | terraform apply + +sed -i "s/ #role_arn / role_arn /" main.tf + +echo "Root DNS provisioned" From 4874b2a8bc6d5f9b146a9e13a1bb65ba481cd8be Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Sat, 23 Jun 2018 20:22:41 +0600 Subject: [PATCH 10/12] Fix roles --- aws/cloudtrail/install.sh | 12 ------------ aws/iam/install.sh | 12 ------------ aws/organization/install.sh | 12 ------------ aws/root-dns/install.sh | 12 ------------ aws/{accounts => root-iam}/install.sh | 2 +- 5 files changed, 1 insertion(+), 49 deletions(-) delete mode 100755 aws/cloudtrail/install.sh delete mode 100755 aws/iam/install.sh delete mode 100755 aws/organization/install.sh delete mode 100755 aws/root-dns/install.sh rename aws/{accounts => root-iam}/install.sh (89%) mode change 100755 => 100644 diff --git a/aws/cloudtrail/install.sh b/aws/cloudtrail/install.sh deleted file mode 100755 index b6f46937a..000000000 --- a/aws/cloudtrail/install.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf -sed -i "s/ role_arn / #role_arn /" main.tf - -init-terraform -terraform plan -echo "yes" | terraform apply - -sed -i "s/ #role_arn / role_arn /" main.tf - -echo "CloudTrail provisioned" diff --git a/aws/iam/install.sh b/aws/iam/install.sh deleted file mode 100755 index 70454119f..000000000 --- a/aws/iam/install.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf -sed -i "s/ role_arn / #role_arn /" main.tf - -init-terraform -terraform plan -echo "yes" | terraform apply - -sed -i "s/ #role_arn / role_arn /" main.tf - -echo "IAM provisioned" diff --git a/aws/organization/install.sh b/aws/organization/install.sh deleted file mode 100755 index b9ab79c9c..000000000 --- a/aws/organization/install.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf -sed -i "s/ role_arn / #role_arn /" main.tf - -init-terraform -terraform plan -echo "yes" | terraform apply - -sed -i "s/ #role_arn / role_arn /" main.tf - -echo "Organizations provisioned" diff --git a/aws/root-dns/install.sh b/aws/root-dns/install.sh deleted file mode 100755 index e53521631..000000000 --- a/aws/root-dns/install.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf -sed -i "s/ role_arn / #role_arn /" main.tf - -init-terraform -terraform plan -echo "yes" | terraform apply - -sed -i "s/ #role_arn / role_arn /" main.tf - -echo "Root DNS provisioned" diff --git a/aws/accounts/install.sh b/aws/root-iam/install.sh old mode 100755 new mode 100644 similarity index 89% rename from aws/accounts/install.sh rename to aws/root-iam/install.sh index 4395e0b14..78a7490c6 --- a/aws/accounts/install.sh +++ b/aws/root-iam/install.sh @@ -9,4 +9,4 @@ echo "yes" | terraform apply sed -i "s/ #role_arn / role_arn /" main.tf -echo "Accounts provisioned" +echo "Root IAM Role provisioned" From 92bfaa3a0060eba517ea57735d1dbc693ec86a72 Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Tue, 26 Jun 2018 18:21:18 +0600 Subject: [PATCH 11/12] Address comments --- aws/tfstate-backend/install.sh | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/aws/tfstate-backend/install.sh b/aws/tfstate-backend/install.sh index 74ed30746..e3eb91cf2 100755 --- a/aws/tfstate-backend/install.sh +++ b/aws/tfstate-backend/install.sh @@ -1,26 +1,27 @@ #!/usr/bin/env bash -## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf -sed -i "s/ backend / #backend /" main.tf -sed -i "s/ role_arn / #role_arn /" main.tf +DISABLE_ROLE_ARN=${DISABLE_ROLE_ARN:-0} +sed -Ei 's/^(\s+backend\s+)/#\1/' main.tf +[ "${DISABLE_ROLE_ARN}" == "0" ] || sed -Ei 's/^(\s+role_arn\s+)/#\1/' main.tf init-terraform -terraform plan +echo "yes" | terraform apply -export TF_BUCKET=$(echo "yes" | terraform apply | grep -o -e "tfstate_backend_s3_bucket_id\s=\s.*" | cut -d ' ' -f 3) +export TF_BUCKET=$(terraform output -json | jq -r .tfstate_backend_s3_bucket_id.value) +export TF_DYNAMODB_TABLE=$(terraform output -json | jq -r .tfstate_backend_dynamodb_table_id.value) export TF_BUCKET_REGION=${TF_VAR_region} -## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf -sed -i "s/ #backend / backend /" main.tf +sed -Ei 's/^#(\s+backend\s+)/\1/' main.tf echo "yes" | init-terraform -sed -i "s/ #role_arn / role_arn /" main.tf +[ "${DISABLE_ROLE_ARN}" == "0" ] || sed -Ei 's/^#(\s+role_arn\s+)/\1/' main.tf -echo "Add to the Geodesic Module Dockerfile following" +echo "Add the following to the Geodesic Module's Dockerfile:" echo "#----------------------------------------------" echo "ENV TF_BUCKET=\"${TF_BUCKET}\"" echo "ENV TF_BUCKET_REGION=\"${TF_BUCKET_REGION}\"" +echo "ENV TF_DYNAMODB_TABLE=\"${TF_DYNAMODB_TABLE}\"" echo "#----------------------------------------------" echo "And rebuild the module" From 931b2b1d40b598ed740efdefa096692f2c3e7e7d Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Mon, 2 Jul 2018 23:12:28 +0600 Subject: [PATCH 12/12] Address PR comments --- aws/root-iam/install.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/aws/root-iam/install.sh b/aws/root-iam/install.sh index 78a7490c6..0601ea41d 100644 --- a/aws/root-iam/install.sh +++ b/aws/root-iam/install.sh @@ -1,12 +1,11 @@ #!/usr/bin/env bash ## Spaces before and after `backend` required to select right word, because `backend` appears 3 times in main.tf -sed -i "s/ role_arn / #role_arn /" main.tf +sed -Ei 's/^(\s+role_arn\s+)/#\1/' main.tf init-terraform -terraform plan echo "yes" | terraform apply -sed -i "s/ #role_arn / role_arn /" main.tf +sed -Ei 's/^#(\s+role_arn\s+)/\1/' main.tf echo "Root IAM Role provisioned"