Merge pull request #67 from commitdev/cleanup-terraform-and-fix-backends

Cleaned up terraform and fixed backends

cmd/generate.go

@@ -77,7 +77,7 @@ var generateCmd = &cobra.Command{
 			react.Generate(t, cfg, &wg)
 		}
 
-		util.TemplateFileIfDoesNotExist("", "README.md", t.Readme, &wg, cfg)
+		util.TemplateFileIfDoesNotExist("", "README.md", t.Readme, &wg, templator.GenericTemplateData{*cfg})
 
 		// Wait for all the templates to be generated
 		wg.Wait()

internal/generate/kubernetes/generate.go

@@ -12,9 +12,9 @@ import (
 	"github.com/commitdev/commit0/internal/templator"
 )
 
-func Generate(templator *templator.Templator, config *config.Commit0Config, wg *sync.WaitGroup) {
-	templator.Kubernetes.TemplateFiles(config, false, wg)
-
+func Generate(t *templator.Templator, cfg *config.Commit0Config, wg *sync.WaitGroup) {
+	data := templator.GenericTemplateData{*cfg}
+	t.Kubernetes.TemplateFiles(data, false, wg)
 }
 
 func Execute(config *config.Commit0Config) {

internal/generate/react/generate.go

@@ -8,9 +8,11 @@ import (
 	"github.com/commitdev/commit0/internal/templator"
 )
 
-func Generate(templator *templator.Templator, config *config.Commit0Config, wg *sync.WaitGroup) {
-	templator.React.TemplateFiles(config, false, wg)
-	if config.Frontend.CI.System != "" {
-		ci.Generate(templator.CI, config, config.Frontend.CI, "react/", wg)
+func Generate(t *templator.Templator, cfg *config.Commit0Config, wg *sync.WaitGroup) {
+	data := templator.GenericTemplateData{*cfg}
+
+	t.React.TemplateFiles(data, false, wg)
+	if cfg.Frontend.CI.System != "" {
+		ci.Generate(t.CI, cfg, cfg.Frontend.CI, "react/", wg)
 	}
 }

internal/templator/template_data.go

@@ -2,6 +2,11 @@ package templator
 
 import "github.com/commitdev/commit0/internal/config"
 
+// GenericTemplateData holds data for use in any template, it just contains the config struct
+type GenericTemplateData struct {
+	Config config.Commit0Config
+}
+
 // GolangTemplateData holds data for use in golang related templates
 type GolangTemplateData struct {
 	Config  config.Commit0Config

internal/templator/templator.go

@@ -6,7 +6,6 @@ import (
 	"sync"
 	"text/template"
 
-	"github.com/commitdev/commit0/internal/config"
 	"github.com/commitdev/commit0/internal/util"
 	"github.com/gobuffalo/packr/v2"
 	"github.com/gobuffalo/packr/v2/file"
@@ -126,16 +125,16 @@ type DirectoryTemplator struct {
 	Templates []*template.Template
 }
 
-func (d *DirectoryTemplator) TemplateFiles(config *config.Commit0Config, overwrite bool, wg *sync.WaitGroup) {
+func (d *DirectoryTemplator) TemplateFiles(data interface{}, overwrite bool, wg *sync.WaitGroup) {
 	for _, template := range d.Templates {
 		d, f := filepath.Split(template.Name())
 		if strings.HasSuffix(f, ".tmpl") {
 			f = strings.Replace(f, ".tmpl", "", -1)
 		}
 		if overwrite {
-			util.TemplateFileAndOverwrite(d, f, template, wg, config)
+			util.TemplateFileAndOverwrite(d, f, template, wg, data)
 		} else {
-			util.TemplateFileIfDoesNotExist(d, f, template, wg, config)
+			util.TemplateFileIfDoesNotExist(d, f, template, wg, data)
 		}
 	}
 }

templates/kubernetes/terraform/environments/development/main.tf

@@ -1,15 +1,25 @@
+terraform {
+  backend "s3" {
+    bucket         = "project-{{ .Config.Name }}-terraform-state"
+    key            = "infrastructure/terraform/environments/development/main"
+    encrypt        = true
+    region         = "{{ .Config.Infrastructure.AWS.Region }}"
+    dynamodb_table = "terraform-state-locks"
+  }
+}
+
 # Instantiate the development environment
 module "development" {
   source      = "../../modules/environment"
   environment = "development"
 
   # Project configuration
-  project             = "{{ .Infrastructure.AWS.EKS.ClusterName }}"
-  region              = "{{ .Infrastructure.AWS.Region }}"
-  allowed_account_ids = ["{{ .Infrastructure.AWS.AccountId }}"]
+  project             = "{{ .Config.Infrastructure.AWS.EKS.ClusterName }}"
+  region              = "{{ .Config.Infrastructure.AWS.Region }}"
+  allowed_account_ids = ["{{ .Config.Infrastructure.AWS.AccountId }}"]
 
   # ECR configuration
-  ecr_repositories = ["{{ .Infrastructure.AWS.EKS.ClusterName }}"]
+  ecr_repositories = ["{{ .Config.Infrastructure.AWS.EKS.ClusterName }}"]
 
   # EKS configuration
   eks_worker_instance_type = "t2.small"

templates/kubernetes/terraform/environments/production/main.tf

@@ -1,15 +1,25 @@
+terraform {
+  backend "s3" {
+    bucket         = "project-{{ .Config.Name }}-terraform-state"
+    key            = "infrastructure/terraform/environments/production/main"
+    encrypt        = true
+    region         = "{{ .Config.Infrastructure.AWS.Region }}"
+    dynamodb_table = "terraform-state-locks"
+  }
+}
+
 # Instantiate the production environment
 module "production" {
   source      = "../../modules/environment"
   environment = "production"
 
   # Project configuration
-  project             = "{{ .Infrastructure.AWS.EKS.ClusterName }}"
-  region              = "{{ .Infrastructure.AWS.Region }}"
-  allowed_account_ids = ["{{ .Infrastructure.AWS.AccountId }}"]
+  project             = "{{ .Config.Infrastructure.AWS.EKS.ClusterName }}"
+  region              = "{{ .Config.Infrastructure.AWS.Region }}"
+  allowed_account_ids = ["{{ .Config.Infrastructure.AWS.AccountId }}"]
 
   # ECR configuration
-  ecr_repositories = ["{{ .Infrastructure.AWS.EKS.ClusterName }}"]
+  ecr_repositories = ["{{ .Config.Infrastructure.AWS.EKS.ClusterName }}"]
 
   # EKS configuration
   eks_worker_instance_type = "m4.large"

templates/kubernetes/terraform/environments/staging/main.tf

@@ -1,15 +1,25 @@
+terraform {
+  backend "s3" {
+    bucket         = "project-{{ .Config.Name }}-terraform-state"
+    key            = "infrastructure/terraform/environments/staging/main"
+    encrypt        = true
+    region         = "{{ .Config.Infrastructure.AWS.Region }}"
+    dynamodb_table = "terraform-state-locks"
+  }
+}
+
 # Instantiate the staging environment
 module "staging" {
   source      = "../../modules/environment"
   environment = "staging"
 
   # Project configuration
-  project             = "{{ .Infrastructure.AWS.EKS.ClusterName }}"
-  region              = "{{ .Infrastructure.AWS.Region }}"
-  allowed_account_ids = ["{{ .Infrastructure.AWS.AccountId }}"]
+  project             = "{{ .Config.Infrastructure.AWS.EKS.ClusterName }}"
+  region              = "{{ .Config.Infrastructure.AWS.Region }}"
+  allowed_account_ids = ["{{ .Config.Infrastructure.AWS.AccountId }}"]
 
   # ECR configuration
-  ecr_repositories = ["{{ .Infrastructure.AWS.EKS.ClusterName }}"]
+  ecr_repositories = ["{{ .Config.Infrastructure.AWS.EKS.ClusterName }}"]
 
   # EKS configuration
   eks_worker_instance_type = "t2.small"

templates/kubernetes/terraform/global/remote-state/main.tf

@@ -0,0 +1,24 @@
+provider "aws" {
+  region  = "{{ .Config.Infrastructure.AWS.Region }}"
+}
+
+resource "aws_s3_bucket" "terraform_remote_state" {
+  bucket  = "project-{{ .Config.Name }}-terraform-state"
+  acl     = "private"
+
+  versioning {
+    enabled = true
+  }
+}
+
+resource "aws_dynamodb_table" "terraform_state_locks" {
+  name           = "{{ .Config.Name }}-terraform-state-locks"
+  read_capacity  = 2
+  write_capacity = 2
+  hash_key       = "LockID"
+
+  attribute {
+    name = "LockID"
+    type = "S"
+  }
+}

templates/kubernetes/terraform/modules/eks/main.tf

@@ -1,6 +1,6 @@
 # Create KubernetesAdmin role for aws-iam-authenticator
 resource "aws_iam_role" "kubernetes_admin_role" {
-  name               = "kubernetes-admin"
+  name               = "{{ .Config.Name }}-kubernetes-admin"
   assume_role_policy = var.assume_role_policy
   description        = "Kubernetes administrator role (for AWS IAM Authenticator)"
 }

templates/kubernetes/terraform/modules/kube2iam/main.tf

@@ -42,7 +42,7 @@ resource "aws_iam_role_policy" "node_kube2iam_policy" {
 ## ALB Ingress Controller
 # Create a role and establish a trust relationship with the worker nodes
 resource "aws_iam_role" "k8s_worker_alb_ingress_controller_role" {
-  name                  = "k8s-alb-ingress-controller"
+  name                  = "{{ .Config.Name }}-k8s-alb-ingress-controller"
   assume_role_policy    = data.aws_iam_policy_document.k8s_worker_assumerole_policy.json
   force_detach_policies = true
 }
@@ -127,4 +127,4 @@ resource "aws_iam_role_policy" "k8s_worker_alb_ingress_controller_role_policy" {
   name   = "worker-alb-ingress-controller-policy"
   role   = aws_iam_role.k8s_worker_alb_ingress_controller_role.id
   policy = data.aws_iam_policy_document.k8s_alb_ingress_controller_access_policy.json
-}
+}

templates/kubernetes/terraform/modules/kubernetes/monitoring/main.tf

@@ -1,5 +1,5 @@
 resource "aws_iam_role" "k8s_monitoring" {
-  name                  = "k8s-${var.environment}-monitoring"
+  name                  = "{{ .Config.Name }}-k8s-${var.environment}-monitoring"
   assume_role_policy    = var.assume_role_policy
   force_detach_policies = true
 }
@@ -35,4 +35,4 @@ module "cloudwatch_agent" {
   environment  = var.environment
   region       = var.region
   cluster_name = var.cluster_name
-}
+}

templates/kubernetes/terraform/modules/vpc/main.tf

@@ -2,12 +2,12 @@ module "vpc" {
   source = "terraform-aws-modules/vpc/aws"
 
   name = "${var.project}-${var.environment}-vpc"
-  cidr = "10.10.0.0/16"
+  cidr = "10.20.0.0/16"
 
   azs              = ["${var.region}a", "${var.region}b", "${var.region}c"] # Most regions have 3+ azs
-  private_subnets  = ["10.10.40.0/24", "10.10.42.0/24", "10.10.44.0/24"]
-  public_subnets   = ["10.10.41.0/24", "10.10.43.0/24", "10.10.45.0/24"]
-  database_subnets = ["10.10.50.0/24", "10.10.52.0/24", "10.10.54.0/24"]
+  private_subnets  = ["10.20.40.0/24", "10.20.42.0/24", "10.20.44.0/24"]
+  public_subnets   = ["10.20.41.0/24", "10.20.43.0/24", "10.20.45.0/24"]
+  database_subnets = ["10.20.50.0/24", "10.20.52.0/24", "10.20.54.0/24"]
 
   # Allow kubernetes ALB ingress controller to auto-detect
   private_subnet_tags = {
@@ -31,4 +31,4 @@ module "vpc" {
     environment = var.environment
   }
 
-}
+}

templates/react/package.json.tmpl

@@ -1,5 +1,5 @@
 {
-  "name": "{{ .Frontend.App.Name }}",
+  "name": "{{ .Config.Frontend.App.Name }}",
   "version": "0.1.0",
   "private": true,
   "dependencies": {

templates/react/public/index.html.tmpl

@@ -25,7 +25,7 @@
       work correctly both with client-side routing and a non-root public URL.
       Learn how to configure a non-root public URL by running `npm run build`.
     -->
-    <title>{{ .Frontend.App.Name }}</title>
+    <title>{{ .Config.Frontend.App.Name }}</title>
   </head>
   <body>
     <noscript>You need to enable JavaScript to run this app.</noscript>

templates/react/src/config/index.js.tmpl

@@ -1,18 +1,18 @@
 export default {
   app: {
-    name: '{{ .Frontend.App.Name }}',
+    name: '{{ .Config.Frontend.App.Name }}',
   },
   account: {
-    enabled: {{ .Frontend.Account.Enabled }},
-    required: {{ .Frontend.Account.Required }},
+    enabled: {{ .Config.Frontend.Account.Enabled }},
+    required: {{ .Config.Frontend.Account.Required }},
   },
   header: {
-    enabled: {{ .Frontend.Header.Enabled }},
+    enabled: {{ .Config.Frontend.Header.Enabled }},
   },
   sidenav: {
-    enabled: {{ .Frontend.Sidenav.Enabled }},
+    enabled: {{ .Config.Frontend.Sidenav.Enabled }},
     items: [
-      {{ range .Frontend.Sidenav.Items }}
+      {{ range .Config.Frontend.Sidenav.Items }}
       {
         path: '{{ .Path }}',
         label: '{{ .Label }}',
@@ -22,7 +22,7 @@ export default {
     ]
   },
   views: [
-    {{ range .Frontend.Views }}
+    {{ range .Config.Frontend.Views }}
     {
       path: '{{ .Path }}',
       component: '{{ .Component }}',

templates/util/README.tmpl

@@ -1,3 +1,3 @@
-# {{.Name}}
+# {{.Config.Name}}
 
 @TODO : Fill in readme about how to use all the components the user configured