Gracefully shutdown the terraform process

[ialidzhikov]

What this PR does / why we need it:
Currently signals sent to PID 1 in the terraformer image are not forwarded to the child processes as PID 1 is sh. This prevents the terraform process itself to receive a SIGTERM and start graceful termination. After a terminationGracePeriodSeconds, the terraformer Pod can be SIGKILL-ed and the terraform process itself can lose its current terraform.tfstate.

This PR:

• introduces a wrapper terraformer.sh process which runs as PID 1 and sends SIGTERM to the running child terraform.sh process (if any) on termination and waits for its completion
• modifies terraform.sh to sent SIGTERM to the running terraform process (if any) on termination and waits for its completion. On the other side, if the current command is apply, terraform stops creating new resources and waits only for the creation of the resources which were already in creating when the SIGTERM was sent.

Which issue(s) this PR fixes:
Ref gardener-attic/gardener-extensions#597

Special notes for your reviewer:

Release note:

`terraformer` does no longer ignore the termination signals sent to PID 1. It does now send a termination signal to the terraform process itself and waits for its completion. This should prevent rare cases in which the `terraformer` was not storing the state of created infrastructure resources.

[rfranzke]

Tested with AWS - works perfectly, great!

$ k -n shoot--foobar--aws logs infrastructure.infra.tf-apply-mq7bq -f
Initializing the backend...

[...]

* provider.aws: version = "~> 2.26"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
aws_iam_role.nodes: Creating...
aws_vpc_dhcp_options.vpc_dhcp_options: Creating...
aws_vpc.vpc: Creating...
aws_iam_role.bastions: Creating...
Tue Mar 17 06:04:30 UTC 2020 Sending SIGTERM to terraform.sh process 7.
Tue Mar 17 06:04:30 UTC 2020 Waiting for terraform.sh process 7 to complete...
Tue Mar 17 06:04:30 UTC 2020 Sending SIGTERM to terraform process 31.
Interrupt received.
Please wait for Terraform to exit or data loss may occur.
Gracefully shutting down...
Stopping operation...
Tue Mar 17 06:04:30 UTC 2020 Waiting for terraform process 31 to complete...
aws_vpc_dhcp_options.vpc_dhcp_options: Creation complete after 1s [id=dopt-0bb24fabf45522cbc]
aws_iam_role.bastions: Creation complete after 1s [id=shoot--foobar--aws-bastions]
aws_iam_role.nodes: Creation complete after 2s [id=shoot--foobar--aws-nodes]
aws_vpc.vpc: Creation complete after 4s [id=vpc-0f2faa33eba498d7d]

Apply complete! Resources: 4 added, 0 changed, 0 destroyed.

Outputs:

nodes_role_arn = arn:aws:iam::***:role/shoot--foobar--aws-nodes
vpc_id = vpc-0f2faa33eba498d7d
Tue Mar 17 06:04:33 UTC 2020 Terraform process 31 completed.

ConfigMap successfully updated with terraform state.
Tue Mar 17 06:04:34 UTC 2020 Command executed successful.
Tue Mar 17 06:04:34 UTC 2020 terraform.sh process 7 completed.
Tue Mar 17 06:04:34 UTC 2020 terraform.sh exited with 143.

[rfranzke]

/lgtm

[rfranzke]

/lgtm <3

[timebertt]

/lgtm