Support provisioning Code Valet properly in some CloudBees accounts with AKS

This is kind of a broad set of changes, but necessary to get Code Valet running outside of my own personal accounts
2017-11-13 15:45:38 -08:00 · 2017-11-13 15:45:38 -08:00 · 0e124f64e0
parent 29ef0576bf
commit 0e124f64e0
8 changed files with 46 additions and 98 deletions
--- a/19
+++ b/19
@ -1,4 +1,6 @@
 IMAGE_PREFIX="rtyler/codevalet"
+TF_VARFILE=.terraform.cb.json
+TERRAFORM=./scripts/terraform

 check: generate validate
 	$(MAKE) -C webapp check
@ -58,14 +60,17 @@ webapp:

 ## Terraform
 ###############################################################
-validate: plans/*.tf
-	./scripts/terraform validate plans
+validate: plans/*.tf tfinit
+	$(TERRAFORM) validate --var-file=$(TF_VARFILE) plans

-plan: validate
-	./scripts/terraform plan --var-file=.terraform.json plans
+plan: validate tfinit
+	$(TERRAFORM) plan --var-file=$(TF_VARFILE) plans

-deploy: plan
-	./scripts/terraform apply --var-file=.terraform.json plans
+deploy: plan tfinit
+	$(TERRAFORM) apply --var-file=$(TF_VARFILE) plans
+
+tfinit: $(TF_VARFILE) ./scripts/tf-init
+	./scripts/tf-init $(TF_VARFILE)
 ###############################################################


@ -101,4 +106,4 @@ k8s/generated:

 .PHONY: clean all plugins master builder plan validate \
 	deploy generate-k8s deploy-k8s webapp check generate-tfs generate \
-	agent-templates proxy run
+	agent-templates proxy run tfinit
--- a/plans/control-plane.tf
+++ b/plans/control-plane.tf
@ -5,6 +5,6 @@
 # considered "trusted" resources and not those running user-generated code.

 resource "azurerm_resource_group" "controlplane" {
-  name     = "codevalet"
-  location = "${var.region}"
+    name     = "codevalet"
+    location = "${var.region}"
 }
--- a/plans/dns.tf
+++ b/plans/dns.tf
@ -4,6 +4,6 @@
 # resources between production and staging, but we'll give it a try.

 resource "azurerm_dns_zone" "root" {
-  name                = "${var.dnsprefix}codevalet.io"
-  resource_group_name = "${azurerm_resource_group.controlplane.name}"
+    name                = "${var.dnsprefix}codevalet.io"
+    resource_group_name = "${azurerm_resource_group.controlplane.name}"
 }
--- a/plans/images.tf
+++ b/plans/images.tf
@ -8,10 +8,10 @@ resource "azurerm_resource_group" "images" {
 }

 resource "azurerm_storage_account" "images" {
-  name                = "codevaletvhds"
-  resource_group_name = "${azurerm_resource_group.images.name}"
-
-  location     = "${var.region}"
-  account_type = "Standard_LRS"
+    name                     = "codevaletvhds"
+    resource_group_name      = "${azurerm_resource_group.images.name}"
+    location                 = "${var.region}"
+    account_tier             = "Standard"
+    account_replication_type = "LRS"

 }
--- a/plans/nginx.tf
+++ b/plans/nginx.tf
@ -1,47 +0,0 @@
-#
-# Terraform plan for the in-bound nginx proxy
-#
-
-resource "azurerm_dns_a_record" "nginx" {
-  name                = "@"
-  zone_name           = "${azurerm_dns_zone.root.name}"
-  resource_group_name = "${azurerm_resource_group.controlplane.name}"
-  ttl                 = "300"
-  records             = ["${azurerm_public_ip.nginx.ip_address}"]
-}
-
-resource "azurerm_public_ip" "nginx" {
-  name                         = "nginx"
-  location                     = "${var.region}"
-  resource_group_name          = "${azurerm_resource_group.controlplane.name}"
-  public_ip_address_allocation = "static"
-}
-
-resource "kubernetes_service" "nginx" {
-  depends_on = [
-    "azurerm_container_service.controlplane",
-  ]
-
-  metadata {
-    name = "nginx"
-  }
-  spec {
-    load_balancer_ip = "${azurerm_public_ip.nginx.ip_address}"
-
-    type = "LoadBalancer"
-    selector {
-      name = "nginx"
-    }
-    session_affinity = "ClientIP"
-    port {
-      name = "http"
-      target_port = 80
-      port = 80
-    }
-    port {
-      name = "http-tls"
-      target_port = 443
-      port = 443
-    }
-  }
-}
--- a/plans/variables.tf
+++ b/plans/variables.tf
@ -2,12 +2,16 @@
 # Variables for plugging in various environment specific settings
 #

-
 variable "env" {
  type    = "string"
  default = "dev"
 }

+variable "dnsprefix" {
+    type    = "string"
+    default = ""
+}
+
 variable "region" {
  type    = "string"
  default = "West US"
--- a/plans/webapp.tf
+++ b/plans/webapp.tf
@ -1,34 +0,0 @@
-#
-# Terraform plan for managing some of the resources for the webapp
-#
-
-resource "azurerm_public_ip" "webapp" {
-  name                         = "webapp"
-  location                     = "${var.region}"
-  resource_group_name          = "${azurerm_resource_group.controlplane.name}"
-  public_ip_address_allocation = "static"
-}
-
-
-resource "kubernetes_service" "webapp" {
-  depends_on = [
-    "azurerm_container_service.controlplane",
-  ]
-
-  metadata {
-    name = "webapp"
-  }
-  spec {
-    load_balancer_ip = "${azurerm_public_ip.webapp.ip_address}"
-
-    type = "LoadBalancer"
-    selector {
-      name = "webapp"
-    }
-    session_affinity = "ClientIP"
-    port {
-      target_port = 9292
-      port = 80
-    }
-  }
-}
--- a/scripts/tf-init
+++ b/scripts/tf-init
@ -0,0 +1,20 @@
+#!/bin/sh -e
+
+TERRAFORM=$(dirname $0)/terraform
+TF_VARFILE=$1
+
+# Pull everything from our var-file into shell variables
+# How's that for some python code golf?
+eval $(python -c "import json; print '\n'.join(['{}={}'.format(k.upper(),v) for k,v in json.load(file('${TF_VARFILE}')).iteritems()]);")
+
+${TERRAFORM} init \
+    -backend=true \
+    -backend-config="storage_account_name=${ENV}codevalettf" \
+    -backend-config="container_name=tfstate" \
+    -backend-config="key=codevalet.tfstate" \
+    -backend-config="resource-group-name=${ENV}codevalet" \
+    -backend-config="arm_subscription_id=${SUBCRIPTION_ID}" \
+    -backend-config="arm_client_id=${CLIENT_ID}" \
+    -backend-config="arm_client_secret=${CLIENT_SECRET}" \
+    -backend-config="arm_tenant_id=${TENANT_ID}" \
+    plans