0
0
mirror of https://github.com/thegeeklab/wp-opentofu.git synced 2024-11-13 23:40:39 +00:00
wp-opentofu/plugin.go

401 lines
9.0 KiB
Go
Raw Normal View History

2016-10-08 15:34:43 +00:00
package main
import (
"fmt"
"io/ioutil"
"os"
"os/exec"
2018-04-06 11:37:39 +00:00
"os/user"
"path/filepath"
"regexp"
2016-10-08 15:34:43 +00:00
"strings"
"time"
"github.com/Sirupsen/logrus"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/sts"
2016-10-08 15:34:43 +00:00
)
type (
// Config holds input parameters for the plugin
2016-10-08 15:34:43 +00:00
Config struct {
2018-02-14 15:35:07 +00:00
Actions []string
2016-10-08 15:34:43 +00:00
Vars map[string]string
Secrets map[string]string
2017-05-08 15:40:14 +00:00
InitOptions InitOptions
2019-02-04 17:21:54 +00:00
FmtOptions FmtOptions
2016-10-08 15:34:43 +00:00
Cacert string
Sensitive bool
RoleARN string
RootDir string
Parallelism int
Targets []string
VarFiles []string
2016-10-08 15:34:43 +00:00
}
2018-07-31 18:35:04 +00:00
// Netrc is credentials for cloning
2018-04-06 11:37:39 +00:00
Netrc struct {
Machine string
Login string
Password string
}
// InitOptions include options for the Terraform's init command
2017-05-08 15:40:14 +00:00
InitOptions struct {
2017-05-12 15:06:54 +00:00
BackendConfig []string `json:"backend-config"`
Lock *bool `json:"lock"`
LockTimeout string `json:"lock-timeout"`
2016-10-08 15:34:43 +00:00
}
2019-02-04 17:21:54 +00:00
// FmtOptions fmt options for the Terraform's fmt command
FmtOptions struct {
List *bool `json:"list"`
Write *bool `json:"write"`
Diff *bool `json:"diff"`
Check *bool `json:"check"`
}
// Plugin represents the plugin instance to be executed
2016-10-08 15:34:43 +00:00
Plugin struct {
Config Config
2018-04-06 11:37:39 +00:00
Netrc Netrc
Terraform Terraform
2016-10-08 15:34:43 +00:00
}
)
// Exec executes the plugin
2016-10-08 15:34:43 +00:00
func (p Plugin) Exec() error {
// Install specified version of terraform
if p.Terraform.Version != "" {
err := installTerraform(p.Terraform.Version)
if err != nil {
return err
}
}
2016-10-08 15:34:43 +00:00
if p.Config.RoleARN != "" {
assumeRole(p.Config.RoleARN)
}
2018-04-06 11:37:39 +00:00
// writing the .netrc file with Github credentials in it.
err := writeNetrc(p.Netrc.Machine, p.Netrc.Login, p.Netrc.Password)
if err != nil {
return err
}
2016-10-08 15:34:43 +00:00
var commands []*exec.Cmd
commands = append(commands, exec.Command("terraform", "version"))
CopyTfEnv()
2016-10-08 15:34:43 +00:00
if p.Config.Cacert != "" {
commands = append(commands, installCaCert(p.Config.Cacert))
}
2017-05-08 15:40:14 +00:00
commands = append(commands, deleteCache())
commands = append(commands, initCommand(p.Config.InitOptions))
2016-10-08 15:34:43 +00:00
commands = append(commands, getModules())
2018-02-14 15:35:07 +00:00
// Add commands listed from Actions
for _, action := range p.Config.Actions {
switch action {
2019-02-04 17:21:54 +00:00
case "fmt":
commands = append(commands, tfFmt(p.Config))
2018-02-14 15:35:07 +00:00
case "validate":
commands = append(commands, tfValidate(p.Config))
case "plan":
commands = append(commands, tfPlan(p.Config, false))
case "plan-destroy":
commands = append(commands, tfPlan(p.Config, true))
case "apply":
commands = append(commands, tfApply(p.Config))
case "destroy":
commands = append(commands, tfDestroy(p.Config))
default:
2019-02-04 17:21:54 +00:00
return fmt.Errorf("valid actions are: fmt, validate, plan, apply, plan-destroy, destroy. You provided %s", action)
2018-02-14 15:35:07 +00:00
}
2016-10-08 15:34:43 +00:00
}
2018-02-14 15:35:07 +00:00
2016-10-08 15:34:43 +00:00
commands = append(commands, deleteCache())
for _, c := range commands {
if c.Dir == "" {
wd, err := os.Getwd()
if err == nil {
c.Dir = wd
}
}
if p.Config.RootDir != "" {
c.Dir = c.Dir + "/" + p.Config.RootDir
}
c.Stdout = os.Stdout
c.Stderr = os.Stderr
if !p.Config.Sensitive {
trace(c)
}
err := c.Run()
if err != nil {
2016-10-09 05:08:37 +00:00
logrus.WithFields(logrus.Fields{
"error": err,
}).Fatal("Failed to execute a command")
2016-10-08 15:34:43 +00:00
}
2016-10-09 05:08:37 +00:00
logrus.Debug("Command completed successfully")
2016-10-08 15:34:43 +00:00
}
return nil
}
2018-02-14 15:36:56 +00:00
// CopyTfEnv creates copies of TF_VAR_ to lowercase
func CopyTfEnv() {
tfVar := regexp.MustCompile(`^TF_VAR_.*$`)
for _, e := range os.Environ() {
pair := strings.SplitN(e, "=", 2)
if tfVar.MatchString(pair[0]) {
name := strings.Split(pair[0], "TF_VAR_")
os.Setenv(fmt.Sprintf("TF_VAR_%s", strings.ToLower(name[1])), pair[1])
}
}
}
2018-02-14 15:47:07 +00:00
func assumeRole(roleArn string) {
client := sts.New(session.New())
duration := time.Hour * 1
stsProvider := &stscreds.AssumeRoleProvider{
Client: client,
Duration: duration,
RoleARN: roleArn,
RoleSessionName: "drone",
}
value, err := credentials.NewCredentials(stsProvider).Get()
if err != nil {
logrus.WithFields(logrus.Fields{
"error": err,
}).Fatal("Error assuming role!")
}
os.Setenv("AWS_ACCESS_KEY_ID", value.AccessKeyID)
os.Setenv("AWS_SECRET_ACCESS_KEY", value.SecretAccessKey)
os.Setenv("AWS_SESSION_TOKEN", value.SessionToken)
}
2016-10-08 15:34:43 +00:00
func deleteCache() *exec.Cmd {
return exec.Command(
"rm",
"-rf",
".terraform",
)
}
2018-02-14 15:47:07 +00:00
func getModules() *exec.Cmd {
return exec.Command(
"terraform",
"get",
)
}
2017-05-08 15:40:14 +00:00
func initCommand(config InitOptions) *exec.Cmd {
2016-10-08 15:34:43 +00:00
args := []string{
2017-05-08 15:40:14 +00:00
"init",
2016-10-08 15:34:43 +00:00
}
2017-05-08 15:40:14 +00:00
2017-05-12 15:06:54 +00:00
for _, v := range config.BackendConfig {
args = append(args, fmt.Sprintf("-backend-config=%s", v))
2016-10-08 15:34:43 +00:00
}
2017-05-08 15:40:14 +00:00
2017-05-11 16:40:08 +00:00
// True is default in TF
2017-05-08 15:40:14 +00:00
if config.Lock != nil {
args = append(args, fmt.Sprintf("-lock=%t", *config.Lock))
2016-10-08 15:34:43 +00:00
}
2017-05-08 15:40:14 +00:00
2017-05-11 16:40:08 +00:00
// "0s" is default in TF
2017-05-08 15:40:14 +00:00
if config.LockTimeout != "" {
args = append(args, fmt.Sprintf("-lock-timeout=%s", config.LockTimeout))
2016-10-08 15:34:43 +00:00
}
2017-05-08 15:40:14 +00:00
// Fail Terraform execution on prompt
args = append(args, "-input=false")
2016-10-08 15:34:43 +00:00
return exec.Command(
"terraform",
args...,
)
}
2018-02-14 15:47:07 +00:00
func installCaCert(cacert string) *exec.Cmd {
ioutil.WriteFile("/usr/local/share/ca-certificates/ca_cert.crt", []byte(cacert), 0644)
2016-10-08 15:34:43 +00:00
return exec.Command(
2018-02-14 15:47:07 +00:00
"update-ca-certificates",
2016-10-08 15:34:43 +00:00
)
}
2018-02-14 15:47:07 +00:00
func trace(cmd *exec.Cmd) {
fmt.Println("$", strings.Join(cmd.Args, " "))
}
2018-02-14 15:47:07 +00:00
func tfApply(config Config) *exec.Cmd {
2016-10-08 15:34:43 +00:00
args := []string{
2018-02-14 15:47:07 +00:00
"apply",
}
for _, v := range config.Targets {
args = append(args, "--target", fmt.Sprintf("%s", v))
}
if config.Parallelism > 0 {
args = append(args, fmt.Sprintf("-parallelism=%d", config.Parallelism))
2016-10-08 15:34:43 +00:00
}
if config.InitOptions.Lock != nil {
args = append(args, fmt.Sprintf("-lock=%t", *config.InitOptions.Lock))
}
if config.InitOptions.LockTimeout != "" {
args = append(args, fmt.Sprintf("-lock-timeout=%s", config.InitOptions.LockTimeout))
}
2018-02-14 15:47:07 +00:00
args = append(args, "plan.tfout")
2016-10-08 15:34:43 +00:00
return exec.Command(
"terraform",
args...,
)
}
2018-02-14 15:47:07 +00:00
func tfDestroy(config Config) *exec.Cmd {
2016-10-08 15:34:43 +00:00
args := []string{
2018-02-14 15:47:07 +00:00
"destroy",
2016-10-08 15:34:43 +00:00
}
for _, v := range config.Targets {
2018-02-14 15:47:07 +00:00
args = append(args, fmt.Sprintf("-target=%s", v))
}
args = append(args, varFiles(config.VarFiles)...)
args = append(args, vars(config.Vars)...)
if config.Parallelism > 0 {
args = append(args, fmt.Sprintf("-parallelism=%d", config.Parallelism))
2016-10-08 15:34:43 +00:00
}
if config.InitOptions.Lock != nil {
args = append(args, fmt.Sprintf("-lock=%t", *config.InitOptions.Lock))
}
if config.InitOptions.LockTimeout != "" {
args = append(args, fmt.Sprintf("-lock-timeout=%s", config.InitOptions.LockTimeout))
}
2018-02-14 15:47:07 +00:00
args = append(args, "-force")
2016-10-08 15:34:43 +00:00
return exec.Command(
"terraform",
args...,
)
}
2018-02-14 15:47:07 +00:00
func tfPlan(config Config, destroy bool) *exec.Cmd {
args := []string{
2018-02-14 15:47:07 +00:00
"plan",
}
2018-02-14 15:47:07 +00:00
if destroy {
args = append(args, "-destroy")
} else {
args = append(args, "-out=plan.tfout")
}
for _, v := range config.Targets {
2018-02-14 15:47:07 +00:00
args = append(args, "--target", fmt.Sprintf("%s", v))
}
args = append(args, varFiles(config.VarFiles)...)
args = append(args, vars(config.Vars)...)
if config.Parallelism > 0 {
args = append(args, fmt.Sprintf("-parallelism=%d", config.Parallelism))
}
if config.InitOptions.Lock != nil {
args = append(args, fmt.Sprintf("-lock=%t", *config.InitOptions.Lock))
}
if config.InitOptions.LockTimeout != "" {
args = append(args, fmt.Sprintf("-lock-timeout=%s", config.InitOptions.LockTimeout))
}
return exec.Command(
"terraform",
args...,
)
}
2018-02-14 15:47:07 +00:00
func tfValidate(config Config) *exec.Cmd {
args := []string{
"validate",
2016-10-08 15:34:43 +00:00
}
2018-02-14 15:47:07 +00:00
for _, v := range config.VarFiles {
2018-07-30 07:21:00 +00:00
args = append(args, fmt.Sprintf("-var-file=%s", v))
2016-10-08 15:34:43 +00:00
}
2018-02-14 15:47:07 +00:00
for k, v := range config.Vars {
2018-07-30 07:21:00 +00:00
args = append(args, "-var", fmt.Sprintf("%s=%s", k, v))
2018-02-14 15:47:07 +00:00
}
return exec.Command(
"terraform",
args...,
)
2016-10-08 15:34:43 +00:00
}
2018-04-06 11:37:39 +00:00
2019-02-04 17:21:54 +00:00
func tfFmt(config Config) *exec.Cmd {
args := []string{
"fmt",
}
if config.FmtOptions.List != nil {
args = append(args, fmt.Sprintf("-list=%t", *config.FmtOptions.List))
}
if config.FmtOptions.Write != nil {
args = append(args, fmt.Sprintf("-write=%t", *config.FmtOptions.Write))
}
if config.FmtOptions.Diff != nil {
args = append(args, fmt.Sprintf("-diff=%t", *config.FmtOptions.Diff))
}
if config.FmtOptions.Check != nil {
args = append(args, fmt.Sprintf("-check=%t", *config.FmtOptions.Check))
}
return exec.Command(
"terraform",
args...,
)
}
func vars(vs map[string]string) []string {
var args []string
for k, v := range vs {
args = append(args, "-var", fmt.Sprintf("%s=%s", k, v))
}
return args
}
func varFiles(vfs []string) []string {
var args []string
for _, v := range vfs {
args = append(args, fmt.Sprintf("-var-file=%s", v))
}
return args
}
2018-04-06 11:37:39 +00:00
// helper function to write a netrc file.
// The following code comes from the official Git plugin for Drone:
// https://github.com/drone-plugins/drone-git/blob/8386effd2fe8c8695cf979427f8e1762bd805192/utils.go#L43-L68
func writeNetrc(machine, login, password string) error {
if machine == "" {
return nil
}
out := fmt.Sprintf(
netrcFile,
machine,
login,
password,
)
home := "/root"
u, err := user.Current()
if err == nil {
home = u.HomeDir
}
path := filepath.Join(home, ".netrc")
return ioutil.WriteFile(path, []byte(out), 0600)
}
const netrcFile = `
machine %s
login %s
password %s
`