mirror of
https://github.com/thegeeklab/wp-opentofu.git
synced 2024-11-22 00:30:40 +00:00
adding ability to change root dir for commands
Conflicts: main.go
This commit is contained in:
parent
c0a5f21f60
commit
be0a96d664
20
DOCS.md
20
DOCS.md
@ -9,6 +9,7 @@ Use the Terraform plugin to apply the infrastructure configuration contained wit
|
|||||||
* `ca_cert` - ca cert to add to your environment to allow terraform to use internal/private resources
|
* `ca_cert` - ca cert to add to your environment to allow terraform to use internal/private resources
|
||||||
* `sensitive` (default: `false`) - Whether or not to suppress terraform commands to stdout.
|
* `sensitive` (default: `false`) - Whether or not to suppress terraform commands to stdout.
|
||||||
* `role_arn_to_assume` - A role to assume before running the terraform commands
|
* `role_arn_to_assume` - A role to assume before running the terraform commands
|
||||||
|
* `root_dir` - The root directory where the terraform files live. When unset, the top level directory will be assumed.
|
||||||
|
|
||||||
The following is a sample Terraform configuration in your .drone.yml file:
|
The following is a sample Terraform configuration in your .drone.yml file:
|
||||||
|
|
||||||
@ -93,3 +94,22 @@ deploy:
|
|||||||
app_version: 1.0.0
|
app_version: 1.0.0
|
||||||
role_arn_to_assume: arn:aws:iam::account-of-role-to-assume:role/name-of-role
|
role_arn_to_assume: arn:aws:iam::account-of-role-to-assume:role/name-of-role
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Root dir
|
||||||
|
You may want to change directories before applying the terraform commands. This parameter is useful if you have multiple environments in different folders and you want to use different drone configurations to apply different environments.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
deploy:
|
||||||
|
terraform:
|
||||||
|
plan: false
|
||||||
|
remote:
|
||||||
|
backend: S3
|
||||||
|
config:
|
||||||
|
bucket: my-terraform-config-bucket
|
||||||
|
key: tf-states/my-project
|
||||||
|
region: us-east-1
|
||||||
|
vars:
|
||||||
|
app_name: my-project
|
||||||
|
app_version: 1.0.0
|
||||||
|
root_dir: some/path/here
|
||||||
|
```
|
||||||
|
42
main.go
42
main.go
@ -2,16 +2,16 @@ package main
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||||
|
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
|
||||||
|
"github.com/aws/aws-sdk-go/aws/session"
|
||||||
|
"github.com/aws/aws-sdk-go/service/sts"
|
||||||
|
"github.com/drone/drone-plugin-go/plugin"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
|
||||||
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
|
|
||||||
"github.com/aws/aws-sdk-go/aws/session"
|
|
||||||
"github.com/aws/aws-sdk-go/service/sts"
|
|
||||||
"github.com/drone/drone-plugin-go/plugin"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -24,7 +24,8 @@ type terraform struct {
|
|||||||
Vars map[string]string `json:"vars"`
|
Vars map[string]string `json:"vars"`
|
||||||
Cacert string `json:"ca_cert"`
|
Cacert string `json:"ca_cert"`
|
||||||
Sensitive bool `json:"sensitive"`
|
Sensitive bool `json:"sensitive"`
|
||||||
RoleARN string `json:"role_arn_to_assume"`
|
RoleARN string `json:"role_arn_to_assume"`
|
||||||
|
RootDir string `json:"root_dir"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type remote struct {
|
type remote struct {
|
||||||
@ -64,6 +65,9 @@ func main() {
|
|||||||
for _, c := range commands {
|
for _, c := range commands {
|
||||||
c.Env = os.Environ()
|
c.Env = os.Environ()
|
||||||
c.Dir = workspace.Path
|
c.Dir = workspace.Path
|
||||||
|
if vargs.RootDir != "" {
|
||||||
|
c.Dir = c.Dir + "/" + vargs.RootDir
|
||||||
|
}
|
||||||
c.Stdout = os.Stdout
|
c.Stdout = os.Stdout
|
||||||
c.Stderr = os.Stderr
|
c.Stderr = os.Stderr
|
||||||
if !vargs.Sensitive {
|
if !vargs.Sensitive {
|
||||||
@ -135,24 +139,24 @@ func applyCommand() *exec.Cmd {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func assumeRole(roleArn string) {
|
func assumeRole(roleArn string) {
|
||||||
client := sts.New(session.New())
|
client := sts.New(session.New())
|
||||||
duration := time.Hour * 1
|
duration := time.Hour * 1
|
||||||
stsProvider := &stscreds.AssumeRoleProvider{
|
stsProvider := &stscreds.AssumeRoleProvider{
|
||||||
Client: client,
|
Client: client,
|
||||||
Duration: duration,
|
Duration: duration,
|
||||||
RoleARN: roleArn,
|
RoleARN: roleArn,
|
||||||
RoleSessionName: "drone",
|
RoleSessionName: "drone",
|
||||||
}
|
}
|
||||||
|
|
||||||
value, err := credentials.NewCredentials(stsProvider).Get()
|
value, err := credentials.NewCredentials(stsProvider).Get()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Println("Error assuming role!")
|
fmt.Println("Error assuming role!")
|
||||||
fmt.Println(err)
|
fmt.Println(err)
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
os.Setenv("AWS_ACCESS_KEY_ID",value.AccessKeyID)
|
os.Setenv("AWS_ACCESS_KEY_ID", value.AccessKeyID)
|
||||||
os.Setenv("AWS_SECRET_ACCESS_KEY",value.SecretAccessKey)
|
os.Setenv("AWS_SECRET_ACCESS_KEY", value.SecretAccessKey)
|
||||||
os.Setenv("AWS_SESSION_TOKEN",value.SessionToken)
|
os.Setenv("AWS_SESSION_TOKEN", value.SessionToken)
|
||||||
}
|
}
|
||||||
|
|
||||||
func trace(cmd *exec.Cmd) {
|
func trace(cmd *exec.Cmd) {
|
||||||
|
Loading…
Reference in New Issue
Block a user