From 413ab0e68b846bf338c4d9df6dbcd14cfbf28e74 Mon Sep 17 00:00:00 2001 From: Sean Sundberg Date: Thu, 16 Jun 2022 11:31:45 -0500 Subject: [PATCH 1/4] Adds terragrunt configuration to FS Cloud automation closes #154 Signed-off-by: Sean Sundberg --- .../170-ibm-fs-openshift-gitops.yaml | 42 ------------------ .../terraform/terragrunt.hcl | 0 .../terraform/terragrunt.hcl | 3 ++ .../terraform/terragrunt.hcl | 3 ++ .../terraform/terragrunt.hcl | 3 ++ .../terraform/terragrunt.hcl | 3 ++ .../terraform/terragrunt.hcl | 3 ++ .../terraform/terragrunt.hcl | 3 ++ .../terraform/terragrunt.hcl | 8 ++++ .../terraform/terragrunt.hcl | 8 ++++ .../openshift-fs/files/setup-workspace.sh | 6 ++- .../ibmcloud/openshift-fs/files/start-vpn.sh | 25 +++++++++++ .../ibmcloud/openshift-fs/generate.sh | 43 ++++++------------- common-files/apply-all.sh | 33 +++----------- common-files/destroy-all.sh | 27 +++--------- common-files/launch.sh | 2 +- 16 files changed, 89 insertions(+), 123 deletions(-) delete mode 100644 boms/infrastructure/ibmcloud/openshift-fs/170-ibm-fs-openshift-gitops.yaml create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl create mode 100755 boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh diff --git a/boms/infrastructure/ibmcloud/openshift-fs/170-ibm-fs-openshift-gitops.yaml b/boms/infrastructure/ibmcloud/openshift-fs/170-ibm-fs-openshift-gitops.yaml deleted file mode 100644 index 03811198..00000000 --- a/boms/infrastructure/ibmcloud/openshift-fs/170-ibm-fs-openshift-gitops.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: cloud.ibm.com/v1alpha1 -kind: BillOfMaterial -metadata: - name: 170-ibm-fs-openshift-gitops - labels: - type: infrastructure - code: '170' - annotations: - displayName: OpenShift GitOps (ArgoCD) - description: Provision GitOps (ArgoCD) on OpenShift - vpn/required: "true" -spec: - modules: - - name: ocp-login - variables: - - name: server_url - required: true - - name: login_user - value: apikey - - name: login_password - alias: ibmcloud_api_key - scope: global - - name: namespace - alias: tools_namespace - default: true - variables: - - name: name - value: tools - - name: cluster-config - alias: config - variables: - - name: banner_text - value: Workload - - name: banner_background_color - value: red - - name: openshift-cicd - variables: - - name: config_banner_text - - name: tools_name - value: tools - - name: sealed-secret_name - value: sealed-secrets diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl new file mode 100644 index 00000000..e69de29b diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl new file mode 100644 index 00000000..088f4911 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl @@ -0,0 +1,3 @@ +dependencies { + paths = ["../000-ibm-fs-account-setup"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl new file mode 100644 index 00000000..06440bf4 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl @@ -0,0 +1,3 @@ +dependencies { + paths = ["../100-ibm-fs-shared-services"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl new file mode 100644 index 00000000..0fd1bf83 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl @@ -0,0 +1,3 @@ +dependencies { + paths = ["../110-ibm-fs-edge-vpc"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl new file mode 100644 index 00000000..0fd1bf83 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl @@ -0,0 +1,3 @@ +dependencies { + paths = ["../110-ibm-fs-edge-vpc"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl new file mode 100644 index 00000000..6c236fea --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl @@ -0,0 +1,3 @@ +dependencies { + paths = ["../120-ibm-fs-management-vpc"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl new file mode 100644 index 00000000..87b553ce --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl @@ -0,0 +1,3 @@ +dependencies { + paths = ["../130-ibm-fs-management-vpc-openshift"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl new file mode 100644 index 00000000..80e54d23 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl @@ -0,0 +1,8 @@ +dependencies { + paths = ["../130-ibm-fs-management-vpc-openshift"] +} + +before_hook "vpn" { + commands = ["apply", "plan", "destroy"] + execute = ["${get_parent_terragrunt_dir()}/start-vpn.sh"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl new file mode 100644 index 00000000..5dd41b91 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl @@ -0,0 +1,8 @@ +dependencies { + paths = ["../150-ibm-fs-workload-vpc-openshift"] +} + +before_hook "vpn" { + commands = ["apply", "plan", "destroy"] + execute = ["${get_parent_terragrunt_dir()}/start-vpn.sh"] +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh index a1ba986d..51cac201 100755 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh @@ -83,7 +83,11 @@ fi # Help Scripts for applying and destroying cp "${SCRIPT_DIR}/apply-all.sh" "${WORKSPACE_DIR}/apply-all.sh" cp "${SCRIPT_DIR}/destroy-all.sh" "${WORKSPACE_DIR}/destroy-all.sh" -cp "${SCRIPT_DIR}/terragrunt.hcl" "${WORKSPACE_DIR}/terragrunt.hcl" +cp "${SCRIPT_DIR}/start-vpn.sh" "${WORKSPACE_DIR}/start-vpn.sh" + +if [[ -f "${SCRIPT_DIR}/terragrunt.hcl" ]]; then + cp "${SCRIPT_DIR}/terragrunt.hcl" "${WORKSPACE_DIR}/terragrunt.hcl" +fi ALL_ARCH="000|100|110|120|130|140|150|160|165" diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh new file mode 100755 index 00000000..861ed9e4 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +RUNNING_PROCESSES=$(ps -ef) +VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config") + +if [[ -n "${VPN_RUNNING}" ]]; then + echo "VPN required but it is already running" +elif command -v openvpn 1> /dev/null 2> /dev/null; then + OVPN_FILE=$(find . -name "*.ovpn" | head -1) + + if [[ -z "${OVPN_FILE}" ]]; then + echo "VPN profile not found." + exit 1 + fi + + echo "Connecting to vpn with profile: ${OVPN_FILE}" + if [[ "${UID}" -eq 0 ]]; then + openvpn --config "${OVPN_FILE}" & + else + sudo openvpn --config "${OVPN_FILE}" & + fi +else + echo "VPN connection required but unable to create the connection automatically. Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and re-run apply-all.sh." + exit 1 +fi diff --git a/boms/infrastructure/ibmcloud/openshift-fs/generate.sh b/boms/infrastructure/ibmcloud/openshift-fs/generate.sh index a906fce4..ae061210 100755 --- a/boms/infrastructure/ibmcloud/openshift-fs/generate.sh +++ b/boms/infrastructure/ibmcloud/openshift-fs/generate.sh @@ -3,8 +3,7 @@ # IBM Ecosystem Lab Team # Install iascable and run this script to produce an target public source repository -GENERATE_TARGET="$1" -GENERATE_DESTINATION="$2" +GENERATE_DESTINATION="$1" if ! command -v iascable 1> /dev/null 2> /dev/null; then echo "iascable cli not found" >&2 @@ -21,41 +20,23 @@ if [[ "${IASCABLE_MAJOR_VERSION}" -le 2 ]] && [[ "${IASCABLE_MINOR_VERSION}" -le exit 1 fi -if [[ -z "$GENERATE_TARGET" ]] -then - GENERATE_TARGET="all" -fi - if [[ -z "${GENERATE_DESTINATION}" ]]; then GENERATE_DESTINATION="../../../../automation-fscloud" fi mkdir -p "${GENERATE_DESTINATION}" -case "$GENERATE_TARGET" in - "all" | "infra" | "infrastructure" | "i") - iascable build \ - -i ./000-ibm-fs-account-setup.yaml \ - -i ./100-ibm-fs-shared-services.yaml \ - -i ./110-ibm-fs-edge-vpc.yaml \ - -i ./120-ibm-fs-management-vpc.yaml \ - -i ./130-ibm-fs-management-vpc-openshift.yaml \ - -i ./140-ibm-fs-workload-vpc.yaml \ - -i ./150-ibm-fs-workload-vpc-openshift.yaml \ - -o "${GENERATE_DESTINATION}" - ;; -esac - - -case "$GENERATE_TARGET" in - "all" | "software" | "s") - iascable build \ - -i ./160-ibm-fs-openshift-dev-tools.yaml \ - -i ./165-ibm-fs-openshift-workload.yaml \ - -i ./170-ibm-fs-openshift-gitops.yaml \ - -o "${GENERATE_DESTINATION}" - ;; -esac +iascable build \ + -i ./000-ibm-fs-account-setup.yaml \ + -i ./100-ibm-fs-shared-services.yaml \ + -i ./110-ibm-fs-edge-vpc.yaml \ + -i ./120-ibm-fs-management-vpc.yaml \ + -i ./130-ibm-fs-management-vpc-openshift.yaml \ + -i ./140-ibm-fs-workload-vpc.yaml \ + -i ./150-ibm-fs-workload-vpc-openshift.yaml \ + -i ./160-ibm-fs-openshift-dev-tools.yaml \ + -i ./165-ibm-fs-openshift-workload.yaml \ + -o "${GENERATE_DESTINATION}" cp -R -L ./files/* "${GENERATE_DESTINATION}" diff --git a/common-files/apply-all.sh b/common-files/apply-all.sh index f2161b36..6bea456f 100755 --- a/common-files/apply-all.sh +++ b/common-files/apply-all.sh @@ -1,11 +1,11 @@ #!/usr/bin/env bash -#if command -v terragrunt 1> /dev/null 2> /dev/null; then -# echo "y" | terragrunt run-all apply || exit 1 -# exit -#fi +SCRIPT_DIR=$(cd $(dirname $0); pwd -P) -CI="$1" +if command -v terragrunt 1> /dev/null 2> /dev/null; then + echo "y" | terragrunt run-all apply || exit 1 + exit +fi find . -type d -maxdepth 1 | grep -vE "[.]/[.].*" | grep -vE "^[.]$" | grep -v workspace | sort | \ while read dir; @@ -15,28 +15,7 @@ do VPN_REQUIRED=$(grep "vpn/required" ./${name}/bom.yaml | sed -E "s~[^:]+: [\"'](.*)[\"']~\1~g") if [[ "${VPN_REQUIRED}" == "true" ]]; then - RUNNING_PROCESSES=$(ps -ef) - VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config") - - if [[ -n "${VPN_RUNNING}" ]]; then - echo "VPN required but it is already running" - elif command -v openvpn 1> /dev/null 2> /dev/null; then - OVPN_FILE=$(find . -name "*.ovpn" | head -1) - - if [[ -z "${OVPN_FILE}" ]]; then - echo "VPN profile not found. Skipping ${name}" - continue - fi - - echo "Connecting to vpn with profile: ${OVPN_FILE}" - sudo openvpn --config "${OVPN_FILE}" & - elif [[ -n "${CI}" ]]; then - echo "VPN connection required but unable to create the connection. Skipping..." - continue - else - echo "Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and press ENTER to proceed." - read throwaway - fi + "${SCRIPT_DIR}/start-vpn.sh" fi echo "***** Applying ${name} *****" diff --git a/common-files/destroy-all.sh b/common-files/destroy-all.sh index 69e18b96..8f7e7c04 100755 --- a/common-files/destroy-all.sh +++ b/common-files/destroy-all.sh @@ -1,11 +1,11 @@ #!/usr/bin/env bash -#if command -v terragrunt 1> /dev/null 2> /dev/null; then -# echo "y" | terragrunt run-all destroy || exit 1 -# exit -#fi +SCRIPT_DIR=$(cd $(dirname $0); pwd -P) -CI="$1" +if command -v terragrunt 1> /dev/null 2> /dev/null; then + echo "y" | terragrunt run-all destroy || exit 1 + exit +fi find . -type d -maxdepth 1 | grep -vE "[.]/[.].*" | grep -vE "^[.]$" | grep -v workspace | sort -r | \ while read dir; @@ -20,22 +20,7 @@ do VPN_REQUIRED=$(grep "vpn/required" ./${name}/bom.yaml | sed -E "s~[^:]+: \"(.*)\"~\1~g") if [[ "${VPN_REQUIRED}" == "true" ]]; then - RUNNING_PROCESSES=$(ps -ef) - VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config") - - if [[ -n "${VPN_RUNNING}" ]]; then - echo "VPN required but it is already running" - elif command -v openvpn 1> /dev/null 2> /dev/null; then - OVPN_FILE=$(find . -name "*.ovpn" | head -1) - echo "Connecting to vpn with profile: ${OVPN_FILE}" - sudo openvpn --config "${OVPN_FILE}" & - elif [[ -n "${CI}" ]]; then - echo "VPN connection required but unable to create the connection. Skipping..." - continue - else - echo "Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and press ENTER to proceed." - read throwaway - fi + "${SCRIPT_DIR}/start-vpn.sh" fi echo "***** Destroying ${name} *****" diff --git a/common-files/launch.sh b/common-files/launch.sh index d9205a29..dd6a50df 100755 --- a/common-files/launch.sh +++ b/common-files/launch.sh @@ -35,7 +35,7 @@ then fi fi -DOCKER_IMAGE="quay.io/cloudnativetoolkit/cli-tools:v1.1-v1.8.1" +DOCKER_IMAGE="quay.io/cloudnativetoolkit/cli-tools:v1.1-v1.8.2" SUFFIX=$(echo $(basename ${SCRIPT_DIR}) | base64 | sed -E "s/[^a-zA-Z0-9_.-]//g" | sed -E "s/.*(.{5})/\1/g") CONTAINER_NAME="cli-tools-${SUFFIX}" From f25d25d65b17919a57a77f5eb170dcea5b7545f3 Mon Sep 17 00:00:00 2001 From: Sean Sundberg Date: Thu, 16 Jun 2022 11:56:42 -0500 Subject: [PATCH 2/4] Updates terragrunt config Signed-off-by: Sean Sundberg --- .../terraform/terragrunt.hcl | 5 --- .../terraform/terragrunt.hcl | 5 --- .../ibmcloud/openshift-fs/files/check-vpn.sh | 33 +++++++++++++++++++ .../openshift-fs/files/setup-workspace.sh | 2 +- .../ibmcloud/openshift-fs/files/start-vpn.sh | 25 -------------- .../openshift-fs/files/terragrunt.hcl | 5 +++ 6 files changed, 39 insertions(+), 36 deletions(-) create mode 100755 boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh delete mode 100755 boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh create mode 100644 boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl index 80e54d23..87b553ce 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl @@ -1,8 +1,3 @@ dependencies { paths = ["../130-ibm-fs-management-vpc-openshift"] } - -before_hook "vpn" { - commands = ["apply", "plan", "destroy"] - execute = ["${get_parent_terragrunt_dir()}/start-vpn.sh"] -} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl index 5dd41b91..0435e502 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl @@ -1,8 +1,3 @@ dependencies { paths = ["../150-ibm-fs-workload-vpc-openshift"] } - -before_hook "vpn" { - commands = ["apply", "plan", "destroy"] - execute = ["${get_parent_terragrunt_dir()}/start-vpn.sh"] -} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh new file mode 100755 index 00000000..cf33839d --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +BOM_DIRECTORY="${PWD}" + +VPN_REQUIRED=$(grep "vpn/required" "${BOM_DIRECTORY}/bom.yaml" | sed -E "s~[^:]+: [\"'](.*)[\"']~\1~g") + +if [[ "${VPN_REQUIRED}" == "true" ]]; then + RUNNING_PROCESSES=$(ps -ef) + VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config") + + if [[ -n "${VPN_RUNNING}" ]]; then + echo "VPN required but it is already running" + elif command -v openvpn 1> /dev/null 2> /dev/null; then + OVPN_FILE=$(find . -name "*.ovpn" | head -1) + + if [[ -z "${OVPN_FILE}" ]]; then + echo "VPN profile not found." + exit 1 + fi + + echo "Connecting to vpn with profile: ${OVPN_FILE}" + if [[ "${UID}" -eq 0 ]]; then + openvpn --config "${OVPN_FILE}" & + else + sudo openvpn --config "${OVPN_FILE}" & + fi + else + echo "VPN connection required but unable to create the connection automatically. Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and re-run apply-all.sh." + exit 1 + fi +else + echo "VPN not required" +fi diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh index 51cac201..c3b16ca6 100755 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh @@ -83,7 +83,7 @@ fi # Help Scripts for applying and destroying cp "${SCRIPT_DIR}/apply-all.sh" "${WORKSPACE_DIR}/apply-all.sh" cp "${SCRIPT_DIR}/destroy-all.sh" "${WORKSPACE_DIR}/destroy-all.sh" -cp "${SCRIPT_DIR}/start-vpn.sh" "${WORKSPACE_DIR}/start-vpn.sh" +cp "${SCRIPT_DIR}/check-vpn.sh" "${WORKSPACE_DIR}/check-vpn.sh" if [[ -f "${SCRIPT_DIR}/terragrunt.hcl" ]]; then cp "${SCRIPT_DIR}/terragrunt.hcl" "${WORKSPACE_DIR}/terragrunt.hcl" diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh deleted file mode 100755 index 861ed9e4..00000000 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/start-vpn.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -RUNNING_PROCESSES=$(ps -ef) -VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config") - -if [[ -n "${VPN_RUNNING}" ]]; then - echo "VPN required but it is already running" -elif command -v openvpn 1> /dev/null 2> /dev/null; then - OVPN_FILE=$(find . -name "*.ovpn" | head -1) - - if [[ -z "${OVPN_FILE}" ]]; then - echo "VPN profile not found." - exit 1 - fi - - echo "Connecting to vpn with profile: ${OVPN_FILE}" - if [[ "${UID}" -eq 0 ]]; then - openvpn --config "${OVPN_FILE}" & - else - sudo openvpn --config "${OVPN_FILE}" & - fi -else - echo "VPN connection required but unable to create the connection automatically. Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and re-run apply-all.sh." - exit 1 -fi diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl new file mode 100644 index 00000000..e3abaa74 --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl @@ -0,0 +1,5 @@ + +before_hook "vpn" { + commands = ["apply", "plan", "destroy"] + execute = ["${get_parent_terragrunt_dir()}/check-vpn.sh"] +} From 1dc0b7e82ab663cfb0f73459edf34b439cd27a32 Mon Sep 17 00:00:00 2001 From: Sean Sundberg Date: Thu, 16 Jun 2022 12:03:25 -0500 Subject: [PATCH 3/4] Updates terragrunt config Signed-off-by: Sean Sundberg --- .../files/000-ibm-fs-account-setup/terraform/terragrunt.hcl | 3 +++ .../files/100-ibm-fs-shared-services/terraform/terragrunt.hcl | 4 ++++ .../files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl | 4 ++++ .../files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl | 4 ++++ .../terraform/terragrunt.hcl | 4 ++++ .../files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl | 4 ++++ .../terraform/terragrunt.hcl | 4 ++++ .../160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl | 4 ++++ .../165-ibm-fs-openshift-workload/terraform/terragrunt.hcl | 4 ++++ .../ibmcloud/openshift-fs/files/credentials.template | 3 ++- 10 files changed, 37 insertions(+), 1 deletion(-) diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl index e69de29b..e147285f 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl @@ -0,0 +1,3 @@ +include "root" { + path = find_in_parent_folders() +} diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl index 088f4911..8bb060ac 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../000-ibm-fs-account-setup"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl index 06440bf4..2066f077 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../100-ibm-fs-shared-services"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl index 0fd1bf83..1b3a3c11 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../110-ibm-fs-edge-vpc"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl index 0fd1bf83..1b3a3c11 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../110-ibm-fs-edge-vpc"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl index 6c236fea..cf67cb17 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../120-ibm-fs-management-vpc"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl index 87b553ce..dc43cb39 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../130-ibm-fs-management-vpc-openshift"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl index 87b553ce..dc43cb39 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../130-ibm-fs-management-vpc-openshift"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl index 0435e502..e229f963 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl @@ -1,3 +1,7 @@ +include "root" { + path = find_in_parent_folders() +} + dependencies { paths = ["../150-ibm-fs-workload-vpc-openshift"] } diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template b/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template index b9686ca8..d1f7d308 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template @@ -1,4 +1,5 @@ # Add the values for the Credentials to access the IBM Cloud # Instructions to access this information can be found in the README.MD # This is a template file and the ./launch.sh script looks for a file based on this template named credentials.properties -ibmcloud.api.key="" +# NOTE: Do not use quotes around the values +TF_VAR_ibmcloud_api_key= From 7a51a66de98c9cd2a7edb317f327d573118c3a18 Mon Sep 17 00:00:00 2001 From: Sean Sundberg Date: Thu, 16 Jun 2022 12:49:44 -0500 Subject: [PATCH 4/4] Adds check-vpn.sh to common-files Signed-off-by: Sean Sundberg --- .../ibmcloud/openshift-fs/files/check-vpn.sh | 34 +------------------ .../openshift-fs/files/terragrunt.hcl | 11 ++++-- common-files/apply-all.sh | 10 +++--- common-files/check-vpn.sh | 34 +++++++++++++++++++ 4 files changed, 47 insertions(+), 42 deletions(-) mode change 100755 => 120000 boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh create mode 100755 common-files/check-vpn.sh diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh deleted file mode 100755 index cf33839d..00000000 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/env bash - -BOM_DIRECTORY="${PWD}" - -VPN_REQUIRED=$(grep "vpn/required" "${BOM_DIRECTORY}/bom.yaml" | sed -E "s~[^:]+: [\"'](.*)[\"']~\1~g") - -if [[ "${VPN_REQUIRED}" == "true" ]]; then - RUNNING_PROCESSES=$(ps -ef) - VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config") - - if [[ -n "${VPN_RUNNING}" ]]; then - echo "VPN required but it is already running" - elif command -v openvpn 1> /dev/null 2> /dev/null; then - OVPN_FILE=$(find . -name "*.ovpn" | head -1) - - if [[ -z "${OVPN_FILE}" ]]; then - echo "VPN profile not found." - exit 1 - fi - - echo "Connecting to vpn with profile: ${OVPN_FILE}" - if [[ "${UID}" -eq 0 ]]; then - openvpn --config "${OVPN_FILE}" & - else - sudo openvpn --config "${OVPN_FILE}" & - fi - else - echo "VPN connection required but unable to create the connection automatically. Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and re-run apply-all.sh." - exit 1 - fi -else - echo "VPN not required" -fi diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh new file mode 120000 index 00000000..ed4d1efd --- /dev/null +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh @@ -0,0 +1 @@ +../../../../../common-files/check-vpn.sh \ No newline at end of file diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl index e3abaa74..715deb13 100644 --- a/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl +++ b/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl @@ -1,5 +1,10 @@ +skip = true -before_hook "vpn" { - commands = ["apply", "plan", "destroy"] - execute = ["${get_parent_terragrunt_dir()}/check-vpn.sh"] +terraform { + source = "." + + before_hook "vpn" { + commands = ["apply", "plan", "destroy"] + execute = ["${get_parent_terragrunt_dir()}/check-vpn.sh"] + } } diff --git a/common-files/apply-all.sh b/common-files/apply-all.sh index 6bea456f..6dbf8075 100755 --- a/common-files/apply-all.sh +++ b/common-files/apply-all.sh @@ -12,17 +12,15 @@ find . -type d -maxdepth 1 | grep -vE "[.]/[.].*" | grep -vE "^[.]$" | grep -v w do name=$(echo "$dir" | sed -E "s~[.]/(.*)~\1~g") - VPN_REQUIRED=$(grep "vpn/required" ./${name}/bom.yaml | sed -E "s~[^:]+: [\"'](.*)[\"']~\1~g") + cd "${name}" - if [[ "${VPN_REQUIRED}" == "true" ]]; then - "${SCRIPT_DIR}/start-vpn.sh" + if [[ -f "${SCRIPT_DIR}/check-vpn.sh" ]]; then + "${SCRIPT_DIR}/check-vpn.sh" fi echo "***** Applying ${name} *****" - cd "${name}" && \ - terraform init && \ + terraform init && \ terraform apply -auto-approve && \ - cd - 1> /dev/null || \ exit 1 done diff --git a/common-files/check-vpn.sh b/common-files/check-vpn.sh new file mode 100755 index 00000000..e18b40e4 --- /dev/null +++ b/common-files/check-vpn.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash + +ROOT_DIRECTORY=$(cd $(dirname "$0"); pwd -P) +BOM_DIRECTORY="${PWD}" + +VPN_REQUIRED=$(grep "vpn/required" "${BOM_DIRECTORY}/bom.yaml" | sed -E "s~[^:]+: [\"'](.*)[\"']~\1~g") + +if [[ "${VPN_REQUIRED}" == "true" ]]; then + RUNNING_PROCESSES=$(ps -ef) + VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config") + + if [[ -n "${VPN_RUNNING}" ]]; then + echo "VPN required but it is already running" + elif command -v openvpn 1> /dev/null 2> /dev/null; then + OVPN_FILE=$(find "${ROOT_DIRECTORY}" -name "*.ovpn" | head -1) + + if [[ -z "${OVPN_FILE}" ]]; then + echo "VPN profile not found." + exit 1 + fi + + echo "Connecting to vpn with profile: ${OVPN_FILE}" + if [[ "${UID}" -eq 0 ]]; then + openvpn --config "${OVPN_FILE}" & + else + sudo openvpn --config "${OVPN_FILE}" & + fi + else + echo "VPN connection required but unable to create the connection automatically. Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and re-run apply-all.sh." + exit 1 + fi +else + echo "VPN not required" +fi