diff --git a/environments/dev/main.tf b/environments/dev/main.tf index 5519dc0..a3271e0 100644 --- a/environments/dev/main.tf +++ b/environments/dev/main.tf @@ -10,10 +10,33 @@ data "akeyless_static_secret" "rabbitmq_password" { path = "rabbitmq/password" } +data "akeyless_static_secret" "render_email" { + path = "render/email" +} + +data "akeyless_static_secret" "render_password" { + path = "render/password" +} + +data "akeyless_static_secret" "render_userId" { + path = "render/userId" +} + module "rabbitmq" { source = "../../modules/rabbitmq" endpoint = data.akeyless_static_secret.rabbitmq_endpoint.value password = data.akeyless_static_secret.rabbitmq_password.value username = data.akeyless_static_secret.rabbitmq_username.value +} + +module "application" { + source = "../../modules/application" + + email = data.akeyless_static_secret.render_email.value + password = data.akeyless_static_secret.render_password.value + userId = data.akeyless_static_secret.render_userId.value + + name = "agent" + dockerImageUrl = "docker.io/library/nginx:latest" } \ No newline at end of file diff --git a/environments/dev/variables.tf b/environments/dev/variables.tf index b144bcf..25fb331 100644 --- a/environments/dev/variables.tf +++ b/environments/dev/variables.tf @@ -1,7 +1,3 @@ -variable "kubernetes_url" { - type = string -} - variable "akeyless_api_gateway_address" { type = string default = "https://api.akeyless.io" diff --git a/external_modules/render/graphql/createMutation.graphql b/external_modules/render/graphql/createMutation.graphql new file mode 100644 index 0000000..d746056 --- /dev/null +++ b/external_modules/render/graphql/createMutation.graphql @@ -0,0 +1,245 @@ +mutation createServer($server: ServerInput!) { + createServer(server: $server) { + ...serverFields + __typename + } +} + +fragment serverFields on Server { + ...serviceFields + autoscalingConfig { + enabled + min + max + cpuPercentage + cpuEnabled + memoryPercentage + memoryEnabled + __typename + } + deletedAt + deploy { + ...deployFields + __typename + } + deployKey + externalImage { + ...externalImageFields + __typename + } + extraInstances + healthCheckHost + healthCheckPath + isPrivate + isWorker + openPorts + maintenanceScheduledAt + parentServer { + ...serviceFields + __typename + } + pendingMaintenanceBy + plan { + name + cpu + mem + price + __typename + } + prPreviewsEnabled + preDeployCommand + pullRequestId + rootDir + startCommand + staticPublishPath + suspenders + url + disk { + ...diskFields + __typename + } + maintenance { + id + type + scheduledAt + pendingMaintenanceBy + state + __typename + } + __typename +} + +fragment serviceFields on Service { + id + type + env { + ...envFields + __typename + } + repo { + ...repoFields + __typename + } + user { + id + email + __typename + } + owner { + id + email + billingStatus + featureFlags + __typename + } + name + slug + sourceBranch + buildCommand + buildFilter { + paths + ignoredPaths + __typename + } + buildPlan { + name + cpu + mem + __typename + } + externalImage { + ...externalImageFields + __typename + } + autoDeploy + userFacingType + userFacingTypeSlug + baseDir + dockerCommand + dockerfilePath + createdAt + updatedAt + outboundIPs + region { + id + description + __typename + } + rootDir + shellURL + state + suspenders + sshAddress + sshServiceAvailable + lastDeployedAt + maintenanceScheduledAt + pendingMaintenanceBy + environment { + ...environmentFields + __typename + } + __typename +} + +fragment envFields on Env { + id + name + language + isStatic + sampleBuildCommand + sampleStartCommand + __typename +} + +fragment environmentFields on Environment { + id + name + project { + id + name + owner { + id + __typename + } + __typename + } + __typename +} + +fragment repoFields on Repo { + id + provider + providerId + name + ownerName + webURL + isPrivate + __typename +} + +fragment externalImageFields on ExternalImage { + imageHost + imageName + imageRef + imageRepository + imageURL + ownerId + registryCredentialId + __typename +} + +fragment deployFields on Deploy { + id + status + buildId + commitId + commitShortId + commitMessage + commitURL + commitCreatedAt + finishedAt + finishedAtUnixNano + initialDeployHookFinishedAtUnixNano + createdAt + updatedAt + server { + id + userFacingTypeSlug + __typename + } + rollbackSupportStatus + reason { + ...failureReasonFields + __typename + } + imageSHA + externalImage { + imageRef + __typename + } + __typename +} + +fragment failureReasonFields on FailureReason { + badStartCommand + evicted + evictionReason + nonZeroExit + oomKilled { + memoryLimit + __typename + } + rootDirMissing + timedOutSeconds + unhealthy + step + __typename +} + +fragment diskFields on Disk { + id + name + mountPath + sizeGB + __typename +} diff --git a/external_modules/render/graphql/deleteMutation.graphql b/external_modules/render/graphql/deleteMutation.graphql new file mode 100644 index 0000000..d044bc8 --- /dev/null +++ b/external_modules/render/graphql/deleteMutation.graphql @@ -0,0 +1,3 @@ +mutation deleteServer($id: String!) { + deleteServer(id: $id) +} diff --git a/external_modules/render/graphql/login.graphql b/external_modules/render/graphql/login.graphql new file mode 100644 index 0000000..25d0d53 --- /dev/null +++ b/external_modules/render/graphql/login.graphql @@ -0,0 +1,36 @@ +mutation signIn($email: String!, $password: String!) { + signIn(email: $email, password: $password) { + ...authResultFields + __typename + } +} + +fragment authResultFields on AuthResult { + idToken + expiresAt + user { + ...userFields + sudoModeExpiresAt + __typename + } + readOnly + __typename +} + +fragment userFields on User { + id + active + createdAt + email + featureFlags + githubId + gitlabId + googleId + name + notifyOnPrUpdate + otpEnabled + passwordExists + tosAcceptedAt + intercomEmailHMAC + __typename +} \ No newline at end of file diff --git a/external_modules/render/graphql/readQuery.graphql b/external_modules/render/graphql/readQuery.graphql new file mode 100644 index 0000000..a1bf701 --- /dev/null +++ b/external_modules/render/graphql/readQuery.graphql @@ -0,0 +1,247 @@ +query server($id: String!) { + server(id: $id) { + ...serverFields + verifiedDomains + isGithubRepoEmpty + __typename + } +} + +fragment serverFields on Server { + ...serviceFields + autoscalingConfig { + enabled + min + max + cpuPercentage + cpuEnabled + memoryPercentage + memoryEnabled + __typename + } + deletedAt + deploy { + ...deployFields + __typename + } + deployKey + externalImage { + ...externalImageFields + __typename + } + extraInstances + healthCheckHost + healthCheckPath + isPrivate + isWorker + openPorts + maintenanceScheduledAt + parentServer { + ...serviceFields + __typename + } + pendingMaintenanceBy + plan { + name + cpu + mem + price + __typename + } + prPreviewsEnabled + preDeployCommand + pullRequestId + rootDir + startCommand + staticPublishPath + suspenders + url + disk { + ...diskFields + __typename + } + maintenance { + id + type + scheduledAt + pendingMaintenanceBy + state + __typename + } + __typename +} + +fragment serviceFields on Service { + id + type + env { + ...envFields + __typename + } + repo { + ...repoFields + __typename + } + user { + id + email + __typename + } + owner { + id + email + billingStatus + featureFlags + __typename + } + name + slug + sourceBranch + buildCommand + buildFilter { + paths + ignoredPaths + __typename + } + buildPlan { + name + cpu + mem + __typename + } + externalImage { + ...externalImageFields + __typename + } + autoDeploy + userFacingType + userFacingTypeSlug + baseDir + dockerCommand + dockerfilePath + createdAt + updatedAt + outboundIPs + region { + id + description + __typename + } + rootDir + shellURL + state + suspenders + sshAddress + sshServiceAvailable + lastDeployedAt + maintenanceScheduledAt + pendingMaintenanceBy + environment { + ...environmentFields + __typename + } + __typename +} + +fragment envFields on Env { + id + name + language + isStatic + sampleBuildCommand + sampleStartCommand + __typename +} + +fragment environmentFields on Environment { + id + name + project { + id + name + owner { + id + __typename + } + __typename + } + __typename +} + +fragment repoFields on Repo { + id + provider + providerId + name + ownerName + webURL + isPrivate + __typename +} + +fragment externalImageFields on ExternalImage { + imageHost + imageName + imageRef + imageRepository + imageURL + ownerId + registryCredentialId + __typename +} + +fragment deployFields on Deploy { + id + status + buildId + commitId + commitShortId + commitMessage + commitURL + commitCreatedAt + finishedAt + finishedAtUnixNano + initialDeployHookFinishedAtUnixNano + createdAt + updatedAt + server { + id + userFacingTypeSlug + __typename + } + rollbackSupportStatus + reason { + ...failureReasonFields + __typename + } + imageSHA + externalImage { + imageRef + __typename + } + __typename +} + +fragment failureReasonFields on FailureReason { + badStartCommand + evicted + evictionReason + nonZeroExit + oomKilled { + memoryLimit + __typename + } + rootDirMissing + timedOutSeconds + unhealthy + step + __typename +} + +fragment diskFields on Disk { + id + name + mountPath + sizeGB + __typename +} diff --git a/external_modules/render/main.tf b/external_modules/render/main.tf new file mode 100644 index 0000000..2153431 --- /dev/null +++ b/external_modules/render/main.tf @@ -0,0 +1,67 @@ +terraform { + required_providers { + graphql = { + source = "sullivtr/graphql" + version = "2.5.4" + } + } +} + +provider "graphql" { + url = "https://api.render.com/graphql" + + oauth2_login_query = file("${path.module}/graphql/login.graphql") + oauth2_login_query_variables = { + "email" = var.email + "password" = var.password + } + oauth2_login_query_value_attribute = "data.signIn.idToken" +} + +resource "graphql_mutation" "basic_mutation" { + mutation_variables = { + "server" = jsonencode({ + "autoDeploy" : true, + "baseDir" : "", + "branch" : "", + "buildCommand" : "", + "name" : var.name, + "dockerfilePath" : "", + "dockerCommand" : "", + "envId" : "image", + "envVars" : [], + "healthCheckPath" : "", + "ownerId" : var.userId, + "plan" : "Free", + "repo" : null, + "externalImage" : { + "imageURL" : var.dockerImageUrl, + "ownerID" : var.userId, + "registryCredentialID" : null + }, + "isWorker" : false, + "isPrivate" : false, + "region" : "frankfurt", + "startCommand" : "", + "staticPublishPath" : "", + "rootDir" : "", + "buildFilter" : { + "paths" : [], + "ignoredPaths" : [] + }, + "preDeployCommand" : null, + "environmentId" : null + }) + } + + compute_from_create = true + + compute_mutation_keys = { + "id" = "data.createServer.id" + } + + create_mutation = file("${path.module}/graphql/createMutation.graphql") + update_mutation = file("${path.module}/graphql/readQuery.graphql") // Update is not available + delete_mutation = file("${path.module}/graphql/deleteMutation.graphql") + read_query = file("${path.module}/graphql/readQuery.graphql") +} \ No newline at end of file diff --git a/external_modules/render/variables.tf b/external_modules/render/variables.tf new file mode 100644 index 0000000..9677dde --- /dev/null +++ b/external_modules/render/variables.tf @@ -0,0 +1,22 @@ +variable "email" { + type = string + sensitive = true +} + +variable "password" { + type = string + sensitive = true +} + +variable "userId" { + type = string + sensitive = true +} + +variable "name" { + type = string +} + +variable "dockerImageUrl" { + type = string +} \ No newline at end of file diff --git a/modules/application/main.tf b/modules/application/main.tf new file mode 100644 index 0000000..7e09567 --- /dev/null +++ b/modules/application/main.tf @@ -0,0 +1,10 @@ +module "application" { + source = "../../external_modules/render" + + email = var.email + password = var.password + userId = var.userId + + name = var.name + dockerImageUrl = var.dockerImageUrl +} \ No newline at end of file diff --git a/modules/application/variables.tf b/modules/application/variables.tf new file mode 100644 index 0000000..9677dde --- /dev/null +++ b/modules/application/variables.tf @@ -0,0 +1,22 @@ +variable "email" { + type = string + sensitive = true +} + +variable "password" { + type = string + sensitive = true +} + +variable "userId" { + type = string + sensitive = true +} + +variable "name" { + type = string +} + +variable "dockerImageUrl" { + type = string +} \ No newline at end of file