jlengrand/engine
1
0
Fork 0
mirror of https://github.com/jlengrand/engine.git synced 2026-03-10 08:11:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: update tfstate name on services to avoid name collision

Browse Source
This commit is contained in:
Pierre Mavro
2020-12-15 11:50:20 +01:00
committed by Pierre Mavro
parent a54af299d4
commit 41a5dc65f2
7 changed files with 70 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/aws/services/common/backend.j2.tf
View File

@@ -1,6 +1,6 @@
terraform {
backend "kubernetes" {
secret_suffix = "{{ namespace }}-state"
secret_suffix = "{{ tfstate_suffix_name }}"
load_config_file = true
config_path = "{{ kubeconfig_path }}"
namespace = "{{ namespace }}"

7
src/cloud_provider/aws/databases/mongodb.rs
View File

@@ -2,7 +2,9 @@ use std::collections::HashMap;
use tera::Context as TeraContext;
use crate::cloud_provider::aws::databases::utilities::generate_supported_version;
use crate::cloud_provider::aws::databases::utilities::{
generate_supported_version, get_tfstate_name, get_tfstate_suffix,
};
use crate::cloud_provider::aws::databases::{debug_logs, utilities};
use crate::cloud_provider::aws::{common, AWS};
use crate::cloud_provider::environment::Environment;
@@ -122,6 +124,8 @@ impl MongoDB {
context.insert("database_total_cpus", &self.total_cpus);
context.insert("database_fqdn", &self.options.host.as_str());
context.insert("database_id", &self.id());
context.insert("tfstate_suffix_name", &get_tfstate_suffix(&self.id()));
context.insert("tfstate_name", &get_tfstate_name(&self.id()));
if self.context.resource_expiration_in_seconds().is_some() {
context.insert(
@@ -196,6 +200,7 @@ impl MongoDB {
let _ = utilities::delete_terraform_tfstate_secret(
*kubernetes,
environment,
&get_tfstate_name(&self.id()),
self.workspace_directory().as_str(),
);
}

7
src/cloud_provider/aws/databases/mysql.rs
View File

@@ -1,6 +1,8 @@
use tera::Context as TeraContext;
use crate::cloud_provider::aws::databases::utilities::generate_supported_version;
use crate::cloud_provider::aws::databases::utilities::{
generate_supported_version, get_tfstate_name, get_tfstate_suffix,
};
use crate::cloud_provider::aws::databases::{debug_logs, utilities};
use crate::cloud_provider::aws::{common, AWS};
use crate::cloud_provider::environment::Environment;
@@ -122,6 +124,8 @@ impl MySQL {
context.insert("database_total_cpus", &self.total_cpus);
context.insert("database_fqdn", &self.options.host.as_str());
context.insert("database_id", &self.id());
context.insert("tfstate_suffix_name", &get_tfstate_suffix(&self.id()));
context.insert("tfstate_name", &get_tfstate_name(&self.id()));
context.insert(
"delete_automated_backups",
@@ -200,6 +204,7 @@ impl MySQL {
let _ = utilities::delete_terraform_tfstate_secret(
*kubernetes,
environment,
&get_tfstate_name(&self.id()),
self.workspace_directory().as_str(),
);
}

11
src/cloud_provider/aws/databases/postgresql.rs
View File

@@ -1,6 +1,8 @@
use tera::Context as TeraContext;
use crate::cloud_provider::aws::databases::utilities::generate_supported_version;
use crate::cloud_provider::aws::databases::utilities::{
generate_supported_version, get_tfstate_name, get_tfstate_suffix,
};
use crate::cloud_provider::aws::databases::{debug_logs, utilities};
use crate::cloud_provider::aws::{common, AWS};
use crate::cloud_provider::environment::Environment;
@@ -122,6 +124,8 @@ impl PostgreSQL {
context.insert("database_total_cpus", &self.total_cpus);
context.insert("database_fqdn", &self.options.host.as_str());
context.insert("database_id", &self.id());
context.insert("tfstate_suffix_name", &get_tfstate_suffix(&self.id()));
context.insert("tfstate_name", &get_tfstate_name(&self.id()));
context.insert(
"delete_automated_backups",
@@ -200,6 +204,7 @@ impl PostgreSQL {
let _ = utilities::delete_terraform_tfstate_secret(
*kubernetes,
environment,
&get_tfstate_name(&self.id()),
self.workspace_directory().as_str(),
);
}
@@ -627,11 +632,11 @@ fn get_postgres_version(
// https://hub.docker.com/r/bitnami/postgresql/tags?page=1&ordering=last_updated
// v10
let mut v10 = generate_supported_version(10, 1, 14, Some(0), Some(0), None);
let v10 = generate_supported_version(10, 1, 14, Some(0), Some(0), None);
supported_postgres_versions.extend(v10);
// v11
let mut v11 = generate_supported_version(11, 1, 9, Some(0), Some(0), None);
let v11 = generate_supported_version(11, 1, 9, Some(0), Some(0), None);
supported_postgres_versions.extend(v11);
// v12

4
src/cloud_provider/aws/databases/redis.rs
View File

@@ -1,5 +1,6 @@
use tera::Context as TeraContext;
use crate::cloud_provider::aws::databases::utilities::{get_tfstate_name, get_tfstate_suffix};
use crate::cloud_provider::aws::databases::{debug_logs, utilities};
use crate::cloud_provider::aws::{common, AWS};
use crate::cloud_provider::environment::{Environment, Kind};
@@ -149,6 +150,8 @@ impl Redis {
context.insert("database_total_cpus", &self.total_cpus);
context.insert("database_fqdn", &self.options.host.as_str());
context.insert("database_id", &self.id());
context.insert("tfstate_suffix_name", &get_tfstate_suffix(&self.id()));
context.insert("tfstate_name", &get_tfstate_name(&self.id()));
if self.context.resource_expiration_in_seconds().is_some() {
context.insert(
@@ -188,6 +191,7 @@ impl Redis {
let _ = utilities::delete_terraform_tfstate_secret(
*kubernetes,
environment,
&get_tfstate_name(&self.id()),
self.workspace_directory().as_str(),
);
}

29
src/cloud_provider/aws/databases/utilities.rs
View File

@@ -40,6 +40,7 @@ pub fn create_namespace_without_labels(namespace: &str, kube_config: &str, aws:
pub fn delete_terraform_tfstate_secret(
kubernetes: &dyn Kubernetes,
environment: &Environment,
secret_name: &str,
workspace_dir: &str,
) -> Result<(), SimpleError> {
let aws = kubernetes
@@ -64,11 +65,7 @@ pub fn delete_terraform_tfstate_secret(
match kubernetes_config_file_path {
Ok(kube_config) => {
//create the namespace to insert the tfstate in secrets
let _ = kubectl_exec_delete_secret(
kube_config,
"tfstate-default-state",
aws_credentials_envs,
);
let _ = kubectl_exec_delete_secret(kube_config, secret_name, aws_credentials_envs);
Ok(())
}
@@ -218,3 +215,25 @@ pub fn generate_supported_version(
supported_versions
}
pub fn get_tfstate_suffix(service_id: &str) -> String {
return format!("{}", service_id.clone());
}
// Name generated from TF secret suffix
// https://www.terraform.io/docs/backends/types/kubernetes.html#secret_suffix
// As mention the doc: Secrets will be named in the format: tfstate-{workspace}-{secret_suffix}.
pub fn get_tfstate_name(service_id: &str) -> String {
return format!("tfstate-default-{}", service_id);
}
#[cfg(test)]
mod tests {
use crate::cloud_provider::aws::databases::utilities::{get_tfstate_name, get_tfstate_suffix};
#[test]
fn check_tfstate_name() {
assert_eq!(get_tfstate_name("randomid"), "tfstate-default-randomid");
assert_eq!(get_tfstate_suffix("randomid"), "randomid");
}
}

71
src/cmd/kubectl.rs
View File

@@ -479,41 +479,6 @@ where
}
// used for testing the does_contain_terraform_tfstate
pub fn create_sample_secret_terraform_in_namespace<P>(
kubernetes_config: P,
namespace_to_override: &str,
envs: &Vec<(&str, &str)>,
) -> Result<String, SimpleError>
where
P: AsRef<Path>,
{
let mut _envs = Vec::with_capacity(envs.len() + 1);
let mut output_vec: Vec<String> = Vec::new();
_envs.push((KUBECONFIG, kubernetes_config.as_ref().to_str().unwrap()));
_envs.extend(envs);
let _ = kubectl_exec_with_output(
vec![
"create",
"secret",
"tfstate-default-state",
"--from-literal=blablablabla",
"--namespace",
namespace_to_override,
],
_envs,
|out| match out {
Ok(_line) => output_vec.push(_line),
Err(err) => error!("{:?}", err),
},
|out| match out {
Ok(_line) => {}
Err(err) => error!("{:?}", err),
},
);
Ok(output_vec.join(""))
}
pub fn does_contain_terraform_tfstate<P>(
kubernetes_config: P,
namespace: &str,
@@ -523,27 +488,33 @@ where
P: AsRef<Path>,
{
let mut _envs = Vec::with_capacity(envs.len() + 1);
_envs.push((KUBECONFIG, kubernetes_config.as_ref().to_str().unwrap()));
_envs.extend(envs);
let mut exist = true;
let _ = kubectl_exec_with_output(
let result = kubectl_exec::<P, KubernetesList<Item>>(
vec![
"describe",
"secrets/tfstate-default-state",
"get",
"secrets",
"--namespace",
namespace,
"-l",
"app.kubernetes.io/managed-by=terraform,tfstate=true",
"-o",
"json",
],
kubernetes_config,
_envs,
|out| match out {
Ok(_line) => exist = true,
Err(err) => error!("{:?}", err),
},
|out| match out {
Ok(_line) => {}
Err(err) => error!("{:?}", err),
},
)?;
Ok(exist)
);
match result {
Ok(out) => {
if out.items.len() == 0 {
Ok(false)
} else {
Ok(true)
}
}
Err(e) => return Err(e),
}
}
pub fn kubectl_exec_get_all_namespaces<P>(