TerraformDevKit 0.3.8 → 0.4.0

data/lib/TerraformDevKit/aws/terraform_remote_state.rb

@@ -1,67 +1,67 @@
-require 'aws-sdk-dynamodb'
-require 'aws-sdk-s3'
-
-module TerraformDevKit
-  module Aws
-    class TerraformRemoteState
-      ATTRIBUTES = [
-          {
-            attribute_name: 'LockID',
-            attribute_type: 'S'
-          }
-        ]
-      KEYS = [
-          {
-            attribute_name: 'LockID',
-            key_type: 'HASH'
-          }
-        ]
-
-      def initialize(dynamodb, s3)
-        @dynamodb = dynamodb
-        @s3 = s3
-      end
-
-      def init(environment, project)
-        table_name = table_name(environment, project)
-        return if lock_table_exists_and_is_active(table_name)
-
-        @dynamodb.create_table(table_name, ATTRIBUTES, KEYS, 1, 1)
-
-        begin
-          @s3.create_bucket(state_bucket_name(environment, project))
-        rescue ::Aws::S3::Errors::BucketAlreadyOwnedByYou
-          return
-        end
-
-        sleep(0.2) until lock_table_exists_and_is_active(table_name)
-      end
-
-      def destroy(environment, project)
-        table_name = table_name(environment, project)
-
-        @dynamodb.delete_table(table_name)
-        @s3.delete_bucket(state_bucket_name(environment, project))
-      end
-
-      private_class_method
-      def lock_table_exists_and_is_active(table_name)
-        begin
-          return @dynamodb.get_table_status(table_name) == 'ACTIVE'
-        rescue ::Aws::DynamoDB::Errors::ResourceNotFoundException
-          return false
-        end
-      end
-
-      private_class_method
-      def table_name(environment, project)
-        "#{project.acronym}-#{environment.name}-lock-table"
-      end
-
-      private_class_method
-      def state_bucket_name(environment, project)
-        "#{project.name}-#{environment.name}-state"
-      end
-    end
-  end
-end
+require 'aws-sdk-dynamodb'
+require 'aws-sdk-s3'
+
+module TerraformDevKit
+  module Aws
+    class TerraformRemoteState
+      ATTRIBUTES = [
+          {
+            attribute_name: 'LockID',
+            attribute_type: 'S'
+          }
+        ]
+      KEYS = [
+          {
+            attribute_name: 'LockID',
+            key_type: 'HASH'
+          }
+        ]
+
+      def initialize(dynamodb, s3)
+        @dynamodb = dynamodb
+        @s3 = s3
+      end
+
+      def init(environment, project)
+        table_name = table_name(environment, project)
+        return if lock_table_exists_and_is_active(table_name)
+
+        @dynamodb.create_table(table_name, ATTRIBUTES, KEYS, 1, 1)
+
+        begin
+          @s3.create_bucket(state_bucket_name(environment, project))
+        rescue ::Aws::S3::Errors::BucketAlreadyOwnedByYou
+          return
+        end
+
+        sleep(0.2) until lock_table_exists_and_is_active(table_name)
+      end
+
+      def destroy(environment, project)
+        table_name = table_name(environment, project)
+
+        @dynamodb.delete_table(table_name)
+        @s3.delete_bucket(state_bucket_name(environment, project))
+      end
+
+      private_class_method
+      def lock_table_exists_and_is_active(table_name)
+        begin
+          return @dynamodb.get_table_status(table_name) == 'ACTIVE'
+        rescue ::Aws::DynamoDB::Errors::ResourceNotFoundException
+          return false
+        end
+      end
+
+      private_class_method
+      def table_name(environment, project)
+        "#{project.acronym}-#{environment.name}-lock-table"
+      end
+
+      private_class_method
+      def state_bucket_name(environment, project)
+        "#{project.name}-#{environment.name}-state"
+      end
+    end
+  end
+end

data/lib/TerraformDevKit/backup_state.rb

@@ -1,18 +1,18 @@
-require 'fileutils'
-
-require_relative 'zip_file_generator'
-
-module TerraformDevKit
-  class BackupState
-    def self.backup(prefix)
-      backup_path = ENV['TM_STATE_BACKUP_PATH']
-      return if backup_path.nil?
-
-      filename = "#{prefix}failure_state.zip"
-      ZipFileGenerator.new('.', filename).write
-
-      FileUtils.cp(filename, backup_path)
-      puts "Copied state to #{File.join(backup_path, filename)}"
-    end
-  end
-end
+require 'fileutils'
+
+require_relative 'zip_file_generator'
+
+module TerraformDevKit
+  class BackupState
+    def self.backup(prefix)
+      backup_path = ENV['TM_STATE_BACKUP_PATH']
+      return if backup_path.nil?
+
+      filename = "#{prefix}failure_state.zip"
+      ZipFileGenerator.new('.', filename).write
+
+      FileUtils.cp(filename, backup_path)
+      puts "Copied state to #{File.join(backup_path, filename)}"
+    end
+  end
+end

data/lib/TerraformDevKit/command.rb

@@ -1,31 +1,31 @@
-require 'open3'
-
-require 'TerraformDevKit/errors/command_error'
-
-module TerraformDevKit
-  class Command
-    def self.run(cmd, directory: Dir.pwd, print_output: true)
-      out = IO.popen(cmd, err: %i[child out], chdir: directory) do |io|
-        begin
-          out = ''
-          loop do
-            chunk = io.readpartial(4096)
-            print chunk if print_output
-            out += chunk
-          end
-        rescue EOFError; end
-        out
-      end
-
-      out = process_output(out)
-      $?.exitstatus.zero? || (raise CommandError.new(cmd, out))
-      out
-    end
-
-    private_class_method
-    def self.process_output(out)
-      out.split("\n")
-        .map { |line| line.tr("\r\n", '') }
-    end
-  end
-end
+require 'open3'
+
+require 'TerraformDevKit/errors/command_error'
+
+module TerraformDevKit
+  class Command
+    def self.run(cmd, directory: Dir.pwd, print_output: true)
+      out = IO.popen(cmd, err: %i[child out], chdir: directory) do |io|
+        begin
+          out = ''
+          loop do
+            chunk = io.readpartial(4096)
+            print chunk if print_output
+            out += chunk
+          end
+        rescue EOFError; end
+        out
+      end
+
+      out = process_output(out)
+      $?.exitstatus.zero? || (raise CommandError.new(cmd, out))
+      out
+    end
+
+    private_class_method
+    def self.process_output(out)
+      out.split("\n")
+        .map { |line| line.tr("\r\n", '') }
+    end
+  end
+end

data/lib/TerraformDevKit/download.rb

@@ -10,7 +10,7 @@ module TerraformDevKit
       puts "Downloading #{url} to #{filename}..."
 
       open(filename, 'wb') do |file|
-        file << open(url, ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE).read
+        file << URI.open(url, ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE).read
       end
     end
   end

data/lib/TerraformDevKit/extended_file_utils.rb

@@ -1,21 +1,21 @@
-require 'fileutils'
-require 'TerraformDevKit/command'
-require 'TerraformDevKit/os'
-
-module TerraformDevKit::ExtendedFileUtils
-  def self.copy(files, dest_base_path)
-    files.to_h.each do |dest, src|
-      dest = File.join(dest_base_path, dest)
-      FileUtils.copy_entry(src, dest)
-    end
-  end
-
-  def self.rm_rf(list, options = {})
-    if TerraformDevKit::OS.host_os == 'windows'
-      windows_path = TerraformDevKit::OS.convert_to_local_path(list)
-      TerraformDevKit::Command.run("rmdir /s/q \"#{windows_path}\"")
-    else
-      FileUtils.rm_rf(list, options)
-    end
-  end
-end
+require 'fileutils'
+require 'TerraformDevKit/command'
+require 'TerraformDevKit/os'
+
+module TerraformDevKit::ExtendedFileUtils
+  def self.copy(files, dest_base_path)
+    files.to_h.each do |dest, src|
+      dest = File.join(dest_base_path, dest)
+      FileUtils.copy_entry(src, dest)
+    end
+  end
+
+  def self.rm_rf(list, options = {})
+    if TerraformDevKit::OS.host_os == 'windows'
+      windows_path = TerraformDevKit::OS.convert_to_local_path(list)
+      TerraformDevKit::Command.run("rmdir /s/q \"#{windows_path}\"")
+    else
+      FileUtils.rm_rf(list, options)
+    end
+  end
+end

data/lib/TerraformDevKit/project_config.rb

@@ -1,10 +1,10 @@
-module TerraformDevKit
-  class ProjectConfig
-    attr_reader :name, :acronym
-
-    def initialize(project_name, project_acronym = nil)
-      @name = project_name.tr(' ', '-').downcase
-      @acronym = project_acronym || project_name.scan(/\b[a-z]/i).join.upcase
-    end
-  end
-end
+module TerraformDevKit
+  class ProjectConfig
+    attr_reader :name, :acronym
+
+    def initialize(project_name, project_acronym = nil)
+      @name = project_name.tr(' ', '-').downcase
+      @acronym = project_acronym || project_name.scan(/\b[a-z]/i).join.upcase
+    end
+  end
+end

data/lib/TerraformDevKit/request.rb

@@ -18,7 +18,7 @@ module TerraformDevKit
         ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE
       }
       options.merge!(@headers)
-      open(url, options)
+      URI.open(url, options)
     rescue OpenURI::HTTPError => error
       response = error.io
       raise if raise_on_codes.include?(response.status[0])

data/lib/TerraformDevKit/version.rb

@@ -1,3 +1,3 @@
-module TerraformDevKit
-  VERSION = '0.3.8'.freeze
-end
+module TerraformDevKit
+  VERSION = '0.4.0'.freeze
+end

data/lib/TerraformDevKit/zip_file_generator.rb

@@ -1,47 +1,47 @@
-require 'zip'
-
-module TerraformDevKit
-  class ZipFileGenerator
-    def initialize(input_dir, output_file)
-      @input_dir = input_dir
-      @output_file = output_file
-    end
-
-    def write
-      entries = Dir.entries(@input_dir)
-      entries.delete('.')
-      entries.delete('..')
-      Zip::File.open(@output_file, Zip::File::CREATE) do |zipfile|
-        write_entries(entries, '', zipfile)
-      end
-    end
-
-    private
-
-    def write_entries(entries, path, zipfile)
-      entries.each do |e|
-        zip_file_path = path == '' ? e : File.join(path, e)
-        disk_file_path = File.join(@input_dir, zip_file_path)
-        if File.directory?(disk_file_path)
-          write_directory(disk_file_path, zip_file_path, zipfile)
-        else
-          write_file(disk_file_path, zip_file_path, zipfile)
-        end
-      end
-    end
-
-    def write_directory(disk_file_path, zip_file_path, zipfile)
-      zipfile.mkdir(zip_file_path)
-      subdir = Dir.entries(disk_file_path)
-      subdir.delete('.')
-      subdir.delete('..')
-      write_entries(subdir, zip_file_path, zipfile)
-    end
-
-    def write_file(disk_file_path, zip_file_path, zipfile)
-      zipfile.get_output_stream(zip_file_path) do |f|
-        f.puts(File.open(disk_file_path, 'rb').read)
-      end
-    end
-  end
-end
+require 'zip'
+
+module TerraformDevKit
+  class ZipFileGenerator
+    def initialize(input_dir, output_file)
+      @input_dir = input_dir
+      @output_file = output_file
+    end
+
+    def write
+      entries = Dir.entries(@input_dir)
+      entries.delete('.')
+      entries.delete('..')
+      Zip::File.open(@output_file, Zip::File::CREATE) do |zipfile|
+        write_entries(entries, '', zipfile)
+      end
+    end
+
+    private
+
+    def write_entries(entries, path, zipfile)
+      entries.each do |e|
+        zip_file_path = path == '' ? e : File.join(path, e)
+        disk_file_path = File.join(@input_dir, zip_file_path)
+        if File.directory?(disk_file_path)
+          write_directory(disk_file_path, zip_file_path, zipfile)
+        else
+          write_file(disk_file_path, zip_file_path, zipfile)
+        end
+      end
+    end
+
+    def write_directory(disk_file_path, zip_file_path, zipfile)
+      zipfile.mkdir(zip_file_path)
+      subdir = Dir.entries(disk_file_path)
+      subdir.delete('.')
+      subdir.delete('..')
+      write_entries(subdir, zip_file_path, zipfile)
+    end
+
+    def write_file(disk_file_path, zip_file_path, zipfile)
+      zipfile.get_output_stream(zip_file_path) do |f|
+        f.puts(File.open(disk_file_path, 'rb').read)
+      end
+    end
+  end
+end

data/tasks/devkit.rake

@@ -1,187 +1,187 @@
-require 'rainbow'
-require 'TerraformDevKit'
-
-TDK = TerraformDevKit
-
-raise 'ROOT_PATH is not defined' if defined?(ROOT_PATH).nil?
-BIN_PATH = File.join(ROOT_PATH, 'bin')
-CONFIG_FILE ||= File.join(ROOT_PATH, 'config', 'config-%s.yml')
-
-# Ensure terraform is in the PATH
-ENV['PATH'] = TDK::OS.join_env_path(
-  TDK::OS.convert_to_local_path(BIN_PATH),
-  ENV['PATH']
-)
-
-PLAN_FILE = 'plan.tfplan'.freeze
-
-def destroy_if_fails(env, task)
-  yield
-rescue Exception => e
-  puts "ERROR: #{e.message}"
-  puts e.backtrace.join("\n")
-  invoke('destroy', task, env.name) if env.local_backend?
-  raise
-end
-
-def invoke(task_name, task_context, env, safe_invoke: false)
-  task_in_context = task_in_current_namespace(task_name, task_context)
-  should_invoke = !safe_invoke || Rake::Task.task_defined?(task_in_context)
-  Rake::Task[task_in_context].invoke(env) if should_invoke
-end
-
-def task_in_current_namespace(task_name, current_task)
-  namespace = current_task.scope.path.to_s
-  namespace.empty? ? task_name : "#{namespace}:#{task_name}"
-end
-
-def remote_state
-  aws_config = TDK::Aws::AwsConfig.new(TDK::Configuration.get('aws'))
-  dynamo_db = TDK::Aws::DynamoDB.new(
-    aws_config.credentials,
-    aws_config.region
-  )
-  s3 = TDK::Aws::S3.new(
-    aws_config.credentials,
-    aws_config.region
-  )
-  TDK::Aws::TerraformRemoteState.new(dynamo_db, s3)
-end
-
-desc 'Prepares the environment to create the infrastructure'
-task :prepare, [:env] do |_, args|
-  env = TDK::Environment.new(args.env)
-
-  puts "== Configuring environment #{env.name}"
-
-  config_file = CONFIG_FILE % env.config
-  puts "== Loading configuration from #{config_file}"
-  TDK::Configuration.init(config_file)
-
-  invoke('custom_prepare', task, env.name, safe_invoke: true)
-
-  TDK::TerraformInstaller.install_local(
-    TDK::Configuration.get('terraform-version'),
-    directory: BIN_PATH
-  )
-
-  project_config = TDK::ProjectConfig.new(
-    TDK::Configuration.get('project-name'),
-    TDK::Configuration.get('project-acronym')
-  )
-  TDK::TerraformConfigManager.setup(env, project_config)
-
-  unless env.local_backend?
-    puts '== Initializing remote state'
-    remote_state.init(env, project_config)
-  end
-
-  if File.exist?(File.join(env.working_dir, '.terraform'))
-    get_cmd  = 'terraform get'
-    get_cmd += ' -update=true' if TDK::TerraformConfigManager.update_modules?
-    TDK::Command.run(get_cmd, directory: env.working_dir)
-  else
-    init_cmd  = 'terraform init'
-    init_cmd += ' -upgrade=false' unless TDK::TerraformConfigManager.update_modules?
-    TDK::Command.run(init_cmd, directory: env.working_dir)
-  end
-end
-
-desc 'Shows the plan to create the infrastructure'
-task :plan, [:env] => :prepare do |_, args|
-  env = TDK::Environment.new(args.env)
-  cmd = "terraform plan -out=#{PLAN_FILE}"
-  TDK::Command.run(cmd, directory: env.working_dir)
-end
-
-desc 'Creates the infrastructure'
-task :apply, [:env] => :prepare do |task, args|
-  env = TDK::Environment.new(args.env)
-
-  invoke('plan', task, env.name)
-
-  unless env.local_backend? || allow_remote_apply?
-    puts Rainbow("Are you sure you want to apply the above plan?\n" \
-                 "Only 'yes' will be accepted.").green
-    response = STDIN.gets.strip
-    unless response == 'yes'
-      raise "Apply cancelled because response was not 'yes'.\n" \
-            "Response was: #{response}"
-    end
-  end
-
-  invoke('pre_apply', task, env.name, safe_invoke: true)
-
-  destroy_if_fails(env, task) do
-    cmd = "terraform apply \"#{PLAN_FILE}\""
-    TDK::Command.run(cmd, directory: env.working_dir)
-  end
-
-  invoke('post_apply', task, env.name, safe_invoke: true)
-end
-
-def allow_remote_apply?
-  aws = TDK::Configuration.get('aws')
-  aws.key?('remote_apply') && aws['remote_apply']
-end
-
-desc 'Tests a local environment'
-task :test, [:env] do |task, args|
-  env = TDK::Environment.new(args.env)
-  env.local_backend? || (raise 'Testing is only allowed for local environments')
-
-  invoke('apply', task, env.name)
-
-  destroy_if_fails(env, task) do
-    invoke('custom_test', task, env.name, safe_invoke: true)
-  end
-end
-
-desc 'Creates the infrastructure and runs the tests'
-task :preflight, [:prefix, :teardown] do |task, args|
-  args.with_defaults(teardown: 'true')
-  args.with_defaults(prefix: TDK::Environment.temp_name)
-  env = TDK::Environment.new(args.prefix)
-
-  invoke('test', task, env.name)
-  invoke('clean', task, env.name) if args.teardown == 'true'
-end
-
-desc 'Destroys the infrastructure'
-task :destroy, [:env] => :prepare do |task, args|
-  env = TDK::Environment.new(args.env)
-
-  unless env.local_backend?
-    puts Rainbow("\n\n!!!! WARNING !!!!\n\n" \
-                 "You are about to destroy #{env.name} and its remote state.\n" \
-                 "Are you sure you want to proceed?\n" \
-                 "Only 'yes' will be accepted.").red.bright
-    response = STDIN.gets.strip
-
-    unless response == 'yes'
-      raise "Destroy cancelled because response was not 'yes'.\n" \
-           "Response was: #{response}"
-    end
-  end
-
-  invoke('pre_destroy', task, env.name, safe_invoke: true)
-
-  TDK::Command.run('terraform destroy -force', directory: env.working_dir)
-
-  unless env.local_backend?
-    project_config = TDK::ProjectConfig.new(
-      TDK::Configuration.get('project-name'),
-      TDK::Configuration.get('project-acronym')
-    )
-    remote_state.destroy(env, project_config)
-  end
-
-  invoke('post_destroy', task, env.name, safe_invoke: true)
-end
-
-desc 'Cleans an environment (infrastructure is destroyed too)'
-task :clean, [:env] => :destroy do |_, args|
-  env = TDK::Environment.new(args.env)
-  puts "Deleting environment #{env.name} in #{env.working_dir}"
-  TDK::ExtendedFileUtils.rm_rf(env.working_dir, secure: true)
-end
+require 'rainbow'
+require 'TerraformDevKit'
+
+TDK = TerraformDevKit
+
+raise 'ROOT_PATH is not defined' if defined?(ROOT_PATH).nil?
+BIN_PATH = File.join(ROOT_PATH, 'bin')
+CONFIG_FILE ||= File.join(ROOT_PATH, 'config', 'config-%s.yml')
+
+# Ensure terraform is in the PATH
+ENV['PATH'] = TDK::OS.join_env_path(
+  TDK::OS.convert_to_local_path(BIN_PATH),
+  ENV['PATH']
+)
+
+PLAN_FILE = 'plan.tfplan'.freeze
+
+def destroy_if_fails(env, task)
+  yield
+rescue Exception => e
+  puts "ERROR: #{e.message}"
+  puts e.backtrace.join("\n")
+  invoke('destroy', task, env.name) if env.local_backend?
+  raise
+end
+
+def invoke(task_name, task_context, env, safe_invoke: false)
+  task_in_context = task_in_current_namespace(task_name, task_context)
+  should_invoke = !safe_invoke || Rake::Task.task_defined?(task_in_context)
+  Rake::Task[task_in_context].invoke(env) if should_invoke
+end
+
+def task_in_current_namespace(task_name, current_task)
+  namespace = current_task.scope.path.to_s
+  namespace.empty? ? task_name : "#{namespace}:#{task_name}"
+end
+
+def remote_state
+  aws_config = TDK::Aws::AwsConfig.new(TDK::Configuration.get('aws'))
+  dynamo_db = TDK::Aws::DynamoDB.new(
+    aws_config.credentials,
+    aws_config.region
+  )
+  s3 = TDK::Aws::S3.new(
+    aws_config.credentials,
+    aws_config.region
+  )
+  TDK::Aws::TerraformRemoteState.new(dynamo_db, s3)
+end
+
+desc 'Prepares the environment to create the infrastructure'
+task :prepare, [:env] do |_, args|
+  env = TDK::Environment.new(args.env)
+
+  puts "== Configuring environment #{env.name}"
+
+  config_file = CONFIG_FILE % env.config
+  puts "== Loading configuration from #{config_file}"
+  TDK::Configuration.init(config_file)
+
+  invoke('custom_prepare', task, env.name, safe_invoke: true)
+
+  TDK::TerraformInstaller.install_local(
+    TDK::Configuration.get('terraform-version'),
+    directory: BIN_PATH
+  )
+
+  project_config = TDK::ProjectConfig.new(
+    TDK::Configuration.get('project-name'),
+    TDK::Configuration.get('project-acronym')
+  )
+  TDK::TerraformConfigManager.setup(env, project_config)
+
+  unless env.local_backend?
+    puts '== Initializing remote state'
+    remote_state.init(env, project_config)
+  end
+
+  if File.exist?(File.join(env.working_dir, '.terraform'))
+    get_cmd  = 'terraform get'
+    get_cmd += ' -update=true' if TDK::TerraformConfigManager.update_modules?
+    TDK::Command.run(get_cmd, directory: env.working_dir)
+  else
+    init_cmd  = 'terraform init'
+    init_cmd += ' -upgrade=false' unless TDK::TerraformConfigManager.update_modules?
+    TDK::Command.run(init_cmd, directory: env.working_dir)
+  end
+end
+
+desc 'Shows the plan to create the infrastructure'
+task :plan, [:env] => :prepare do |_, args|
+  env = TDK::Environment.new(args.env)
+  cmd = "terraform plan -out=#{PLAN_FILE}"
+  TDK::Command.run(cmd, directory: env.working_dir)
+end
+
+desc 'Creates the infrastructure'
+task :apply, [:env] => :prepare do |task, args|
+  env = TDK::Environment.new(args.env)
+
+  invoke('plan', task, env.name)
+
+  unless env.local_backend? || allow_remote_apply?
+    puts Rainbow("Are you sure you want to apply the above plan?\n" \
+                 "Only 'yes' will be accepted.").green
+    response = STDIN.gets.strip
+    unless response == 'yes'
+      raise "Apply cancelled because response was not 'yes'.\n" \
+            "Response was: #{response}"
+    end
+  end
+
+  invoke('pre_apply', task, env.name, safe_invoke: true)
+
+  destroy_if_fails(env, task) do
+    cmd = "terraform apply \"#{PLAN_FILE}\""
+    TDK::Command.run(cmd, directory: env.working_dir)
+  end
+
+  invoke('post_apply', task, env.name, safe_invoke: true)
+end
+
+def allow_remote_apply?
+  aws = TDK::Configuration.get('aws')
+  aws.key?('remote_apply') && aws['remote_apply']
+end
+
+desc 'Tests a local environment'
+task :test, [:env] do |task, args|
+  env = TDK::Environment.new(args.env)
+  env.local_backend? || (raise 'Testing is only allowed for local environments')
+
+  invoke('apply', task, env.name)
+
+  destroy_if_fails(env, task) do
+    invoke('custom_test', task, env.name, safe_invoke: true)
+  end
+end
+
+desc 'Creates the infrastructure and runs the tests'
+task :preflight, [:prefix, :teardown] do |task, args|
+  args.with_defaults(teardown: 'true')
+  args.with_defaults(prefix: TDK::Environment.temp_name)
+  env = TDK::Environment.new(args.prefix)
+
+  invoke('test', task, env.name)
+  invoke('clean', task, env.name) if args.teardown == 'true'
+end
+
+desc 'Destroys the infrastructure'
+task :destroy, [:env] => :prepare do |task, args|
+  env = TDK::Environment.new(args.env)
+
+  unless env.local_backend?
+    puts Rainbow("\n\n!!!! WARNING !!!!\n\n" \
+                 "You are about to destroy #{env.name} and its remote state.\n" \
+                 "Are you sure you want to proceed?\n" \
+                 "Only 'yes' will be accepted.").red.bright
+    response = STDIN.gets.strip
+
+    unless response == 'yes'
+      raise "Destroy cancelled because response was not 'yes'.\n" \
+           "Response was: #{response}"
+    end
+  end
+
+  invoke('pre_destroy', task, env.name, safe_invoke: true)
+
+  TDK::Command.run('terraform destroy -force', directory: env.working_dir)
+
+  unless env.local_backend?
+    project_config = TDK::ProjectConfig.new(
+      TDK::Configuration.get('project-name'),
+      TDK::Configuration.get('project-acronym')
+    )
+    remote_state.destroy(env, project_config)
+  end
+
+  invoke('post_destroy', task, env.name, safe_invoke: true)
+end
+
+desc 'Cleans an environment (infrastructure is destroyed too)'
+task :clean, [:env] => :destroy do |_, args|
+  env = TDK::Environment.new(args.env)
+  puts "Deleting environment #{env.name} in #{env.working_dir}"
+  TDK::ExtendedFileUtils.rm_rf(env.working_dir, secure: true)
+end