cpflow 4.0.1 → 4.1.1

data/lib/core/terraform_config/required_provider.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module TerraformConfig
+  class RequiredProvider < Base
+    attr_reader :name, :org, :options
+
+    def initialize(name:, org:, **options)
+      super()
+
+      @name = name
+      @org = org
+      @options = options
+    end
+
+    def to_tf
+      block :terraform do
+        block :required_providers do
+          argument name, options
+        end
+      end
+    end
+  end
+end

data/lib/core/terraform_config/secret.rb

@@ -0,0 +1,138 @@
+# frozen_string_literal: true
+
+module TerraformConfig
+  class Secret < Base # rubocop:disable Metrics/ClassLength
+    REQUIRED_DATA_KEYS = {
+      "aws" => %i[secret_key access_key],
+      "azure-connector" => %i[url code],
+      "ecr" => %i[secret_key access_key repos],
+      "keypair" => %i[secret_key],
+      "nats-account" => %i[account_id private_key],
+      "opaque" => %i[payload],
+      "tls" => %i[key cert],
+      "userpass" => %i[username password],
+      "dictionary" => []
+    }.freeze
+
+    attr_reader :name, :type, :data, :description, :tags
+
+    def initialize(name:, type:, data:, description: nil, tags: nil)
+      super()
+
+      @name = name
+      @type = type
+      @description = description
+      @tags = tags
+      @data = prepare_data(type: type, data: data)
+    end
+
+    def importable?
+      true
+    end
+
+    def reference
+      "cpln_secret.#{name}"
+    end
+
+    def to_tf
+      block :resource, :cpln_secret, name do
+        argument :name, name
+        argument :description, description, optional: true
+        argument :tags, tags, optional: true
+
+        secret_data
+      end
+    end
+
+    private
+
+    def prepare_data(type:, data:)
+      return data unless data.is_a?(Hash)
+
+      data.deep_underscore_keys.deep_symbolize_keys.tap do |prepared_data|
+        validate_required_data_keys!(type: type, data: prepared_data)
+      end
+    end
+
+    def validate_required_data_keys!(type:, data:)
+      required_keys = REQUIRED_DATA_KEYS[type] || []
+      missing_keys = required_keys - data.keys
+      raise ArgumentError, "Missing required data keys for #{type}: #{missing_keys.join(', ')}" if missing_keys.any?
+    end
+
+    def secret_data
+      case type
+      when "azure-sdk", "dictionary", "docker", "gcp"
+        argument type.underscore, data, optional: true
+      when "azure-connector", "aws", "ecr", "keypair", "nats-account", "opaque", "tls", "userpass"
+        send("#{type.underscore}_tf")
+      else
+        raise "Invalid secret type given - #{type}"
+      end
+    end
+
+    def aws_tf
+      aws_based_tf(:aws)
+    end
+
+    def ecr_tf
+      aws_based_tf(:ecr, repos: data.fetch(:repos))
+    end
+
+    def azure_connector_tf
+      block :azure_connector do
+        argument :url, data.fetch(:url)
+        argument :code, data.fetch(:code)
+      end
+    end
+
+    def keypair_tf
+      block :keypair do
+        argument :secret_key, data.fetch(:secret_key)
+        argument :public_key, data.fetch(:public_key, nil), optional: true
+        argument :passphrase, data.fetch(:passphrase, nil), optional: true
+      end
+    end
+
+    def nats_account_tf
+      block :nats_account do
+        argument :account_id, data.fetch(:account_id)
+        argument :private_key, data.fetch(:private_key)
+      end
+    end
+
+    def opaque_tf
+      block :opaque do
+        argument :payload, data.fetch(:payload)
+        argument :encoding, data.fetch(:encoding, nil), optional: true
+      end
+    end
+
+    def tls_tf
+      block :tls do
+        argument :key, data.fetch(:key)
+        argument :cert, data.fetch(:cert)
+        argument :chain, data.fetch(:chain, nil), optional: true
+      end
+    end
+
+    def userpass_tf
+      block :userpass do
+        argument :username, data.fetch(:username)
+        argument :password, data.fetch(:password)
+        argument :encoding, data.fetch(:encoding, nil), optional: true
+      end
+    end
+
+    def aws_based_tf(name, **kwargs)
+      block name do
+        argument :secret_key, data.fetch(:secret_key)
+        argument :access_key, data.fetch(:access_key)
+        argument :role_arn, data.fetch(:role_arn, nil), optional: true
+        argument :external_id, data.fetch(:external_id, nil), optional: true
+
+        kwargs.each { |key, value| argument key, value }
+      end
+    end
+  end
+end

data/lib/core/terraform_config/volume_set.rb

@@ -0,0 +1,155 @@
+# frozen_string_literal: true
+
+module TerraformConfig
+  class VolumeSet < Base # rubocop:disable Metrics/ClassLength
+    PERFORMANCE_CLASSES = %w[general-purpose-ssd high-throughput-ssd].freeze
+    FILE_SYSTEM_TYPES = %w[xfs ext4].freeze
+    MIN_CAPACITY = 10
+    MIN_SCALING_FACTOR = 1.1
+
+    attr_reader :gvc, :name, :initial_capacity, :performance_class, :file_system_type,
+                :storage_class_suffix, :description, :tags, :snapshots, :autoscaling
+
+    def initialize( # rubocop:disable Metrics/ParameterLists, Metrics/MethodLength
+      gvc:,
+      name:,
+      initial_capacity:,
+      performance_class:,
+      file_system_type:,
+      storage_class_suffix: nil,
+      description: nil,
+      tags: nil,
+      snapshots: nil,
+      autoscaling: nil
+    )
+      super()
+
+      @gvc = gvc
+      @name = name
+      @initial_capacity = initial_capacity
+      @performance_class = performance_class
+      @file_system_type = file_system_type
+      @storage_class_suffix = storage_class_suffix
+      @description = description
+      @tags = tags
+      @snapshots = snapshots
+      @autoscaling = autoscaling
+
+      validate_attributes!
+    end
+
+    def importable?
+      true
+    end
+
+    def reference
+      "cpln_volume_set.#{name}"
+    end
+
+    def to_tf
+      block :resource, :cpln_volume_set, name do
+        base_arguments_tf
+        snapshots_tf
+        autoscaling_tf
+      end
+    end
+
+    private
+
+    def validate_attributes!
+      validate_initial_capacity!
+      validate_performance_class!
+      validate_file_system_type!
+      validate_autoscaling! if autoscaling
+    end
+
+    def validate_initial_capacity!
+      raise ArgumentError, "Initial capacity must be numeric" unless initial_capacity.is_a?(Numeric)
+      return if initial_capacity >= MIN_CAPACITY
+
+      raise ArgumentError, "Initial capacity should be >= #{MIN_CAPACITY}"
+    end
+
+    def validate_performance_class!
+      return if PERFORMANCE_CLASSES.include?(performance_class.to_s)
+
+      raise ArgumentError,
+            "Invalid performance class: #{performance_class}. Choose from #{PERFORMANCE_CLASSES.join(', ')}"
+    end
+
+    def validate_file_system_type!
+      return if FILE_SYSTEM_TYPES.include?(file_system_type.to_s)
+
+      raise ArgumentError, "Invalid file system type: #{file_system_type}. Choose from #{FILE_SYSTEM_TYPES.join(', ')}"
+    end
+
+    def validate_autoscaling!
+      validate_max_capacity!
+      validate_min_free_percentage!
+      validate_scaling_factor!
+    end
+
+    def validate_max_capacity!
+      max_capacity = autoscaling.fetch(:max_capacity, nil)
+      return if max_capacity.nil?
+
+      raise ArgumentError, "autoscaling.max_capacity must be numeric" unless max_capacity.is_a?(Numeric)
+      return if max_capacity >= MIN_CAPACITY
+
+      raise ArgumentError, "autoscaling.max_capacity should be >= #{MIN_CAPACITY}"
+    end
+
+    def validate_min_free_percentage!
+      min_free_percentage = autoscaling.fetch(:min_free_percentage, nil)
+      return if min_free_percentage.nil?
+
+      raise ArgumentError, "autoscaling.min_free_percentage must be numeric" unless min_free_percentage.is_a?(Numeric)
+      return if min_free_percentage.between?(1, 100)
+
+      raise ArgumentError, "autoscaling.min_free_percentage should be between 1 and 100"
+    end
+
+    def validate_scaling_factor!
+      scaling_factor = autoscaling.fetch(:scaling_factor, nil)
+      return if scaling_factor.nil?
+
+      raise ArgumentError, "autoscaling.scaling_factor must be numeric" unless scaling_factor.is_a?(Numeric)
+      return if scaling_factor >= MIN_SCALING_FACTOR
+
+      raise ArgumentError, "autoscaling.scaling_factor should be >= #{MIN_SCALING_FACTOR}"
+    end
+
+    def base_arguments_tf
+      argument :gvc, gvc
+
+      argument :name, name
+      argument :description, description, optional: true
+      argument :tags, tags, optional: true
+
+      argument :initial_capacity, initial_capacity
+      argument :performance_class, performance_class
+      argument :storage_class_suffix, storage_class_suffix, optional: true
+      argument :file_system_type, file_system_type
+    end
+
+    def snapshots_tf
+      return if snapshots.nil?
+
+      block :snapshots do
+        %i[create_final_snapshot retention_duration schedule].each do |arg_name|
+          argument arg_name, snapshots.fetch(arg_name, nil), optional: true
+        end
+      end
+    end
+
+    def autoscaling_tf
+      return if autoscaling.nil?
+
+      block :autoscaling do
+        %i[max_capacity min_free_percentage scaling_factor].each do |arg_name|
+          argument arg_name, autoscaling.fetch(arg_name, nil), optional: true
+        end
+      end
+    end
+  end
+end

data/lib/core/terraform_config/workload/main.tf

@@ -0,0 +1,316 @@
+resource "cpln_workload" "workload" {
+  type = var.type
+
+  gvc = var.gvc
+  identity_link = var.identity_link
+
+  name = var.name
+  description = var.description
+
+  tags = var.tags
+  support_dynamic_tags = var.support_dynamic_tags
+
+  dynamic "container" {
+    for_each = var.containers
+    iterator = container
+    content {
+      name = container.key
+
+      args = container.value.args
+      command = container.value.command
+      env = container.value.envs
+      inherit_env = container.value.inherit_env
+      image = container.value.image
+
+      cpu = container.value.cpu
+      memory = container.value.memory
+
+      dynamic "lifecycle" {
+        for_each = container.value.post_start_command != null || container.value.pre_stop_command != null ? [1] : []
+        content {
+          dynamic "post_start" {
+            for_each = container.value.post_start_command != null ? [1] : []
+            content {
+              exec {
+                command = [
+                  "/bin/bash",
+                  "-c",
+                  "[ -f ${container.value.post_start_command} ] && ${container.value.post_start_command} || true",
+                ]
+              }
+            }
+          }
+          dynamic "pre_stop" {
+            for_each = container.value.pre_stop_command != null ? [1] : []
+            content {
+              exec {
+                command = [
+                  "/bin/bash",
+                  "-c",
+                  "[ -f ${container.value.pre_stop_command} ] && ${container.value.pre_stop_command} || true",
+                ]
+              }
+            }
+          }
+        }
+      }
+
+      dynamic "liveness_probe" {
+        for_each = container.value.liveness_probe != null ? [container.value.liveness_probe] : []
+        iterator = liveness
+        content {
+          dynamic "exec" {
+            for_each = liveness.value.exec != null ? [liveness.value.exec] : []
+            iterator = exec
+            content {
+              command = exec.value.command
+            }
+          }
+          dynamic "http_get" {
+            for_each = liveness.value.http_get != null ? [liveness.value.http_get] : []
+            iterator = http_get
+            content {
+              path = http_get.value.path
+              port = http_get.value.port
+              scheme = http_get.value.scheme
+              http_headers = http_get.value.http_headers
+            }
+          }
+          dynamic "tcp_socket" {
+            for_each = liveness.value.tcp_socket != null ? [liveness.value.tcp_socket] : []
+            iterator = tcp_socket
+            content {
+              port = tcp_socket.value.port
+            }
+          }
+          dynamic "grpc" {
+            for_each = liveness.value.grpc != null ? [liveness.value.grpc] : []
+            iterator = grpc
+            content {
+              port = grpc.value.port
+            }
+          }
+          failure_threshold = liveness.value.failure_threshold
+          initial_delay_seconds = liveness.value.initial_delay_seconds
+          period_seconds = liveness.value.period_seconds
+          success_threshold = liveness.value.success_threshold
+          timeout_seconds = liveness.value.timeout_seconds
+        }
+      }
+
+      dynamic "readiness_probe" {
+        for_each = container.value.readiness_probe != null ? [container.value.readiness_probe] : []
+        iterator = readiness
+        content {
+          dynamic "exec" {
+            for_each = readiness.value.exec != null ? [readiness.value.exec] : []
+            iterator = exec
+            content {
+              command = exec.value.command
+            }
+          }
+          dynamic "http_get" {
+            for_each = readiness.value.http_get != null ? [readiness.value.http_get] : []
+            iterator = http_get
+            content {
+              path = http_get.value.path
+              port = http_get.value.port
+              scheme = http_get.value.scheme
+              http_headers = http_get.value.http_headers
+            }
+          }
+          dynamic "tcp_socket" {
+            for_each = readiness.value.tcp_socket != null ? [readiness.value.tcp_socket] : []
+            iterator = tcp_socket
+            content {
+              port = tcp_socket.value.port
+            }
+          }
+          dynamic "grpc" {
+            for_each = readiness.value.grpc != null ? [readiness.value.grpc] : []
+            iterator = grpc
+            content {
+              port = grpc.value.port
+            }
+          }
+          failure_threshold = readiness.value.failure_threshold
+          initial_delay_seconds = readiness.value.initial_delay_seconds
+          period_seconds = readiness.value.period_seconds
+          success_threshold = readiness.value.success_threshold
+          timeout_seconds = readiness.value.timeout_seconds
+        }
+      }
+
+      dynamic "ports" {
+        for_each = container.value.ports
+        iterator = port
+        content {
+          number = port.value.number
+          protocol = port.value.protocol
+        }
+      }
+
+      dynamic "volume" {
+        for_each = container.value.volumes
+        iterator = volume
+        content {
+          uri = volume.value.uri
+          path = volume.value.path
+        }
+      }
+    }
+  }
+
+  dynamic "options" {
+    for_each = var.options != null ? [var.options] : []
+    iterator = options
+    content {
+      dynamic "autoscaling" {
+        for_each = options.value.autoscaling != null ? [options.value.autoscaling] : []
+        iterator = autoscaling
+        content {
+          metric = autoscaling.value.metric
+          metric_percentile = autoscaling.value.metric_percentile
+          max_scale = autoscaling.value.max_scale
+          min_scale = autoscaling.value.min_scale
+          target = autoscaling.value.target
+          scale_to_zero_delay = autoscaling.value.scale_to_zero_delay
+          max_concurrency = autoscaling.value.max_concurrency
+        }
+      }
+      capacity_ai = options.value.capacity_ai
+      suspend = options.value.suspend
+      timeout_seconds = options.value.timeout_seconds
+      debug = options.value.debug
+    }
+  }
+
+  dynamic "local_options" {
+    for_each = var.local_options != null ? [var.local_options] : []
+    iterator = options
+    content {
+      dynamic "autoscaling" {
+        for_each = options.value.autoscaling != null ? [options.value.autoscaling] : []
+        iterator = autoscaling
+        content {
+          metric = autoscaling.value.metric
+          metric_percentile = autoscaling.value.metric_percentile
+          max_scale = autoscaling.value.max_scale
+          min_scale = autoscaling.value.min_scale
+          target = autoscaling.value.target
+          scale_to_zero_delay = autoscaling.value.scale_to_zero_delay
+          max_concurrency = autoscaling.value.max_concurrency
+        }
+      }
+      location = options.value.location
+      capacity_ai = options.value.capacity_ai
+      suspend = options.value.suspend
+      timeout_seconds = options.value.timeout_seconds
+      debug = options.value.debug
+    }
+  }
+
+  dynamic "rollout_options" {
+    for_each = var.rollout_options != null ? [var.rollout_options] : []
+    iterator = rollout_options
+    content {
+      min_ready_seconds = rollout_options.value.min_ready_seconds
+      max_unavailable_replicas = rollout_options.value.max_unavailable_replicas
+      max_surge_replicas = rollout_options.value.max_surge_replicas
+      scaling_policy = rollout_options.value.scaling_policy
+    }
+  }
+
+  dynamic "security_options" {
+    for_each = var.security_options != null ? [var.security_options] : []
+    iterator = security_options
+    content {
+      file_system_group_id = security_options.value.file_system_group_id
+    }
+  }
+
+  dynamic "firewall_spec" {
+    for_each = var.firewall_spec != null ? [var.firewall_spec] : []
+    iterator = firewall_spec
+    content {
+      dynamic "external" {
+        for_each = firewall_spec.value.external != null ? [firewall_spec.value.external] : []
+        iterator = external
+        content {
+          inbound_allow_cidr = external.value.inbound_allow_cidr
+          outbound_allow_hostname = external.value.outbound_allow_hostname
+          outbound_allow_cidr = external.value.outbound_allow_cidr
+          dynamic "outbound_allow_port" {
+            for_each = external.value.outbound_allow_port
+            iterator = outbound_allow_port
+            content {
+              protocol = outbound_allow_port.value.protocol
+              number = outbound_allow_port.value.number
+            }
+          }
+        }
+      }
+      dynamic "internal" {
+        for_each = firewall_spec.value.internal != null ? [firewall_spec.value.internal] : []
+        iterator = internal
+        content {
+          inbound_allow_type = internal.value.inbound_allow_type
+          inbound_allow_workload = internal.value.inbound_allow_workload
+        }
+      }
+    }
+  }
+
+  dynamic "load_balancer" {
+    for_each = var.load_balancer != null ? [var.load_balancer] : []
+    iterator = load_balancer
+    content {
+      dynamic "direct" {
+        for_each = load_balancer.value.direct != null ? [load_balancer.value.direct] : []
+        iterator = direct
+        content {
+          enabled = direct.value.enabled
+          dynamic "port" {
+            for_each = direct.value.port
+            iterator = port
+            content {
+              external_port = port.value.external_port
+              protocol = port.value.protocol
+              scheme = port.value.scheme
+              container_port = port.value.container_port
+            }
+          }
+        }
+      }
+      dynamic "geo_location" {
+        for_each = load_balancer.value.geo_location != null ? [load_balancer.value.geo_location] : []
+        iterator = geo_location
+        content {
+          enabled = geo_location.value.enabled
+          dynamic "headers" {
+            for_each = geo_location.value.headers != null ? [geo_location.value.headers] : []
+            iterator = headers
+            content {
+              asn = headers.value.asn
+              city = headers.value.city
+              country = headers.value.country
+              region = headers.value.region
+            }
+          }
+        }
+      }
+    }
+  }
+
+  dynamic "job" {
+    for_each = var.job != null ? [var.job] : []
+    iterator = job
+    content {
+      schedule = job.value.schedule
+      concurrency_policy = job.value.concurrency_policy
+      history_limit = job.value.history_limit
+      restart_policy = job.value.restart_policy
+      active_deadline_seconds = job.value.active_deadline_seconds
+    }
+  }
+}

data/lib/core/terraform_config/workload/required_providers.tf

@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    cpln = {
+      source = "controlplane-com/cpln"
+      version = "~> 1.0"
+    }
+  }
+}