rails_template_18f 2.2.0 → 2.3.0

data/lib/generators/rails_template18f/terraform/templates/terraform/main.tf.tt

@@ -1,17 +1,16 @@
 locals {
-  cf_org_name     = "<%= cloud_gov_organization %>"
-  app_name        = "<%= app_name.tr("_", "-") %>"<% if terraform_manage_spaces? %>
-  space_deployers = setunion([var.cf_user], var.space_deployers)<% end %>
+  cf_org_name = "<%= cloud_gov_organization %>"
+  app_name    = "<%= app_name.tr("_", "-") %>"
 }
 <% if terraform_manage_spaces? %>
 module "app_space" {
   source = "github.com/gsa-tts/terraform-cloudgov//cg_space?ref=v2.3.0"
 
   cf_org_name          = local.cf_org_name
-  cf_space_name        = var.cf_space_name
+  cf_space_name        = coalesce(var.cf_space_name, "${local.app_name}-${var.environment_slug}")
   allow_ssh            = var.allow_ssh
-  deployers            = local.space_deployers
-  developers           = var.space_developers
+  deployers            = var.space_deployers
+  developers           = setunion([var.cf_user], var.space_developers)
   auditors             = var.space_auditors
   security_group_names = ["trusted_local_networks_egress"]
 }
@@ -35,7 +34,7 @@ module "database" {
   source = "github.com/gsa-tts/terraform-cloudgov//database?ref=v2.3.0"
 
   cf_space_id   = <% if terraform_manage_spaces? %>module.app_space.space_id<% else %>data.cloudfoundry_space.app_space.id<% end %>
-  name          = "${local.app_name}-rds-${var.env}"
+  name          = "${local.app_name}-rds-${var.environment_slug}"
   rds_plan_name = var.rds_plan_name<% if terraform_manage_spaces? %>
   # depends_on line is required only for initial creation and destruction. It can be commented out for updates if you see unwanted cascading effects
   depends_on = [module.app_space]<% end %>
@@ -45,8 +44,11 @@ module "redis" {
   source = "github.com/gsa-tts/terraform-cloudgov//redis?ref=v2.3.0"
 
   cf_space_id     = <% if terraform_manage_spaces? %>module.app_space.space_id<% else %>data.cloudfoundry_space.app_space.id<% end %>
-  name            = "${local.app_name}-redis-${var.env}"
-  redis_plan_name = var.redis_plan_name<% if terraform_manage_spaces? %>
+  name            = "${local.app_name}-redis-${var.environment_slug}"
+  redis_plan_name = var.redis_plan_name
+  json_params = jsonencode({
+    engineVersion = "7.0"
+  })<% if terraform_manage_spaces? %>
   # depends_on line is required only for initial creation and destruction. It can be commented out for updates if you see unwanted cascading effects
   depends_on = [module.app_space]<% end %>
 }
@@ -55,7 +57,7 @@ module "s3" {
   source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v2.3.0"
 
   cf_space_id  = <% if terraform_manage_spaces? %>module.app_space.space_id<% else %>data.cloudfoundry_space.app_space.id<% end %>
-  name         = "${local.app_name}-s3-${var.env}"
+  name         = "${local.app_name}-s3-${var.environment_slug}"
   s3_plan_name = var.s3_plan_name<% if terraform_manage_spaces? %>
   # depends_on line is required only for initial creation and destruction. It can be commented out for updates if you see unwanted cascading effects
   depends_on = [module.app_space]<% end %>
@@ -66,7 +68,7 @@ module "clamav" {
 
   cf_org_name   = local.cf_org_name
   cf_space_name = var.cf_space_name
-  name          = "${local.app_name}-clamapi-${var.env}"
+  name          = "${local.app_name}-clamapi-${var.environment_slug}"
   clamav_image  = "ghcr.io/gsa-tts/clamav-rest/clamav:latest"
   max_file_size = "30M"<% if terraform_manage_spaces? %>
   # depends_on line is required only for initial creation and destruction. It can be commented out for updates if you see unwanted cascading effects
@@ -109,9 +111,9 @@ module "app_route" {
   source = "github.com/gsa-tts/terraform-cloudgov//app_route?ref=v2.3.0"
 
   cf_org_name   = local.cf_org_name
-  cf_space_name = var.cf_space_name
+  cf_space_name = <% if terraform_manage_spaces? %>module.app_space.space_name<% else %>var.cf_space_name<% end %>
   app_ids       = [cloudfoundry_app.app.id]
-  hostname      = coalesce(var.host_name, "${local.app_name}-${var.env}")<% if terraform_manage_spaces? %>
+  hostname      = coalesce(var.host_name, "${local.app_name}-${var.environment_slug}")<% if terraform_manage_spaces? %>
   # depends_on line is required only for initial creation and destruction. It can be commented out for updates if you see unwanted cascading effects
   depends_on = [module.app_space]<% end %>
 }

data/lib/generators/rails_template18f/terraform/templates/terraform/{production.tfvars.tt → production.env.tfvars.tt}

@@ -1,5 +1,4 @@
 cf_space_name      = "<%= cloud_gov_production_space %>"
-env                = "production"
 rds_plan_name      = "TKTK-production-rds-plan"
 custom_domain_name = null
 host_name          = null

data/lib/generators/rails_template18f/terraform/templates/terraform/providers.tf.tt

@@ -3,7 +3,11 @@ terraform {
   required_providers {
     cloudfoundry = {
       source  = "cloudfoundry/cloudfoundry"
-      version = "~> 1.7"
+      version = "~> 1.10"
+    }
+    archive = {
+      source  = "hashicorp/archive"
+      version = "~> 2"
     }
   }
 

data/lib/generators/rails_template18f/terraform/templates/terraform/{staging.tfvars.tt → staging.env.tfvars.tt}

@@ -1,7 +1,6 @@
 cf_space_name = "<%= cloud_gov_staging_space %>"
-env           = "staging"
 allow_ssh     = true
-# host_name must be unique across cloud.gov, default is "<%= app_name %>-${var.env}"
+# host_name must be unique across cloud.gov, default is "<%= app_name.tr("_", "-") %>-${var.environment_slug}"
 host_name = null<% if terraform_manage_spaces? %>
 space_developers = [
   # enter developer emails that should have ssh access to staging

data/lib/generators/rails_template18f/terraform/templates/terraform/terraform.sh.tt

@@ -56,8 +56,8 @@ if [[ "$1" = "--" ]]; then
   shift 1
 fi<% if use_gitlab_backend? %>
 
-if [ -z "$GITLAB_PROJECT_ID" ] || [ -z "$GITLAB_HOSTNAME" ]; then
-  echo "GITLAB_PROJECT_ID or GITLAB_HOSTNAME have not been set. Running bootstrap/setup_shadowenv.sh first"
+if [ -z "$GITLAB_PROJECT_ID" ] || [ -z "$GITLAB_BASE_URL" ]; then
+  echo "GITLAB_PROJECT_ID or GITLAB_BASE_URL have not been set. Running bootstrap/setup_shadowenv.sh now..."
   (cd bootstrap && ./setup_shadowenv.sh)
   eval "$(shadowenv hook)"
 fi<% elsif use_s3_backend? %>
@@ -76,16 +76,25 @@ if [[ -z "$env" ]]; then
   exit 1
 fi
 
-if [[ ! -f "$env.tfvars" ]]; then
-  echo "$env.tfvars file is missing. Create it first"
+if [[ ! -f "$env.env.tfvars" ]]; then
+  echo "$env.env.tfvars file is missing. Create it first"
   exit 1
 fi
 
+if [[ "$env" = "staging" ]] || [[ "$env" = "production" ]]; then
+  echo "environment_type = \"$env\"" > env_vars.auto.tfvars
+  echo "environment_slug = \"$env\"" >> env_vars.auto.tfvars
+elif [[ "$env" = "sandbox" ]]; then
+  echo "environment_type = \"review\"" > env_vars.auto.tfvars
+else
+  rm env_vars.auto.tfvars
+fi
+
 # ensure we're logged in via cli
 cf spaces &> /dev/null || cf login -a api.fr.cloud.gov --sso
 
 tfm_needs_init=true<% if use_gitlab_backend? %>
-tf_state_address="https://$GITLAB_HOSTNAME/api/v4/projects/$GITLAB_PROJECT_ID/terraform/state/$env"
+tf_state_address="$GITLAB_BASE_URL/projects/$GITLAB_PROJECT_ID/terraform/state/$env"
 if [[ -f .terraform/terraform.tfstate ]]; then
   backend_state_address=$(cat .terraform/terraform.tfstate | jq -r ".backend.config.address")
   if [[ "$backend_state_address" = "$tf_state_address" ]]; then
@@ -117,4 +126,4 @@ fi
 echo "=============================================================================================================="
 echo "= Calling $cmd $force on the application infrastructure"
 echo "=============================================================================================================="
-terraform "$cmd" -var-file="$env.tfvars" -var rails_master_key="$rmk" $force "$@"
+terraform "$cmd" -var-file="$env.env.tfvars" -var rails_master_key="$rmk" $force "$@"

data/lib/generators/rails_template18f/terraform/templates/terraform/variables.tf.tt

@@ -8,6 +8,7 @@ variable "cf_user" {
 variable "cf_space_name" {
   type        = string
   description = "The space name to deploy the app into"
+  default     = null
 }<% if terraform_manage_spaces? %>
 variable "space_deployers" {
   type        = set(string)
@@ -63,10 +64,14 @@ variable "host_name" {
 }
 
 # App environment settings
-variable "env" {
+variable "environment_type" {
   type        = string
   description = "The RAILS_ENV to set for the app (staging or production)"
 }
+variable "environment_slug" {
+  type        = string
+  description = "environment_name after being sluggified"
+}
 
 variable "rails_master_key" {
   type        = string
@@ -83,8 +88,8 @@ variable "web_memory" {
   type        = string
   default     = "256M"
   description = "The amount of memory to assign to the web processes"
-}
-<% if has_active_job? %>
+}<% if has_active_job? %>
+
 variable "worker_instances" {
   type        = number
   default     = 1
@@ -94,5 +99,4 @@ variable "worker_memory" {
   type        = string
   default     = "256M"
   description = "The amount of memory to assign to the worker processes"
-}
-<% end %>
+}<% end %>

data/lib/generators/rails_template18f/terraform/terraform_generator.rb

@@ -37,7 +37,7 @@ module RailsTemplate18f
         end
         unless terraform_manage_spaces?
           remove_file "terraform/bootstrap/users.auto.tfvars"
-          remove_file "terraform/production.tfvars"
+          remove_file "terraform/production.env.tfvars"
         end
       end
 
@@ -63,6 +63,7 @@ module RailsTemplate18f
             .terraform.lock.hcl
             **/.terraform/*
             secrets.*.tfvars
+            env_vars.auto.tfvars
             terraform.tfstate
             terraform.tfstate.backup
             terraform/dist

data/lib/rails_template18f/generators/cloud_gov_parsing.rb

@@ -19,7 +19,7 @@ module RailsTemplate18f
 
       def cloud_gov_staging_space
         if terraform_dir_exists?
-          staging_vars = file_content("terraform/staging.tfvars")
+          staging_vars = file_content("terraform/staging.env.tfvars")
           if (matches = staging_vars.match(/cf_space_name\s+= "(?<space_name>.*)"/))
             return matches[:space_name]
           end
@@ -29,7 +29,7 @@ module RailsTemplate18f
 
       def cloud_gov_production_space
         if terraform_dir_exists?
-          production_vars = file_content("terraform/production.tfvars")
+          production_vars = file_content("terraform/production.env.tfvars")
           if (matches = production_vars.match(/cf_space_name\s+= "(?<space_name>.*)"/))
             return matches[:space_name]
           end

data/lib/rails_template18f/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module RailsTemplate18f
-  VERSION = "2.2.0"
+  VERSION = "2.3.0"
 end

data/template.rb

@@ -422,7 +422,7 @@ if cloud_gov_org_tktk?
     Fill in the cloud.gov organization and space information in:
       * terraform/bootstrap/main.tf
       * terraform/main.tf
-      * terraform/*.tfvars
+      * terraform/*.env.tfvars
   EOM
 end
 register_announcement("Terraform", "Run the bootstrap script and update the appropriate CI/CD environment variables defined in the Deployment section of the README")

data/templates/README.md.tt

@@ -150,7 +150,7 @@ Otherwise:
 
 #### Non-secrets
 
-Configuration that changes by environment, but is public, should be added to the `tfvars` files, such as `terraform/production.tfvars` and `terraform/staging.tfvars`
+Configuration that changes by environment, but is public, should be added to the `tfvars` files, such as `terraform/production.env.tfvars` and `terraform/staging.env.tfvars`
 
 ## Documentation
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_template_18f
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.0
 platform: ruby
 authors:
 - Ryan Ahearn
@@ -168,10 +168,9 @@ files:
 - lib/generators/rails_template18f/github_actions/templates/oscal/component-definitions/github_actions/component-definition.json.tt
 - lib/generators/rails_template18f/gitlab_ci/gitlab_ci_generator.rb
 - lib/generators/rails_template18f/gitlab_ci/templates/gitlab-ci.yml.tt
-- lib/generators/rails_template18f/gitlab_ci/templates/gitlab/node.yml.tt
+- lib/generators/rails_template18f/gitlab_ci/templates/gitlab/node.yml
 - lib/generators/rails_template18f/gitlab_ci/templates/gitlab/rails.yml
 - lib/generators/rails_template18f/gitlab_ci/templates/gitlab/ruby.yml
-- lib/generators/rails_template18f/gitlab_ci/templates/gitlab/terraform.yml
 - lib/generators/rails_template18f/i18n/i18n_generator.rb
 - lib/generators/rails_template18f/i18n/templates/config/locales/en.yml.tt
 - lib/generators/rails_template18f/i18n/templates/config/locales/es.yml
@@ -198,7 +197,6 @@ files:
 - lib/generators/rails_template18f/sidekiq/sidekiq_generator.rb
 - lib/generators/rails_template18f/sidekiq/templates/config/initializers/redis.rb
 - lib/generators/rails_template18f/terraform/templates/gitlab_bootstrap/apply.sh
-- lib/generators/rails_template18f/terraform/templates/gitlab_bootstrap/bot_secrets.tftpl
 - lib/generators/rails_template18f/terraform/templates/gitlab_bootstrap/main.tf.tt
 - lib/generators/rails_template18f/terraform/templates/gitlab_bootstrap/setup_shadowenv.sh
 - lib/generators/rails_template18f/terraform/templates/gitlab_bootstrap/users.auto.tfvars
@@ -214,9 +212,9 @@ files:
 - lib/generators/rails_template18f/terraform/templates/terraform/README.md.tt
 - lib/generators/rails_template18f/terraform/templates/terraform/app.tf.tt
 - lib/generators/rails_template18f/terraform/templates/terraform/main.tf.tt
-- lib/generators/rails_template18f/terraform/templates/terraform/production.tfvars.tt
+- lib/generators/rails_template18f/terraform/templates/terraform/production.env.tfvars.tt
 - lib/generators/rails_template18f/terraform/templates/terraform/providers.tf.tt
-- lib/generators/rails_template18f/terraform/templates/terraform/staging.tfvars.tt
+- lib/generators/rails_template18f/terraform/templates/terraform/staging.env.tfvars.tt
 - lib/generators/rails_template18f/terraform/templates/terraform/terraform.sh.tt
 - lib/generators/rails_template18f/terraform/templates/terraform/variables.tf.tt
 - lib/generators/rails_template18f/terraform/terraform_generator.rb
@@ -288,7 +286,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.7
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Generators for creating an 18F-flavored Rails app
 test_files: []

data/lib/generators/rails_template18f/gitlab_ci/templates/gitlab/terraform.yml

@@ -1,33 +0,0 @@
-# Shared setup helpers for terraform jobs
-.terraform:setup:
-  stage: deploy
-  inherit:
-    default: false
-  image:
-    name: "hashicorp/terraform"
-    entrypoint: ["sh"]
-  variables:
-    CF_API_URL: https://api.fr.cloud.gov
-    TF_STATE_NAME: staging
-    TF_HTTP_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}
-    TF_HTTP_LOCK_ADDRESS: ${TF_HTTP_ADDRESS}/lock
-    TF_HTTP_UNLOCK_ADDRESS: ${TF_HTTP_ADDRESS}/lock
-    TF_HTTP_USERNAME: gitlab-ci-token
-    TF_HTTP_PASSWORD: ${CI_JOB_TOKEN}
-  dependencies: []
-  before_script:
-    - cd terraform
-    - terraform init
-  rules:
-    - if: $CI_PIPELINE_SOURCE != "schedule"
-
-.terraform:variables:staging:
-  dependencies: null
-  variables:
-    CF_USER: $CF_USERNAME
-
-.terraform:variables:production:
-  dependencies: null
-  variables:
-    CF_USER: $CF_USERNAME
-    TF_STATE_NAME: "production"

data/lib/generators/rails_template18f/terraform/templates/gitlab_bootstrap/bot_secrets.tftpl

@@ -1,5 +0,0 @@
-# Generated via bootstrap module. Remove this file when finished
-# credentials for service "${service_name}"/"${key_name}"
-
-cf_user     = "${username}"
-cf_password = "${password}"