terraspace_plugin_azurerm 0.4.0 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/README.md +4 -0
- data/lib/templates/hcl/project/config/terraform/backend.tf +4 -3
- data/lib/templates/ruby/project/config/terraform/backend.rb +4 -3
- data/lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb +26 -0
- data/lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb +12 -13
- data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb +47 -49
- data/lib/terraspace_plugin_azurerm/interfaces/backend.rb +1 -1
- data/lib/terraspace_plugin_azurerm/interfaces/ci.rb +13 -0
- data/lib/terraspace_plugin_azurerm/interfaces/config.rb +3 -0
- data/lib/terraspace_plugin_azurerm/interfaces/expander.rb +16 -0
- data/lib/terraspace_plugin_azurerm/interfaces/helper/secret/fetcher.rb +6 -91
- data/lib/terraspace_plugin_azurerm/interfaces/helper/secret.rb +0 -1
- data/lib/terraspace_plugin_azurerm/interfaces/summary.rb +0 -1
- data/lib/terraspace_plugin_azurerm/version.rb +1 -1
- data/lib/terraspace_plugin_azurerm.rb +2 -0
- data/terraspace_plugin_azurerm.gemspec +2 -4
- metadata +6 -36
- data/lib/terraspace_plugin_azurerm/clients/options.rb +0 -39
- data/lib/terraspace_plugin_azurerm/clients/resources.rb +0 -17
- data/lib/terraspace_plugin_azurerm/clients/storage.rb +0 -26
- data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_container.rb +0 -29
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 164c2f861c27f9b9a6427ea7a0bc710a150f8e6d2b95f71249434849aaa4f6b4
|
4
|
+
data.tar.gz: b1363b09aab88c7453eb1bd88cf0ea9672696e98e33a6ec2ca31fcfb4ecc99a5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d7561f51bb0b4fa310bb7e82a500f80b02c7bbabf3929b6cb340bdc0ad8e9da265ae99d3e11f2744f16955895b60f23528d37aed2bbe4d1891d921a3ff64ecaf
|
7
|
+
data.tar.gz: 915f012ffa5cd6aef560a4dc5015a4b1ff105085576db06060752238e799c4fb170f33595c99ee8e39755ae135fb8695d772af5961c71dd533cb0d677a766e56
|
data/CHANGELOG.md
CHANGED
@@ -3,6 +3,15 @@
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
|
5
5
|
|
6
|
+
## [0.6.0] - 2022-06-10
|
7
|
+
- [#16](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/16) update generated backend key and ci interface
|
8
|
+
|
9
|
+
## [0.5.1] - 2022-05-03
|
10
|
+
- [#15](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/15) pascalCase
|
11
|
+
|
12
|
+
## [0.5.0] - 2022-01-20
|
13
|
+
- [#14](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/14) use armrest gem
|
14
|
+
|
6
15
|
## [0.4.0] - 2022-01-05
|
7
16
|
- [#11](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/11) fix tags config in README
|
8
17
|
- [#13](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/13) data management and security features
|
data/README.md
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
# Terraspace Azurerm Plugin
|
2
2
|
|
3
|
+
[![BoltOps Badge](https://img.boltops.com/boltops/badges/boltops-badge.png)](https://www.boltops.com)
|
4
|
+
|
5
|
+
[![Gem Version](https://badge.fury.io/rb/terraspace_plugin_azurerm.svg)](https://badge.fury.io/rb/terraspace_plugin_azurerm)
|
6
|
+
|
3
7
|
Azurerm support for [terraspace](https://terraspace.cloud/).
|
4
8
|
|
5
9
|
## Installation
|
@@ -1,10 +1,11 @@
|
|
1
1
|
# SUBSCRIPTION_HASH is a short 4-char consistent hash of the longer subscription id.
|
2
|
+
# LOCATION_HASH is a short 4-char consistent hash of the longer location.
|
2
3
|
# This is useful because azure storage account names are not allowed special characters and are limited to 24 chars.
|
3
4
|
terraform {
|
4
5
|
backend "azurerm" {
|
5
|
-
resource_group_name = "<%= expansion(':ENV-:LOCATION') %>"
|
6
|
-
storage_account_name = "<%= expansion('ts:SUBSCRIPTION_HASH:
|
6
|
+
resource_group_name = "<%= expansion(':APP-:ENV-:LOCATION') %>"
|
7
|
+
storage_account_name = "<%= expansion('ts:APP_HASH:SUBSCRIPTION_HASH:LOCATION_HASH:ENV') %>"
|
7
8
|
container_name = "terraform-state"
|
8
|
-
key = "<%= expansion(':
|
9
|
+
key = "<%= expansion(':TYPE_DIR/:APP/:ROLE/:MOD_NAME/:ENV/:EXTRA/:LOCATION/terraform.tfstate') %>"
|
9
10
|
}
|
10
11
|
}
|
@@ -1,8 +1,9 @@
|
|
1
1
|
# SUBSCRIPTION_HASH is a short 4-char consistent hash of the longer subscription id.
|
2
|
+
# LOCATION_HASH is a short 4-char consistent hash of the longer location.
|
2
3
|
# This is useful because azure storage account names are not allowed special characters and are limited to 24 chars.
|
3
4
|
backend("azurerm",
|
4
|
-
resource_group_name: "
|
5
|
-
storage_account_name: "ts:SUBSCRIPTION_HASH:
|
5
|
+
resource_group_name: ":APP-:ENV-:LOCATION",
|
6
|
+
storage_account_name: "ts:APP_HASH:SUBSCRIPTION_HASH:LOCATION_HASH:ENV",
|
6
7
|
container_name: "terraform-state",
|
7
|
-
key: ":
|
8
|
+
key: ":TYPE_DIR/:APP/:ROLE/:MOD_NAME/:ENV/:EXTRA/:LOCATION/terraform.tfstate",
|
8
9
|
)
|
@@ -0,0 +1,26 @@
|
|
1
|
+
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
|
+
class BlobContainer < Base
|
3
|
+
def create
|
4
|
+
if exist?
|
5
|
+
logger.debug "Storage Blob Container #{@container_name} already exists"
|
6
|
+
else
|
7
|
+
create_blob_container
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
def exist?
|
12
|
+
blob_container.exist?(name: @container_name)
|
13
|
+
end
|
14
|
+
|
15
|
+
def create_blob_container
|
16
|
+
logger.info "Creating Storage Blob Container #{@container_name}..."
|
17
|
+
blob_container.create(name: @container_name)
|
18
|
+
end
|
19
|
+
|
20
|
+
private
|
21
|
+
def blob_container
|
22
|
+
Armrest::Services::BlobContainer.new(storage_account: @storage_account_name, group: @resource_group_name)
|
23
|
+
end
|
24
|
+
memoize :blob_container
|
25
|
+
end
|
26
|
+
end
|
@@ -1,33 +1,32 @@
|
|
1
1
|
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
2
|
# Named ResourceGroupCreator to avoid collision with Azure ResourceGroup model
|
3
3
|
class ResourceGroupCreator < Base
|
4
|
-
include TerraspacePluginAzurerm::Clients::Resources
|
5
|
-
|
6
4
|
def create
|
7
5
|
if exist?
|
8
6
|
logger.debug "Resource Group #{@resource_group_name} already exists"
|
7
|
+
create_or_update_resource_group if config.resource_group.update_existing
|
9
8
|
else
|
10
|
-
|
9
|
+
create_or_update_resource_group
|
11
10
|
end
|
12
11
|
end
|
13
12
|
|
14
13
|
def exist?
|
15
|
-
|
14
|
+
resource_group.check_existence(name: @resource_group_name)
|
16
15
|
end
|
17
16
|
|
18
|
-
def
|
17
|
+
def create_or_update_resource_group
|
19
18
|
logger.info "Creating Resource Group #{@resource_group_name}..."
|
20
|
-
resource_group
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
19
|
+
resource_group.create_or_update(
|
20
|
+
name: @resource_group_name,
|
21
|
+
location: config.location || AzureInfo.location,
|
22
|
+
tags: config.tags,
|
23
|
+
)
|
25
24
|
end
|
26
25
|
|
27
26
|
private
|
28
|
-
def
|
29
|
-
|
27
|
+
def resource_group
|
28
|
+
Armrest::Services::ResourceGroup.new
|
30
29
|
end
|
31
|
-
memoize :
|
30
|
+
memoize :resource_group
|
32
31
|
end
|
33
32
|
end
|
@@ -1,23 +1,20 @@
|
|
1
1
|
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
2
|
class StorageAccount < Base
|
3
|
-
include TerraspacePluginAzurerm::Clients::Storage
|
4
3
|
extend Memoist
|
5
4
|
|
6
5
|
def create
|
7
6
|
if exist?
|
8
7
|
logger.debug "Storage Account #{@storage_account_name} already exists"
|
9
|
-
|
8
|
+
save_storage_account if config.storage_account.update_existing
|
10
9
|
set_blob_service_properties if config.storage_account.configure_data_protection_for_existing
|
11
10
|
else
|
12
|
-
|
11
|
+
save_storage_account
|
13
12
|
set_blob_service_properties
|
14
13
|
end
|
15
14
|
end
|
16
15
|
|
17
16
|
def exist?
|
18
|
-
|
19
|
-
params.name = @storage_account_name
|
20
|
-
result = storage_accounts.check_name_availability(params)
|
17
|
+
result = storage_account.check_name_availability(name: @storage_account_name)
|
21
18
|
validate!(result)
|
22
19
|
!result.name_available
|
23
20
|
end
|
@@ -35,59 +32,60 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
35
32
|
end
|
36
33
|
end
|
37
34
|
|
38
|
-
def
|
39
|
-
|
40
|
-
|
35
|
+
def save_storage_account
|
36
|
+
action = exist? ? "Updating" : "Creating"
|
37
|
+
logger.info "#{action} Storage Account #{@storage_account_name}..."
|
38
|
+
storage_account.create(
|
39
|
+
name: @storage_account_name,
|
40
|
+
location: config.location || azure_info.location, # IE: eastus
|
41
|
+
sku: {
|
42
|
+
name: config.storage_account.sku.name,
|
43
|
+
tier: config.storage_account.sku.tier,
|
44
|
+
},
|
45
|
+
properties: {
|
46
|
+
allowBlobPublicAccess: config.storage_account.allow_blob_public_access,
|
47
|
+
},
|
48
|
+
kind: "StorageV2",
|
49
|
+
tags: config.tags,
|
50
|
+
)
|
41
51
|
end
|
42
52
|
|
43
|
-
def
|
44
|
-
|
45
|
-
storage_accounts.create(@resource_group_name, @storage_account_name, storage_account_create_params)
|
46
|
-
end
|
47
|
-
|
48
|
-
def storage_account_create_params
|
49
|
-
params = StorageAccountCreateParameters.new
|
50
|
-
params.location = config.location || azure_info.location # IE: eastus
|
51
|
-
params.sku = sku
|
52
|
-
params.allow_blob_public_access = config.storage_account.allow_blob_public_access
|
53
|
-
params.kind = Kind::StorageV2
|
54
|
-
params.tags = config.tags
|
55
|
-
params
|
53
|
+
def set_blob_service_properties
|
54
|
+
blob_service.set_properties(blob_service_properties)
|
56
55
|
end
|
57
56
|
|
58
|
-
def
|
59
|
-
|
60
|
-
|
61
|
-
|
57
|
+
def blob_service_properties
|
58
|
+
sa = config.storage_account
|
59
|
+
container_delete_retention_policy = {
|
60
|
+
days: sa.container_delete_retention_policy.days || sa.delete_retention_policy.days,
|
61
|
+
enabled: sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
|
62
|
+
}
|
63
|
+
# blobs
|
64
|
+
delete_retention_policy = {
|
65
|
+
days: sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days,
|
66
|
+
enabled: sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
|
67
|
+
}
|
68
|
+
# final props
|
69
|
+
{
|
70
|
+
containerDeleteRetentionPolicy: container_delete_retention_policy,
|
71
|
+
deleteRetentionPolicy: delete_retention_policy,
|
72
|
+
isVersioningEnabled: sa.is_versioning_enabled,
|
73
|
+
}
|
62
74
|
end
|
63
75
|
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
sku.tier = config.storage_account.sku.tier
|
68
|
-
sku
|
76
|
+
private
|
77
|
+
def storage_account
|
78
|
+
Armrest::Services::StorageAccount.new(service_options)
|
69
79
|
end
|
80
|
+
memoize :storage_account
|
70
81
|
|
71
|
-
def
|
72
|
-
|
82
|
+
def blob_service
|
83
|
+
Armrest::Services::BlobService.new(service_options)
|
73
84
|
end
|
85
|
+
memoize :blob_service
|
74
86
|
|
75
|
-
def
|
76
|
-
|
77
|
-
|
78
|
-
sa = config.storage_account
|
79
|
-
policy = DeleteRetentionPolicy.new
|
80
|
-
policy.days = sa.container_delete_retention_policy.days || sa.delete_retention_policy.days
|
81
|
-
policy.enabled = sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
|
82
|
-
props.container_delete_retention_policy = policy # containers
|
83
|
-
|
84
|
-
policy = DeleteRetentionPolicy.new
|
85
|
-
policy.days = sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days
|
86
|
-
policy.enabled = sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled
|
87
|
-
props.delete_retention_policy = policy # blobs
|
88
|
-
|
89
|
-
props.is_versioning_enabled = sa.is_versioning_enabled
|
90
|
-
props
|
87
|
+
def service_options
|
88
|
+
{ storage_account: @storage_account_name, group: @resource_group_name }
|
91
89
|
end
|
92
90
|
end
|
93
91
|
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module TerraspacePluginAzurerm::Interfaces
|
2
|
+
class Ci
|
3
|
+
# interface method
|
4
|
+
def vars
|
5
|
+
{
|
6
|
+
ARM_SUBSCRIPTION_ID: '${{ secrets.ARM_SUBSCRIPTION_ID }}',
|
7
|
+
ARM_CLIENT_SECRET: '${{ secrets.ARM_CLIENT_SECRET }}',
|
8
|
+
ARM_TENANT_ID: '${{ secrets.ARM_TENANT_ID }}',
|
9
|
+
ARM_CLIENT_ID: '${{ secrets.ARM_CLIENT_ID }}',
|
10
|
+
}
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
@@ -20,6 +20,9 @@ module TerraspacePluginAzurerm::Interfaces
|
|
20
20
|
c.secrets = ActiveSupport::OrderedOptions.new
|
21
21
|
c.secrets.vault = nil
|
22
22
|
|
23
|
+
c.resource_group = ActiveSupport::OrderedOptions.new
|
24
|
+
c.resource_group.update_existing = false
|
25
|
+
|
23
26
|
c.storage_account = ActiveSupport::OrderedOptions.new
|
24
27
|
c.storage_account.update_existing = false
|
25
28
|
c.storage_account.sku = ActiveSupport::OrderedOptions.new
|
@@ -29,5 +29,21 @@ module TerraspacePluginAzurerm::Interfaces
|
|
29
29
|
Digest::SHA1.hexdigest(subscription)[0..3]
|
30
30
|
end
|
31
31
|
alias_method :namespace_hash, :subscription_hash
|
32
|
+
|
33
|
+
# location_hash is a short 4-char consistent hash of the longer subscription id.
|
34
|
+
# This is useful because azure storage account names are not allowed special characters and are limited to 24 chars.
|
35
|
+
# NOTE: be careful to not change this! or else state path will change
|
36
|
+
def location_hash
|
37
|
+
Digest::SHA1.hexdigest(location)[0..3]
|
38
|
+
end
|
39
|
+
alias_method :region_hash, :location_hash
|
40
|
+
|
41
|
+
def app_hash
|
42
|
+
Digest::SHA1.hexdigest(ENV['TS_APP'])[0..3] if ENV['TS_APP']
|
43
|
+
end
|
44
|
+
|
45
|
+
def env_hash
|
46
|
+
Digest::SHA1.hexdigest(ENV['TS_ENV'])[0..3] if ENV['TS_ENV']
|
47
|
+
end
|
32
48
|
end
|
33
49
|
end
|
@@ -7,15 +7,10 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
|
|
7
7
|
class VaultNotConfiguredError < Error; end
|
8
8
|
|
9
9
|
include TerraspacePluginAzurerm::Logging
|
10
|
-
include TerraspacePluginAzurerm::Clients::Options
|
11
10
|
extend Memoist
|
12
11
|
|
13
12
|
def initialize(mod, options={})
|
14
13
|
@mod, @options = mod, options
|
15
|
-
o = base_client_options
|
16
|
-
@client_id = o[:client_id]
|
17
|
-
@client_secret = o[:client_secret]
|
18
|
-
@tenant_id = o[:tenant_id]
|
19
14
|
end
|
20
15
|
|
21
16
|
def fetch(name, opts={})
|
@@ -25,42 +20,11 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
|
|
25
20
|
|
26
21
|
def get_secret(name, options={})
|
27
22
|
vault = options[:vault]
|
23
|
+
check_vault_configured!(vault)
|
28
24
|
version = options[:version]
|
29
|
-
unless token
|
30
|
-
return "ERROR: Unable to authorize and get the temporary token. Double check your ARM_ env variables."
|
31
|
-
end
|
32
|
-
|
33
25
|
version = "/#{version}" if version
|
34
|
-
check_vault_configured!(vault)
|
35
|
-
vault_subdomain = vault.downcase
|
36
|
-
# Using Azure REST API since the old gem doesnt support secrets https://github.com/Azure/azure-sdk-for-ruby
|
37
|
-
# https://docs.microsoft.com/en-us/rest/api/keyvault/getsecret/getsecret
|
38
26
|
name = expansion(name) if expand?
|
39
|
-
|
40
|
-
logger.debug "Azure vault url #{url}"
|
41
|
-
uri = URI(url)
|
42
|
-
req = Net::HTTP::Get.new(uri)
|
43
|
-
req["Authorization"] = token
|
44
|
-
req["Content-Type"] = "application/json"
|
45
|
-
|
46
|
-
resp = nil
|
47
|
-
begin
|
48
|
-
resp = send_request(uri, req)
|
49
|
-
rescue VaultNotFoundError
|
50
|
-
message = "WARN: Vault not found #{vault}"
|
51
|
-
logger.info message.color(:yellow)
|
52
|
-
return message
|
53
|
-
end
|
54
|
-
|
55
|
-
case resp.code.to_s
|
56
|
-
when /^2/
|
57
|
-
data = JSON.load(resp.body)
|
58
|
-
data['value']
|
59
|
-
else
|
60
|
-
message = standard_error_message(resp)
|
61
|
-
logger.info "WARN: #{message}".color(:yellow)
|
62
|
-
message
|
63
|
-
end
|
27
|
+
secret.show(name: name, vault: vault)
|
64
28
|
end
|
65
29
|
|
66
30
|
def check_vault_configured!(vault)
|
@@ -80,61 +44,12 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
|
|
80
44
|
raise VaultNotConfiguredError.new
|
81
45
|
end
|
82
46
|
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
http.use_ssl = true if uri.scheme == 'https'
|
87
|
-
|
88
|
-
begin
|
89
|
-
http.request(req) # response
|
90
|
-
rescue SocketError => e
|
91
|
-
# SocketError: Failed to open TCP connection to MISSING-VAULT.vault.azure.net:443 (getaddrinfo: Name or service not known)
|
92
|
-
if e.message.include?("vault.azure.net")
|
93
|
-
raise VaultNotFoundError.new(e)
|
94
|
-
else
|
95
|
-
raise
|
96
|
-
end
|
97
|
-
end
|
98
|
-
end
|
99
|
-
|
100
|
-
# Secret error handling: 1. network 2. json parse 3. missing secret
|
101
|
-
#
|
102
|
-
# Azure API responses with decent error message when
|
103
|
-
# 403 Forbidden - KeyVault Access Policy needs to be set up
|
104
|
-
# 404 Not Found - Secret name is incorrect
|
105
|
-
#
|
106
|
-
def standard_error_message(resp)
|
107
|
-
data = JSON.load(resp.body)
|
108
|
-
data['error']['message']
|
109
|
-
rescue JSON::ParserError
|
110
|
-
resp.body
|
111
|
-
end
|
112
|
-
|
113
|
-
@@token = nil
|
114
|
-
def token
|
115
|
-
return @@token unless @@token.nil?
|
116
|
-
url = "https://login.microsoftonline.com/#{@tenant_id}/oauth2/token"
|
117
|
-
uri = URI(url)
|
118
|
-
req = Net::HTTP::Get.new(uri)
|
119
|
-
req.set_form_data(
|
120
|
-
grant_type: "client_credentials",
|
121
|
-
client_id: @client_id,
|
122
|
-
client_secret: @client_secret,
|
123
|
-
resource: "https://vault.azure.net",
|
124
|
-
)
|
125
|
-
resp = send_request(uri, req)
|
126
|
-
data = JSON.load(resp.body)
|
127
|
-
if resp.code =~ /^2/
|
128
|
-
@@token = "Bearer #{data['access_token']}" if data
|
129
|
-
else
|
130
|
-
logger.info "WARN: #{data['error_description']}".color(:yellow)
|
131
|
-
# return false otherwise error message is used as the bearer toke and get this error:
|
132
|
-
# ArgumentError: header field value cannot include CR/LF
|
133
|
-
@@token = false
|
134
|
-
end
|
47
|
+
private
|
48
|
+
def secret
|
49
|
+
Armrest::Services::KeyVault::Secret.new
|
135
50
|
end
|
51
|
+
memoize :secret
|
136
52
|
|
137
|
-
private
|
138
53
|
delegate :expansion, to: :expander
|
139
54
|
def expander
|
140
55
|
TerraspacePluginAzurerm::Interfaces::Expander.new(@mod)
|
@@ -3,7 +3,6 @@ require 'azure/storage/blob'
|
|
3
3
|
module TerraspacePluginAzurerm::Interfaces
|
4
4
|
class Summary
|
5
5
|
include Terraspace::Plugin::Summary::Interface
|
6
|
-
include TerraspacePluginAzurerm::Clients::Storage # for mgmt storage_accounts to get keys only, the azure/storage/blob gem is used to get the objects
|
7
6
|
extend Memoist
|
8
7
|
|
9
8
|
# interface method
|
@@ -1,3 +1,4 @@
|
|
1
|
+
require "armrest"
|
1
2
|
require "azure_info"
|
2
3
|
require "memoist"
|
3
4
|
require "terraspace" # for interface
|
@@ -40,5 +41,6 @@ Terraspace::Plugin.register("azurerm",
|
|
40
41
|
config_class: TerraspacePluginAzurerm::Interfaces::Config,
|
41
42
|
helper_class: TerraspacePluginAzurerm::Interfaces::Helper,
|
42
43
|
layer_class: TerraspacePluginAzurerm::Interfaces::Layer,
|
44
|
+
ci_class: TerraspacePluginAzurerm::Interfaces::Ci,
|
43
45
|
root: File.dirname(__dir__),
|
44
46
|
)
|
@@ -22,10 +22,8 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
23
23
|
spec.require_paths = ["lib"]
|
24
24
|
|
25
|
-
spec.add_dependency "
|
26
|
-
spec.add_dependency "azure_info"
|
27
|
-
spec.add_dependency "azure_mgmt_resources"
|
28
|
-
spec.add_dependency "azure_mgmt_storage"
|
25
|
+
spec.add_dependency "armrest"
|
26
|
+
spec.add_dependency "azure_info"
|
29
27
|
spec.add_dependency "memoist"
|
30
28
|
spec.add_dependency "zeitwerk"
|
31
29
|
end
|
metadata
CHANGED
@@ -1,17 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: terraspace_plugin_azurerm
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tung Nguyen
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-06-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
|
-
name:
|
14
|
+
name: armrest
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
@@ -26,34 +26,6 @@ dependencies:
|
|
26
26
|
version: '0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: azure_info
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: 0.1.2
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: 0.1.2
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: azure_mgmt_resources
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - ">="
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '0'
|
48
|
-
type: :runtime
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - ">="
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: azure_mgmt_storage
|
57
29
|
requirement: !ruby/object:Gem::Requirement
|
58
30
|
requirements:
|
59
31
|
- - ">="
|
@@ -141,14 +113,12 @@ files:
|
|
141
113
|
- lib/templates/test/rspec/project/spec/stacks/demo/main_spec.rb
|
142
114
|
- lib/terraspace_plugin_azurerm.rb
|
143
115
|
- lib/terraspace_plugin_azurerm/autoloader.rb
|
144
|
-
- lib/terraspace_plugin_azurerm/clients/options.rb
|
145
|
-
- lib/terraspace_plugin_azurerm/clients/resources.rb
|
146
|
-
- lib/terraspace_plugin_azurerm/clients/storage.rb
|
147
116
|
- lib/terraspace_plugin_azurerm/interfaces/backend.rb
|
148
117
|
- lib/terraspace_plugin_azurerm/interfaces/backend/base.rb
|
118
|
+
- lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb
|
149
119
|
- lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb
|
150
120
|
- lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb
|
151
|
-
- lib/terraspace_plugin_azurerm/interfaces/
|
121
|
+
- lib/terraspace_plugin_azurerm/interfaces/ci.rb
|
152
122
|
- lib/terraspace_plugin_azurerm/interfaces/config.rb
|
153
123
|
- lib/terraspace_plugin_azurerm/interfaces/expander.rb
|
154
124
|
- lib/terraspace_plugin_azurerm/interfaces/helper.rb
|
@@ -179,7 +149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
179
149
|
- !ruby/object:Gem::Version
|
180
150
|
version: '0'
|
181
151
|
requirements: []
|
182
|
-
rubygems_version: 3.
|
152
|
+
rubygems_version: 3.3.12
|
183
153
|
signing_key:
|
184
154
|
specification_version: 4
|
185
155
|
summary: Terraspace Azurerm Cloud Plugin
|
@@ -1,39 +0,0 @@
|
|
1
|
-
module TerraspacePluginAzurerm::Clients
|
2
|
-
module Options
|
3
|
-
extend Memoist
|
4
|
-
|
5
|
-
def client_options
|
6
|
-
# AZURE_* is used by ruby generally.
|
7
|
-
# ARM_* is used by Terraform azurerm provider: https://www.terraform.io/docs/providers/azurerm/index.html
|
8
|
-
# Favor ARM_ because this plugin is designed for Terraspace.
|
9
|
-
client_id = ENV['ARM_CLIENT_ID'] || ENV['AZURE_CLIENT_ID']
|
10
|
-
client_secret = ENV['ARM_CLIENT_SECRET'] || ENV['AZURE_CLIENT_SECRET']
|
11
|
-
subscription_id = ENV['ARM_SUBSCRIPTION_ID'] || ENV['AZURE_SUBSCRIPTION_ID'] || AzureInfo.subscription_id
|
12
|
-
tenant_id = ENV['ARM_TENANT_ID'] || ENV['AZURE_TENANT_ID'] || AzureInfo.tenant_id
|
13
|
-
|
14
|
-
o = {
|
15
|
-
tenant_id: tenant_id,
|
16
|
-
client_id: client_id,
|
17
|
-
client_secret: client_secret,
|
18
|
-
subscription_id: subscription_id,
|
19
|
-
}
|
20
|
-
validate_base_options!(o)
|
21
|
-
o
|
22
|
-
end
|
23
|
-
memoize :client_options
|
24
|
-
|
25
|
-
def validate_base_options!(options)
|
26
|
-
vars = []
|
27
|
-
options.each do |k,v|
|
28
|
-
vars << "ARM_#{k}".upcase if v.nil?
|
29
|
-
end
|
30
|
-
return if vars.empty?
|
31
|
-
|
32
|
-
logger.error "ERROR: Required Azure env variables missing. Please set these env variables:".color(:red)
|
33
|
-
vars.each do |var|
|
34
|
-
logger.error " #{var}"
|
35
|
-
end
|
36
|
-
exit 1
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
@@ -1,17 +0,0 @@
|
|
1
|
-
require 'azure_mgmt_resources'
|
2
|
-
|
3
|
-
module TerraspacePluginAzurerm::Clients
|
4
|
-
module Resources
|
5
|
-
include Options
|
6
|
-
extend Memoist
|
7
|
-
|
8
|
-
# Include SDK modules to ease access to Resources classes.
|
9
|
-
include Azure::Resources::Profiles::Latest::Mgmt
|
10
|
-
include Azure::Resources::Profiles::Latest::Mgmt::Models
|
11
|
-
|
12
|
-
def mgmt
|
13
|
-
Client.new(client_options)
|
14
|
-
end
|
15
|
-
memoize :mgmt
|
16
|
-
end
|
17
|
-
end
|
@@ -1,26 +0,0 @@
|
|
1
|
-
require "azure_mgmt_storage"
|
2
|
-
|
3
|
-
module TerraspacePluginAzurerm::Clients
|
4
|
-
module Storage
|
5
|
-
include Options
|
6
|
-
extend Memoist
|
7
|
-
|
8
|
-
# Include SDK modules to ease access to Storage classes.
|
9
|
-
include Azure::Storage::Profiles::Latest::Mgmt
|
10
|
-
include Azure::Storage::Profiles::Latest::Mgmt::Models
|
11
|
-
|
12
|
-
delegate :storage_accounts, :blob_services, :blob_containers, to: :mgmt
|
13
|
-
|
14
|
-
def blob_containers
|
15
|
-
BlobContainers.new(mgmt)
|
16
|
-
end
|
17
|
-
memoize :blob_containers
|
18
|
-
|
19
|
-
def mgmt
|
20
|
-
client = Client.new(client_options)
|
21
|
-
client.subscription_id = client_options[:subscription_id]
|
22
|
-
client
|
23
|
-
end
|
24
|
-
memoize :mgmt
|
25
|
-
end
|
26
|
-
end
|
@@ -1,29 +0,0 @@
|
|
1
|
-
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
|
-
class StorageContainer < Base
|
3
|
-
include TerraspacePluginAzurerm::Clients::Storage
|
4
|
-
|
5
|
-
def create
|
6
|
-
if exist?
|
7
|
-
logger.debug "Storage Container #{@container_name} already exists"
|
8
|
-
else
|
9
|
-
create_storage_container
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
def exist?
|
14
|
-
begin
|
15
|
-
blob_containers.get(@resource_group_name, @storage_account_name, @container_name)
|
16
|
-
true
|
17
|
-
rescue MsRestAzure::AzureOperationError => e
|
18
|
-
e.message.include?("The specified container does not exist") ? false : raise
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
def create_storage_container
|
23
|
-
logger.info "Creating Storage Container #{@container_name}..."
|
24
|
-
blob_container = BlobContainer.new
|
25
|
-
blob_container.name = @container_name
|
26
|
-
blob_containers.create(@resource_group_name, @storage_account_name, @container_name, blob_container)
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|