yle_tf 1.0.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4f901e67d48b00b9c2a6692677eee372f69db444952618773bdc6edac24d5fd0
-  data.tar.gz: 8f98e4fa5c53bdc58cc758aa46be51ff7867747b5fe187cb54b1a2b83e025f80
+  metadata.gz: e8df78c6d65e3180770988e0fdc1655bfa0af42d57d8f1b5dd19f26de1281a39
+  data.tar.gz: 10f59a1cdd3757d19dbeebfaaeb1328e41c367be464d87486b9bb8b93d6ef845
 SHA512:
-  metadata.gz: 4aef3de1f089f711fffe0e538186516b3cd3a81c0b0f672e3302a66d2fb5c625dd22076a5f9ac7e6b228ad34ea90780f28f160ddc73709c3967717646bde56e6
-  data.tar.gz: 79508c7c0031a6515820efa3c415a131ff3e6cf34e840cd0f479436bf41a86cde065671e292a3e88a26132a47297d5a78ed6f5ccbdde5cd6a89ec92508b66f0b
+  metadata.gz: dc31eb920ce29b2aeb8616739b89e370a0c36a8ff395e3a41b3a1176d4ac592a2da913b6ff11eb0a0c015c33f5819cf5e888b9056b324e7ef81c156f75fa4fc6
+  data.tar.gz: 2fbcf63e27d8a817b654087d676a9252db1acde67629ad66a07e4d12ac20e44396c707718c42c3ee594593bcad74fb5d1be108026b5a17c615dc4663eca42a97

data/bin/tf

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
 # Catch Ctrl+C to avoid stack traces
 Signal.trap('INT') { abort }

data/lib/yle_tf.rb

@@ -1,7 +1,11 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 require 'yle_tf/version'
 
 class YleTf
+  TERRAFORM_VERSION_REQUIREMENT = '>= 0.9'
+
   autoload :Action,  'yle_tf/action'
   autoload :Error,   'yle_tf/error'
   autoload :Plugin,  'yle_tf/plugin'

data/lib/yle_tf/action.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class YleTf
   module Action
     autoload :Builder, 'yle_tf/action/builder'
@@ -10,11 +12,13 @@ class YleTf
     autoload :TmpDir, 'yle_tf/action/tmpdir'
     autoload :VerifyTerraformVersion, 'yle_tf/action/verify_terraform_version'
     autoload :VerifyTfEnv, 'yle_tf/action/verify_tf_env'
+    autoload :VerifyYleTfVersion, 'yle_tf/action/verify_yle_tf_version'
     autoload :WriteTerraformrcDefaults, 'yle_tf/action/write_terraformrc_defaults'
 
     def self.default_action_stack(command_class = nil)
       Builder.new do
         use LoadConfig
+        use VerifyYleTfVersion
         use VerifyTfEnv
         use TmpDir
         use WriteTerraformrcDefaults

data/lib/yle_tf/action/builder.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative '../../../vendor/middleware/builder'
 
 class YleTf

data/lib/yle_tf/action/command.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 
 class YleTf
@@ -12,9 +14,9 @@ class YleTf
 
       def call(env)
         if env[:tf_options][:only_hooks]
-          Logger.debug "Skipping command #{command.class} due to `--only-hooks`"
+          Logger.debug "Skipping command #{command} due to `--only-hooks`"
         else
-          Logger.debug "Executing command #{command.class} with env: #{env.inspect}"
+          Logger.debug "Executing command #{command} with env: #{env.inspect}"
           command.new.execute(env)
         end
 

data/lib/yle_tf/action/copy_root_module.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fileutils'
 
 require 'yle_tf/logger'

data/lib/yle_tf/action/generate_vars_file.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/logger'
 require 'yle_tf/vars_file'
 

data/lib/yle_tf/action/load_config.rb

@@ -1,4 +1,7 @@
+# frozen_string_literal: true
+
 require 'yle_tf/config'
+require 'yle_tf/logger'
 
 class YleTf
   module Action
@@ -8,10 +11,15 @@ class YleTf
       end
 
       def call(env)
-        env[:config] ||= Config.new(env[:tf_env])
+        env[:config] ||= load_config(env[:tf_env])
 
         @app.call(env)
       end
+
+      def load_config(tf_env)
+        Logger.debug("Initializing configuration for the #{tf_env.inspect} environment")
+        Config.load(tf_env).tap { |config| Logger.debug(config.inspect) }
+      end
     end
   end
 end

data/lib/yle_tf/action/terraform_init.rb

@@ -1,8 +1,12 @@
-require 'yle_tf/error'
+# frozen_string_literal: true
+
+require 'fileutils'
+require 'pathname'
+require 'shellwords'
+
 require 'yle_tf/logger'
 require 'yle_tf/plugin'
 require 'yle_tf/system'
-require 'yle_tf/version_requirement'
 
 class YleTf
   module Action
@@ -10,62 +14,89 @@ class YleTf
       TF_CMD_ARGS = %w[-input=false -no-color].freeze
 
       TF_CMD_OPTS = {
-        env: { 'TF_IN_AUTOMATION' => 'true' }, # Reduces some output
-        stdout: :debug                         # Hide the output to the debug level
+        env:    { 'TF_IN_AUTOMATION' => 'true' }, # Reduces some output
+        stdout: :debug                            # Hide the output to the debug level
       }.freeze
 
+      attr_reader :config
+
       def initialize(app)
         @app = app
       end
 
       def call(env)
-        config = env[:config]
-        backend = backend_config(config)
+        @config = env[:config]
 
         Logger.info('Initializing Terraform')
         Logger.debug("Backend configuration: #{backend}")
 
-        if VersionRequirement.pre_0_9?(env[:terraform_version])
-          init_pre_0_9(backend)
+        init_dir
+
+        if env[:tf_command] == 'init'
+          # Skip initializing Terraform here, as it will be done by the
+          # actuall command later in the middleware stack.
+          @app.call(env)
+          store_terraform_lock
         else
-          init(backend)
+          init_terraform
+          store_terraform_lock
+          @app.call(env)
         end
 
-        @app.call(env)
+        tear_down
       end
 
-      def init_pre_0_9(backend)
-        cli_args = backend.cli_args
-        if cli_args
-          YleTf::System.cmd('terraform', 'remote', 'config', *TF_CMD_ARGS, *cli_args, TF_CMD_OPTS)
-        end
+      def init_dir
+        Logger.debug('Configuring the backend')
+        backend.configure
 
-        Logger.debug('Fetching Terraform modules')
-        YleTf::System.cmd('terraform', 'get', *TF_CMD_ARGS, TF_CMD_OPTS)
+        Logger.debug('Symlinking errored.tfstate')
+        symlink_to_module_dir('errored.tfstate')
       end
 
-      def init(backend)
-        Logger.debug('Generating the backend configuration')
-        backend.generate_config do
-          Logger.debug('Initializing Terraform')
-          YleTf::System.cmd('terraform', 'init', *TF_CMD_ARGS, TF_CMD_OPTS)
-        end
+      def tear_down
+        Logger.debug('Tearing down backend')
+        backend.tear_down
+      end
+
+      def init_terraform
+        Logger.debug('Initializing Terraform')
+        YleTf::System.cmd('terraform', 'init', *tf_init_args, **TF_CMD_OPTS)
+      end
+
+      def store_terraform_lock
+        Logger.debug('Storing .terraform.lock.hcl')
+        copy_to_module_dir('.terraform.lock.hcl')
       end
 
-      def backend_config(config)
+      def backend
+        @backend ||= find_backend
+      end
+
+      def tf_init_args
+        TF_CMD_ARGS + Shellwords.split(ENV.fetch('TF_INIT_ARGS', ''))
+      end
+
+      def find_backend
         backend_type = config.fetch('backend', 'type').downcase
-        backend_proc = backend_proc(backend_type)
+        backend_proc = Plugin.manager.backends[backend_type]
 
         klass = backend_proc.call
-        klass.new.backend_config(config)
+        klass.new(config)
       end
 
-      def backend_proc(backend_type)
-        backends = Plugin.manager.backends
-        backends.fetch(backend_type.to_sym) do
-          raise Error, "Unknown backend type '#{backend_type}'. " \
-            "Supported backends: #{backends.keys.join(', ')}"
-        end
+      def symlink_to_module_dir(file)
+        local_path = Pathname.pwd.join(file)
+        remote_path = config.module_dir.join(file)
+
+        # Remove the possibly copied old file
+        local_path.unlink if local_path.exist?
+
+        local_path.make_symlink(remote_path)
+      end
+
+      def copy_to_module_dir(file)
+        FileUtils.cp(file, config.module_dir.to_s) if File.exist?(file)
       end
     end
   end

data/lib/yle_tf/action/tf_hooks.rb

@@ -1,5 +1,4 @@
-require 'yle_tf/logger'
-require 'yle_tf/tf_hook/runner'
+# frozen_string_literal: true
 
 require 'yle_tf/logger'
 require 'yle_tf/tf_hook/runner'
@@ -21,7 +20,7 @@ class YleTf
 
       def hook_runner
         if run_hooks?
-          TfHook::Runner.new(@env[:config], hook_env)
+          TfHook::Runner.new(config, hook_env)
         else
           NoRunner
         end
@@ -29,11 +28,16 @@ class YleTf
 
       def hook_env
         {
-          'TF_COMMAND' => @env[:tf_command],
-          'TF_ENV'     => @env[:tf_env],
+          'TF_COMMAND'    => @env[:tf_command],
+          'TF_ENV'        => @env[:tf_env],
+          'TF_MODULE_DIR' => config.module_dir.to_s,
         }
       end
 
+      def config
+        @env[:config]
+      end
+
       def run_hooks?
         !@env[:tf_options][:no_hooks]
       end

data/lib/yle_tf/action/tmpdir.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fileutils'
 require 'tmpdir'
 
@@ -20,7 +22,7 @@ class YleTf
           @app.call(env)
         end
       ensure
-        FileUtils.rm_r(tmpdir) if tmpdir && Dir.exist?(tmpdir)
+        FileUtils.rm_rf(tmpdir, secure: true) if tmpdir && Dir.exist?(tmpdir)
       end
 
       def tmpdir_prefix(config)

data/lib/yle_tf/action/verify_terraform_version.rb

@@ -1,3 +1,6 @@
+# frozen_string_literal: true
+
+require 'yle_tf'
 require 'yle_tf/error'
 require 'yle_tf/logger'
 require 'yle_tf/system'
@@ -17,22 +20,32 @@ class YleTf
         raise(Error, 'Terraform not found') if !version
 
         Logger.debug("Terraform version: #{version}")
-        verify_version(env)
+
+        verify_version(version, requirement_by_yletf, required_by: 'YleTf')
+        verify_version(version, requirement_by_config(env), required_by: 'config')
 
         @app.call(env)
       end
 
       def terraform_version
         v = YleTf::System.read_cmd('terraform', 'version', error_handler: proc {})
-        Regexp.last_match(1) if v =~ /^Terraform v([^\s]+)/
+        m = /^Terraform v(?<version>[^\s]+)/.match(v)
+        m && m[:version]
       end
 
-      def verify_version(env)
-        version = env[:terraform_version]
+      def requirement_by_config(env)
         requirement = env[:config].fetch('terraform', 'version_requirement') { nil }
+        VersionRequirement.new(requirement)
+      end
+
+      def requirement_by_yletf
+        VersionRequirement.new(YleTf::TERRAFORM_VERSION_REQUIREMENT)
+      end
 
-        if !VersionRequirement.new(requirement).satisfied_by?(version)
-          raise Error, "Terraform version '#{requirement}' required, '#{version}' found"
+      def verify_version(version, requirement, **opts)
+        if !requirement.satisfied_by?(version)
+          raise Error, "Terraform version '#{requirement}' required by #{opts[:required_by]}, " \
+                       "'#{version}' found"
         end
       end
     end

data/lib/yle_tf/action/verify_tf_env.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yle_tf/error'
 require 'yle_tf/vars_file'
 

data/lib/yle_tf/action/verify_yle_tf_version.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'yle_tf/error'
+require 'yle_tf/logger'
+require 'yle_tf/version'
+require 'yle_tf/version_requirement'
+
+class YleTf
+  module Action
+    class VerifyYleTfVersion
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        Logger.debug('Verifying YleTf version')
+
+        requirement = requirement(env[:config])
+        verify_version(requirement)
+
+        @app.call(env)
+      end
+
+      def requirement(config)
+        requirement = config.fetch('yle_tf', 'version_requirement') { nil }
+        VersionRequirement.new(requirement)
+      end
+
+      def verify_version(requirement)
+        return if requirement.satisfied_by?(YleTf::VERSION)
+
+        raise Error, "YleTf version '#{YleTf::VERSION}', '#{requirement}' required by config"
+      end
+    end
+  end
+end

data/lib/yle_tf/action/write_terraformrc_defaults.rb

@@ -1,52 +1,69 @@
+# frozen_string_literal: true
+
 require 'fileutils'
+require 'pathname'
+
 require 'yle_tf/logger'
 
 class YleTf
   module Action
     class WriteTerraformrcDefaults
       # Path of the Terraform CLI configuration file
-      RC_PATH = '~/.terraformrc'.freeze
+      RC_PATH = '~/.terraformrc'
 
       # Path of the plugin cache directory
-      DEFAULT_PLUGIN_CACHE_PATH = '~/.terraform.d/plugin-cache'.freeze
+      DEFAULT_PLUGIN_CACHE_PATH = '~/.terraform.d/plugin-cache'
 
       def initialize(app)
         @app = app
       end
 
       def call(env)
-        Logger.debug("Writing default configuration to '#{RC_PATH}'")
-        open_rc_file do |rc_file|
-          keys = existing_keys(rc_file)
-
-          configure_checkpoint(rc_file) if !keys.include?('disable_checkpoint')
-          configure_plugin_cache_dir(rc_file) if !keys.include?('plugin_cache_dir')
+        if rc_file.exist?
+          Logger.debug("Terraform configuration file '#{RC_PATH}' already exists")
+          if !existing_keys.include?('plugin_cache_dir')
+            Logger.warn("'plugin_cache_dir' not configured in '#{RC_PATH}'")
+          end
+        else
+          Logger.debug("Writing default configuration to '#{RC_PATH}'")
+          write_default_config
         end
 
         @app.call(env)
       end
 
-      def open_rc_file(&block)
-        File.open(File.expand_path(RC_PATH), 'a+', &block)
+      def rc_file
+        @rc_file ||= Pathname.new(RC_PATH).expand_path
       end
 
-      def existing_keys(rc_file)
-        [].tap do |keys|
-          rc_file.each_line do |line|
+      def existing_keys
+        @existing_keys ||= [].tap do |keys|
+          rc_file.readlines.each do |line|
+            # The matcher is a bit naive, but enough for out use
             keys << Regexp.last_match(1) if line =~ /^(.+?)[ \t]*=/
           end
         end
       end
 
-      def configure_checkpoint(rc_file)
+      def write_default_config
+        rc_file.open('w') do |rc_file|
+          configure_checkpoint(rc_file)
+          configure_plugin_cache_dir(rc_file)
+        end
+      end
+
+      def configure_checkpoint(file)
         Logger.info("Disabling Terraform upgrade and security bulletin checks by '#{RC_PATH}'")
 
-        rc_file.puts('disable_checkpoint = true')
+        file.puts('disable_checkpoint = true')
       end
 
-      def configure_plugin_cache_dir(rc_file)
+      def configure_plugin_cache_dir(file)
         Logger.info("Configuring global Terraform plugin cache by '#{RC_PATH}'")
-        rc_file.puts("plugin_cache_dir   = \"#{DEFAULT_PLUGIN_CACHE_PATH}\"")
+        # Replace `~` with `$HOME` as it is not expanded correctly in all architectures.
+        # Can't use `$HOME` in the constant though, as it won't be expanded by
+        # `expand_path` below. Can't win this game.
+        file.puts("plugin_cache_dir   = \"#{DEFAULT_PLUGIN_CACHE_PATH.sub(/^~/, '$HOME')}\"")
 
         dir = File.expand_path(DEFAULT_PLUGIN_CACHE_PATH)
         return if File.directory?(dir)