diff --git a/infra-import-template/.cycloid.yml b/infra-import-template/.cycloid.yml new file mode 100644 index 0000000..a8b5c56 --- /dev/null +++ b/infra-import-template/.cycloid.yml @@ -0,0 +1,50 @@ +--- +version: '4' +name: 'default' +canonical: 'default' +description: +keywords: +author: 'Cycloid' +image: +template: true +config: + aws: + name: 'AWS' + description: 'Manage Amazon Web Services (aws) resources.' + cloud_provider: aws + pipeline: + pipeline: + path: "pipeline/default/pipeline.yml" + variables: + path: "pipeline/default/variables.sample.yml" + destination: "($ .config_root $)/pipeline/variables.yml" + gcp: + name: 'GCP' + description: 'Manage Google Cloud Platform (google) resources.' + cloud_provider: google + pipeline: + pipeline: + path: "pipeline/default/pipeline.yml" + variables: + path: "pipeline/default/variables.sample.yml" + destination: "($ .config_root $)/pipeline/variables.yml" + azure: + name: 'Azure' + description: 'Manage Azure (azurerm) resources.' + cloud_provider: azurerm + pipeline: + pipeline: + path: "pipeline/default/pipeline.yml" + variables: + path: "pipeline/default/variables.sample.yml" + destination: "($ .config_root $)/pipeline/variables.yml" + vsphere: # Used by vSphere + name: 'vSphere' + description: 'Manage VMware vSphere (vsphere) resources.' + cloud_provider: vsphere + pipeline: + pipeline: + path: "pipeline/vsphere/pipeline.yml" + variables: + path: "pipeline/vsphere/variables.sample.yml" + destination: "($ .config_root $)/pipeline/variables.yml" diff --git a/infra-import-template/README.md b/infra-import-template/README.md new file mode 100644 index 0000000..85917a8 --- /dev/null +++ b/infra-import-template/README.md @@ -0,0 +1,3 @@ +# infra-import-template + +This repository provides a template for importing infrastructure configurations into a new project. diff --git a/infra-import-template/pipeline/default/pipeline.yml b/infra-import-template/pipeline/default/pipeline.yml new file mode 100644 index 0000000..ff83a60 --- /dev/null +++ b/infra-import-template/pipeline/default/pipeline.yml @@ -0,0 +1,173 @@ +# YAML anchors +shared: + # Task : sync and merge with rsync 2 rep. Used to merge stack and config + - &task-merge-stack-and-config + task: merge-stack-and-config + config: + platform: linux + image_resource: + type: docker-image + source: + repository: cycloid/cycloid-toolkit + tag: latest + run: + path: /usr/bin/merge-stack-and-config + inputs: + - name: git_config-terraform + path: "config" + - name: git_stack-terraform + path: "stack" + outputs: + - name: merged-stack + path: "merged-stack" + params: + CONFIG_PATH: ($ .organization $)/($ .project $)/terraform/($ .environment $)/($ .component $) + STACK_PATH: ($ .stack_path $)/terraform/default + +groups: + - name: overview + jobs: + - terraform-plan + - terraform-apply + + - name: destroy + jobs: + - terraform-destroy + +resource_types: + - name: terraform + type: docker-image + source: + repository: cycloid/terraform-resource + tag: ((terraform_version)) + +resources: + - name: tfstate + type: terraform + icon: terraform + source: + env_name: ($ .component $) + backend_type: s3 + backend_config: + ($>- if eq .stack_usecase "aws" <$) + bucket: ((terraform_storage_bucket_name)) + key: ($ .organization $)-($ .project $)-($ .environment $)-($ .component $).tfstate + workspace_key_prefix: ($ .organization $) + region: ((aws_default_region)) + access_key: ((aws_access_key)) + secret_key: ((aws_secret_key)) + ($>- else if eq .stack_usecase "gcp" <$) + bucket: ((terraform_storage_bucket_name)) + prefix: ($ .organization $)/($ .project $)/($ .environment $)/($ .component $) + credentials: ((gcp_credentials_json)) + ($>- else if eq .stack_usecase "azure" <$) + container_name: ((terraform_storage_container_name)) + key: ($ .organization $)-($ .project $)-($ .environment $)-($ .component $).tfstate + storage_account_name: ((terraform_storage_account_name)) + access_key: ((terraform_storage_access_key)) + ($>- end <$) + vars: + component: ($ .component $) + env: ($ .environment $) + customer: ($ .organization $) + organization: ($ .organization $) + project: ($ .project $) + env: + ($>- if eq .stack_usecase "aws" <$) + AWS_ACCESS_KEY_ID: ((aws_access_key)) + AWS_DEFAULT_REGION: ((aws_default_region)) + AWS_SECRET_ACCESS_KEY: ((aws_secret_key)) + ($>- else if eq .stack_usecase "gcp" <$) + GOOGLE_PROJECT: ((gcp_project)) + GOOGLE_ZONE: ((gcp_zone)) + GOOGLE_CREDENTIALS: ((gcp_credentials_json)) + ($>- else if eq .stack_usecase "azure" <$) + ARM_CLIENT_ID: ((azure_client_id)) + ARM_CLIENT_SECRET: ((azure_client_secret)) + ARM_ENVIRONMENT: ((azure_env)) + ARM_SUBSCRIPTION_ID: ((azure_subscription_id)) + ARM_TENANT_ID: ((azure_tenant_id)) + ARM_LOCATION: (azure_location)) + ($>- end <$) + # The Terraform stack (will be merged with the config) + - name: git_stack-terraform + icon: github-circle + type: git + source: + uri: ($ .catalog_repository_url $) + branch: ($ .catalog_repository_branch $) + private_key: ((($ .catalog_repository_credential_path $).ssh_key)) + paths: + - ($ .stack_path $)/terraform/default/* + + # The Terraform config (will be merged with the stack) + - name: git_config-terraform + type: git + icon: github-circle + source: + uri: ($ .config_repository_url $) + branch: ($ .config_repository_branch $) + private_key: ((($ .config_repository_credential_path $).ssh_key)) + paths: + - ($ .organization $)/($ .project $)/terraform/($ .environment $)/($ .component $)/* + +jobs: + # Merge and trigger a plan whenever there is a commit in Terraform stack or config + - name: terraform-plan + serial: True + max_in_flight: 1 + build_logs_to_retain: 10 + plan: + - do: + - get: git_stack-terraform + trigger: true + - get: git_config-terraform + trigger: true + - *task-merge-stack-and-config + - put: tfstate + params: + plan_only: true + terraform_source: merged-stack/ + + # Merge and trigger an apply manually (no autostart of this job) + - name: terraform-apply + serial: True + max_in_flight: 1 + build_logs_to_retain: 10 + plan: + - do: + - get: git_stack-terraform + trigger: false + passed: + - terraform-plan + - get: git_config-terraform + trigger: false + passed: + - terraform-plan + - get: tfstate + trigger: false + passed: + - terraform-plan + - *task-merge-stack-and-config + - put: tfstate + params: + plan_run: true + terraform_source: merged-stack/ + + # Merge and trigger a destroy of the stack (no autostart of this job) + - name: terraform-destroy + max_in_flight: 1 + build_logs_to_retain: 10 + plan: + - do: + - get: git_stack-terraform + trigger: false + - get: git_config-terraform + trigger: false + - *task-merge-stack-and-config + - put: tfstate + params: + action: destroy + terraform_source: merged-stack/ + get_params: + action: destroy diff --git a/infra-import-template/pipeline/default/variables.sample.yml b/infra-import-template/pipeline/default/variables.sample.yml new file mode 100644 index 0000000..e69de29 diff --git a/infra-import-template/pipeline/vsphere/pipeline.yml b/infra-import-template/pipeline/vsphere/pipeline.yml new file mode 100644 index 0000000..e69de29 diff --git a/infra-import-template/pipeline/vsphere/variables.sample.yml b/infra-import-template/pipeline/vsphere/variables.sample.yml new file mode 100644 index 0000000..e69de29