Testing pipeline (#1)

* Add testing pipeline

* rename prefix to name_prefix to be in line with standards

* bump terraform version used by travis

* Add improvements from template

Author: colincoleman

.ci/pipeline.yml

@@ -0,0 +1,150 @@
+jobs:
+  - name: deploy-deploy-bucket
+    plan:
+      - aggregate:
+        - get: this-module
+          trigger: true
+      - task: inject-secrets
+        params:
+          directory: deploy-bucket
+          AWS_ACCOUNT_ID: ((telia-divx-common-services-stage-account-id))
+          KMS_KEY_ID: ((telia-divx-common-services-stage-state-bucket-key))
+        file: this-module/.ci/tasks/inject-secrets/task.yml
+        input_mapping: {source: this-module}
+        output_mapping: {secret-source: source}
+      - task: apply
+        params:
+          directory: deploy-bucket
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/apply/task.yml
+        output_mapping: {terraform-out: deploy-bucket-terraform-out}
+      - task: build-lambdas
+        file: this-module/.ci/tasks/build_lambdas/task.yml
+        input_mapping: {source: this-module}
+      - task: deploy-lambdas
+        params:
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/deploy-lambdas/task.yml
+
+  - name: test-default
+    plan:
+      - aggregate:
+        - get: this-module
+          trigger: true
+          passed:
+            - deploy-deploy-bucket
+      - task: inject-secrets
+        params:
+          directory: default
+          AWS_ACCOUNT_ID: ((telia-divx-common-services-stage-account-id))
+          KMS_KEY_ID: ((telia-divx-common-services-stage-state-bucket-key))
+        file: this-module/.ci/tasks/inject-secrets/task.yml
+        input_mapping: {source: this-module}
+        output_mapping: {secret-source: source}
+      - task: apply
+        params:
+          directory: default
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/apply/task.yml
+      - task: test
+        params:
+          directory: default
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/test/task.yml
+      - task: destroy
+        params:
+          directory: default
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/destroy/task.yml
+
+  - name: test-report-forwarding
+    plan:
+      - aggregate:
+          - get: this-module
+            trigger: true
+            passed:
+              - test-default
+      - task: inject-secrets
+        params:
+          directory: report-forwarding
+          AWS_ACCOUNT_ID: ((telia-divx-common-services-stage-account-id))
+          KMS_KEY_ID: ((telia-divx-common-services-stage-state-bucket-key))
+        file: this-module/.ci/tasks/inject-secrets/task.yml
+        input_mapping: {source: this-module}
+        output_mapping: {secret-source: source}
+      - task: apply
+        params:
+          directory: report-forwarding
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/apply/task.yml
+      - task: test
+        params:
+          directory: report-forwarding
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/test/task.yml
+      - task: destroy
+        params:
+          directory: report-forwarding
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/destroy/task.yml
+
+  - name: destroy-deploy-bucket
+    plan:
+      - aggregate:
+          - get: this-module
+            trigger: true
+            passed:
+              - test-report-forwarding
+      - task: inject-secrets
+        params:
+          directory: deploy-bucket
+          AWS_ACCOUNT_ID: ((telia-divx-common-services-stage-account-id))
+          KMS_KEY_ID: ((telia-divx-common-services-stage-state-bucket-key))
+        file: this-module/.ci/tasks/inject-secrets/task.yml
+        input_mapping: {source: this-module}
+        output_mapping: {secret-source: source}
+      - task: get-terraform-out
+        params:
+          directory: deploy-bucket
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/terraform-output/task.yml
+      - task: purge-bucket
+        params:
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/purge-bucket/task.yml
+      - task: destroy
+        params:
+          directory: deploy-bucket
+          AWS_ACCESS_KEY_ID: ((telia-divx-common-services-stage-access-key))
+          AWS_SECRET_ACCESS_KEY: ((telia-divx-common-services-stage-secret-key))
+          AWS_SESSION_TOKEN: ((telia-divx-common-services-stage-session-token))
+        file: this-module/.ci/tasks/destroy/task.yml
+
+resources:
+  - name: this-module
+    type: git
+    source:
+      uri: [email protected]:telia-oss/terraform-aws-cost-and-usage-reports.git
+      branch: master
+      private_key: ((aws-common-services-deploy-key))
+

.ci/tasks/apply/task.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+export DIR="${PWD}"
+cd ${DIR}/source/examples/${directory}
+terraform init
+terraform apply --auto-approve
+terraform output -json > ${DIR}/terraform-out/terraform-out.json

.ci/tasks/apply/task.yml

@@ -0,0 +1,22 @@
+platform: linux
+
+image_resource:
+  type: docker-image
+  source:
+    repository: hashicorp/terraform
+    tag: "0.11.11"
+
+params:
+  directory:
+  AWS_ACCESS_KEY_ID:
+  AWS_SECRET_ACCESS_KEY:
+  AWS_SESSION_TOKEN:
+
+inputs:
+  - name: source
+
+outputs:
+  - name: terraform-out
+
+run:
+  path: source/.ci/tasks/apply/task.sh

.ci/tasks/build_lambdas/task.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+mkdir -p source/dist
+source/docker/build.sh
+export DIR="${PWD}"
+cd source
+make build-csv-processor
+make build-manifest-processor
+make build-bucket-forwarder
+cp -a ${DIR}/source/. ${DIR}/built-source/

.ci/tasks/build_lambdas/task.yml

@@ -0,0 +1,16 @@
+platform: linux
+
+image_resource:
+  type: docker-image
+  source:
+    repository: amazonlinux
+    tag: "2016.09"
+
+inputs:
+  - name: source
+
+outputs:
+  - name: built-source
+
+run:
+  path: source/.ci/tasks/build_lambdas/task.sh

.ci/tasks/deploy-lambdas/task.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+export DIR="${PWD}"
+export BUCKET=`cat deploy-bucket-terraform-out/terraform-out.json | jq -r '.lambda_deployment_bucket.value'`
+cd built-source
+make upload-lambda-billing-account
+make upload-lambda-processing-account

.ci/tasks/deploy-lambdas/task.yml

@@ -0,0 +1,18 @@
+platform: linux
+
+image_resource:
+  type: docker-image
+  source:
+    repository: teliaoss/concourse-awscli
+
+params:
+  AWS_ACCESS_KEY_ID:
+  AWS_SECRET_ACCESS_KEY:
+  AWS_SESSION_TOKEN:
+
+inputs:
+  - name: built-source
+  - name: deploy-bucket-terraform-out
+
+run:
+  path: built-source/.ci/tasks/deploy-lambdas/task.sh

.ci/tasks/destroy/task.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+export DIR="${PWD}"
+cd ${DIR}/source/examples/${directory}
+rm -rf .terraform
+terraform init
+terraform destroy --auto-approve

.ci/tasks/destroy/task.yml

@@ -0,0 +1,19 @@
+platform: linux
+
+image_resource:
+  type: docker-image
+  source:
+    repository: hashicorp/terraform
+    tag: "0.11.11"
+
+params:
+  directory:
+  AWS_ACCESS_KEY_ID:
+  AWS_SECRET_ACCESS_KEY:
+  AWS_SESSION_TOKEN:
+
+inputs:
+  - name: source
+
+run:
+  path: source/.ci/tasks/destroy/task.sh

.ci/tasks/inject-secrets/task.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+export DIR="${PWD}"
+cp -a ${DIR}/source/. ${DIR}/secret-source/
+cd ${DIR}/secret-source/examples/${directory}
+sed -i 's#<test-account-id>#'${AWS_ACCOUNT_ID}'#g' main.tf
+sed -i 's#<kms-key-id>#'${KMS_KEY_ID}'#g' main.tf