def ts_amazon_aws(version='=< 2.30', AWS_REGION_LIST=['us-east-1'], **kwargs): ts_local = Terrascript() aws_access_key = ts_local.add(variable('aws_access_key')) aws_secret_key = ts_local.add(variable('aws_secret_key')) aws_region = ts_local.add(variable('aws_region', default='us-east-1')) default_params = dict( version=version, access_key=aws_access_key, secret_key=aws_secret_key, ) default_params.update(kwargs) # Providers aws_providers_map = {} for region in AWS_REGION_LIST: _provider = provider('aws', region=region, alias=region, **default_params) aws_providers_map[region] = ts_local.add(_provider) ts_local.add(provider('aws', region=aws_region, **default_params)) # VPC aws_vpc_map = {} for region in AWS_REGION_LIST: aws_provider = 'aws.{0}'.format(region) vpc_name = 'vpc-{}'.format(region) aws_vpc_map[region] = ts_local.add( aws_vpc(vpc_name, provider=aws_provider)) return ts_local
def __init__(self, integration, integration_prefix, thread_pool_size, oc_map={}): self.integration = integration self.integration_prefix = integration_prefix self.oc_map = oc_map self.thread_pool_size = thread_pool_size self.populate_configs_and_vars_from_vault() tss = {} locks = {} for name, config in self.configs.items(): # Ref: https://github.com/mjuenema/python-terrascript#example ts = Terrascript() ts += provider('aws', access_key=config['aws_access_key_id'], secret_key=config['aws_secret_access_key'], version=config['aws_provider_version'], region=config['region']) b = backend("s3", access_key=config['aws_access_key_id'], secret_key=config['aws_secret_access_key'], bucket=config['bucket'], key=config['{}_key'.format(integration)], region=config['region']) ts += terraform(backend=b) tss[name] = ts locks[name] = Lock() self.tss = tss self.locks = locks
def test_issue3a(): """Issue 3(a): Work-around for data/JSON bug""" ts = terrascript.Terrascript() ts += terrascript.provider("aws", region="us-east-1") policydict = { "Version": "2012-10-17", "Statement": [{"Action": "s3:*", "Resource": "*"}], } ts += terrascript.aws.r.iam_policy( "jbstest_works", name="jbstest_works", policy=json.dumps(policydict, sort_keys=True), ) ts += terrascript.aws.d.aws_iam_policy_document( "jbstest", statement=[{"actions": ["s3:*"], "resources": ["*"]}] ) ts += terrascript.aws.r.iam_policy( "jbstest_fails", name="jbstest_fails", policy="${data.aws_iam_policy_document.jbstest.json}", ) assert ts.validate() == True
def test_issue33(): """Issue 33: Suggestion of syntax to terrascript""" ts = Terrascript() var_access_key = ts.add(variable('access_key')) assert isinstance(var_access_key, variable) var_secret_key = ts.add(variable('secret_key')) assert isinstance(var_secret_key, variable) var_region = ts.add(variable('region', default='us-east-1')) assert isinstance(var_region, variable) ts += provider('aws', access_key=var_access_key, secret_key=var_secret_key, region=var_region ) resource_aws_instance = ts.add(aws_instance('example', ami='ami-2757f631', instance_type='t2.micro')) assert isinstance(resource_aws_instance, aws_instance) ts += output('example_public_ip', value=resource_aws_instance.public_ip, description='Public IP of example') assert ts.validate() is True
def test_issue3b(): """Issue 3(b): Work-around for data/JSON bug""" ts = terrascript.Terrascript() ts += terrascript.provider("aws", region="us-east-1") ts += terrascript.aws.d.aws_vpc('selected', id=1) assert ts.validate() == True
def setVSphereConfig(self, host, username, password): logger = logging.getLogger() logger.debug("Set VSphere provider to {}".format(host)) self.provider = provider("vsphere", user=username, password=password, vsphere_server=host, allow_unverified_ssl=True) self.ts.add(self.provider)
def ts_digitalocean(version='>= 1.7, < 1.9', **kwargs): ts_local = Terrascript() do_token = ts_local.add(variable('do_token')) default_parms = dict(token=do_token) default_parms.update(kwargs) ts_local.add(provider('digitalocean', version=version, **default_parms)) return ts_local
def ts_cloudflare(version='< 1.9.0', **kwargs): ts_local = Terrascript() cloudflare_email = ts_local.add(variable('cloudflare_email')) cloudflare_token = ts_local.add(variable('cloudflare_token', default='')) default_parms = dict( email=cloudflare_email, token=cloudflare_token, ) default_parms.update(kwargs) ts_local.add(provider('cloudflare', version=version, **default_parms)) return ts_local
def test_issue32(): """Issue 32: provisioner return one line with provisioner.file instead a dictionary.""" ts = Terrascript() ts += provider('aws', region='ap-southeast-2') p = provisioner('local-exec', command='date > $(mktemp tmpXXXXXXX.terrascript)') ts += aws_instance('I1', ami='ami-60a26a02', instance_type='t2.nano', provisioner=p) j = ts.dump() assert 'mktemp' in j assert ts.validate() is True
def test_update_add_value(): ts = Terrascript() ts2 = Terrascript() var_access_key = ts.add(variable('access_key')) var_secret_key = ts.add(variable('secret_key')) var_region = ts.add(variable('region', default='us-east-1')) ts += provider('aws', access_key=var_access_key, secret_key=var_secret_key, region=var_region) resource_aws_instance = ts.add( aws_instance('example', ami='ami-2757f631', instance_type='t2.micro')) resource_aws_instance_2 = ts2.add( aws_instance('example_second', ami='ami-2757f631', instance_type='t2.micro')) assert isinstance(resource_aws_instance, aws_instance) assert isinstance(resource_aws_instance_2, aws_instance) # ts2 add resource "example_second" to ts ts.update(ts2) assert isinstance(ts, Terrascript) assert isinstance(ts2, Terrascript) ts_resources = ts.config.get('resource', {}) assert len(ts_resources.items()) == 1 ts_aws_instances = ts_resources.get('aws_instance') assert len(ts_aws_instances.items()) == 2 assert resource_aws_instance._name in ts_aws_instances.keys() assert resource_aws_instance_2._name in ts_aws_instances.keys() assert ts.validate(delete=False) is True
from swarm_tf.managers import Manager from swarm_tf.common import VolumeClaim, get_user_data_script, create_firewall from terrascript.digitalocean.r import * # Setup do_token = "<Place your digital ocean token here>" # Common domain = "swarmdemo.com" region = "nyc3" ssh_key_file = "~/.ssh/id_rsa" # Need to be full path user_data = get_user_data_script() o = Terraobject() o.terrascript.add(provider("digitalocean", token=do_token)) # --------------------------------------------- # Get Existing Object at Digital Ocean # --------------------------------------------- do_sshkey = data_digitalocean_ssh_key("mysshkey", name="id_rsa") o.terrascript.add(do_sshkey) o.shared['sshkey'] = do_sshkey # --------------------------------------------- # Creating Swarm Manager # --------------------------------------------- managerVar = ManagerVariables() managerVar.image = "ubuntu-18-04-x64" managerVar.size = "s-1vcpu-1gb"
from terrascript import Terrascript, provider from terrascript.google.r import * from python_terraform import * ts = Terrascript() region = 'asia-south1' ts += provider('google', credentials='../service_account_gke.json', project='learn-internal', region=region) nw = ts.add( google_compute_network('test-network', name='test-gke-nw', auto_create_subnetworks=False, routing_mode='GLOBAL')) snw = ts.add( google_compute_subnetwork('test-snw', name='test-gke-snw', ip_cidr_range='10.5.0.0/16', region=region, network=nw.name)) gke = ts.add( google_container_cluster( 'primary', name='my-cluster', zone='asia-south1-a', additional_zones=['asia-south1-b', 'asia-south1-c'], cluster_ipv4_cidr='172.16.0.0/16',
from terrascript import Terrascript, provider from python_terraform import * from terrascript.google.r import google_compute_instance from google.oauth2 import service_account credentials = service_account.Credentials.from_service_account_file( '/home/nasiruddin_happy/ns002p/service_account.json') ts = Terrascript() ts += provider( 'google', credentials='/home/nasiruddin_happy/ns002p/service_account.json', project='learn-internal', region='us-central1') inst = ts.add( google_compute_instance('test-vm', name='test-nasir1-tft', boot_disk=[{ 'initialize_params': [{ 'image': 'debian-cloud/debian-9' }] }], network_interface=[{ 'network': 'default', 'access_config': {} }], machine_type='n1-standard-1', zone='us-east1-b')) print(ts.dump())
def wireguard_terraform(region, ami): ts = Terrascript() ts += provider('aws', access_key=ACCESS_KEY, secret_key=SECRET_KEY, region=region) # If key already exists, an error with be thrown and infrastructure will not build key = ts.add( aws_key_pair('wireguard_key', key_name="wireguard", public_key=PUBLIC_KEY)) # If security groups already exist, an error will be thrown but infrastructure will still build sg_ssh = ts.add( aws_security_group('allow_ssh', name='allow_ssh', description='default', ingress=[ { 'from_port': 22, 'to_port': 22, 'protocol': 'tcp', 'cidr_blocks': ['0.0.0.0/0'] }, ], egress=[{ 'from_port': 0, 'to_port': 0, 'protocol': '-1', 'cidr_blocks': ['0.0.0.0/0'] }])) sg_wg = ts.add( aws_security_group('wg', name='wg', description='Open port for wireguard', ingress=[ { 'from_port': 54321, 'to_port': 54321, 'protocol': 'tcp', 'cidr_blocks': ["0.0.0.0/0"] }, ])) inst = ts.add( aws_instance( 'wireguard_test', ami=ami, instance_type='t2.micro', security_groups=["allow_ssh", "wg"], key_name="wireguard", tags=[{ 'Name': 'wireguard' }], )) eip = ts.add(aws_eip('default', instance=inst.id, vpc=True)) a_ip = ts.add( aws_eip_association('eip_assoc', instance_id=inst.id, allocation_id=eip.id)) with open('wireguard.tf', 'w') as tf: tf.write(ts.dump()) subprocess.run([ 'terraform', 'init', ]) subprocess.run(['terraform', 'apply', '-auto-approve'])